grabify.link Open in urlscan Pro
104.27.40.48  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://soo.gd/2XZ3JB Page URL
2. https://grabify.link/W1QC83 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	2XZ3JB Show response soo.gd/	3 KB 2 KB	497ms 466ms	Document text/html	172.67.145.44 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://soo.gd/2XZ3JB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.145.44 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ed4b1845ad0fce566c0fcaebaba13ed80c72b6ba9fcd4ab73ca6dd14d8e0b8e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Tue, 02 Nov 2021 04:22:57 GMT content-type text/html; Charset=UTF-8;charset=UTF-8 vary Accept-Encoding cache-control no-cache, must-revalidate, max-age=0 pragma no-cache x-robots-tag noindex, nofollow i-am Alpha strict-transport-security max-age=31536000; includeSubdomains; cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ee2%2Fm1ZZDkA5nGtU%2BGR7KkdfEDP3%2FOn0f%2FvRBom8kLiJjmQoYUt9GN14fhq%2BV%2Bhkt%2Fi6qkKOrExNWtcul3A%2BY6qaui64iABDuYj3xD7B0I3eXlDUm263bHM%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a7a95aefed12780-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	80 KB 27 KB	56ms 21ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: soo.gd URL: https://soo.gd/2XZ3JB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software sffe / Resource Hash 81d7f16aca89f99541e1a8040dfd139dc5fd3c2815216691cc3676bc50e83af9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 04:22:57 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1031 / 434 of 1000 / last-modified: 1635804317" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27242 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 02 Nov 2021 04:22:57 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	89 KB 35 KB	68ms 28ms	Script application/javascript	172.217.18.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-31510493-2 Requested by Host: soo.gd URL: https://soo.gd/2XZ3JB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f104.1e100.net Software Google Tag Manager / Resource Hash f487ae5e3ec12cb08d5a064804243c360d177daae388e9eaba0241a88b7a1ed8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 04:22:57 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35812 x-xss-protection 0 last-modified Tue, 02 Nov 2021 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 02 Nov 2021 04:22:57 GMT
GET H2	200	pubads_impl_2021102801.js Show response securepubads.g.doubleclick.net/gpt/	350 KB 119 KB	42ms 20ms	Script text/javascript	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software sffe / Resource Hash d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 04:22:57 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120786 x-xss-protection 0 last-modified Thu, 28 Oct 2021 08:34:36 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 02 Nov 2021 04:22:57 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	25 B 677 B	36ms 15ms	XHR application/json	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=soo.gd Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software cafe / Resource Hash 9ee33e5f6fe3c76e375cc583405418d048bf2b8ecac948ff1822d9c3b52804a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Tue, 02 Nov 2021 04:22:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41 x-xss-protection 0 expires Tue, 02 Nov 2021 04:22:57 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 20 KB	28ms 6ms	Script text/javascript	172.217.23.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f14.1e100.net Software Golfe2 / Resource Hash fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 26 Oct 2021 23:24:02 GMT server Golfe2 age 1343 date Tue, 02 Nov 2021 04:00:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19747 expires Tue, 02 Nov 2021 06:00:34 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 199 B	15ms 13ms	XHR text/plain	172.217.23.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j93&a=385066153&t=pageview&_s=1&dl=https%3A%2F%2Fsoo.gd%2F2XZ3JB&ul=en-us&de=UTF-8&dt=2XZ3JB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=760455026&gjid=603513648&cid=1112945462.1635826978&tid=UA-31510493-2&_gid=12931825.1635826978&_r=1&gtm=2ouar0&z=303447467 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f14.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://soo.gd/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 02 Nov 2021 04:22:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://soo.gd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	37ms 15ms	Script application/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=soo.gd Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s46-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Tue, 02 Nov 2021 04:22:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	435 B 256 B	75ms 52ms	XHR text/plain	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=100388957754766&correlator=2930516262747007&output=ldjh&impl=fif&eid=31063345&vrg=2021102801&ptt=17&sc=1&sfv=1-0-38&ecs=20211102&iu_parts=5837603%2CSGD_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1635826977&dt=1635826977782&dlt=1635826977583&idt=181&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1216140633&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsoo.gd%2F2XZ3JB&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x63&msz=0x0&ga_vid=1112945462.1635826978&ga_sid=1635826978&ga_hid=385066153&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f98.1e100.net Software cafe / Resource Hash 77d331eaa2bce9ac4101b7cfaee47bda57d8c8c87a9dfcb435d7da50d3df9ffb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 04:22:57 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 226 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://soo.gd cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response e720058ca0cdb4492324f543dd02763d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2609	6 KB 4 KB	64ms 15ms	Document text/html	172.217.23.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e720058ca0cdb4492324f543dd02763d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f97.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Tue, 02 Nov 2021 04:22:57 GMT expires Wed, 02 Nov 2022 04:22:57 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	Primary Request W1QC83 Show response grabify.link/	4 KB 3 KB	1601ms 1557ms	Document text/html	104.27.40.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://grabify.link/W1QC83 Requested by Host: soo.gd URL: https://soo.gd/2XZ3JB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.27.40.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cad8f235e96e318e04a5286dfafb014e29fece292c5459deb3a23a2c3d5e7d7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ Response headers date Tue, 02 Nov 2021 04:22:59 GMT content-type text/html; charset=UTF-8 cache-control no-cache, private x-ratelimit-limit 10 x-ratelimit-remaining 10 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ff9EAxIGRG1ROLiYWNljbOZQ4m4qRK%2BAVThdEuiQVf4qCxyBtc%2BDJUs0%2FotoGjog2D1dGEp5yalkfB7sNh5v%2F5kNRtBSOHnQrts0CFnBPpOLLzKhII3ZMJzcl7R%2BBw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6a7a95b40a9e4120-PRG content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	sodar pagead2.googlesyndication.com/getconfig/	12 KB 9 KB	41ms 20ms	XHR application/json	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102801&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers timing-allow-origin * date Tue, 02 Nov 2021 04:22:57 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9224 x-xss-protection 0
GET H2	200	sodar2.js tpc.googlesyndication.com/sodar/	17 KB 7 KB	36ms 15ms	Script text/javascript	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 04:22:57 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Tue, 02 Nov 2021 04:22:57 GMT
GET H3	200	runner.html tpc.googlesyndication.com/sodar/sodar2/224/ Frame 086A	12 KB 5 KB	22ms 6ms	Document text/html	142.250.185.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Mon, 01 Nov 2021 20:39:39 GMT expires Tue, 01 Nov 2022 20:39:39 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 27798 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe www.google.com/recaptcha/api2/ Frame 12AB	783 B 1 KB	38ms 16ms	Document text/html	172.217.18.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f100.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Oq+gG0UI5lCVjU6ucXfADw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Tue, 02 Nov 2021 04:22:58 GMT date Tue, 02 Nov 2021 04:22:58 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-Oq+gG0UI5lCVjU6ucXfADw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 514 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js pagead2.googlesyndication.com/bg/ Frame 086A	35 KB 13 KB	21ms 6ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sKl_vPiz0OchHmL4Vfbrj3Wozc3CsK_Jq53kDzx3_oA.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Mon, 01 Nov 2021 17:57:54 GMT content-encoding br x-content-type-options nosniff age 37504 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13525 x-xss-protection 0 last-modified Tue, 26 Oct 2021 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Tue, 01 Nov 2022 17:57:54 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 12AB	0 0	30ms 30ms	Image text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102801&jk=100388957754766&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	17ms 17ms	Image image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102801&jk=100388957754766&bg=!cXKlcjbNAAZzbWp4c207ACkAdvg8WmqwjaVXZELyuRamwrUwxaG_6DwfRqpY1E_BBFK2cvX6L2eNAAIAAABfUgAAAAxoAQcKAK3jOgVQ6x7XiXeoAH-26xfJJZYbouH7M7n5LWWIoC_k8ttvc9Y93r33rcyEV-ci1CRiWhJxs_gIVIgaLgnlY1XhvjHUNpecVSw8-1Zy7VVuzsfIjDh4xbr-anbXGX1PIu_TvyJHxHLaWCMjMayXibc2wjt3Oicf-PsUs5HI3TpqVkjsGQDAcerp3_hCJug8ZJPU-mKO-elzfq_4ngx_ejCZeP1YL4qWJWu6f16QrpkCnBGtwQ5NYOiDT0Pqg1nOZYFKHH56ucYSdpgQK1E5tyl9MDIyaHlrFslus20gsCmvyxPTNI70viSmyuX-k3L4xtkfsMDugzJXyNDqcdpl91KlWEOA-wiyJdKXzJQ-6AlV1RCHl2xgis6bWmUGmi2DeqRFLLwn6616Rdwn0dTGwiPb9ZcrPo2jUE0hVGTOXS8onSJxmAnvQB3NuBEo2g8hXQ9CC718TOj1CWwrythFIR_mIkcYXooIz0zka_GhUpfbbH1npEeyLPtdqCvMhNWCavzAZvOjGVE34wmooc2nJtuWZmd2sACM4t5Ze5oLtwTXCsPiQ_ZogGKFYGspZUKkvCN7IHoXErN7ngD0bxehMdBlS8IZ1OjsgzeTLDx1m8bnlLNy-PATxGTWtlYo3lF-ht0i11E17N5A_WwNOznbZgYLxWpU_zcjzGt-U30glXRyhgCG_BltKmz5f-JKn3a4VBByVwguwvmxp4ZBD_vjxm5fS--PERRguMhiaFaVhVdvgtcKrgBw0nF9MNx3O61Yyoa1oo0H8fuUvsqiUl4PaaTqTDxb1G3GAP5CoeO9n9qHbGw3B-QAzAbGFWNai1AFQ7gKZVGXnYgJqW2LWeANtrlcDIAjrBnJOZHEmRKJx-EZpAEqJGvayDnYf_TytFCsqLeOUDfMkuyIewcaQNZ69-chhCUxtKjMHIqScq1MMamiEC0zdq1g3jd1GwJ6F0dVkBBWlIss8elbVuxhqzsCZ8U7WTvqbyCoiybUjjqbGxdfPZhLVeniSnb9nRzuHgcHM46043zbQlaUjfXXyoGl2qs5dd8RKRU3il0iZNcvLxdiEJGO5W4MfQ8KjkqXJ8SaHFKc_TwoWLetoxi6qKZ9lwJWzLjF5HSY6y2Opv_X Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://soo.gd/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers pragma no-cache date Tue, 02 Nov 2021 04:22:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads.js Show response grabify.link/js/	19 B 662 B	869ms 851ms	Script application/javascript	104.27.40.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://grabify.link/js/ads.js Requested by Host: grabify.link URL: https://grabify.link/W1QC83 Protocol H3 Security QUIC, , AES_128_GCM Server 104.27.40.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 04:23:00 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=21 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 19 last-modified Thu, 17 Jun 2021 20:22:06 GMT server cloudflare etag "b3785e71b663d71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=851dP1pJp0nsz7Wow7Y%2B7EysMY9NKHInTg3ttK386WE8nJRj%2Fm9%2BY%2FTolsQ0dotkiOoUPSOONSyJPRrByt86LKOqtVgNCJnkpJejG1VQpJwV5hWg5iyjxfr1cS3t3w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 accept-ranges bytes cf-ray 6a7a95bdfe054114-PRG cf-bgj minify
GET H3	200	jquery-2.5.1.min.js Show response grabify.link/js/	176 KB 53 KB	1147ms 1130ms	Script application/javascript	104.27.40.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://grabify.link/js/jquery-2.5.1.min.js?id=349d581 Requested by Host: grabify.link URL: https://grabify.link/W1QC83 Protocol H3 Security QUIC, , AES_128_GCM Server 104.27.40.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 892d5c7402fc47d90ae3494dbecd562bb7c6d14cf1444f914493adf8f49de726 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 04:23:00 GMT content-encoding br cf-cache-status DYNAMIC last-modified Fri, 29 Oct 2021 20:58:57 GMT server cloudflare etag W/"174c58ca7cdd71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASZo8Czui5Fi8Dk%2Bo60l6piVpRoFZnNSZRnKhdQ80fHFswi%2BJu6peXQWZY%2BbucX4Mn06D5fYfVbnfEQUChNSjLh20W66NZrM5w0i%2FxW%2FEueMAbbF1sSJFdBtcZwfAQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 6a7a95bdfe044114-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	13 KB 5 KB	78ms 42ms	Script text/javascript	104.16.94.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: grabify.link URL: https://grabify.link/W1QC83 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 04:22:59 GMT content-encoding gzip last-modified Fri, 22 Oct 2021 22:23:12 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 6a7a95be1ff52794-PRG
GET H3	200	jquery-2.5.2.min.js Show response grabify.link/js/	7 KB 3 KB	301ms 301ms	Script application/javascript	104.27.40.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://grabify.link/js/jquery-2.5.2.min.js Requested by Host: grabify.link URL: https://grabify.link/js/jquery-2.5.1.min.js?id=349d581 Protocol H3 Security QUIC, , AES_128_GCM Server 104.27.40.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d635573c32e5fe489cdeadedafd8a772061c4f1bde65f90e71f5cf0ff1270cb Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Tue, 02 Nov 2021 04:23:01 GMT content-encoding br cf-cache-status DYNAMIC last-modified Fri, 29 Oct 2021 20:58:58 GMT server cloudflare etag W/"055b4ca7cdd71:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwSTXrCByvG8C1BHP3snq8MNKVbvbgdePA%2B3Fij7k9OWSGWyb7DVNN1Ub7ttGfge5ACRGmT%2B1MOQyqrXYnklyeGwe2cU0zBlay%2FljkMEO3kjln%2FsQoH8G7I1y5%2F%2Bww%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6a7a95c8acdb4114-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
POST H3	200	rum Show response grabify.link/cdn-cgi/	0 164 B	16ms 15ms	XHR text/plain	104.27.40.48 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://grabify.link/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.27.40.48 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 content-type application/json Response headers date Tue, 02 Nov 2021 04:23:01 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://grabify.link access-control-max-age 86400 access-control-allow-credentials true cf-ray 6a7a95cb2e574114-PRG vary Origin
POST		js grabify.link/api/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

grabify.link

URL

https://grabify.link/api/js

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler boolean| gs boolean| canRunAds object| _0x3d7b function| _0x59fb function| _0x5df1c4 object| _0x5fd8b6 object| _0x3962b3 function| _0x1f316b function| _0x21e873 function| _0x5ca142 function| _0x2ba1de function| _0x22e71a function| _0x5da7be function| _0x18aa2d function| _0x46a553 function| _0x2b71dd function| _0x392cfb function| _0x2a6d1c function| _0x33eb5c function| _0x355131 function| _0x5d4e72 function| _0x12e7f3 function| _0x5c6826 function| _0x9ab328 function| _0x10e15e function| _0x592f07 object| _0x1f0111 function| _0x1a165a function| _0x49d400 object| __cfBeacon object| _0x36ab function| _0x3f07 function| _0x7b2cc4 function| _0x3b3b0d function| chrome76Detection function| isNewChrome object| batteryExternal

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.soo.gd/	1970-01-20 15:54:58	Name: _ga Value: GA1.2.1112945462.1635826978
			.soo.gd/	1970-01-19 22:25:13	Name: _gid Value: GA1.2.12931825.1635826978
			.soo.gd/	1970-01-19 22:23:47	Name: _gat_gtag_UA_31510493_2 Value: 1
			.doubleclick.net/	1970-01-19 22:23:47	Name: test_cookie Value: CheckForPermission
			.soo.gd/	1970-01-20 07:45:22	Name: __gads Value: ID=64ecbad342987b48-222be15209cb00d0:T=1635826977:S=ALNI_MZEfiWNHzVvi4CAsIzPV0i0RmSd2Q
			grabify.link/	1970-01-19 22:24:04	Name: XSRF-TOKEN Value: eyJpdiI6InRNV1ZUWE9ZdUVEWXQrajhtMXcxL0E9PSIsInZhbHVlIjoiblFXaEMwZEd5dEJnMjc4dlNod00wVEJyNUVKTDNycy9xbWpzcEJINEgyMFg1d3JMMWJqSjQ2QS9YdlJ3ZGZRYU5SbUlGdUhPYjdHWERWV0s4NXYxNVA2OWJsZDdCOWpFeGQ2TUd6WWtXZHhjbVFpV0hLR3ZyRHVEckZTQldvTzAiLCJtYWMiOiJhMTA5MTk0OGVjOTM4NWVjNjRiNmZhYzVmZTAzNjNlMmY0NTI4MDM4ZGViNzY2YjlkOWExZThkZmE2MDhiM2VkIiwidGFnIjoiIn0%3D
			grabify.link/	1970-01-19 22:24:04	Name: g_session Value: eyJpdiI6Im5sSnlOVXRCMy9SSHRoYU5aa3pPc0E9PSIsInZhbHVlIjoicmZ5RWpRQ2x0T1A0SmpneXo1R2xiRVREUDVKOVZTSnhxWS9oZ1kwVlUzSW1HalpIRnMrUmkwSWkxVnVrWUp2RXp6SXFMNWlKa2pQRGhrVWxKdm1YZlFDSGtsYjU2L1k1UG9oSDJvM0QrcUk1a2pFNFFzUGxVMnMvdWxIN0ZoU3EiLCJtYWMiOiI5ZDA4NTlmNWQ2NjA5Y2NlMmY1MTc1YTFiNGQwZWQwOWNhN2YzNmRmZWMxOWNiN2FhMDg0YWEyMmMxYTJhNThjIiwidGFnIjoiIn0%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
e720058ca0cdb4492324f543dd02763d.safeframe.googlesyndication.com
grabify.link
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
soo.gd
static.cloudflareinsights.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
grabify.link
104.16.94.65
104.27.40.48
142.250.185.161
142.250.185.194
142.250.185.66
172.217.16.130
172.217.18.100
172.217.18.104
172.217.18.98
172.217.23.110
172.217.23.97
172.67.145.44
0cad8f235e96e318e04a5286dfafb014e29fece292c5459deb3a23a2c3d5e7d7
5d635573c32e5fe489cdeadedafd8a772061c4f1bde65f90e71f5cf0ff1270cb
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ed4b1845ad0fce566c0fcaebaba13ed80c72b6ba9fcd4ab73ca6dd14d8e0b8e
77d331eaa2bce9ac4101b7cfaee47bda57d8c8c87a9dfcb435d7da50d3df9ffb
81d7f16aca89f99541e1a8040dfd139dc5fd3c2815216691cc3676bc50e83af9
892d5c7402fc47d90ae3494dbecd562bb7c6d14cf1444f914493adf8f49de726
9ee33e5f6fe3c76e375cc583405418d048bf2b8ecac948ff1822d9c3b52804a5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f487ae5e3ec12cb08d5a064804243c360d177daae388e9eaba0241a88b7a1ed8
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62