urlscan.io logo urlscan.io
SecurityTrails logo

user168014.psee.ly Open in urlscan Pro
3.232.159.123  Public Scan

Go To Rescan Add Verdict Report
URL: http://user168014.psee.ly/saadad-su
Submission: On August 17 via manual from SA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 50 HTTP transactions. The main IP is 3.232.159.123, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is user168014.psee.ly.
This is the only time user168014.psee.ly was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    3.232.159.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-159-123.compute-1.amazonaws.com
user168014.psee.ly
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    3.232.36.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-36-56.compute-1.amazonaws.com
picsee.co
1    2606:4700:10::ac43:1755 (United States)

ASN13335 (CLOUDFLARENET, US)
tenmax-static.cacafly.net
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    211.21.190.218 (Hsinchu County, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-21-190-218.hinet-ip.hinet.net
dmp.tenmax.io
ssp.tenmax.io
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
9    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
3    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
17 googlesyndication.com
27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
88 KB
7 gstatic.com
www.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
168 KB
5 psee.ly
user168014.psee.ly
24 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
163 KB
4 tenmax.io
dmp.tenmax.io — Cisco Umbrella Rank: 104258
ssp.tenmax.io — Cisco Umbrella Rank: 105560
3 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
1 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 727
103 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
3 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
72 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
88 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
792 B
1 cacafly.net
tenmax-static.cacafly.net — Cisco Umbrella Rank: 94479
39 KB
1 picsee.co
picsee.co
33 KB
50 13
Domain Requested by
9 tpc.googlesyndication.com 1 redirects 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 pagead2.googlesyndication.com user168014.psee.ly
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 user168014.psee.ly user168014.psee.ly
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
user168014.psee.ly
3 encrypted-tbn3.gstatic.com 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
3 ssp.tenmax.io tenmax-static.cacafly.net
user168014.psee.ly
3 maxcdn.bootstrapcdn.com user168014.psee.ly
maxcdn.bootstrapcdn.com
2 www.facebook.com 1 redirects connect.facebook.net
2 encrypted-tbn1.gstatic.com 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
2 www.google.com 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.googletagservices.com tenmax-static.cacafly.net
27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
2 connect.facebook.net user168014.psee.ly
connect.facebook.net
1 encrypted-tbn0.gstatic.com 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
1 www.gstatic.com 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 dmp.tenmax.io user168014.psee.ly
1 tenmax-static.cacafly.net user168014.psee.ly
1 picsee.co user168014.psee.ly
50 20

This site contains links to these domains. Also see Links.

Domain
docs.google.com
pics.ee
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
pics.ee
Amazon		 2021-12-05 -
2023-01-01		 a year crt.sh
*.tenmax.io
Gandi Standard SSL CA 2		 2022-01-10 -
2023-02-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://user168014.psee.ly/saadad-su
Frame ID: F7E17CB07AD39302AB237FB626A91BC8
Requests: 25 HTTP requests in this frame

Frame: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 06992BC5B93E1E8B1ADF04B3BE5967C2
Requests: 1 HTTP requests in this frame

Frame: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E2937600C8EA29523328FC338C12A478
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Frame ID: E046880B51F0EDCEE2E652226270E35E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D150378901782986%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df37e65f2f2da16%2526domain%253Duser168014.psee.ly%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fuser168014.psee.ly%25252Ff369a4e04a25bd4%2526relation%253Dparent.parent%26container_width%3D0%26height%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpicsee.co%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dmessages
Frame ID: 8B1D1DDCE4DF851768438085851F73F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8BD0D6A87F5AA49209ABBD79CE58795
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE0E5C6A69AF50444C9BCEF97176DB38
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Not Found | PicSee

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

80 %
HTTPS

79 %
IPv6

13
Domains

20
Subdomains

20
IPs

3
Countries

783 kB
Transfer

1889 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://connect.facebook.net/zh_TW/sdk.js HTTP 307
  • https://connect.facebook.net/zh_TW/sdk.js
Request Chain 37
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCrib_H_QEQkAMYkAMyCAYbUTU2xgy8 HTTP 301
  • https://tpc.googlesyndication.com/simgad/4154394098787002592
Request Chain 40
  • https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37e65f2f2da16%26domain%3Duser168014.psee.ly%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fuser168014.psee.ly%252Ff369a4e04a25bd4%26relation%3Dparent.parent&container_width=0&height=300&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fpicsee.co&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&tabs=messages HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D150378901782986%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df37e65f2f2da16%2526domain%253Duser168014.psee.ly%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fuser168014.psee.ly%25252Ff369a4e04a25bd4%2526relation%253Dparent.parent%26container_width%3D0%26height%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpicsee.co%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dmessages

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request saadad-su
user168014.psee.ly/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Server
3.232.159.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-159-123.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
0f88aa6a86e1c249375fe55f6e86e37be9fb13ac1ee3dde91987b8c07d2de9f1
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
3279
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Aug 2022 21:29:30 GMT
Server
Apache/2.4.7 (Ubuntu)
Vary
Accept-Encoding
X-Frame-Options
DENY
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:29:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
age
17668036
cdn-cachedat
2021-06-08 14:01:04
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:58 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
33fc7f6c64f18e27ebb95ab9e21d92ab
cf-ray
73c5816ecc1291ea-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:29:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617
age
17668037
cdn-cachedat
2021-06-08 14:35:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
55fb4fa8e5dd0a7f71d503394bffb28b
cdn-requestcountrycode
US
cf-ray
73c5816ecc2191ea-FRA
cdn-cache
HIT
cdn-requestpullsuccess
True
picsee.css
user168014.psee.ly/js/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://user168014.psee.ly/js/picsee.css
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Server
3.232.159.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-159-123.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
2a517916ca8a36e74aa1b4c1c23d6aa200c107ee8815c48ccd909eec7ba98597

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/saadad-su
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:29:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 03:46:11 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"f6f-5c89f86e0a3b9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1823
jquery-1.11.1.min.js
picsee.co/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://picsee.co/js/jquery-1.11.1.min.js
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.36.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-36-56.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:24:17 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Jul 2016 10:24:02 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"1762a-53731516dd7dc-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-control
no-cache="set-cookie"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33225
bootstrap.min.js
user168014.psee.ly/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://user168014.psee.ly/js/bootstrap.min.js
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Server
3.232.159.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-159-123.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/saadad-su
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:29:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 03:46:11 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"8c6f-5c89f86e09419-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9539
utility.js
user168014.psee.ly/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://user168014.psee.ly/js/utility.js
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Server
3.232.159.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-159-123.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
26d0f90d61032362f5d5ef64cd59edd5fb4c4535be3ea19e2c2ce3c3f79ac168

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/saadad-su
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:29:30 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Aug 2021 03:46:11 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"1446-5c89f86e0a3b9-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1521
picsee_light_web.png
user168014.psee.ly/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://user168014.psee.ly/images/picsee_light_web.png
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Server
3.232.159.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-159-123.compute-1.amazonaws.com
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
60bf970d8a4b5a933e5d401be9a03144ea2f191a90ebe21b21c171fcc6bf07cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/saadad-su
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:29:30 GMT
Last-Modified
Tue, 03 Aug 2021 03:46:11 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"1a03-5c89f86e03659"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6659
adsbytenmax.js
tenmax-static.cacafly.net/ssp/ 		127 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Server
2606:4700:10::ac43:1755 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2bdb38871c75238340b8d25ea4ce6023ff045c1472e4bb47373faf66ffbcf5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 17 Aug 2022 21:29:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
X-Azure-Ref-OriginShield
0S1r8YgAAAADJ/XVFNDSQRLt6cn/RNXB5QU1TMDRFREdFMTkxNwBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
Content-MD5
TzhKCSY4oiuCuPUUAiCMGw==
Age
7044
Transfer-Encoding
chunked
X-Cache
TCP_MISS
X-Azure-Ref
0S1r8YgAAAAD2I+Arn/szRqG8/bOUmT5DQlJVMzBFREdFMDcxMABiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
Connection
keep-alive
x-ms-lease-status
unlocked
Last-Modified
Wed, 17 Aug 2022 03:01:02 GMT
Server
cloudflare
ETag
0x8DA7FFCB85962DC
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
79bc8421-101e-007a-04e5-b188ba000000
Access-Control-Expose-Headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
Cache-Control
max-age=1800
x-ms-version
2009-09-19
CF-RAY
73c58170bca5913d-FRA
sdk.js
connect.facebook.net/zh_TW/
Redirect Chain
  • http://connect.facebook.net/zh_TW/sdk.js
  • https://connect.facebook.net/zh_TW/sdk.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
H2
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b253ffb5d335f8815bef247d88027bad153fd390c53bc0ed661a67930f94cdd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
mLHA4ujO7RLvRl+OBSB+KQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
YgccPMy00b4SY6RrIun/BjLgqSRVacMXXhdBDXKi/LO5pU6onplQa9M9Q8xNqopmLOFygpzYz/JTOtExgaZpIg==
x-fb-trip-id
686109401
x-fb-content-md5
d5c8930c1df4ab7d088d93fc2c54cdf4
x-frame-options
DENY
date
Wed, 17 Aug 2022 21:29:31 GMT
vary
Accept-Encoding
x-content-cdn-origin-ts
1660771113757
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"a44d1009444759114caebeeda9660771"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 17 Aug 2022 21:38:33 GMT

Redirect headers

Location
https://connect.facebook.net/zh_TW/sdk.js#xfbml=1&version=v2.6&appId=150378901782986
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://user168014.psee.ly
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:29:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
601
access-control-allow-origin
*
cdn-proxyver
1.02
cdn-cachedat
04/09/2022 08:19:45
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c62a6813f44d92c8eb91bddf4b0078c4
accept-ranges
bytes
cf-ray
73c581729a3a6993-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/ 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=884557426
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:29:32 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
plan
ssp.tenmax.io/supply/v3/universal/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=0cf0b05622074fba&referer=http%3A%2F%2Fuser168014.psee.ly%2Fsaadad-su&bodyWidth=1600&bodyHeight=1200&cacheBuster=0fca5cb7-b81d-433d-bfd6-933778022c4e
Requested by
Host: tenmax-static.cacafly.net
URL: http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
82f0a2def08c2a38ac477f3cedc2042af7243baf38f16314d5b54dbbf6aec360

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:29:32 GMT
Server
nginx
Vary
Origin
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
http://user168014.psee.ly
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
1621
X-Application-Context
application:prod,aggregator,build-ext:58070
sdk.js
connect.facebook.net/zh_TW/ 		304 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=ac804e3a1f5f4ef5a56d92928649d7a4
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/zh_TW/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d646dcef59facfa23efd6921abbed3bec147d1e7910e65cc1ad20acad489e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://user168014.psee.ly/
Origin
http://user168014.psee.ly
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5zMmADzWiMciL5vowWkOEw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88132
x-fb-rlafr
0
x-fb-debug
fylD/KAJ88x2gfTNL6hJ32ly1UmLNZ/xGzNsIlrJyWLtYOetGGQykV8k5SMAG8nwFit0K6asZOEHmpYXIZBUKg==
x-fb-content-md5
edbf4671653c3dbac6cc7be08fa821f9
x-frame-options
DENY
date
Wed, 17 Aug 2022 21:29:31 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"e55bd4d6476cc8b46371ee2ae7496ce3"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 17 Aug 2023 20:40:21 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tenmax-static.cacafly.net
URL: http://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46e2ce7ef30b1f501795fa0c984126d80e7e153ba2d2b522ff6d1e38db7a9188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:29:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1307 / 394 of 1000 / last-modified: 1660734533"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
28664
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Wed, 17 Aug 2022 21:29:32 GMT
request
ssp.tenmax.io/supply/tracking/ 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/request?bid=af0d2520-1e73-11ed-a57c-33ec306c7cf4&chid=a1ebcf323fa54a53&sid=0cf0b05622074fba
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:29:33 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
pubads_impl_2022081501.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 09:20:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133600
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:36:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 09:20:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		40 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=user168014.psee.ly
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8990e165b03227058d14e045ff22c0d6aa04d04861e895ec2d05e6bccad5bd8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Aug 2022 21:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54
x-xss-protection
0
expires
Wed, 17 Aug 2022 21:29:33 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=user168014.psee.ly
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Aug 2022 21:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=user168014.psee.ly
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Aug 2022 21:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		104 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=780270109978790&correlator=3560294608742879&eid=31068925%2C31068927%2C31069001%2C44761477&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fifs&iu_parts=37275962%2Crmaxspace%2C0cf0b05622074fba&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&ifi=1&adks=2268667559&sfv=1-0-38&fsapi=false&prev_scp=adx_region%3DTWN%26line_item_type%3DadExchange%252CadSense&eri=4&sc=0&cookie_enabled=1&abxe=1&dt=1660771773122&lmt=1660771773&dlt=1660771770618&idt=2480&adxs=640&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fuser168014.psee.ly%2Fsaadad-su&frm=20&vis=1&psz=0x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1733235144.1660771773&ga_sid=1660771773&ga_hid=1101732843&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
eba56571edfd372fc443b244a37b66547eec5394209f1bc55848bb19b7ae2fe3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32281
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://user168014.psee.ly
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0699 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://user168014.psee.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 21:29:33 GMT
expires
Thu, 17 Aug 2023 21:29:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E293 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://user168014.psee.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 21:29:33 GMT
expires
Thu, 17 Aug 2023 21:29:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impression
ssp.tenmax.io/supply/tracking/ 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/impression?bid=af0d2520-1e73-11ed-a57c-33ec306c7cf4&chid=a1ebcf323fa54a53&sid=0cf0b05622074fba&lineitemid=5342308983
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Wed, 17 Aug 2022 21:29:33 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame E293 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Aug 2022 21:22:30 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E293 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CR45ovV39YujRDP-y9u8PgfiLkA2c8IObYPPoxOqICZnFhv6QEhABIMqm3yVglcKhgrAHoAH20_jPA8gBCakCzYAK5Cu-Pz7gAgCoAwHIA8sEqgSbAk_Qqc3c0H_lgpktfW4HSXj1HRpRRCMTE9XahSDj4OMzXVHvR4fFlfq3_nGmid-Q0sWNPg3CQrsmAePeL81wLcXlOnS1SHDdWzwE0GhwCtZh7GlANPmNJE3mAHw-uPCxmeXhKP9jxbMbXNZ-7--J2QQ6JI0BPe42bkKVveaIwH6oxAeEhPeklMsOEZK9_afMEgHs6jtWIpLMmrhxtev1-Y8Kswoww3xGSL522z8OdZSzL-rIHJENw3b_XlHpUFnfxzUxDCn8sVazcQAdQo3h8kxIX8PKS6QAOxBS-x81ZDp08UKLIpPTaSZMc7gLupWOSWDvVgJuPGTbHsd5pVY6ahJNJHeGUGkh2nP7I4HoZGDmpe7rHnhUMD-eDBLABJG419zzAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfyq4cwqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMC2AtIIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTDIgUFtAVAZgWAYAXAbIXHgocCAASFHB1Yi00MzM4MjU2NDM5NjI2MTQ1GOqPGA&sigh=Nmf5niue4hg&uach_m=[UACH]&template_id=494
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/ Frame E293 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/abg_lite_fy2021.js
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:21:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Aug 2022 21:21:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame E293 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/window_focus_fy2021.js
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:28:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Aug 2022 21:28:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E293 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1b0541f82f31cab4d9c95f9e0ed760d579580a0dde81bfa342effb6c8b677d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1660562816195624"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 21:29:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/ Frame E293 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220816/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:24:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
280
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Aug 2022 21:24:53 GMT
l
www.google.com/ads/measurement/ Frame E293 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4kdtvjMMbnNd0AkGZ7H9mRa0YpMGdzwiiaaSlH6wKGcoeSMqc20sTU6okfuRq_hICPo6YOUJbL9ChX9JQFO61Ey421Q
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
16838d5bcb4c763c91f5404f5ca97705.js
www.gstatic.com/mysidia/ Frame E293 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/16838d5bcb4c763c91f5404f5ca97705.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 03:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13605
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 03:14:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 09 Nov 2022 03:39:26 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E293 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTjJJ8NlJlJSn5BAwWcsOi0rQ3VbEfVgvAdMds_607VJFd95JEW6n9_Fhk34g&usqp=CAI
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef8cf83bab27c402c3fb52d7d7dbdfc2cd7c5958aa372eff4e86082faebf55bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 18:27:47 GMT
x-content-type-options
nosniff
age
10906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44038
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 20:12:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 17 Aug 2023 18:27:47 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame E293 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSdem10W7KxudKtTo102hdzftMj0n2g-Epm5YEdopnUs66KC1KUZQ1_hxtDZK0&usqp=CAI
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bfd186e336f08af91e68941c3912472c7a461ff7113b65860ce7d5efe0a1905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 15:56:32 GMT
x-content-type-options
nosniff
age
19981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9181
x-xss-protection
0
last-modified
Thu, 11 Aug 2022 04:37:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 17 Aug 2023 15:56:32 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E293 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTg7EWTTlM4FaJyi1g2pEOyUjvqRBYQhbtGCzaSHWoYFHNzHa6zZA3-gHjgdg&usqp=CAI
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec6b12879f38cab72f3d6fdfe7ed597dd339f674a2594687f0287bc9714e415f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 15:01:02 GMT
x-content-type-options
nosniff
age
23311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23390
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:02:41 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 17 Aug 2023 15:01:02 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame E293 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSn05LGpxRXTYiz6o-3Tv5XTO0YCJNWgpW86BT0Kup7JNE2v-llykWNd34tqA&usqp=CAI
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3784e5738cf44ec107c3ab39598c1f7cab0efc54224c717bf79c3b9ff8d6ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 15:12:24 GMT
x-content-type-options
nosniff
age
541029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8275
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 03:55:28 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 11 Aug 2023 15:12:24 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E293 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQuktZ9ATCtr7SbsKq-9E4CuZrjouBTiBogGaJuullta4GeI46JCfZmeaTpyQ&usqp=CAI
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2efd714625e2b94acb5bf8f1ae2750bb893daaceff56b048a319e952f22eae82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 15:17:38 GMT
x-content-type-options
nosniff
age
22315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17711
x-xss-protection
0
last-modified
Wed, 27 Jul 2022 17:33:47 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 17 Aug 2023 15:17:38 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame E293 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRvzLZ-LmQaXaRPgKpgQ3XiY-gP5eZDBD3UCbOF-6aiD96J6N9t81-fKubSOQ&usqp=CAI
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
722f9dfd2eda3f83b308fbbc13a882fa17dbeb9a1788a9087a65965282f15678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 15:13:03 GMT
x-content-type-options
nosniff
age
22590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53075
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 08:50:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 17 Aug 2023 15:13:03 GMT
4154394098787002592
tpc.googlesyndication.com/simgad/ Frame E293
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCrib_H_QEQkAMYkAMyCAYbUTU2xgy8
  • https://tpc.googlesyndication.com/simgad/4154394098787002592
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4154394098787002592
Requested by
Host: 27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
URL: https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241feef1d2da28be54a614da2249043001d75f6063187f6340df96fa623a2e8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 02:42:24 GMT
x-content-type-options
nosniff
age
240429
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11235
x-xss-protection
0
last-modified
Wed, 13 Nov 2019 05:38:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 15 Aug 2023 02:42:24 GMT

Redirect headers

date
Wed, 17 Aug 2022 00:31:00 GMT
x-content-type-options
nosniff
server
cafe
age
75513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/4154394098787002592
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Sep 2022 00:31:00 GMT
truncated
/ Frame E293 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edceb035e84230eff82a3c383e4f03e967a5ac3a2b9b0c9994bc0534ad0e4e5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame E046 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: user168014.psee.ly
URL: http://user168014.psee.ly/saadad-su
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 15:08:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
109240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 15:08:53 GMT
/
www.facebook.com/login/ Frame 8B1D
Redirect Chain
  • https://www.facebook.com/v2.6/plugins/page.php?adapt_container_width=true&app_id=150378901782986&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df37e...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D150378901782986%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D150378901782986%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df37e65f2f2da16%2526domain%253Duser168014.psee.ly%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fuser168014.psee.ly%25252Ff369a4e04a25bd4%2526relation%253Dparent.parent%26container_width%3D0%26height%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpicsee.co%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dmessages
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=ac804e3a1f5f4ef5a56d92928649d7a4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 17 Aug 2022 21:29:34 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
YL7JlXwbEErTpasIUIQZNHr7tqruC+utBUVvfom6AvA/GvpwXQmuEQFUgteN8xjS+lezR3tPOWx3F9hwzbjZgw==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 17 Aug 2022 21:29:34 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v10.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D150378901782986%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df37e65f2f2da16%2526domain%253Duser168014.psee.ly%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fuser168014.psee.ly%25252Ff369a4e04a25bd4%2526relation%253Dparent.parent%26container_width%3D0%26height%3D300%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fpicsee.co%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dmessages
pragma
no-cache
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
H/G2+XCxCuWmqv6sDDbo/5kOqj6oGcTVDCDJ0vvOU+BL70vTv+fjNechKQuTKAt5/3s93mb2StCihwReIGPRSg==
x-fb-rlafr
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
736d179c524bd5ceeec3beb0d5450ac420bc6465ee9978aa15d0ff9bc2ff4866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Aug 2022 21:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11089
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js?cb=31069001
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Aug 2022 21:29:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B8BD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://user168014.psee.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 17:45:23 GMT
expires
Thu, 17 Aug 2023 17:45:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BE0E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b18131aa2662b044481d97a8687d2850e61f2a446c15706bd09459a5dcba15ea
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4Cu4xmui09lyF5aWLhAOrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://user168014.psee.ly/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-4Cu4xmui09lyF5aWLhAOrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Aug 2022 21:29:34 GMT
expires
Wed, 17 Aug 2022 21:29:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
pagead2.googlesyndication.com/bg/ Frame B8BD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 16 Aug 2022 15:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
109133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Aug 2023 15:10:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BE0E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=780270109978790&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B8BD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NbBmZg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 21:29:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081501&jk=780270109978790&bg=!sbKlsvbNAAYUOm8VNDo7ACkAdvg8WnSCUHaxpFarw9K22Ec5S8HXwLUIMdsQJM-UXkxXDWaeAdgiDwIAAABCUgAAAAFoAQeZAvHdFJmPsDErG98L0j1EnAH_dqTH6MAZNgQ6h-cFfQB756Xm6FskG3rUPuHfeAiviQdfh9G1LRybjs2EPIuTC6R4x-iyj4Gq9Rb8GGYnFOLdzrKYCjEUm7-bSJYY0e16VdPaVuI-gTIm52KjxMDdIu9FHm22vacMy7uZMxTlvlkIZ_3Nw2iXjAbgXL46rE_I2vaJ5fXlI8ow68RFOiUXrs3LLZBilKQzUn9pc1zZbCisPm_ezDcUlLZekI6o_ImxLRDKj9UNpUYtN0DEXQ6-3rB2F9OPi_pu5Oe95uMKOfNiMU4y9xihXOZvsZDg494zKBqjuWdUPtx8FI8ASPHK8Y-S0-yYQ_XGUXCoRcNF4KIvzfvnBlACQmu709HTxImkejLkbcMYAhGti62d6e12CQe7hLnKseYdTPa7O6RDs5AaOZ9jLf56yp3PGwJEB1kaIx2rCXq_qaAyiaXLuAhGMJqpAaQ8aUvArGBb6NEJ7N7y-8WYkk2tfDac3R6zMr8CXCoGVdCI3gvmSBr8ctHzRak4kQImSUVqavjGyh176wbSd0vEdgMPcWOGVgunbbuVe_3MwJm8rU8mQhhoG17-bQu6R2HBJHmxOVyiR9cL2QaFSJKcCpoxvDxeD9AOhAET3LO2odGFmsyNlof4vrmTgK1P_9bobLJ4l5rlCAgQVC9X7e0SNtzXN6EHlBxkarQcrqgKpWAt8v3tvsvjmIed0GtmuaBjN7sYUtgcyoqbqUlS1SGL5pI_guDOTO7xHZwrybd95L4MdES9zVl3ia5hB2adWKuj4JZYkGs0KUtREpksT3KBrQfjlFWkYBc6Za8pBaGIw6ULCIIE5v94jCjjE05DVKHE8nmq8X_h9_hWw5B3QVov4VDAZke7x_IT0w7UdE2s3awsz8-3wKSFUttycSpj86FeDLIBGNtxaSp9Jji6_Yc9Vg72wgs0nYTpiInULiKHVt8WSbOskypNC7Npds6686Qk5ToUQWXQZTWlFbRMC5E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://user168014.psee.ly/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame E293 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvq_HNbUMLTmBSqGPHDCyvwlo7_b7tN1D12p3T4P-Osg4Wt0sHpBkW0QXcuK0k6Pn3Lto8j3LBVqxG67LM_5zpVmpf__ht1Gtp1k6T2LEaa7yJ-JFii68wdg0HrN4v1fQ9g17GBAHupcDWIr2O0C5-oexMe8yO0wih-hiI915Hi&sai=AMfl-YTomIqtbyPi9Psi3r3TSGPVB2qL36d2tRYGpx2OsmKbttdWeeK0yJXJb2S7krHTMxDea_h6mtorS6KSZrzPMxPJhSQZyVOqxNJtP12uxHiUiVjleEkqGI-Wt0w8LAHv&sig=Cg0ArKJSzHykAMv3Js1AEAE&id=lidar2&mcvt=1000&p=1150,640,1200,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220815&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2268667559&rs=4&la=0&cr=0&vs=4&r=v&rst=1660771773530&rpt=273&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Aug 2022 21:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery object| jQuery111108986098104997557 boolean| isTest boolean| isDropdown function| getDropdown function| getNotice function| setInvite function| logoutAllDomains function| showHideHTML object| _rmaxStyles$ object| _rmaxInlineStyles object| _rmaxScripts$ object| rmaxads object| googletag object| FB object| __buffer object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| google_image_requests

10 Cookies

Domain/Path Name / Value
.user168014.psee.ly/saadad-su Name: saadad-su
Value: 1
.user168014.psee.ly/saadad-su Name: /saadad-su
Value: 1
user168014.psee.ly/ Name: lang
Value: de-de
picsee.co/ Name: AWSELBCORS
Value: 857901F90A8FB9EC38D630240291ED2961407CD978EFFFC0A1C980BC8E147AE63853CF1068E072E56671A06125C5FEEF570259D843CB5952A5678474C4CD39FE60DF2DBEAA
.tenmax.io/ Name: uid
Value: af541930-1e73-11ed-adea-0fd5c24af355
.tenmax.io/ Name: wt
Value: 1
.psee.ly/ Name: __gads
Value: ID=ff2df9718241372e-2232520bfacd00cd:T=1660771773:S=ALNI_MaIgA5TghUmR35w9YX4ccKND5L0dw
.doubleclick.net/ Name: IDE
Value: AHWqTUmV7L6WmgBcGedsQRL0V6p4STtws7ZR5-jVHpB6Bu7mi4lzJtV0p-Z3QVPRXQA
.facebook.com/ Name: sb
Value: vl39YsBmyB4pwFx1gDxm6qXt
.facebook.com/ Name: fr
Value: 0F4KsDsnlE4Z4KyR3..Bi_V2-.KD.AAA.0.0.Bi_V2-.AWULmwbTimk

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27b4ba95841e10b469f1da349ae4701c.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
connect.facebook.net
dmp.tenmax.io
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
picsee.co
securepubads.g.doubleclick.net
ssp.tenmax.io
tenmax-static.cacafly.net
tpc.googlesyndication.com
user168014.psee.ly
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.98
211.21.190.218
2606:4700:10::ac43:1755
2606:4700::6812:bcf
2a00:1450:4001:806::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.232.159.123
3.232.36.56
0f88aa6a86e1c249375fe55f6e86e37be9fb13ac1ee3dde91987b8c07d2de9f1
241feef1d2da28be54a614da2249043001d75f6063187f6340df96fa623a2e8c
26d0f90d61032362f5d5ef64cd59edd5fb4c4535be3ea19e2c2ce3c3f79ac168
2a517916ca8a36e74aa1b4c1c23d6aa200c107ee8815c48ccd909eec7ba98597
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bfd186e336f08af91e68941c3912472c7a461ff7113b65860ce7d5efe0a1905
2efd714625e2b94acb5bf8f1ae2750bb893daaceff56b048a319e952f22eae82
46e2ce7ef30b1f501795fa0c984126d80e7e153ba2d2b522ff6d1e38db7a9188
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5d646dcef59facfa23efd6921abbed3bec147d1e7910e65cc1ad20acad489e52
60bf970d8a4b5a933e5d401be9a03144ea2f191a90ebe21b21c171fcc6bf07cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
722f9dfd2eda3f83b308fbbc13a882fa17dbeb9a1788a9087a65965282f15678
736d179c524bd5ceeec3beb0d5450ac420bc6465ee9978aa15d0ff9bc2ff4866
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82f0a2def08c2a38ac477f3cedc2042af7243baf38f16314d5b54dbbf6aec360
8990e165b03227058d14e045ff22c0d6aa04d04861e895ec2d05e6bccad5bd8a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
93b23044262887fc2d7651deb7749b1d5b9dd942922da55a84fec5dfb38e024f
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a3784e5738cf44ec107c3ab39598c1f7cab0efc54224c717bf79c3b9ff8d6ec7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b18131aa2662b044481d97a8687d2850e61f2a446c15706bd09459a5dcba15ea
b1b0541f82f31cab4d9c95f9e0ed760d579580a0dde81bfa342effb6c8b677d6
b253ffb5d335f8815bef247d88027bad153fd390c53bc0ed661a67930f94cdd4
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba56571edfd372fc443b244a37b66547eec5394209f1bc55848bb19b7ae2fe3
ec6b12879f38cab72f3d6fdfe7ed597dd339f674a2594687f0287bc9714e415f
edceb035e84230eff82a3c383e4f03e967a5ac3a2b9b0c9994bc0534ad0e4e5e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8cf83bab27c402c3fb52d7d7dbdfc2cd7c5958aa372eff4e86082faebf55bf
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f2bdb38871c75238340b8d25ea4ce6023ff045c1472e4bb47373faf66ffbcf5d
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82