urlscan.io logo urlscan.io
SecurityTrails logo

sidewinders.page.tl Open in urlscan Pro
193.238.27.24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sidewinders.page.tl/
Effective URL: https://sidewinders.page.tl/
Submission: On April 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 11 HTTP transactions. The main IP is 193.238.27.24, located in Germany and belongs to IPX-AS15598, DE. The main domain is sidewinders.page.tl.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.
This is the only time sidewinders.page.tl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 193.238.27.24 15598 (IPX-AS15598)
3 178.162.223.113 28753 (LEASEWEB-...)
1 146.185.171.17 14061 (DIGITALOC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 178.162.223.114 28753 (LEASEWEB-...)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 157.240.253.13 32934 (FACEBOOK)
11 8
1    193.238.27.24 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: page.tl
sidewinders.page.tl
3    178.162.223.113 (Ansbach, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com
theme.webme.com
wtheme.webme.com
1    146.185.171.17 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn.cookie-script.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    178.162.223.114 (Ansbach, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: img.webme.com
img.webme.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
yaserv.net
1    157.240.253.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-shv-02-fra5.facebook.com
web.facebook.com
Apex Domain
Subdomains		 Transfer
5 webme.com
theme.webme.com
img.webme.com — Cisco Umbrella Rank: 305240
wtheme.webme.com
98 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
91 KB
1 facebook.com
web.facebook.com — Cisco Umbrella Rank: 224
1 yaserv.net
yaserv.net
1 cookie-script.com
cdn.cookie-script.com — Cisco Umbrella Rank: 23123
33 KB
1 page.tl
sidewinders.page.tl
5 KB
11 6
Domain Requested by
2 wtheme.webme.com
2 img.webme.com sidewinders.page.tl
2 connect.facebook.net sidewinders.page.tl
connect.facebook.net
1 web.facebook.com connect.facebook.net
1 yaserv.net sidewinders.page.tl
1 cdn.cookie-script.com sidewinders.page.tl
1 theme.webme.com sidewinders.page.tl
1 sidewinders.page.tl
11 8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.own-free-website.com
Subject Issuer Validity Valid
page.tl
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh
misc.webme.com
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh
*.cookie-script.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-11 -
2024-07-25		 10 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-31 -
2024-04-30		 3 months crt.sh
img.webme.com
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh
yaserv.net
GTS CA 1P5		 2024-03-31 -
2024-06-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://sidewinders.page.tl/
Frame ID: FD128D3467F7CA11685A0EA42AEFD2BA
Requests: 16 HTTP requests in this frame

Frame: https://yaserv.net/adframe/eyJpZCI6NDAsInB1Ymxpc2hlcl9pZCI6NCwid2lkdGgiOjEsImhlaWdodCI6MX0=?ct=CLICKTRACKING
Frame ID: 47FB2813CB3B99B8EF7B7D8B7A2DCFDB
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/v11.0/plugins/like.php?action=like&app_id=339062219495910&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd45ba88ca0f95405%26domain%3Dsidewinders.page.tl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsidewinders.page.tl%252Ff400342163dbdbb1c%26relation%3Dparent.parent&container_width=1038&href=https%3A%2F%2Fsidewinders.page.tl%2Fhttp%253A%252F%252Fsidewinders.page.tl&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=120
Frame ID: 1FE7E16DAFD55EA38C57270596E41D2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

sidewinders - Homepage

Page URL History Show full URLs

  1. http://sidewinders.page.tl/ HTTP 307
    https://sidewinders.page.tl/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

11
Requests

100 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

8
IPs

2
Countries

226 kB
Transfer

611 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sidewinders.page.tl/ HTTP 307
    https://sidewinders.page.tl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sidewinders.page.tl/
Redirect Chain
  • http://sidewinders.page.tl/
  • https://sidewinders.page.tl/
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sidewinders.page.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.238.27.24 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS
page.tl
Software
nginx /
Resource Hash
582fed98b957e5d8a6037982d455352e16252c61f159042bb8cb7f1e1e47a712
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
0
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=ISO-8859-15
Date
Mon, 22 Apr 2024 19:16:11 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
Via
1.1 varnish-v4
X-Frame-Options
DENY
X-Varnish
666019515
X-wm-1
b5c15a4f00826b560de2380c0e08f5b7
X-wm-VIP
193.238.27.24
X-wm-req.backend
SitesGET
X-wm-req.backend.healthy
true
X-wm-req.restarts
0

Redirect headers

Location
https://sidewinders.page.tl/
Non-Authoritative-Reason
HttpsUpgrades
style.css
theme.webme.com/designs/flexible/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://theme.webme.com/designs/flexible/css/style.css
Requested by
Host: sidewinders.page.tl
URL: https://sidewinders.page.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Ansbach, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
daf3c668f974a9d8b1145c5a5ab9b7add34979e366cece3493ea6a9e26b63608

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sidewinders.page.tl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 19:16:12 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Content-Encoding
gzip
Last-Modified
Tue, 27 Oct 2020 14:05:25 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
86971
Vary
Accept-Encoding
Content-Type
text/css
X-Varnish
539334252, 672299522 646166255
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3004
Expires
Sun, 02 Jun 2024 19:06:40 GMT
df3a879e6e1e0b18501bae0d4fbe9a3c.js
cdn.cookie-script.com/s/ 		170 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookie-script.com/s/df3a879e6e1e0b18501bae0d4fbe9a3c.js
Requested by
Host: sidewinders.page.tl
URL: https://sidewinders.page.tl/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.171.17 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ba366dea4ed478ed8e3a31bbe4a6d46a5be86c7f63cd214d8d0afc04f17dcaad

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sidewinders.page.tl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 19:16:11 GMT
content-encoding
gzip
last-modified
Mon, 26 Feb 2024 12:22:23 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"341a9a9ecf6cce7acbc358d754cba93c"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: sidewinders.page.tl
URL: https://sidewinders.page.tl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d3ba343872595f08c4e3169dd14cc0333e8a2d18d615839e7f6ff794372584cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sidewinders.page.tl/
Origin
https://sidewinders.page.tl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Apr 2024 19:16:12 GMT
content-md5
5gHRZGLWPEAPRPk8DPYvkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1294, tbw=2765, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
/BuPqEd1O3Haq8L2IkO3uQyog8xaRUPQ3aYm/GBveNa+jsHwksPTItUhY0DWaltrOicIkgvp/xYpKNpmpkADUA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
1649b73bb45f036dc2ca58ec81ece7fe
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"bd75632cd433258ec88922cbcf8f8f92"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 22 Apr 2024 19:35:23 GMT
f.jpg
img.webme.com/pic/s/sidewinders/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/s/sidewinders/f.jpg
Requested by
Host: sidewinders.page.tl
URL: https://sidewinders.page.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Ansbach, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
216d3efdcd6b979ddec626fe14b27fcec8fb0bc58eb88c300542515248ba8e66

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sidewinders.page.tl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 19:16:12 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Sun, 11 Jan 2015 17:48:00 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
33
ETag
"54b2b750-fb3a"
X-Varnish
651250725, 680826671 680826280
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64314
eyJpZCI6NDAsInB1Ymxpc2hlcl9pZCI6NCwid2lkdGgiOjEsImhlaWdodCI6MX0=
yaserv.net/adframe/ Frame 47FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yaserv.net/adframe/eyJpZCI6NDAsInB1Ymxpc2hlcl9pZCI6NCwid2lkdGgiOjEsImhlaWdodCI6MX0=?ct=CLICKTRACKING
Requested by
Host: sidewinders.page.tl
URL: https://sidewinders.page.tl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sidewinders.page.tl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8787f268381a39e0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 22 Apr 2024 19:16:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLr2xSusnQ3pb%2FFDYIymCPVyRK4fQWUtvrgp6J9HnZcSlU2O32hsvQBC18DN%2Fx5y5U9PhJx88oyR%2B5qedUG%2BHkiG%2FSjF2xR8eaFVk8y1DE4Acisnfcol3oyrjefP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
532812_1045263745858.jpg
img.webme.com/pic/s/sidewinders/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.webme.com/pic/s/sidewinders/532812_1045263745858.jpg
Requested by
Host: sidewinders.page.tl
URL: https://sidewinders.page.tl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.114 Ansbach, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
img.webme.com
Software
nginx /
Resource Hash
36cd6e165a9b9a6e52d05c17f559bd2139165304bc8ac233d71e58984a1824bb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sidewinders.page.tl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 19:16:12 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Sun, 11 Jan 2015 17:48:00 GMT
Server
nginx
X-wm-VIP
193.238.27.18
Age
33
ETag
"54b2b750-7685"
X-Varnish
641753824, 672299526 672299122
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30341
sdk.js
connect.facebook.net/en_US/ 		304 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=9165d15943156cd72d52232c9c3874ae
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bf99ad84b80f9132ab7805a061c3a4af8ce01be5596398ee5b5b58f5cf3d57ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sidewinders.page.tl/
Origin
https://sidewinders.page.tl
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Apr 2024 19:16:12 GMT
content-md5
Soqyt10uIgO8Zcf+XS2mdg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89038
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=20, mss=1294, tbw=6441, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
fR2ui0sBA5UezFHEswlM+D3r9oofCSnUE6VhHZOZC+y8z3TFUzw6/+gl6Vs6SxpwC61OlZFwZXpJ8Axz9A0XiQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
116381cedaa3e49ca88a9aaae9d944d0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"d1ef41e992d464990c92f3760e628987"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 22 Apr 2025 17:42:08 GMT
like.php
web.facebook.com/v11.0/plugins/ Frame 1FE7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://web.facebook.com/v11.0/plugins/like.php?action=like&app_id=339062219495910&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd45ba88ca0f95405%26domain%3Dsidewinders.page.tl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fsidewinders.page.tl%252Ff400342163dbdbb1c%26relation%3Dparent.parent&container_width=1038&href=https%3A%2F%2Fsidewinders.page.tl%2Fhttp%253A%252F%252Fsidewinders.page.tl&layout=button_count&locale=en_US&sdk=joey&share=false&size=small&width=120
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=9165d15943156cd72d52232c9c3874ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-shv-02-fra5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sidewinders.page.tl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data: https://*.google-analytics.com *.google.com;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Mon, 22 Apr 2024 19:16:12 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
coop_report="https://web.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://web.facebook.com/browser_reporting/coep/?minimize=0", default="https://web.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=38, mss=1232, tbw=4279, tp=9, tpl=0, uplat=102, ullat=0
x-fb-debug
/uuKw7qcQnt2fCgSgmQHvmsDuuzFysYfADZeJAhLuGp07j3KkyTTcz9g5zYyXzyoBCOSf8BBIPNbtQ0mhORVpw==
x-xss-protection
0
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d42387631e2304003f2a38ee1a9272b97fbf8a113847408049fa3d56fff6323c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51b02447c0a2c81ebd506d442ee5ed654adbbbf51c5b93deeb2c71c8d3a99461

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f536fce1aaae1fb1642a19afca74b3c2bc6358760a34950560fba0b88747de5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ccbcc3b899abfc282dadce5b52a66abd23a93fd86e7d4ae0a5251f806c4cb49

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
057c66a21640a78f04e51f348a8a7397ec35b99aa16685f8998d22e5433604be

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
wtheme.webme.com/img/main/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wtheme.webme.com/img/main/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Ansbach, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
5b43874b6b309fd9d480d23cde3472c31cc0826676224c2dda5b4a52a59221a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sidewinders.page.tl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 19:16:14 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Wed, 04 Nov 2020 14:42:24 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
4546
Content-Type
image/x-icon
X-Varnish
650625786, 679341322 678494069
Cache-Control
max-age=3628800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1406
Expires
Mon, 03 Jun 2024 18:00:28 GMT
favicon.ico
wtheme.webme.com/img/main/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://wtheme.webme.com/img/main/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.223.113 Ansbach, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
misc.webme.com
Software
nginx /
Resource Hash
5b43874b6b309fd9d480d23cde3472c31cc0826676224c2dda5b4a52a59221a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://sidewinders.page.tl/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 19:16:14 GMT
Via
1.1 varnish-v4, 1.1 varnish-v4
Last-Modified
Wed, 04 Nov 2020 14:42:24 GMT
Server
nginx
X-wm-VIP
193.238.27.17
Age
4546
X-Varnish
650625786, 679341322 678494069
Content-Type
image/x-icon
Cache-Control
max-age=3628800
Accept-Ranges
bytes
Content-Length
1406
Expires
Mon, 03 Jun 2024 18:00:28 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 number| dateTimeOffset function| getElementsByClassNameLocalTimeWrapper function| HbLoadGoogleAdScript function| HbGtag function| HbHandleConsentUpdate object| dataLayer function| CookieScript function| gtag object| FB object| __buffer

6 Cookies

Domain/Path Name / Value
.sidewinders.page.tl/ Name: PHPSESSID
Value: 77ab07ec263a391131e754e15c4172b7
sidewinders.page.tl/ Name: CookieScriptConsent
Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_personalization":"targeting","ad_user_data":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"}}
osak.com/ Name: AWSALBCORS
Value: x/hkE8Wz4sW82IPT0h6pm9dyeR3PQrRWseEW0uDXt3jPbKdmGESVBeHU9uEe1TMZ2QFtHLfG+TfvhSO0V4iRMzInF495ryDcX7ypNK39XjNB8Rxwr89jIEhWdoIL
.secprf2.com/ Name: ykuid
Value: 70d915449ae1494ba62df3d4f676af5a
.awin1.com/ Name: aw14444
Value: 143466|0|0|1713813373|v030400014226d79a0dc7f9514a79b5e6966b5bc1f607-9fb9a0578dd84fadbefee1f722b2995d|aw|0
.awin1.com/ Name: bId
Value: HLEX_6626b77d56b630.37649527

8 Console Messages

Source Level URL
Text
other warning URL: https://sidewinders.page.tl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sidewinders.page.tl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sidewinders.page.tl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sidewinders.page.tl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sidewinders.page.tl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sidewinders.page.tl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://sidewinders.page.tl/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error
Message:
[Report Only] Refused to frame 'https://www.audible.de/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY