www.vbox.me Open in urlscan Pro
108.138.7.15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.vbox.me/
Effective URL:
https://www.vbox.me/
Submission: On November 25 via manual (November 25th 2022, 7:20:13 am UTC) from SE — Scanned from SE

Summary HTTP 41 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 9 domains to perform 41 HTTP transactions. The main IP is 108.138.7.15, located in United States and belongs to AMAZON-02, US. The main domain is www.vbox.me.
TLS certificate: Issued by Amazon on April 8th 2022. Valid for: a year.

This is the only time www.vbox.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.138.7.120 108.138.7.120	16509 (AMAZON-02) (AMAZON-02)
11	108.138.7.15 108.138.7.15	16509 (AMAZON-02) (AMAZON-02)
11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
4	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
9	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
41	10

1 108.138.7.120 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-120.fra56.r.cloudfront.net

www.vbox.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 108.138.7.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-15.fra56.r.cloudfront.net

www.vbox.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f104.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	261 KB
12	vbox.me 1 redirects www.vbox.me	458 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	38 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 339	17 KB
1	gstatic.com www.gstatic.com	14 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 178	48 KB
1	google.se adservice.google.se — Cisco Umbrella Rank: 77488	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	327 B
41	9

	Domain	Requested by
12	www.vbox.me	1 redirects www.vbox.me
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	www.vbox.me pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	ssl.google-analytics.com	www.vbox.me
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.se	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
41	11

This site contains links to these domains. Also see Links.

Domain
www.virtualbox.org
github.com
twitter.com
docs.getpelican.com
getbootstrap.com

Subject Issuer	Validity	Valid
vbox.me Amazon	`2022-04-08` - `2023-05-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.se GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.vbox.me/
Frame ID: 68EBB2F3A0866BB0AB5028C040DD621A
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: CE3E426768AEE193311D410DDAEA0360
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3468476659336672&output=html&adk=1812271804&adf=3025194257&lmt=1584436931&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.vbox.me%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669360803669&bpp=6&bdt=582&idt=288&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8350250811478&frm=20&pv=2&ga_vid=1307851320.1669360804&ga_sid=1669360804&ga_hid=493899000&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=1266799308846113&tmod=1560112318&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=384
Frame ID: B9C25F3838B8ECE3D57374EEEF34CEB7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3468476659336672&output=html&h=600&slotname=1944518788&adk=1532005955&adf=1815005083&pi=t.ma~as.1944518788&w=263&fwrn=4&fwrnh=100&lmt=1584436931&rafmt=1&format=263x600&url=https%3A%2F%2Fwww.vbox.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669360803676&bpp=13&bdt=589&idt=410&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8350250811478&frm=20&pv=1&ga_vid=1307851320.1669360804&ga_sid=1669360804&ga_hid=493899000&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=1266799308846113&tmod=1560112318&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PtZHV7VlGT&p=https%3A//www.vbox.me&dtd=472
Frame ID: 142DB7931BF925399716887540520D66
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
Frame ID: 2190DA6FE2EF5D53CC008FE7BAA300E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCC8FA0B271B1B2C9F0BF12E274BAAC3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DFEC2093F7A2791E75C433DA2C28A99C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portable-VirtualBox - Portable-VirtualBox

Page URL History Show full URLs

http://www.vbox.me/ HTTP 301
https://www.vbox.me/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

1
Countries

839 kB
Transfer

1471 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.virtualbox.org/
Title: www.virtualbox.org

Search URL Search Domain Scan URL

URL: https://github.com/vboxme/Portable-VirtualBox
Title: Source code from GitHub

Search URL Search Domain Scan URL

URL: https://twitter.com/PortableVirtual
Title: twitter.com/PortableVirtual

Search URL Search Domain Scan URL

URL: https://github.com/getpelican/pelican-themes/tree/master/pelican-bootstrap3
Title: pelican-bootstrap3

Search URL Search Domain Scan URL

URL: http://docs.getpelican.com/
Title: Pelican

Search URL Search Domain Scan URL

URL: http://getbootstrap.com/
Title: Bootstrap

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.vbox.me/ HTTP 301
https://www.vbox.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.vbox.me/
Redirect Chain

http://www.vbox.me/
https://www.vbox.me/

12 KB
12 KB

175ms
61ms

Document
text/html

108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b81c0bd742d775b49398388922443c3029233d315b24a549683cd15e273bef07

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 82662
content-length: 12018
content-type: text/html
date: Thu, 24 Nov 2022 08:22:21 GMT
etag: "fd74eeb942f9e5121522ec83e4ea97ca"
last-modified: Tue, 17 Mar 2020 09:22:11 GMT
server: AmazonS3
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
x-amz-cf-id: Z_upxl67ZU0AgmLyUWGkbu2e8Rt17SjjRyKZtZdQkcsNyv9Uos5syg==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Fri, 25 Nov 2022 07:20:02 GMT
Location: https://www.vbox.me/
Server: CloudFront
Via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
X-Amz-Cf-Id: M4ynqiNIvXxW8mJMYnUTCY5NWK3uuPIrcp-RtaA4RChUwh62itAwjg==
X-Amz-Cf-Pop: FRA56-P6
X-Cache: Redirect from cloudfront

GET
H2 200 bootstrap.min.css
www.vbox.me/theme/css/ 115 KB
115 KB 120ms
119ms Stylesheet
text/css 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vbox.me/theme/css/bootstrap.min.css
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:03 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1345
etag: "eedf9ee80c2faa4e1b9ab9017cdfcb88"
x-cache: Hit from cloudfront
content-type: text/css
content-length: 117305
x-amz-cf-id: 6tyuFDFMnajsBGZgbjuHY3lAQlPOKGzhEACfOTcBHBQV2JsPhVXQeg==

GET
H2 200 font-awesome.min.css
www.vbox.me/theme/css/ 30 KB
31 KB 71ms
71ms Stylesheet
text/css 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vbox.me/theme/css/font-awesome.min.css
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:03 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 8663
etag: "269550530cc127b6aa5a35925a7de6ce"
x-cache: Hit from cloudfront
content-type: text/css
content-length: 31000
x-amz-cf-id: Y1sPJJMBp1K1CuUo5beCvNGDpz2nDxeGJpgBnC0o2ybJWVHbehtdWQ==

GET
H2 200 native.css
www.vbox.me/theme/css/pygments/ 5 KB
5 KB 59ms
58ms Stylesheet
text/css 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vbox.me/theme/css/pygments/native.css
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02ec511a4d26d09eff6af15d81b01dab30bd691fc00836d9a3b89a906f975d34

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:22:22 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 82662
etag: "49c1eab197877fce88807b7cc4a779e8"
x-cache: Hit from cloudfront
content-type: text/css
content-length: 4732
x-amz-cf-id: Sc6QWEhvhlbL-zoDj5YxamZlt6711qzmj1fEsmOBBW1iNi-eqN9CDA==

GET
H2 200 style.css
www.vbox.me/theme/css/ 4 KB
4 KB 186ms
185ms Stylesheet
text/css 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vbox.me/theme/css/style.css
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc19ac024bbf4efff9a6fe490ef85aaec04378b5becd2fa3597020c15de498c8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:03 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 8663
etag: "e938fe1fc0640e4dfee3eede9d7521fe"
x-cache: Hit from cloudfront
content-type: text/css
content-length: 4249
x-amz-cf-id: hyOmYZA8e55VDSvotmWBx2897AWGzNHsyVfBJhyLabqP2AJxWQiu5Q==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 265ms
121ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.vbox.me
URL: https://www.vbox.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

2a75e4fa103267a29d2441d3119d3703f9253393fc65be8eebef1f8f0dab0366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49158
x-xss-protection: 0
server: cafe
etag: 4811474782636338763
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 07:20:03 GMT

GET
H2 200 PortableVirtualBoxInstaller1.png
www.vbox.me/images/ 44 KB
45 KB 140ms
137ms Image
image/png 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vbox.me/images/PortableVirtualBoxInstaller1.png
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b2119a8a7fcb04afbad9e6000a7611c82ba27faca19e66d34a0c77c9e2e0e4b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:03 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 8662
etag: "3185659755bc1329a337d6b540de623c"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 45433
x-amz-cf-id: _nIqQFPL0nh06SFKTJJV3cLKIY8kbkhJpRri90sYWOxt2yfpoh9qlQ==

GET
H2 200 PortableVirtualBoxConfiguration.png
www.vbox.me/images/ 45 KB
46 KB 118ms
117ms Image
image/png 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vbox.me/images/PortableVirtualBoxConfiguration.png
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ebd5153ae528010cade8707b7b51e242cedb5b4b8250392ff9b85a0643a61920

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:03 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 2971
etag: "fcc0aa0aa4538ff3e4c2fa87878e0ead"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 46290
x-amz-cf-id: osSwcNkctcoNf9U3YL7tMKd8Kb5rMAtr-mP2XqvHcuD52kTZr8nkWg==

GET
H2 200 jquery.min.js Show response
www.vbox.me/theme/js/ 85 KB
85 KB 63ms
62ms Script
application/javascript 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vbox.me/theme/js/jquery.min.js
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:03 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 7477
etag: "a09e13ee94d51c524b7e2a728c7d4039"
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 86927
x-amz-cf-id: o1gMIOnIHdHlYtd1XdUe3fwwfPnItm7nnt-l2MixP2idj5hNXOy18w==

GET
H2 200 bootstrap.min.js Show response
www.vbox.me/theme/js/ 35 KB
35 KB 96ms
93ms Script
application/javascript 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vbox.me/theme/js/bootstrap.min.js
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:37:15 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 81769
etag: "8c237312864d2e4c4f03544cd4f9b195"
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 35951
x-amz-cf-id: ERqpWkmgYEDuI-OIIglXd4HHA3h4A4j_sU1xcC_oN9V9UbNvKoZ53A==

GET
H2 200 respond.min.js Show response
www.vbox.me/theme/js/ 4 KB
4 KB 116ms
114ms Script
application/javascript 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vbox.me/theme/js/respond.min.js
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 355d46f5be4da4152052ca59d5d1f3984c7fdc7e8c54e7c18cd545ce8215717f

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:22:22 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 82662
etag: "cf5c9b7980e53d7c5edd8cd220081537"
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 4047
x-amz-cf-id: ivR5zGWsjgSpJnZYA_lPQ1dhCGYeV4DpB_0w7jzpt4RXia9vkYUXwg==

GET
H2 200 fontawesome-webfont.woff2
www.vbox.me/theme/fonts/ 75 KB
76 KB 67ms
67ms Font
font/woff2 108.138.7.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vbox.me/theme/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.vbox.me
URL: https://www.vbox.me/theme/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-15.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.vbox.me/theme/css/font-awesome.min.css
Origin: https://www.vbox.me
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 08:13:13 GMT
via: 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
last-modified: Tue, 02 Jul 2019 17:15:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 83211
etag: "af7ae505a9eed503f8b8e6982036873e"
x-cache: Hit from cloudfront
content-type: font/woff2
content-length: 77160
x-amz-cf-id: KMzAYiMQZB2-ybOvkvursdV7nM7cZg61NEKvmVWpBBw2NWzlGaTkbQ==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 201ms
61ms Script
text/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.vbox.me
URL: https://www.vbox.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f104.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 05:51:04 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5339
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 25 Nov 2022 07:51:04 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 355 KB
117 KB 136ms
135ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3468476659336672&plah=www.vbox.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

f2bf3d71b2190ac0b830827d4708efb8090bab678c2e79fb5650cb6604c70601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 8421474708157782295
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Nov 2022 07:20:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame CE3E 10 KB
5 KB 244ms
58ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vbox.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 55398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 24 Nov 2022 15:56:45 GMT
etag: 10353107486223812946
expires: Thu, 08 Dec 2022 15:56:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 200ms
71ms Image
image/gif 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1181158812&utmhn=www.vbox.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Portable-VirtualBox%20-%20Portable-VirtualBox&utmhid=493899000&utmr=-&utmp=%2F&utmht=1669360803872&utmac=UA-23621509-1&utmcc=__utma%3D238257607.1307851320.1669360804.1669360804.1669360804.1%3B%2B__utmz%3D238257607.1669360804.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=356116114&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.vbox.me
URL: https://www.vbox.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f104.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 07:20:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 381 B
327 B 107ms
68ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.vbox.me&callback=_gfp_s_&client=ca-pub-3468476659336672&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3468476659336672&plah=www.vbox.me

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

aa3f52bb95bb04b33289f8d8d65ea7261a4684a41a28cefb7fbdaf5432a16504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
792 B 237ms
67ms Script
application/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=www.vbox.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 207ms
68ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vbox.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 107ms
107ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.vbox.me%2F&tn=DIV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.vbox.me
URL: https://www.vbox.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 07:20:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B9C2 0
19 B 317ms
195ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3468476659336672&output=html&adk=1812271804&adf=3025194257&lmt=1584436931&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.vbox.me%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669360803669&bpp=6&bdt=582&idt=288&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8350250811478&frm=20&pv=2&ga_vid=1307851320.1669360804&ga_sid=1669360804&ga_hid=493899000&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=1266799308846113&tmod=1560112318&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=384

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vbox.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 07:20:04 GMT
expires: Fri, 25 Nov 2022 07:20:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 142D 92 KB
33 KB 565ms
516ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3468476659336672&output=html&h=600&slotname=1944518788&adk=1532005955&adf=1815005083&pi=t.ma~as.1944518788&w=263&fwrn=4&fwrnh=100&lmt=1584436931&rafmt=1&format=263x600&url=https%3A%2F%2Fwww.vbox.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669360803676&bpp=13&bdt=589&idt=410&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8350250811478&frm=20&pv=1&ga_vid=1307851320.1669360804&ga_sid=1669360804&ga_hid=493899000&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=1266799308846113&tmod=1560112318&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PtZHV7VlGT&p=https%3A//www.vbox.me&dtd=472

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

e5755e3c37c193b5d3f558cd93f44a6437dd72f311c2b5c0c120dec374c0be35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vbox.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33942
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 07:20:04 GMT
expires: Fri, 25 Nov 2022 07:20:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 142D 225 B
355 B 501ms
43ms Image
image/png 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3468476659336672&output=html&h=600&slotname=1944518788&adk=1532005955&adf=1815005083&pi=t.ma~as.1944518788&w=263&fwrn=4&fwrnh=100&lmt=1584436931&rafmt=1&format=263x600&url=https%3A%2F%2Fwww.vbox.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669360803676&bpp=13&bdt=589&idt=410&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8350250811478&frm=20&pv=1&ga_vid=1307851320.1669360804&ga_sid=1669360804&ga_hid=493899000&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=1266799308846113&tmod=1560112318&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PtZHV7VlGT&p=https%3A//www.vbox.me&dtd=472

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 19:12:37 GMT
x-content-type-options: nosniff
server: cafe
age: 43648
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 25 Nov 2022 19:12:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 142D 2 KB
846 B 360ms
27ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 11:55:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 11:55:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 142D 0
0 383ms
210ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMXIUpGyAY6CVEJDAY6rUtogC5ZznyG3_z4zH2BCklaa1gg8QASD76pB4YPkFoAGX88b-KMgBAakCmCP7z1x3sT6oAwHIA8sEqgTEAU_Q-Vtgrb-05uBISPoA_UL8ub44mTef-b_KcR7se7OibOUYh-q0qp5LDg6tHbIWr2mNKe3qEV3BoTSSpRwGHFqoqSrRpTWZSwZpcZqUABkmcZ6wrYZZ19XI9OPSlOcyUsGymWNxqFBEMkISw3jpOyrB076rPenuixNYWWmlTs5_sBqnSfEqfBuplMjdsi9IlSy9255AyiSLFpMin3VxyjfBnzLEDHmegZMQzindFNo6h2ii1kyCq9DR4_XrNl0G21fz1uHABO_-tOKTBJIFBAgEGAGSBQQIBRgEoAYCgAeXq5feA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOuhDNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zNDY4NDc2NjU5MzM2NjcyGAA&sigh=ViX_DNH8n5Y&uach_m=[UACH]&cid=CAQSGwDq26N9YNuxButnYxvoLgF3j_vK_rm6TNlpIxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3468476659336672&output=html&h=600&slotname=1944518788&adk=1532005955&adf=1815005083&pi=t.ma~as.1944518788&w=263&fwrn=4&fwrnh=100&lmt=1584436931&rafmt=1&format=263x600&url=https%3A%2F%2Fwww.vbox.me%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669360803676&bpp=13&bdt=589&idt=410&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8350250811478&frm=20&pv=1&ga_vid=1307851320.1669360804&ga_sid=1669360804&ga_hid=493899000&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706&oid=2&pvsid=1266799308846113&tmod=1560112318&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=PtZHV7VlGT&p=https%3A//www.vbox.me&dtd=472
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 25 Nov 2022 07:20:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Nov 2022 07:20:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 142D 23 KB
10 KB 309ms
0ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Dec 2022 07:15:22 GMT

GET
H2 200 9189981713870143124
tpc.googlesyndication.com/daca_images/simgad/ Frame 142D 22 KB
23 KB 408ms
138ms Image
image/jpeg 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9189981713870143124?w=360&h=640

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

ff8f94d7330b309130a5e10f9fbfb748e3493e58dc24a5d3be46342e245799be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:05 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22895
x-xss-protection: 0
last-modified: Sun, 13 Nov 2022 03:59:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 02 Dec 2022 07:20:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 142D 3 KB
1 KB 138ms
4ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 20:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 20:49:36 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 142D 18 KB
7 KB 133ms
0ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 16:34:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Dec 2022 16:34:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 142D 154 KB
48 KB 583ms
128ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 07:20:05 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame 142D 34 KB
14 KB 536ms
88ms Script
text/javascript 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 00:39:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:08:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 20 Feb 2023 00:39:21 GMT

GET
DATA 200
OK truncated
/ Frame 142D 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a78f4100e6e466dc5f276ab4140092c81c460dd0940f6201f02f68c5f7ffce8

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 256ms
110ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a2cbe42afd8238aa60c3a3a18276694d679df1edab39a5946fbc10afbb7f2d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2190 36 KB
16 KB 78ms
69ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 18:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 18:11:18 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 240ms
71ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Nov 2022 07:20:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCC8 13 KB
5 KB 73ms
72ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.vbox.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 07:15:31 GMT
expires: Sat, 25 Nov 2023 07:15:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DFEC 783 B
1 KB 969ms
106ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

5551d0872bdcab89958370e02473fc9cb768b45d6cd7591af70a6c0d6f99bd98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cc6ENfMOehXqvR4ERaNhAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.vbox.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-cc6ENfMOehXqvR4ERaNhAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Nov 2022 07:20:08 GMT
expires: Fri, 25 Nov 2022 07:20:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js Show response
pagead2.googlesyndication.com/bg/ Frame CCC8 36 KB
16 KB 69ms
69ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 18:11:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Nov 2023 18:11:18 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 142D 42 B
64 B 110ms
102ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusTXodjYpKqSwf9e_9eLhQy1dTADNs0ECEIqE_W1LWCPtyVBWWDVTK4ZFv4KTGaYPPUF8ye1uN1P0_8KdCIENSo0hLsqKCa18CpxFhgvWErW2SgV94eFnpvMHPhVxxLVUr5AI&sai=AMfl-YSoG1W7EVOLycB5K7dOIVWrc1q75s5XJ1lhMh3bXgNivuE1o3zvkjHSsB0-7NfKEyQI-BRDltCVQMHs5-0&sig=Cg0ArKJSzPWikiQBWPQxEAE&cid=CAQSGwDq26N9YNuxButnYxvoLgF3j_vK_rm6TNlpIxgBIBM&id=lidar2&mcvt=1000&p=0,0,600,263&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1532005955&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669360804154&rpt=2176&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Nov 2022 07:20:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DFEC 0
0 89ms
88ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1266799308846113&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CCC8 0
10 B 92ms
91ms Image
text/plain 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?E6BT2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 25 Nov 2022 07:20:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 104ms
99ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1266799308846113&bg=!goGlgcXNAAbvMpMzzzI7ACkAdvg8WgsTxb-DqNcr3cisIjw89pyCw8rl0dWSyJuvXLP12Cwc1mAl2gIAAAJ_UgAAAAVoAQcKAEvlf9EUjk2seC2ypY8kjzNNdvM3Fptix6guIRGICOpSTMxsXrpMdQt0XLq1j2OPQQsiFLUgAZgD9NetDa92dUjHcpP3LLEcgbLMiHqZAqdshjN_YWBua3yp6-nkxSUvk5BmS0OwvOyvzeO_cJYcI1UNYGmP9afhksOkxW8ZJa_InR3i5HlbtRxAgQX3g9uzHSZIvoAmnRmCLC93trVtegTAboR3E48evVJZJ_kMPsJGonh__zIUpPeEqcEXYXmXbEGBoOpapOkmFJ6U3UrJF2QT9Bbw3ySbMVjYZ2S1am0rckoDaq3Vi0DkcPGnfXLuY8dGwOQ9C6gpFTCLb5-vnSOODdWLq4pCBbL71yiMdTe0hWImN-p39NsIx0-2SHS-51cC7YCai3EY-xAp-Zn8R32-1balFbGDgOQZ7ncTOyQzX9IKD1lhnqVzuhsBOMCMlCgJi9D2BmIW9shV4yUamqJYFlHayPqVUWXg6nwDzotv8vhoaS3gUX5n7vJfcy6C84RinqdoAo1kyPIhKlrZBg5CBh9CvMklFReNLO5u7QDTvpc_KfQyOiinORyBDZRG7Y4TcFzE5dqPA-KRGtTtUDQRPy_N2Gi-AUPj5V-orAp850xlAZ2FeLUTPl_ExSWF_pgE4KUk6NsPxIu_miyLvSwNejLyMe_P6diH5mg4xZTaYrienZHALSdZugM0dXMhuaQz5TduDqntkO2-hpBSzbcHB2iHuP8ZHEpjvfLXO-YOEkLc_5dP2OJqHs7FY7HkEmk55FvzrZvOMEjczwjiS7aewdGR4PqIFbN7OCE0bM9F-2ivKT1joGG_U9KbHpOekqDhCIwl-3OZbssqOxumIGfJnu1XgIUKQmALFzriPU4y-hsNnbkqX17Py_MvnemGCvNk-lv9if5DPBaWF396WgEQN_MDnAIRI519QVNbl5Yn_vO_MFDoZV3NNkk3uEeLMizbOmvwE1jcjfJJBXm2tkn7yd0A7zK6nJGb4twkrikmcy11TXqA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.vbox.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vbox.me/	1970-01-20 17:18:40	Name: __utma Value: 238257607.1307851320.1669360804.1669360804.1669360804.1
.vbox.me/	1969-12-31 23:59:59	Name: __utmc Value: 238257607
.vbox.me/	1970-01-20 12:05:28	Name: __utmz Value: 238257607.1669360804.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.vbox.me/	1970-01-20 07:42:41	Name: __utmt Value: 1
.vbox.me/	1970-01-20 07:42:42	Name: __utmb Value: 238257607.1.10.1669360804
.vbox.me/	1970-01-20 17:04:16	Name: __gads Value: ID=bad1ad08d5439c27-22d4656587d7007a:T=1669360804:RT=1669360804:S=ALNI_MZJqkqf0IsXS0tGm5WM3WlgFn1qZw
.vbox.me/	1970-01-20 17:04:16	Name: __gpi Value: UID=00000b86c49128b5:T=1669360804:RT=1669360804:S=ALNI_MZKspoGnlJAMMqIvlcUjCI0oNn0Iw
.doubleclick.net/	1970-01-20 17:04:16	Name: IDE Value: AHWqTUmMvY4jMiLdslzS9rwu6aWufxpN10cbx03KAe3F2THf71mHMiiUmPgL7pro8to

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.se
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.vbox.me
108.138.7.120
108.138.7.15
142.250.181.225
142.250.185.132
142.250.185.66
142.250.185.98
172.217.18.2
172.217.18.99
172.217.23.104
216.58.212.130
02ec511a4d26d09eff6af15d81b01dab30bd691fc00836d9a3b89a906f975d34
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b2119a8a7fcb04afbad9e6000a7611c82ba27faca19e66d34a0c77c9e2e0e4b
2a75e4fa103267a29d2441d3119d3703f9253393fc65be8eebef1f8f0dab0366
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33724c87393fdef4c5f24d22efb12c7f11884c4990ffd634e31e4f4c4baa42f7
355d46f5be4da4152052ca59d5d1f3984c7fdc7e8c54e7c18cd545ce8215717f
5551d0872bdcab89958370e02473fc9cb768b45d6cd7591af70a6c0d6f99bd98
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a78f4100e6e466dc5f276ab4140092c81c460dd0940f6201f02f68c5f7ffce8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a2cbe42afd8238aa60c3a3a18276694d679df1edab39a5946fbc10afbb7f2d75
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa3f52bb95bb04b33289f8d8d65ea7261a4684a41a28cefb7fbdaf5432a16504
b81c0bd742d775b49398388922443c3029233d315b24a549683cd15e273bef07
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
dc19ac024bbf4efff9a6fe490ef85aaec04378b5becd2fa3597020c15de498c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5755e3c37c193b5d3f558cd93f44a6437dd72f311c2b5c0c120dec374c0be35
ebd5153ae528010cade8707b7b51e242cedb5b4b8250392ff9b85a0643a61920
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f2bf3d71b2190ac0b830827d4708efb8090bab678c2e79fb5650cb6604c70601
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
ff8f94d7330b309130a5e10f9fbfb748e3493e58dc24a5d3be46342e245799be

www.vbox.me Open in urlscan Pro 108.138.7.15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

10 IPs

1 Countries

839 kBTransfer

1471 kBSize

8 Cookies

6 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vbox.me Open in urlscan Pro
108.138.7.15 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

1
Countries

839 kB
Transfer

1471 kB
Size

8
Cookies

41 HTTP transactions
1 data transactions