urlscan.io logo urlscan.io
SecurityTrails logo

www.explainthatstuff.com Open in urlscan Pro
209.142.64.143  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qr58.myeblox.com/
Effective URL: https://www.explainthatstuff.com/xrays.html
Submission Tags: phishingrod
Submission: On March 26 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 20 HTTP transactions. The main IP is 209.142.64.143, located in United States and belongs to SCALAHOSTING, US. The main domain is www.explainthatstuff.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on July 25th 2023. Valid for: a year.
This is the only time www.explainthatstuff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    162.144.22.120 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: cs126.bluehost.com
qr58.myeblox.com
1    162.241.226.169 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5358.bluehost.com
qr58.siborebooks.com
3    209.142.64.143 (United States)

ASN40476 (SCALAHOSTING, US)
PTR: cloud-144a2e.managed-vps.net
www.explainthatstuff.com
5    2600:9000:2490:7c00:b:be30:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn4.explainthatstuff.com
2    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    216.58.212.129 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f1.1e100.net
lh3.googleusercontent.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 explainthatstuff.com
www.explainthatstuff.com
cdn4.explainthatstuff.com
126 KB
3 gstatic.com
fonts.gstatic.com
196 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 719
120 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 138
189 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 105
12 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 112
6 KB
1 siborebooks.com
qr58.siborebooks.com
110 B
1 myeblox.com
qr58.myeblox.com
150 B
20 9
Domain Requested by
5 cdn4.explainthatstuff.com www.explainthatstuff.com
3 fonts.gstatic.com www.explainthatstuff.com
fonts.googleapis.com
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 www.explainthatstuff.com www.explainthatstuff.com
2 www.facebook.com www.explainthatstuff.com
2 pagead2.googlesyndication.com www.explainthatstuff.com
pagead2.googlesyndication.com
1 lh3.googleusercontent.com www.explainthatstuff.com
1 fonts.googleapis.com
1 qr58.siborebooks.com 1 redirects
1 qr58.myeblox.com 1 redirects
20 10
Subject Issuer Validity Valid
explainthatstuff.com
RapidSSL TLS RSA CA G1		 2023-07-25 -
2024-08-24		 a year crt.sh
cdn4.explainthatstuff.com
Amazon RSA 2048 M01		 2023-05-30 -
2024-06-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-03 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.explainthatstuff.com/xrays.html
Frame ID: B6D829D53363FDE313A8B09A9E5F7AE4
Requests: 18 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.explainthatstuff.com%2Fxrays.html&width=90&layout=button_count&action=like&size=small&share=false&height=21&appId=1678539732394615
Frame ID: CBFBF1B9A92A60447733847C804B5594
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.explainthatstuff.com%2Fxrays.html&width=90&layout=button_count&action=like&size=small&share=false&height=21&appId=1678539732394615
Frame ID: B39872544486D5142B8C71B663E31D61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

What are X rays? A simple introduction - Explain that Stuff

Page URL History Show full URLs

  1. https://qr58.myeblox.com/ HTTP 301
    http://qr58.siborebooks.com/ HTTP 307
    https://qr58.siborebooks.com/ HTTP 301
    https://www.explainthatstuff.com/xrays.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

8
IPs

2
Countries

650 kB
Transfer

1589 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qr58.myeblox.com/ HTTP 301
    http://qr58.siborebooks.com/ HTTP 307
    https://qr58.siborebooks.com/ HTTP 301
    https://www.explainthatstuff.com/xrays.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xrays.html
www.explainthatstuff.com/
Redirect Chain
  • https://qr58.myeblox.com/
  • http://qr58.siborebooks.com/
  • https://qr58.siborebooks.com/
  • https://www.explainthatstuff.com/xrays.html
64 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.142.64.143 , United States, ASN40476 (SCALAHOSTING, US),
Reverse DNS
cloud-144a2e.managed-vps.net
Software
Apache / PHP/7.4.33
Resource Hash
927acf2c253cb3280a09043ff072971f0b2955e169b07b92a45b58a15a7a7ed0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=259200, must-revalidate
content-encoding
gzip
content-length
22484
content-type
text/html; charset=UTF-8
date
Tue, 26 Mar 2024 03:45:18 GMT
server
Apache
strict-transport-security
max-age=15552000; includeSubDomains max-age=0; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33

Redirect headers

content-length
251
content-type
text/html; charset=iso-8859-1
date
Tue, 26 Mar 2024 03:45:17 GMT
location
https://www.explainthatstuff.com/xrays.html
server
Apache
lato-v23-latin-regular.woff2
www.explainthatstuff.com/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.explainthatstuff.com/fonts/lato-v23-latin-regular.woff2
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.142.64.143 , United States, ASN40476 (SCALAHOSTING, US),
Reverse DNS
cloud-144a2e.managed-vps.net
Software
Apache /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/xrays.html
Origin
https://www.explainthatstuff.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 03:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=0; includeSubDomains; preload
last-modified
Tue, 21 Jun 2022 13:39:06 GMT
server
Apache
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
font/woff2
cache-control
max-age=31536000, public, must-revalidate
accept-ranges
bytes
content-length
23580
ets-wide-logo-rgb.png
cdn4.explainthatstuff.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.explainthatstuff.com/ets-wide-logo-rgb.png
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7c00:b:be30:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc329ed1ad81435e8d2b463fcd9d410299118a4fc0fbf6089e662f5b324238ff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 08 Mar 2024 00:13:23 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified
Fri, 11 Aug 2023 16:08:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
1567916
etag
"c238072caae719c648cfdf89cb1307ba"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
17151
x-amz-cf-id
HZRQYku6dcR620x4EjBDnQEwIUTmamPofg1VIhBOv_cYk6MnRiSYcg==
hand-xray2.jpg
cdn4.explainthatstuff.com/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.explainthatstuff.com/hand-xray2.jpg
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7c00:b:be30:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50c39cca76784502d0ea138f5d949c8ad223b801550694e53d53f3d705f27ef1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 06:54:57 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified
Sat, 26 Aug 2017 13:39:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
420622
etag
"3ccfec5d7399564548fb67840a000223"
x-amz-meta-origin-date-iso8601
2010-04-13T06:50:06.000Z
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
content-length
13734
x-amz-cf-id
P6oh-TXa7Lb6zOBIUbGSd9dGe92Msnn0X7ERvOgNOPjOTEFmTzL-Cg==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1030585152417294
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df714ff2338fc33bfa1e00324b379a6188bcb7d4bf119a18ebfd525861fabe94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
Origin
https://www.explainthatstuff.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 03:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51344
x-xss-protection
0
server
cafe
etag
12778955673497014389
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 26 Mar 2024 03:45:18 GMT
periodic-table-lead.png
cdn4.explainthatstuff.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.explainthatstuff.com/periodic-table-lead.png
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7c00:b:be30:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5577b8f29ab6d7654fd072fe4ccfe2c8e3da12838d847bdb5f40c5c390a60636

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 06:54:57 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2017 15:24:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
420622
etag
"829f6921f11ef9e08b3ff7e10abe7166"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
16045
x-amz-cf-id
BXctTNStGeGZHSNovMEsmXHCShGMBx5MLpZqCNaNwkmmjviBI43ihw==
like.php
www.facebook.com/plugins/ Frame CBFB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.explainthatstuff.com%2Fxrays.html&width=90&layout=button_count&action=like&size=small&share=false&height=21&appId=1678539732394615
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.explainthatstuff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Tue, 26 Mar 2024 03:45:18 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2764, tp=-1, tpl=-1, uplat=31, ullat=0
x-fb-debug
iHkXTXqjbak3W3z4tu92lralIvp4iUWeEiK8LH7MdOVlbw8RupqbS+xrsM8LAlVtjWwwrM6gJ4GdInKs+dg0iw==
x-xss-protection
0
FCC0802E2AF8A915.png
www.explainthatstuff.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.explainthatstuff.com/FCC0802E2AF8A915.png
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.142.64.143 , United States, ASN40476 (SCALAHOSTING, US),
Reverse DNS
cloud-144a2e.managed-vps.net
Software
Apache / PHP/7.4.33
Resource Hash
8ed90a00d6299cd21e17fd3c7483b4caf5a6934f5b98c33d352553801d5efdae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains, max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/xrays.html
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 03:45:18 GMT
strict-transport-security
max-age=15552000; includeSubDomains, max-age=0; includeSubDomains; preload
server
Apache
x-powered-by
PHP/7.4.33
x-frame-options
SAMEORIGIN
vary
User-Agent
content-type
text/html; charset=UTF-8
cache-control
max-age=259200, must-revalidate
electromagnetic-spectrum-xrays.jpg
cdn4.explainthatstuff.com/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.explainthatstuff.com/electromagnetic-spectrum-xrays.jpg
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7c00:b:be30:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aac23b4e9e912331d949a9dbfa80dd25209b34a31c0a310d56a71f4e99cf536e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 22 Mar 2024 13:39:29 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified
Sat, 26 Aug 2017 13:38:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
309949
etag
"1ebe99df3a61e66b5a02f8bacee2e2a9"
x-amz-meta-origin-date-iso8601
2012-10-17T14:51:50.000Z
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=604800, must-revalidate
accept-ranges
bytes
content-length
17564
x-amz-cf-id
9jaRysE-YMh3Pjfr01XOCdhNvrPtP--erkIumpKyFc1jjiV1u_LFVA==
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/ 		407 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1030585152417294&plah=www.explainthatstuff.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1030585152417294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
13de89a8007d7255b686abdb6bddc8d4d7d9ced36e0fb13f6b3b6b5a78c323c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 03:45:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141515
x-xss-protection
0
server
cafe
etag
10826017371386015518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 26 Mar 2024 03:45:18 GMT
like.php
www.facebook.com/plugins/ Frame B398 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.explainthatstuff.com%2Fxrays.html&width=90&layout=button_count&action=like&size=small&share=false&height=21&appId=1678539732394615
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.explainthatstuff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Tue, 26 Mar 2024 03:45:18 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=5016, tp=-1, tpl=-1, uplat=29, ullat=0
x-fb-debug
TtQA12DaofNIjslkwN4JAu2FTVe4zQNKOgggPeMRCq2BbrS6+52SPcxCgjYR6u42TcJFoOC3n03LE+mpPRLp7A==
x-xss-protection
0
ca-pub-1030585152417294
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-1030585152417294?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1030585152417294&plah=www.explainthatstuff.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
924954fb361d8b9af1b326942b6e3345ac077302a5ff57efbd58ccda104c6428
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4H5nbAwl7iJLkvDRpXZu3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 03:45:18 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-4H5nbAwl7iJLkvDRpXZu3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTDca6zcwObwI9LE48yAwDbrDFA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU_kMXktG317r7bEB65UAhRmai_S6J6grEC6s0IQKcJU4cfly4jeFkABbwK54n3QHaOAjmHLPzaPTRVedZC3Vte0_QTPCjnqhdBSOLuNxC8iYasw8KwcmTEiEIjnMaJtFO-L2p06g==
fundingchoicesmessages.google.com/f/ 		372 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU_kMXktG317r7bEB65UAhRmai_S6J6grEC6s0IQKcJU4cfly4jeFkABbwK54n3QHaOAjmHLPzaPTRVedZC3Vte0_QTPCjnqhdBSOLuNxC8iYasw8KwcmTEiEIjnMaJtFO-L2p06g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNDI0NzE5LDQwMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5leHBsYWludGhhdHN0dWZmLmNvbS94cmF5cy5odG1sIixudWxsLFtbOCwiQlhYd0tNQUNvZmciXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyooh4RC1q1pfG_49ALpteblc73hw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f80324b579d382a354d04134203437c8c504e7b48cd1592e48973237751f3236
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nZPiX8I0VGDqUtpMZ2To4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 03:45:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-nZPiX8I0VGDqUtpMZ2To4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJo6vL5kkgFgNiPnWTWdVAWLN9dNZA4E45vl01hQgdkqfwRoAxD71M1ijgLj15jnWyUB8csF51otALMTNcb6zcwObwIsJH3QBpD4wpg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		106 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.BXXwKMACofg.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxsy78HEBSOmDEus3whGvvaJblSpg/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 26 Mar 2024 03:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 26 Mar 2024 03:45:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 26 Mar 2024 03:45:19 GMT
QX6oIPq_iYJH_ONLPegkcYtzTXQ0gqvHQUZM14HHoOM8gond9zoUU_4Iv8TvchljxvxPv21TVpXh9GxA8pcKgOaZNhjCQm0iOoSbRL_YTISKXOpMFHll=h60
lh3.googleusercontent.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/QX6oIPq_iYJH_ONLPegkcYtzTXQ0gqvHQUZM14HHoOM8gond9zoUU_4Iv8TvchljxvxPv21TVpXh9GxA8pcKgOaZNhjCQm0iOoSbRL_YTISKXOpMFHll=h60
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
fife /
Resource Hash
1b67f624002ac352357e761206aa40a3f3584bde682891dce52748876d49c8bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 00:33:28 GMT
x-content-type-options
nosniff
age
11511
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12410
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 27 Mar 2024 00:33:28 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
Origin
https://www.explainthatstuff.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 19 Mar 2024 07:55:46 GMT
x-content-type-options
nosniff
age
589773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:55:46 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: www.explainthatstuff.com
URL: https://www.explainthatstuff.com/xrays.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
Origin
https://www.explainthatstuff.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 19 Mar 2024 08:10:53 GMT
x-content-type-options
nosniff
age
588866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 08:10:53 GMT
AGSKWxVJedhX-6B_rYttPOY7-g8aMOeXF8axvnZnsGsWpEgUonWgQJuIm1jUXmM2E7Zzh_BMywOsnrbsjtWBe-ZgzDLnpcvwMeCsYOeWD9nD_FUzloTvhPR5l9ZN8YhhYHyE3_YTXxBd9w==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVJedhX-6B_rYttPOY7-g8aMOeXF8axvnZnsGsWpEgUonWgQJuIm1jUXmM2E7Zzh_BMywOsnrbsjtWBe-ZgzDLnpcvwMeCsYOeWD9nD_FUzloTvhPR5l9ZN8YhhYHyE3_YTXxBd9w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.BXXwKMACofg.es5.O/am=wA/d=1/rs=AJlcJMyooh4RC1q1pfG_49ALpteblc73hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iHaWulRmrqUhk7kzmRKYGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 26 Mar 2024 03:45:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iHaWulRmrqUhk7kzmRKYGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw15BiqGV4xtQKxE7pM1hDgFiIm-N8Z-cGNoEHT3qzALk_C_k"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.explainthatstuff.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://www.explainthatstuff.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 02:38:45 GMT
x-content-type-options
nosniff
age
3994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Mar 2025 02:38:45 GMT
favicon.ico
cdn4.explainthatstuff.com/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn4.explainthatstuff.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:7c00:b:be30:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc23be4d375a400b7be01aa8eddedf669b435dddf22f3c5d8b36a8c78309a3b7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.explainthatstuff.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 18 Mar 2024 06:16:45 GMT
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 08:16:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
682115
etag
"3fd0e019e31d75b58fc76e6654569cf3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/x-icon
cache-control
max-age=2592000, must-revalidate
accept-ranges
bytes
content-length
1662
x-amz-cf-id
7DrYIAUaErpRd2FjYCP3Mm6czaTbX-4vGXAqPXVxIoMYB4JADGmLzA==

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onpagereveal object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzhkZTNkNmZkNjIwOGEwYWxvYWRlcl9qcw== string| YzhkZTNkNmZkNjIwOGEwYWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady

0 Cookies

2 Console Messages

Source Level URL
Text
other warning URL: https://www.explainthatstuff.com/xrays.html(Line 151)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://www.explainthatstuff.com/FCC0802E2AF8A915.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=0; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn4.explainthatstuff.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
lh3.googleusercontent.com
pagead2.googlesyndication.com
qr58.myeblox.com
qr58.siborebooks.com
www.explainthatstuff.com
www.facebook.com
162.144.22.120
162.241.226.169
209.142.64.143
216.58.212.129
2600:9000:2490:7c00:b:be30:2940:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::200a
2a03:2880:f176:181:face:b00c:0:25de
0e2ef015de96af25db009694591ade7c1a7fc6d3401450069f85c9d13e1f403d
13de89a8007d7255b686abdb6bddc8d4d7d9ced36e0fb13f6b3b6b5a78c323c2
1b67f624002ac352357e761206aa40a3f3584bde682891dce52748876d49c8bb
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
50c39cca76784502d0ea138f5d949c8ad223b801550694e53d53f3d705f27ef1
5577b8f29ab6d7654fd072fe4ccfe2c8e3da12838d847bdb5f40c5c390a60636
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8ed90a00d6299cd21e17fd3c7483b4caf5a6934f5b98c33d352553801d5efdae
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
924954fb361d8b9af1b326942b6e3345ac077302a5ff57efbd58ccda104c6428
927acf2c253cb3280a09043ff072971f0b2955e169b07b92a45b58a15a7a7ed0
aac23b4e9e912331d949a9dbfa80dd25209b34a31c0a310d56a71f4e99cf536e
bc23be4d375a400b7be01aa8eddedf669b435dddf22f3c5d8b36a8c78309a3b7
cc329ed1ad81435e8d2b463fcd9d410299118a4fc0fbf6089e662f5b324238ff
df714ff2338fc33bfa1e00324b379a6188bcb7d4bf119a18ebfd525861fabe94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f80324b579d382a354d04134203437c8c504e7b48cd1592e48973237751f3236