urlscan.io logo urlscan.io
SecurityTrails logo

us-manhattan.bedpage.com Open in urlscan Pro
192.124.249.140  Public Scan

Go To Rescan Add Verdict Report
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Submission: On October 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 8 domains to perform 33 HTTP transactions. The main IP is 192.124.249.140, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is us-manhattan.bedpage.com.
TLS certificate: Issued by R3 on September 21st 2022. Valid for: 3 months.
This is the only time us-manhattan.bedpage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    192.124.249.140 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10140.sucuri.net
us-manhattan.bedpage.com
www.bedpage.com
13    138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com
amazonaws1.b-cdn.net
5    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4014:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 b-cdn.net
amazonaws1.b-cdn.net — Cisco Umbrella Rank: 483037
574 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
539 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
27 KB
3 bedpage.com
us-manhattan.bedpage.com
www.bedpage.com — Cisco Umbrella Rank: 455094
16 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
20 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6045
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
448 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
42 KB
33 8
Domain Requested by
13 amazonaws1.b-cdn.net us-manhattan.bedpage.com
amazonaws1.b-cdn.net
6 www.gstatic.com www.google.com
www.gstatic.com
5 www.google.com us-manhattan.bedpage.com
www.gstatic.com
www.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 us-manhattan.bedpage.com us-manhattan.bedpage.com
1 fonts.gstatic.com www.google.com
1 www.google.de us-manhattan.bedpage.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.bedpage.com us-manhattan.bedpage.com
1 www.googletagmanager.com us-manhattan.bedpage.com
33 10
Subject Issuer Validity Valid
*.bedpage.com
R3		 2022-09-21 -
2022-12-20		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2021-11-07 -
2022-11-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Frame ID: 600F8A1CFC22861425DD7AD9D5853CDA
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8&co=aHR0cHM6Ly91cy1tYW5oYXR0YW4uYmVkcGFnZS5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=96fgcw3ogg5q
Frame ID: 761069C5C2945B30834C8874C1A154F8
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8
Frame ID: A5CC00A2EB255CB34FD51E6115DE6084
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

347-761-8805 | 🍄🍄🍄young pretty girls🌹🌹🌹100%real photo🌹🌹🌹gfe🌺🌺🌺🌺 - bedpage.com

Page URL History Show full URLs

  1. https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html Page URL
  2. https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

33
Requests

100 %
HTTPS

78 %
IPv6

8
Domains

10
Subdomains

10
IPs

4
Countries

1219 kB
Transfer

2260 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html Page URL
  2. https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
22559762.html
us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.140 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10140.sucuri.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-security-policy
upgrade-insecure-requests;
content-type
text/html
date
Tue, 18 Oct 2022 15:56:23 GMT
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-id
19040
x-xss-protection
1; mode=block
Primary Request 22559762.html
us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/ 		34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.140 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10140.sucuri.net
Software
nginx /
Resource Hash
2477e547c5210f190b59016a94431894bece03a053f4e458f44b67f591d560ca
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
8351
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Tue, 18 Oct 2022 15:56:24 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
MISS
x-sucuri-id
19040
x-xss-protection
1; mode=block
Global.css
amazonaws1.b-cdn.net/styles/ 		78 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amazonaws1.b-cdn.net/styles/Global.css
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
979dc7da05dbb44deb4d8890b4bb26205228d17b0f31cbbd355bc04f3c4927f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
content-encoding
br
cdn-edgestorageid
832
cdn-storageserver
DE-198
cdn-cachedat
09/18/2022 13:28:41
cdn-pullzone
917209
last-modified
Sun, 18 Sep 2022 13:13:12 GMT
server
BunnyCDN-DE-832
cdn-fileserver
453
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
W/"63271968-13725"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
4e4ca3c4cab82b69c4501623fc52e2a9
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
change.css
amazonaws1.b-cdn.net/styles/ 		785 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amazonaws1.b-cdn.net/styles/change.css
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
e36950d27cd33129295f8ee38e18985d443cd47f4b6320768e5b7d9d23fbfb15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
content-encoding
br
cdn-edgestorageid
832
cdn-storageserver
DE-167
cdn-cachedat
09/29/2022 20:16:08
cdn-pullzone
917209
last-modified
Fri, 02 Sep 2022 05:27:14 GMT
server
BunnyCDN-DE-832
cdn-fileserver
434
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
W/"63119432-311"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
cc5f9137371cf2248a3e3d071af993df
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
jquery-1.7.2.min.js
amazonaws1.b-cdn.net/scripts/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazonaws1.b-cdn.net/scripts/jquery-1.7.2.min.js
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
5309ca3e99da2e0fa0de2575ea750847db37fd4f4f1dbbda2a513268c702ace3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
content-encoding
br
cdn-edgestorageid
832
cdn-storageserver
DE-165
cdn-cachedat
09/02/2022 08:24:19
cdn-pullzone
917209
last-modified
Fri, 02 Sep 2022 05:27:02 GMT
server
BunnyCDN-DE-832
cdn-fileserver
442
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
W/"63119426-16eae"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
9ef22c5ad45a1c1d9994ab22215cac03
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
global-compiled.js
amazonaws1.b-cdn.net/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazonaws1.b-cdn.net/scripts/global-compiled.js?4
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
56c8d99f455ae41727cc804130bed55f410483027ba9115ba598124bad53a9ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
content-encoding
br
cdn-edgestorageid
832
cdn-storageserver
DE-197
cdn-cachedat
09/03/2022 17:47:13
cdn-pullzone
917209
last-modified
Fri, 02 Sep 2022 05:26:57 GMT
server
BunnyCDN-DE-832
cdn-fileserver
413
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
W/"63119421-e15"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
4c44536564af95b3a94e5cab65071796
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
sidebar.js
amazonaws1.b-cdn.net/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amazonaws1.b-cdn.net/scripts/sidebar.js
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
43a49d95d6c92163706f0355c0d92ee0295fd963d71f0e5eb1dce3245d827dac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
content-encoding
br
cdn-edgestorageid
832
cdn-storageserver
DE-200
cdn-cachedat
09/29/2022 21:07:56
cdn-pullzone
917209
last-modified
Fri, 02 Sep 2022 05:27:00 GMT
server
BunnyCDN-DE-832
cdn-fileserver
364
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
W/"63119424-9b2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
a37980ef6cfee8f4bb9f5814c0dd9c46
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
api.js
www.google.com/recaptcha/ 		850 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Tue, 18 Oct 2022 15:56:23 GMT
bump.gif
amazonaws1.b-cdn.net/images/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazonaws1.b-cdn.net/images/bump.gif
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
92901c9c907cadd168a24f38fef00af554f21fcf32afcc9bb0b9d891b4b3efa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
cdn-edgestorageid
832
cdn-storageserver
DE-164
cdn-cachedat
09/30/2022 03:01:55
cdn-pullzone
917209
content-length
42933
last-modified
Fri, 02 Sep 2022 05:13:10 GMT
server
BunnyCDN-DE-832
cdn-fileserver
380
cdn-requestpullcode
206
cdn-proxyver
1.02
content-type
image/gif
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
21faa9c5c5ae5384579d69c36beb58f7
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
swith-lang.js
amazonaws1.b-cdn.net/scripts/ 		468 B
800 B 		Script
General
Check archive.org
Download Go to
Full URL
https://amazonaws1.b-cdn.net/scripts/swith-lang.js
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
7e9c3e3a59b670e2956afc2e4250a4bb45d240dd5640b44732ae764932ddd1c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
content-encoding
br
cdn-edgestorageid
832
cdn-storageserver
DE-167
cdn-cachedat
09/03/2022 19:04:03
cdn-pullzone
917209
last-modified
Fri, 02 Sep 2022 05:27:02 GMT
server
BunnyCDN-DE-832
cdn-fileserver
413
cdn-requestpullcode
200
cdn-proxyver
1.02
etag
W/"63119426-1d4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
1dac1cefe5aa6e5fe9a736e4f132962f
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/ 		108 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-152535662-1
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
56b02cfc010bfdfcdaa737c85ca8bc070b409e01570ca56a5ddbba81851c3490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43029
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:30:05 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Oct 2022 15:56:23 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://us-manhattan.bedpage.com/
Origin
https://us-manhattan.bedpage.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 14:53:15 GMT
logow.png
www.bedpage.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bedpage.com/images/logow.png
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.140 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10140.sucuri.net
Software
nginx /
Resource Hash
78d57569738f81b58b28972b0ebecc7cc4f1956199a9f0ac5ea5af6e3fd0bdc1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 15:56:24 GMT
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-sucuri-cache
HIT
cache-control
max-age=315360000
x-sucuri-id
19040
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4586
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
select-icon-blue.png
amazonaws1.b-cdn.net/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazonaws1.b-cdn.net/images/select-icon-blue.png
Requested by
Host: amazonaws1.b-cdn.net
URL: https://amazonaws1.b-cdn.net/styles/Global.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
ebb376b753dca098a59e9161901ea0b809662e65c84024c9f100e50a6525e86f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amazonaws1.b-cdn.net/styles/Global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
cdn-edgestorageid
832
cdn-storageserver
DE-167
cdn-cachedat
09/02/2022 08:39:29
cdn-pullzone
917209
content-length
18375
last-modified
Fri, 02 Sep 2022 05:13:18 GMT
server
BunnyCDN-DE-832
cdn-fileserver
440
cdn-requestpullcode
206
cdn-proxyver
1.02
content-type
image/png
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
faed09453e683b08336ad92cee74179b
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
851988f9f1c90a33f63270b561e13eb5.jpeg
amazonaws1.b-cdn.net/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazonaws1.b-cdn.net/851988f9f1c90a33f63270b561e13eb5.jpeg
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
2416031bd1f3e12b007c0e5737517455f4dbb114c5163f41fcb17fb85041e36c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:24 GMT
cdn-edgestorageid
832
cdn-storageserver
DE-169
cdn-cachedat
10/18/2022 15:56:24
cdn-pullzone
917209
content-length
94872
last-modified
Fri, 07 Oct 2022 16:56:06 GMT
server
BunnyCDN-DE-832
cdn-fileserver
454
cdn-requestpullcode
206
cdn-proxyver
1.02
content-type
image/jpeg
cdn-cache
MISS
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
d632d8100732826256b8034129f52c76
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
8847c157542797b3426f5021a0d128d2.jpeg
amazonaws1.b-cdn.net/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazonaws1.b-cdn.net/8847c157542797b3426f5021a0d128d2.jpeg
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
b36833e69bbec8fb3ebcaf0dbae07bd5849af464441b5c824810ff8945f77b70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:24 GMT
cdn-edgestorageid
832
cdn-storageserver
DE-165
cdn-cachedat
10/18/2022 15:56:23
cdn-pullzone
917209
content-length
98294
last-modified
Fri, 02 Sep 2022 06:23:31 GMT
server
BunnyCDN-DE-832
cdn-fileserver
442
cdn-requestpullcode
206
cdn-proxyver
1.02
content-type
image/jpeg
cdn-cache
MISS
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
910984e24d7e436df53188eb272436b8
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
8181c92c7ad20bff02561a52a0ff2f08.jpeg
amazonaws1.b-cdn.net/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazonaws1.b-cdn.net/8181c92c7ad20bff02561a52a0ff2f08.jpeg
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
b3dd54fb29c698c7eaccc28a086be3f74c437d47f09a9cf67fdfb643e499cfc7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
cdn-edgestorageid
832
cdn-storageserver
DE-199
cdn-cachedat
10/17/2022 22:55:05
cdn-pullzone
917209
content-length
96694
last-modified
Tue, 13 Sep 2022 03:13:39 GMT
server
BunnyCDN-DE-832
cdn-fileserver
451
cdn-requestpullcode
206
cdn-proxyver
1.02
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
eeba0b20e0e55816ca47e700a23d5b8c
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
582019de419db16507b922fa16d86017.jpeg
amazonaws1.b-cdn.net/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazonaws1.b-cdn.net/582019de419db16507b922fa16d86017.jpeg
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
5c79b4d62cb9ad8ae5ea012ef8d9e5bdd120f906d7bb53465cd5721832b1ab8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
cdn-edgestorageid
832
cdn-storageserver
DE-51
cdn-cachedat
10/18/2022 15:51:19
cdn-pullzone
917209
content-length
132991
last-modified
Mon, 05 Sep 2022 08:00:28 GMT
server
BunnyCDN-DE-832
cdn-fileserver
404
cdn-requestpullcode
206
cdn-proxyver
1.02
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
7777d1f0a7044a6f1c99400cf49f1193
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
48e1b61d293a0cbe4e5a361caf960562.jpg
amazonaws1.b-cdn.net/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amazonaws1.b-cdn.net/48e1b61d293a0cbe4e5a361caf960562.jpg
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
72e2e6c0f25d467f71b9e84a287d67ad3396ba629d8e521c10febee7a26a6c25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:23 GMT
cdn-edgestorageid
832
cdn-storageserver
DE-167
cdn-cachedat
10/18/2022 15:51:19
cdn-pullzone
917209
content-length
38817
last-modified
Tue, 04 Oct 2022 22:09:06 GMT
server
BunnyCDN-DE-832
cdn-fileserver
334
cdn-requestpullcode
206
cdn-proxyver
1.02
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
7a5bc1ef-c9e4-44b3-b6d0-bc5ec27f6977
cache-control
public, max-age=2592000
cdn-requestid
058c311fbd91c2c5c9cfc97a01b01bb3
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152535662-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Oct 2022 15:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3264
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 18 Oct 2022 17:01:59 GMT
anchor
www.google.com/recaptcha/api2/ Frame 7610 		45 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8&co=aHR0cHM6Ly91cy1tYW5oYXR0YW4uYmVkcGFnZS5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=96fgcw3ogg5q
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
37e935c31ee4c22e8c3dad60e7412446dbb6e69bb5eec55de673815d8250f740
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DYtt5S6jHyd_qKF-neDJbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us-manhattan.bedpage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
24395
content-security-policy
script-src 'report-sample' 'nonce-DYtt5S6jHyd_qKF-neDJbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Oct 2022 15:56:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/j/ 		2 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=369405085&t=pageview&_s=1&dl=https%3A%2F%2Fus-manhattan.bedpage.com%2Fbodyrubs%2F57st-6ave-manhattan%2F22559762.html&ul=en-us&de=UTF-8&dt=347-761-8805%20%7C%20%F0%9F%8D%84%F0%9F%8D%84%F0%9F%8D%84young%20pretty%20girls%F0%9F%8C%B9%F0%9F%8C%B9%F0%9F%8C%B9100%25real%20photo%F0%9F%8C%B9%F0%9F%8C%B9%F0%9F%8C%B9gfe%F0%9F%8C%BA%F0%9F%8C%BA%F0%9F%8C%BA%F0%9F%8C%BA%20-%20bedpage.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1637673416&gjid=1799702841&cid=1158058157.1666108584&tid=UA-152535662-1&_gid=494352915.1666108584&_r=1&gtm=2ouah0&z=1531119600
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://us-manhattan.bedpage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 15:56:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://us-manhattan.bedpage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-152535662-1&cid=1158058157.1666108584&jid=1637673416&gjid=1799702841&_gid=494352915.1666108584&_u=YEBAAUAAAAAAACAAI~&z=681556548
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://us-manhattan.bedpage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 18 Oct 2022 15:56:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://us-manhattan.bedpage.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 7610 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8&co=aHR0cHM6Ly91cy1tYW5oYXR0YW4uYmVkcGFnZS5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=96fgcw3ogg5q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 10:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 10:26:10 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame 7610 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8&co=aHR0cHM6Ly91cy1tYW5oYXR0YW4uYmVkcGFnZS5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=96fgcw3ogg5q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 14:53:15 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-152535662-1&cid=1158058157.1666108584&jid=1637673416&_u=YEBAAUAAAAAAACAAI~&z=1487850294
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 15:56:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-152535662-1&cid=1158058157.1666108584&jid=1637673416&_u=YEBAAUAAAAAAACAAI~&z=1487850294
Requested by
Host: us-manhattan.bedpage.com
URL: https://us-manhattan.bedpage.com/bodyrubs/57st-6ave-manhattan/22559762.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://us-manhattan.bedpage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Oct 2022 15:56:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 7610 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7610 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7610 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:40:09 GMT
x-content-type-options
nosniff
age
418575
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 20 Oct 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7610 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8&co=aHR0cHM6Ly91cy1tYW5oYXR0YW4uYmVkcGFnZS5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=96fgcw3ogg5q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 11:18:05 GMT
x-content-type-options
nosniff
age
16699
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Oct 2023 11:18:05 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 7610 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8&co=aHR0cHM6Ly91cy1tYW5oYXR0YW4uYmVkcGFnZS5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=96fgcw3ogg5q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8&co=aHR0cHM6Ly91cy1tYW5oYXR0YW4uYmVkcGFnZS5jb206NDQz&hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&theme=light&size=normal&cb=96fgcw3ogg5q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 15:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Tue, 18 Oct 2022 15:56:24 GMT
bframe
www.google.com/recaptcha/api2/ Frame A5CC 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e28d687dbaec8c0130b54741fec6345a58b7d597643f2c6838c9484849daa79b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-G6MFZ93kAy6fgyqavaDSOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://us-manhattan.bedpage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1117
content-security-policy
script-src 'report-sample' 'nonce-G6MFZ93kAy6fgyqavaDSOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Oct 2022 15:56:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame A5CC 		52 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 10:26:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 10:26:10 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/ Frame A5CC 		396 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vP4jQKq0YJFzU6e21-BGy3GP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vP4jQKq0YJFzU6e21-BGy3GP&k=6LduQIsaAAAAALeLKYjuIcK3PYW2gqRt9V6yaiN8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 14:53:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161341
x-xss-protection
0
last-modified
Sun, 02 Oct 2022 20:02:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Oct 2023 14:53:15 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery function| changePage function| popUpWin function| popUpMap function| getCookie function| setCookie function| deleteCookie function| mozWrap function| IEWrap function| wrapSelection function| popUpCalendar function| showName function| limitText function| Menu function| Search object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| loadmore function| gtag object| dataLayer object| jQuery17106896101385753968 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha object| closure_lm_282455 object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.bedpage.com/bodyrubs/57st-6ave-manhattan Name: languageCode
Value: en
us-manhattan.bedpage.com/ Name: sucuri_cloudproxy_uuid_c81f5f348
Value: 854a144fe5288813c14603e65e7a9ab6
.bedpage.com/ Name: sessions
Value: gs4ot53chc2pdi5u8hsa58m3ua5jeufo
.bedpage.com/ Name: _ga
Value: GA1.2.1158058157.1666108584
.bedpage.com/ Name: _gid
Value: GA1.2.494352915.1666108584
.bedpage.com/ Name: _gat_gtag_UA_152535662_1
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazonaws1.b-cdn.net
fonts.gstatic.com
stats.g.doubleclick.net
us-manhattan.bedpage.com
www.bedpage.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
138.199.37.226
192.124.249.140
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:827::2008
2a00:1450:4001:82f::2003
2a00:1450:400c:c08::9a
2a00:1450:4014:80f::2003
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2416031bd1f3e12b007c0e5737517455f4dbb114c5163f41fcb17fb85041e36c
2477e547c5210f190b59016a94431894bece03a053f4e458f44b67f591d560ca
37e935c31ee4c22e8c3dad60e7412446dbb6e69bb5eec55de673815d8250f740
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43a49d95d6c92163706f0355c0d92ee0295fd963d71f0e5eb1dce3245d827dac
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
5309ca3e99da2e0fa0de2575ea750847db37fd4f4f1dbbda2a513268c702ace3
56b02cfc010bfdfcdaa737c85ca8bc070b409e01570ca56a5ddbba81851c3490
56c8d99f455ae41727cc804130bed55f410483027ba9115ba598124bad53a9ab
5c79b4d62cb9ad8ae5ea012ef8d9e5bdd120f906d7bb53465cd5721832b1ab8a
72e2e6c0f25d467f71b9e84a287d67ad3396ba629d8e521c10febee7a26a6c25
78d57569738f81b58b28972b0ebecc7cc4f1956199a9f0ac5ea5af6e3fd0bdc1
7e9c3e3a59b670e2956afc2e4250a4bb45d240dd5640b44732ae764932ddd1c2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92901c9c907cadd168a24f38fef00af554f21fcf32afcc9bb0b9d891b4b3efa2
979dc7da05dbb44deb4d8890b4bb26205228d17b0f31cbbd355bc04f3c4927f4
b36833e69bbec8fb3ebcaf0dbae07bd5849af464441b5c824810ff8945f77b70
b3dd54fb29c698c7eaccc28a086be3f74c437d47f09a9cf67fdfb643e499cfc7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b52b34cf452e92654dd04036ab4a81c81e0b9a6958539752b050f0433f4b1ddd
dbf1818d8b1397e676767b2fa0352f57b18f4066eede2460f730308f1303ded7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deaf5a4d4987d3198c038ffa6ebfb7b3aefc084c71d8f02805e918d25096412a
e28d687dbaec8c0130b54741fec6345a58b7d597643f2c6838c9484849daa79b
e36950d27cd33129295f8ee38e18985d443cd47f4b6320768e5b7d9d23fbfb15
ebb376b753dca098a59e9161901ea0b809662e65c84024c9f100e50a6525e86f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629