adsfacebook.net Open in urlscan Pro
2001:4860:4802:34::15 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://adsfacebook.net/
Submission: On November 05 via api (November 5th 2022, 8:35:13 pm UTC) from SG — Scanned from DE

Summary HTTP 43 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 43 HTTP transactions. The main IP is 2001:4860:4802:34::15, located in United States and belongs to GOOGLE, US. The main domain is adsfacebook.net.

This is the only time adsfacebook.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
43	11

7 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

adsfacebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

business.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gstatic.com www.gstatic.com fonts.gstatic.com	544 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
7	adsfacebook.net adsfacebook.net	59 KB
5	google.com apis.google.com — Cisco Umbrella Rank: 172 business.google.com — Cisco Umbrella Rank: 36574 play.google.com — Cisco Umbrella Rank: 67	63 KB
5	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 164	578 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166	438 B
43	7

	Domain	Requested by
10	www.gstatic.com	adsfacebook.net www.gstatic.com business.google.com
7	www.google-analytics.com	adsfacebook.net www.google-analytics.com
7	adsfacebook.net	adsfacebook.net www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com adsfacebook.net
5	lh3.googleusercontent.com	adsfacebook.net
2	business.google.com	apis.google.com adsfacebook.net
2	apis.google.com	adsfacebook.net apis.google.com
2	fonts.googleapis.com	adsfacebook.net
1	play.google.com	www.gstatic.com
1	stats.g.doubleclick.net	www.google-analytics.com
43	10

This site contains links to these domains. Also see Links.

Domain
support.google.com
www.google.com

Subject Issuer	Validity	Valid
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://adsfacebook.net/
Frame ID: FFE225D551BAF67A35AD961C8EDCBC33
Requests: 37 HTTP requests in this frame

Frame: https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
Frame ID: F432B2E488FFCDFCAEA55EA07806CF7E
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dịch vụ quảng cáo facebook - Công Ty Truyền Thông LUCMEDIA

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

43
Requests

65 %
HTTPS

100 %
IPv6

7
Domains

10
Subdomains

11
IPs

3
Countries

1267 kB
Transfer

2114 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://support.google.com/business/answer/7388122
Title: Báo cáo lạm dụng

Search URL Search Domain Scan URL

URL: https://www.google.com/business/how-it-works/website
Title: Google

Search URL Search Domain Scan URL

URL: https://support.google.com/business/answer/9156388
Title: Tìm hiểu thêm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
adsfacebook.net/ 151 KB
52 KB 146ms
98ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23d7be227bf01344c5e6ea67925a3ce787493a8d483822dbe66a324142c26a47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xqGNf-N-JW8ChZfPKMdmpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: script-src 'report-sample' 'nonce-xqGNf-N-JW8ChZfPKMdmpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: unsafe-none; report-to="GeoMerchantPrestoSiteUi"
Date: Sat, 05 Nov 2022 20:35:08 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Pragma: no-cache
Report-To: {"group":"GeoMerchantPrestoSiteUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/GeoMerchantPrestoSiteUi/external"}]}
Server: ESF
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
x-ua-compatible: IE=edge

POST
H/1.1 403
Forbidden cspreport
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 91ms
71ms Other
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8264a8ec57615c30646218e9bc2f09cd025364c9e070e879010402042a644c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 20:35:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden cspreport
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 96ms
76ms Other
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13ef557fdb4a7346796fb19d4fc7ebc0ebc99c6e89c1555e90c87e685beef7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 20:35:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/am=bBAgEAAACA/d=1/excm=_b,_r,_tp,siteview/ed=1/dg=0/wt=2/rs=AD4das2ekYD8yf4o72jV0ZNhoBdZDBZ1OA/ 180 KB
64 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/am=bBAgEAAACA/d=1/excm=_b,_r,_tp,siteview/ed=1/dg=0/wt=2/rs=AD4das2ekYD8yf4o72jV0ZNhoBdZDBZ1OA/m=_b,_tp,_r

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd26dde9cd16c7111353b9eb3fe330e7d06600113dcac3c8ecfd606411315523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65129
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 21:10:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 19:48:42 GMT

GET
H/1.1 200
OK icon
fonts.googleapis.com/ 615 B
995 B 55ms
37ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/icon?family=Material+Icons+Extended

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc8973bb72b4f92a7e4e16369962a6a6c4ccda070f92e511e26560dcb5e63418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 20:35:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sat, 05 Nov 2022 20:35:08 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 05 Nov 2022 20:35:08 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 3 KB
1 KB 84ms
64ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f328cd743c90842766849121f6417e18b83d7aaefd9852c28a5472b401f51f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sat, 05 Nov 2022 20:35:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sat, 05 Nov 2022 20:35:08 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 05 Nov 2022 20:35:08 GMT

GET
H2 200 AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w1080-h608-p-no-v0
lh3.googleusercontent.com/p/ 124 KB
125 KB 565ms
515ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w1080-h608-p-no-v0

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94556b1c2f8a892f221648ce813a860238fe0ab1d3366ef816c04eb9fee8f54c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 20:35:08 GMT
x-content-type-options: nosniff
server: fife
etag: "va"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2022-11-02.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127388
x-xss-protection: 0
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 AF1QipOn8CQc5eiZZzLNxBWmp3MNQt2UoeC-Mk6GAYTw=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 81 KB
81 KB 554ms
505ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipOn8CQc5eiZZzLNxBWmp3MNQt2UoeC-Mk6GAYTw=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 20:35:08 GMT
x-content-type-options: nosniff
server: fife
etag: "v7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2022-11-02.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83120
x-xss-protection: 0
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 AF1QipOYkAVVONIYb791t6fvt9QeaEre9a1pQetS7SWX=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 209 KB
209 KB 597ms
548ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipOYkAVVONIYb791t6fvt9QeaEre9a1pQetS7SWX=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

70df2da4b3abb575901c2f0ba7351bcd0b1cdf7277cefdfe223999dee68c624d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 20:35:08 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="310154302_1648927065523560_4108835140149292331_n.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 214041
x-xss-protection: 0
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 AF1QipMSKxuizfCRjNWc1aYVatPNBRqvru8lJJwZ-WaZ=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 81 KB
82 KB 497ms
449ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipMSKxuizfCRjNWc1aYVatPNBRqvru8lJJwZ-WaZ=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 20:35:08 GMT
x-content-type-options: nosniff
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="298962292_1602129083536692_5162257130403801860_n.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83120
x-xss-protection: 0
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w960-h960-n-o-v1
lh3.googleusercontent.com/p/ 81 KB
81 KB 524ms
476ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p/AF1QipNgsYnV7GQum3wdZISbq0gDzxW6qg5l36eZVQz0=w960-h960-n-o-v1

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 20:35:08 GMT
x-content-type-options: nosniff
server: fife
etag: "va"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2022-11-02.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83120
x-xss-protection: 0
expires: Sun, 06 Nov 2022 20:35:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 100ms
20ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 19:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4219
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 05 Nov 2022 21:24:49 GMT

GET
H2 200 api.js Show response
www.gstatic.com/feedback/ 34 KB
14 KB 96ms
54ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/api.js

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cfe207ca5b174ca27cd19f85568d0f6473d72daae05594c5b4e7b06f9979de2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 20:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13608
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 05 Nov 2022 11:49:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: no-cache, must-revalidate
accept-ranges: bytes
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ 17 KB
7 KB 117ms
32ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d79df35222dcf8b4438d92d31d2361edfb3b398b89a9ed377482a144a299d1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 20:35:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6890
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "de7c76c1ab2f4ad3"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Nov 2022 20:35:08 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eb3a7a2e4e243b380b04ba5264904ee4fb691cfcbaf68ea964641f58bc5ee80

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK rax_HiWKp9EAITukFsl8Axhf.woff2
fonts.gstatic.com/s/fugazone/v15/ 11 KB
12 KB 259ms
239ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/fugazone/v15/rax_HiWKp9EAITukFsl8Axhf.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79e8fb1228cec14f8ec640bfe4a41d30f1ef0f5ed919ae81b8018e54e0296a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 23:02:50 GMT
X-Content-Type-Options: nosniff
Age: 336738
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 11032
X-XSS-Protection: 0
Last-Modified: Thu, 21 Apr 2022 17:05:57 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 01 Nov 2023 23:02:50 GMT

GET
H/1.1 200
OK kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v149/ 159 KB
160 KB 46ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/materialiconsextended/v149/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 21:27:24 GMT
X-Content-Type-Options: nosniff
Age: 428864
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 162924
X-XSS-Protection: 0
Last-Modified: Thu, 25 Aug 2022 00:15:09 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 31 Oct 2023 21:27:24 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 48ms
27ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 21:36:48 GMT
X-Content-Type-Options: nosniff
Age: 169100
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16740
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:14:44 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 03 Nov 2023 21:36:48 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 13 KB
13 KB 51ms
27ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Thu, 03 Nov 2022 22:02:26 GMT
X-Content-Type-Options: nosniff
Age: 167562
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 12972
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:15:57 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 03 Nov 2023 22:02:26 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 35ms
34ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2117082366&t=pageview&_s=1&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=925864085&gjid=1975370872&cid=180819981.1667680508&tid=UA-77246179-1&_gid=193870203.1667680508&_r=1&_slc=1&cd1=64542724682214533&z=746411142

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 20:35:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://adsfacebook.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 100ms
26ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77246179-1&cid=180819981.1667680508&jid=925864085&gjid=1975370872&_gid=193870203.1667680508&_u=YEBAAAAAAAAAACAAI~&z=2018932341

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 05 Nov 2022 20:35:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://adsfacebook.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 7 KB
8 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Fugaz+One:400|Open+Sans:400

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

628293787399254217cbac6ee79dee0b2be51b66354fd05a3b79846a28533b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://adsfacebook.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 07:43:56 GMT
X-Content-Type-Options: nosniff
Age: 478272
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 7136
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:26:34 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Tue, 31 Oct 2023 07:43:56 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ 128 KB
42 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b56bc62e0ebd27110b1ffd7b5a7fa5fb87b804effb8a9fee3d76f4d7450c158d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:38:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42685
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Oct 2023 16:38:03 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2117082366&t=event&_s=2&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=primary-9&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=180819981.1667680508&tid=UA-77246179-1&_gid=193870203.1667680508&cd1=64542724682214533&z=1709701789

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64357
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
23ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2117082366&t=event&_s=3&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=action-list-1&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=180819981.1667680508&tid=UA-77246179-1&_gid=193870203.1667680508&cd1=64542724682214533&z=2115987503

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64357
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2117082366&t=event&_s=4&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=bottom-action-list-1&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=180819981.1667680508&tid=UA-77246179-1&_gid=193870203.1667680508&cd1=64542724682214533&z=639494037

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64357
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
23ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2117082366&t=event&_s=5&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=action-list-9&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=180819981.1667680508&tid=UA-77246179-1&_gid=193870203.1667680508&cd1=64542724682214533&z=362567816

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64357
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
24ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2117082366&t=event&_s=6&dl=http%3A%2F%2Fadsfacebook.net%2F&ul=en-us&de=UTF-8&dt=D%E1%BB%8Bch%20v%E1%BB%A5%20qu%E1%BA%A3ng%20c%C3%A1o%20facebook%20-%20C%C3%B4ng%20Ty%20Truy%E1%BB%81n%20Th%C3%B4ng%20LUCMEDIA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CTA&ea=render&el=bottom-action-list-9&_u=aEBAAAABAAAAACAAI~&jid=&gjid=&cid=180819981.1667680508&tid=UA-77246179-1&_gid=193870203.1667680508&cd1=64542724682214533&z=1006098953

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64357
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KU... Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,sitevi... 259 KB
91 KB 64ms
22ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,Z5uLle,xQtZb,JNoxi,kWgXee,MI6k7c,kjKdXe,MdUzUe,BVgquf,ovKuLd,hKSk3e,yDVVkb,zbML3c,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,A7fCU,pjICDe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/am=bBAgEAAACA/d=1/excm=_b,_r,_tp,siteview/ed=1/dg=0/wt=2/rs=AD4das2ekYD8yf4o72jV0ZNhoBdZDBZ1OA/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aca48fbabe59857b797b88318e099e50fa53432a41faf9c1cc9d4ed5bab8c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92837
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 19:48:43 GMT

GET
H3 200 m=JbzNG Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... 1 KB
576 B 58ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=JbzNG

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ace944f91f40f8c6b0434f9769556dec51f4091d2c6f74d5626c04013a87057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 549
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:15:43 GMT

GET
H2 200 forms Show response
business.google.com/websites/ Frame F432 36 KB
13 KB 148ms
86ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c33a87954e843d8fe9ca6974a078c63b8647099ad7b31c4716bbeea96ccf7fb0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gDihEU6MykA9jiMNLo2kng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gDihEU6MykA9jiMNLo2kng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 05 Nov 2022 20:35:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-robots-tag: none
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... 1 KB
722 B 25ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61ca26767e6a58815076bb34d183079cacd8b0973baaa76b6ac17492d545cf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 695
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:15:43 GMT

POST
H3 204 cspreport
business.google.com/_/GeoMerchantPrestoSnapformsUi/ Frame F432 0
26 B 113ms
70ms Other
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://business.google.com/_/GeoMerchantPrestoSnapformsUi/cspreport

Requested by

Host: adsfacebook.net
URL: http://adsfacebook.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport, script-src 'report-sample' 'nonce-8PhqDOAMATTy1DOtgMb3Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 05 Nov 2022 20:35:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport, script-src 'report-sample' 'nonce-8PhqDOAMATTy1DOtgMb3Pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/GeoMerchantPrestoSnapformsUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/am=HwAQ/d=1/excm=_b,_r,_tp,snapformview/ed=1/dg=0/wt=2/rs=AD4das1nbR_splQ6J_Bm8_X7c8DJn6InZQ/ Frame F432 164 KB
58 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/am=HwAQ/d=1/excm=_b,_r,_tp,snapformview/ed=1/dg=0/wt=2/rs=AD4das1nbR_splQ6J_Bm8_X7c8DJn6InZQ/m=_b,_tp,_r

Requested by

Host: business.google.com
URL: https://business.google.com/websites/forms?st=services&hl=vi&lid=7798187917391140214&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e187b98452a14876b71426e06827a0e109d17b7b84d9303829542f6aa823043

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 19:49:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59214
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 21:10:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 19:49:06 GMT

GET
H3 200 m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,WO9ee,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM... Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,sn... Frame F432 224 KB
80 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,snapformview/ed=1/wt=2/rs=AD4das32GLEsj94x7GzU-tyPCrh3EZI3lw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,GkRiKb,e5qFLc,IZT63,vfuNJf,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,WO9ee,gZjhIf,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,Mlhmy,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,Z5uLle,xQtZb,JNoxi,kWgXee,MdUzUe,BVgquf,ovKuLd,yDVVkb,zbML3c,zr1jrb,KG2eXe,Uas9Hd,VwDzFe,A7fCU,pjICDe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/am=HwAQ/d=1/excm=_b,_r,_tp,snapformview/ed=1/dg=0/wt=2/rs=AD4das1nbR_splQ6J_Bm8_X7c8DJn6InZQ/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8114ed159081fd2e3932ad638baa85d8ba0931f2ef0ed1d9411cebba1c9041f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81824
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:05:03 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,... Frame F432 6 KB
3 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gZjhIf,gychg,hc6Ubd,kWgXee,lsjVmc,lwddkf,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,snapformview/ed=1/wt=2/rs=AD4das32GLEsj94x7GzU-tyPCrh3EZI3lw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6fe89683f0e2cd465e6fee7df0943e7926a5c13ee90a8961b12632f00c865e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2872
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:05:03 GMT

GET
H3 200 m=A4UTCb,VXdfxd,pxq3x,MFnxwd,f87Olb Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,... Frame F432 57 KB
21 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSnapformsUi.vi.B1tYbah2Swo.es5.O/ck=boq-geo.GeoMerchantPrestoSnapformsUi.AOWpo0oRtpg.L.B1.O/am=HwAQ/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,FCpbqb,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,WhJNk,Wt6vjf,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,byfTOb,e5qFLc,fKUV3e,gZjhIf,gychg,hc6Ubd,hhhU8,kWgXee,lsjVmc,lwddkf,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,snapformview/ed=1/wt=2/rs=AD4das32GLEsj94x7GzU-tyPCrh3EZI3lw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=A4UTCb,VXdfxd,pxq3x,MFnxwd,f87Olb

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8184159b1dd3ff5baa7d25e2934fdeb8fc447637b5d32b082cd2fc150e57c45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://business.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21291
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:05:03 GMT

POST
H2 200 log Show response
play.google.com/ Frame F432 131 B
675 B 107ms
55ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://business.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 05 Nov 2022 20:35:08 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://business.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Nov 2022 20:35:08 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ7... 6 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-geo/_/js/k=boq-geo.GeoMerchantPrestoSiteUi.de.RqSKEP5iFG8.es5.O/ck=boq-geo.GeoMerchantPrestoSiteUi.aq5KMvJNJ_U.L.B1.O/am=bBAgEAAACA/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,GkRiKb,IZT63,JNoxi,JbzNG,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bm51tf,byfTOb,e5qFLc,fKUV3e,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_r,_tp,siteview/ed=1/wt=2/rs=AD4das0hp4vx06_q0APkGmg7UjLdiRx0vg/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;NSEoX:lazG7b;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;yEQyxe:p8L0ob;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

392d73a1510dcdceabd344f0199875777a771f3b5c4700b226e8a816fc2d4cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://adsfacebook.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/geo-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2828
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 01:05:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/geo-boq-js-css-signers"
vary: Accept-Encoding
report-to: {"group":"boq-infra/geo-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/geo-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 20:15:44 GMT

POST log
play.google.com/ 0
0

POST
H/1.1 403
Forbidden browserinfo Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 77ms
77ms XHR
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/browserinfo?f.sid=-7777124334834570146&bl=boq_geomerchantprestoserver_20221103.06_p0&hl=de&soc-app=698&soc-platform=1&soc-device=1&_reqid=74112&rt=j

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

129c2dab5ffe5181ad7cd852a3f86f3c1723959153f9e00e4aaa4c679452fd68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 20:35:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden reporthttp4xxerror Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 71ms
70ms XHR
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/reporthttp4xxerror?url=http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D-7777124334834570146%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D74112%26rt%3Dj&status=403&traceid

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9380bafcfce2b30a773f325d6e1d3cc4ebfae085328c6ac4998dbe687a85c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 20:35:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden jserror Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 123ms
123ms XHR
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=tb%60http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D-7777124334834570146%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D74112%26rt%3Dj%60403&line=Not%20available

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f58384178fa1924cc4526a3cad9e45d29dc91a06bccd8ed2d82d83c38b5bc92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 20:35:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 403
Forbidden jserror Show response
adsfacebook.net/_/GeoMerchantPrestoSiteUi/ 2 KB
1 KB 78ms
78ms XHR
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=There%20was%20an%20error%20during%20the%20transport%20or%20processing%20of%20this%20request.%20Error%20code%20%3D%20403%2C%20Path%20%3D%20%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ceye3%20owner%3D%27frameworks-web-alerts%27%2F%3E&line=Not%20available

Requested by

Protocol

HTTP/1.1

Server

2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84ecfe036a2d3f2528be10a3205cbb1abb84c7e9e97a6bb88f2b450e121c3f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://adsfacebook.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 05 Nov 2022 20:35:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ESF
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adsfacebook.net/	1970-01-20 16:50:40	Name: _ga Value: GA1.2.180819981.1667680508
.adsfacebook.net/	1970-01-20 07:16:06	Name: _gid Value: GA1.2.193870203.1667680508
.adsfacebook.net/	1970-01-20 07:14:40	Name: _gat Value: 1
.google.com/	1970-01-20 11:38:11	Name: NID Value: 511=gvQLQQa0P7w-HKsbWNassH8g0Qt_OHsvuNYEDvtonJ5gkn5xy3x-2hvC6qvCi49WC8TVDXpfj16-CpkrbVb2j40cEqy3D0VGZEgzV3Hx03GkDjhag-ow1pWRYoN9IoD7dTF4RKZnjnL3t9gvFsmd_NZdsrJ_-TyUOCEXvLW25Vw
adsfacebook.net/	1970-01-20 07:57:52	Name: OTZ Value: 6756275_56_56__56_

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	error	URL: http://adsfacebook.net/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security	error	URL: http://adsfacebook.net/ Message: Refused to set the document's base URI to 'http://business.google.com/' because it violates the following Content Security Policy directive: "base-uri 'self'".
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/cspreport Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
javascript	error	URL: http://adsfacebook.net/ Message: Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true' from origin 'http://adsfacebook.net' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network	error	URL: https://play.google.com/log?format=json&hasfast=true Message: Failed to load resource: net::ERR_FAILED
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/browserinfo?f.sid=-7777124334834570146&bl=boq_geomerchantprestoserver_20221103.06_p0&hl=de&soc-app=698&soc-platform=1&soc-device=1&_reqid=74112&rt=j Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/reporthttp4xxerror?url=http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D-7777124334834570146%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D74112%26rt%3Dj&status=403&traceid Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=There%20was%20an%20error%20during%20the%20transport%20or%20processing%20of%20this%20request.%20Error%20code%20%3D%20403%2C%20Path%20%3D%20%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ceye3%20owner%3D%27frameworks-web-alerts%27%2F%3E&line=Not%20available Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://adsfacebook.net/_/GeoMerchantPrestoSiteUi/jserror?script=http%3A%2F%2Fadsfacebook.net%2F&error=tb%60http%3A%2F%2Fbusiness.google.com%2F_%2FGeoMerchantPrestoSiteUi%2Fbrowserinfo%3Ff.sid%3D-7777124334834570146%26bl%3Dboq_geomerchantprestoserver_20221103.06_p0%26hl%3Dde%26soc-app%3D698%26soc-platform%3D1%26soc-device%3D1%26_reqid%3D74112%26rt%3Dj%60403&line=Not%20available Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xqGNf-N-JW8ChZfPKMdmpg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/GeoMerchantPrestoSiteUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.googletagmanager.com https://tpc.googlesyndication.com;report-uri /_/GeoMerchantPrestoSiteUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/GeoMerchantPrestoSiteUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsfacebook.net
apis.google.com
business.google.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
play.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.gstatic.com
play.google.com
2001:4860:4802:34::15
2001:4860:4802:38::178
2a00:1450:4001:802::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:810::200e
2a00:1450:4001:828::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c1b::9b
129c2dab5ffe5181ad7cd852a3f86f3c1723959153f9e00e4aaa4c679452fd68
13ef557fdb4a7346796fb19d4fc7ebc0ebc99c6e89c1555e90c87e685beef7bd
140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a
1eb3a7a2e4e243b380b04ba5264904ee4fb691cfcbaf68ea964641f58bc5ee80
23d7be227bf01344c5e6ea67925a3ce787493a8d483822dbe66a324142c26a47
2ace944f91f40f8c6b0434f9769556dec51f4091d2c6f74d5626c04013a87057
2cfe207ca5b174ca27cd19f85568d0f6473d72daae05594c5b4e7b06f9979de2
392d73a1510dcdceabd344f0199875777a771f3b5c4700b226e8a816fc2d4cef
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
628293787399254217cbac6ee79dee0b2be51b66354fd05a3b79846a28533b46
6aca48fbabe59857b797b88318e099e50fa53432a41faf9c1cc9d4ed5bab8c67
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70df2da4b3abb575901c2f0ba7351bcd0b1cdf7277cefdfe223999dee68c624d
79e8fb1228cec14f8ec640bfe4a41d30f1ef0f5ed919ae81b8018e54e0296a63
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
8114ed159081fd2e3932ad638baa85d8ba0931f2ef0ed1d9411cebba1c9041f8
8184159b1dd3ff5baa7d25e2934fdeb8fc447637b5d32b082cd2fc150e57c45b
8264a8ec57615c30646218e9bc2f09cd025364c9e070e879010402042a644c28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ecfe036a2d3f2528be10a3205cbb1abb84c7e9e97a6bb88f2b450e121c3f9d
8e187b98452a14876b71426e06827a0e109d17b7b84d9303829542f6aa823043
94556b1c2f8a892f221648ce813a860238fe0ab1d3366ef816c04eb9fee8f54c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b3d79df35222dcf8b4438d92d31d2361edfb3b398b89a9ed377482a144a299d1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b56bc62e0ebd27110b1ffd7b5a7fa5fb87b804effb8a9fee3d76f4d7450c158d
b9380bafcfce2b30a773f325d6e1d3cc4ebfae085328c6ac4998dbe687a85c05
bcaf590e63aaf835ae686443846cb9032a32f505d9a053c09dd6ade7364328f5
c33a87954e843d8fe9ca6974a078c63b8647099ad7b31c4716bbeea96ccf7fb0
c6fe89683f0e2cd465e6fee7df0943e7926a5c13ee90a8961b12632f00c865e0
cc8973bb72b4f92a7e4e16369962a6a6c4ccda070f92e511e26560dcb5e63418
cd26dde9cd16c7111353b9eb3fe330e7d06600113dcac3c8ecfd606411315523
d61ca26767e6a58815076bb34d183079cacd8b0973baaa76b6ac17492d545cf5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f328cd743c90842766849121f6417e18b83d7aaefd9852c28a5472b401f51f9d
f58384178fa1924cc4526a3cad9e45d29dc91a06bccd8ed2d82d83c38b5bc92a

adsfacebook.net Open in urlscan Pro 2001:4860:4802:34::15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

65 %HTTPS

100 %IPv6

7 Domains

10 Subdomains

11 IPs

3 Countries

1267 kBTransfer

2114 kBSize

5 Cookies

3 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

adsfacebook.net Open in urlscan Pro
2001:4860:4802:34::15 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

65 %
HTTPS

100 %
IPv6

7
Domains

10
Subdomains

11
IPs

3
Countries

1267 kB
Transfer

2114 kB
Size

5
Cookies

43 HTTP transactions
1 data transactions