urlscan.io logo urlscan.io
SecurityTrails logo

wwwnakflweb.sidbrowser.com Open in urlscan Pro
91.216.248.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://wwwnakflweb.sidbrowser.com/
Submission: On June 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 91.216.248.21, located in Germany and belongs to TTM, DE. The main domain is wwwnakflweb.sidbrowser.com.
TLS certificate: Issued by E5 on June 19th 2024. Valid for: 3 months.
This is the only time wwwnakflweb.sidbrowser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    91.216.248.21 (Germany)

ASN47447 (TTM, DE)
PTR: frontend.lima-city.de
wwwnakflweb.sidbrowser.com
1    151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
6    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pagead2.googlesyndication.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
216 KB
7 sidbrowser.com
wwwnakflweb.sidbrowser.com
28 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2807
2 KB
1 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3110
981 B
0 goweb.de Failed
webcounter.goweb.de Failed
19 6
Domain Requested by
7 wwwnakflweb.sidbrowser.com wwwnakflweb.sidbrowser.com
6 pagead2.googlesyndication.com wwwnakflweb.sidbrowser.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.facebook.com wwwnakflweb.sidbrowser.com
1 www.paypalobjects.com wwwnakflweb.sidbrowser.com
1 www.paypal.com 1 redirects
0 webcounter.goweb.de Failed wwwnakflweb.sidbrowser.com
19 7
Subject Issuer Validity Valid
wwwnakflweb.sidbrowser.com
E5		 2024-06-19 -
2024-09-17		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-02 -
2024-07-01		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://wwwnakflweb.sidbrowser.com/
Frame ID: 8C0B796CB1526B07952B562AF4058567
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.sidbrowser.com&layout=button_count&show_faces=false&width=200&action=like&font=verdana&colorscheme=light
Frame ID: 1EEA844CCA031482202F1AFAEFA5A33E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: 669B794785E1756CAA108C0B1157058B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2996667320775849&output=html&h=90&slotname=5108168414&adk=3998976602&adf=1336118064&pi=t.ma~as.5108168414&w=728&abgtt=3&lmt=1719187373&format=728x90&url=https%3A%2F%2Fwwwnakflweb.sidbrowser.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719187373723&bpp=2&bdt=233&idt=140&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=344358702880&frm=20&pv=2&ga_vid=443397268.1719187374&ga_sid=1719187374&ga_hid=1624444386&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=814&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084687%2C42532742%2C44795921%2C95331690%2C95331832%2C95334508%2C95334529%2C95334570%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1500834473165252&tmod=1424949098&uas=0&nvt=1&fc=896&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=150
Frame ID: DA263BA81CFD48C4510B776620B1B93A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2996667320775849&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719187373&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwwwnakflweb.sidbrowser.com%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_14&aiixl=27_3&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719187373726&bpp=1&bdt=236&idt=159&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=728x90&nras=1&correlator=344358702880&frm=20&pv=1&ga_vid=443397268.1719187374&ga_sid=1719187374&ga_hid=1624444386&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084687%2C42532742%2C44795921%2C95331690%2C95331832%2C95334508%2C95334529%2C95334570%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1500834473165252&tmod=1424949098&uas=0&nvt=1&fsapi=1&fc=896&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=167
Frame ID: 0E35D7E8E6CD48712F2A5F44E737462D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B810C47AE785C5307CDCC5E4CCCA8D8F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SIDBrowser by MATHEsoft!

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

19
Requests

84 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

247 kB
Transfer

655 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://www.paypal.com/en_US/i/btn/x-click-but04.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wwwnakflweb.sidbrowser.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wwwnakflweb.sidbrowser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.216.248.21 , Germany, ASN47447 (TTM, DE),
Reverse DNS
frontend.lima-city.de
Software
openresty / PHP/8.1.29
Resource Hash
94d8f41321667e7a90b74f7afc69d75aefdbd6cdb14d9eafe9bca19ea409957d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 24 Jun 2024 00:02:53 GMT
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-lima-id
atxDabBdVY6IxrveO7
x-powered-by
PHP/8.1.29
t_l.png
wwwnakflweb.sidbrowser.com/gifs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwnakflweb.sidbrowser.com/gifs/t_l.png
Requested by
Host: wwwnakflweb.sidbrowser.com
URL: https://wwwnakflweb.sidbrowser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.216.248.21 , Germany, ASN47447 (TTM, DE),
Reverse DNS
frontend.lima-city.de
Software
openresty /
Resource Hash
939009622f60caa9fd8d7ffa13e689074cbb5cfa559b10ae400a6af480683dfe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:53 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 16 May 2013 16:48:22 GMT
server
openresty
etag
"73e-4dcd8a25ea180"
content-type
image/png
x-lima-id
at3RMGDeVsouClAQmg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1854
expires
Wed, 24 Jul 2024 00:02:53 GMT
t_m.gif
wwwnakflweb.sidbrowser.com/gifs/ 		145 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwnakflweb.sidbrowser.com/gifs/t_m.gif
Requested by
Host: wwwnakflweb.sidbrowser.com
URL: https://wwwnakflweb.sidbrowser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.216.248.21 , Germany, ASN47447 (TTM, DE),
Reverse DNS
frontend.lima-city.de
Software
openresty /
Resource Hash
ca328e9717f31bae63c79d4a7d0d3c429121fb8bdcd7e0463d6a91dede591236
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:53 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sat, 18 May 2013 16:21:51 GMT
server
openresty
etag
"91-4dd007f38a5c0"
content-type
image/gif
x-lima-id
atWbcZqEFP8cGFKRgR
cache-control
max-age=2592000
accept-ranges
bytes
content-length
145
expires
Wed, 24 Jul 2024 00:02:53 GMT
t_r.png
wwwnakflweb.sidbrowser.com/gifs/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwnakflweb.sidbrowser.com/gifs/t_r.png
Requested by
Host: wwwnakflweb.sidbrowser.com
URL: https://wwwnakflweb.sidbrowser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.216.248.21 , Germany, ASN47447 (TTM, DE),
Reverse DNS
frontend.lima-city.de
Software
openresty /
Resource Hash
1ba613b5872758d7935ae03b458c285ea4e5536e7e901d688c0a957e7c03f3ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:53 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 16 May 2013 16:48:18 GMT
server
openresty
etag
"9ae-4dcd8a2219880"
content-type
image/png
x-lima-id
at8Jy718PupCc5DESq
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2478
expires
Wed, 24 Jul 2024 00:02:53 GMT
splash06.jpg
wwwnakflweb.sidbrowser.com/gifs/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwnakflweb.sidbrowser.com/gifs/splash06.jpg
Requested by
Host: wwwnakflweb.sidbrowser.com
URL: https://wwwnakflweb.sidbrowser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.216.248.21 , Germany, ASN47447 (TTM, DE),
Reverse DNS
frontend.lima-city.de
Software
openresty /
Resource Hash
021dbacc6bee88eb3bb616d7d19d29032bc11b773cc5a1e7231fbffb8d80e45d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:53 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 16 May 2013 16:48:31 GMT
server
openresty
etag
"3636-4dcd8a2e7f5c0"
content-type
image/jpeg
x-lima-id
atrVrLyGtjxLn7Up9S
cache-control
max-age=2592000
accept-ranges
bytes
content-length
13878
expires
Wed, 24 Jul 2024 00:02:53 GMT
x-click-but04.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain
  • https://www.paypal.com/en_US/i/btn/x-click-but04.gif
  • https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
Requested by
Host: wwwnakflweb.sidbrowser.com
URL: https://wwwnakflweb.sidbrowser.com/
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F7A0) /
Resource Hash
a8f36837d21e73e1a17fa2936ec161187b3d1e6b08c0335433aec8153cd41049
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://wwwnakflweb.sidbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 00:02:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
e3ed805e968c0
dc
ccg11-origin-www-1.paypal.com
content-length
2127
last-modified
Fri, 16 Aug 2019 04:57:33 GMT
server
ECAcc (ska/F7A0)
traceparent
00-0000000000000000000e3ed805e968c0-a11c753bc76f3cdb-01
etag
"5d5637bd-84f"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 24 Jun 2024 01:02:53 GMT

Redirect headers

date
Mon, 24 Jun 2024 00:02:53 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f29200777afa1
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
0
x-served-by
cache-fra-eddf8230142-FRA, cache-fra-eddf8230142-FRA
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f29200777afa1-fbf89a068863cafd-01
x-timer
S1719187374.577851,VS0,VE155
location
https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
bytes
x-cache-hits
0, 0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: wwwnakflweb.sidbrowser.com
URL: https://wwwnakflweb.sidbrowser.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
1780463d1047db8a496415d5f36cdbc94da75e5b8bd4a4c0bcef5c481042bc2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52712
x-xss-protection
0
server
cafe
etag
7539833225104787005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 24 Jun 2024 00:02:53 GMT
96781
webcounter.goweb.de/ 		0
0
like.php
www.facebook.com/plugins/ Frame 1EEA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.sidbrowser.com&layout=button_count&show_faces=false&width=200&action=like&font=verdana&colorscheme=light
Requested by
Host: wwwnakflweb.sidbrowser.com
URL: https://wwwnakflweb.sidbrowser.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Mon, 24 Jun 2024 00:02:53 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7383853544471116083"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7383853544471116083"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1368, tbw=2756, tp=-1, tpl=-1, uplat=38, ullat=0
x-fb-debug
E75m1fqpqSGw+C2z239ize1fWz2rEoLjsysce9Nl3Vgjue7eV92bVxam7rnDx/YnsM3Z5TeHtlduyokEwBU46g==
x-xss-protection
0
bg.gif
wwwnakflweb.sidbrowser.com/gifs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wwwnakflweb.sidbrowser.com/gifs/bg.gif
Requested by
Host: wwwnakflweb.sidbrowser.com
URL: https://wwwnakflweb.sidbrowser.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.216.248.21 , Germany, ASN47447 (TTM, DE),
Reverse DNS
frontend.lima-city.de
Software
openresty /
Resource Hash
abebe37366e66e58b091ebf1dedc4172eb56d40ee8b73bdf71bdd1367af65cb3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:53 GMT
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 16 May 2013 16:49:11 GMT
server
openresty
etag
"d59-4dcd8a54a4fc0"
content-type
image/gif
x-lima-id
at64AcqkLmTa8mCX74
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3417
expires
Wed, 24 Jul 2024 00:02:53 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/ 		431 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2996667320775849&plah=wwwnakflweb.sidbrowser.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
51fb7cfe860e42af5790868a2bfcebfb9eb2353446ebcf53e86b2d94c55c0ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148836
x-xss-protection
0
server
cafe
etag
16906069816279610023
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jun 2024 00:02:53 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/ Frame 669B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2996667320775849&plah=wwwnakflweb.sidbrowser.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://wwwnakflweb.sidbrowser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
44372
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jun 2024 11:43:21 GMT
etag
9187630395144177108
expires
Sun, 07 Jul 2024 11:43:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame DA26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2996667320775849&output=html&h=90&slotname=5108168414&adk=3998976602&adf=1336118064&pi=t.ma~as.5108168414&w=728&abgtt=3&lmt=1719187373&format=728x90&url=https%3A%2F%2Fwwwnakflweb.sidbrowser.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719187373723&bpp=2&bdt=233&idt=140&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=344358702880&frm=20&pv=2&ga_vid=443397268.1719187374&ga_sid=1719187374&ga_hid=1624444386&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=814&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084687%2C42532742%2C44795921%2C95331690%2C95331832%2C95334508%2C95334529%2C95334570%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1500834473165252&tmod=1424949098&uas=0&nvt=1&fc=896&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2996667320775849&plah=wwwnakflweb.sidbrowser.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://wwwnakflweb.sidbrowser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
40895
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jun 2024 00:02:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 0E35 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2996667320775849&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1719187373&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwwwnakflweb.sidbrowser.com%2F&pra=7&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_14&aiixl=27_3&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&dt=1719187373726&bpp=1&bdt=236&idt=159&shv=r20240618&mjsv=m202406180101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=728x90&nras=1&correlator=344358702880&frm=20&pv=1&ga_vid=443397268.1719187374&ga_sid=1719187374&ga_hid=1624444386&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084687%2C42532742%2C44795921%2C95331690%2C95331832%2C95334508%2C95334529%2C95334570%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1500834473165252&tmod=1424949098&uas=0&nvt=1&fsapi=1&fc=896&brdim=490%2C490%2C490%2C490%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=2&uci=a!2&fsb=1&dtd=167
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2996667320775849&plah=wwwnakflweb.sidbrowser.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://wwwnakflweb.sidbrowser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jun 2024 00:02:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240618&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2996667320775849&plah=wwwnakflweb.sidbrowser.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
4399fbb3053ef8b5e9d8993301b3bed18c645d890dbbedca185ad27b9b58cd3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12756
x-xss-protection
0
favicon.ico
wwwnakflweb.sidbrowser.com/ 		766 B
701 B 		Other
General
Check archive.org
Download Go to
Full URL
https://wwwnakflweb.sidbrowser.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
91.216.248.21 , Germany, ASN47447 (TTM, DE),
Reverse DNS
frontend.lima-city.de
Software
openresty /
Resource Hash
eb341588a33b8d510be169b83ff68aaa9bc2fda17b66556ee577d316e7d59e09
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:54 GMT
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 16 May 2013 16:50:06 GMT
server
openresty
etag
W/"2fe-4dcd8a8918b80"
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
x-lima-id
atL5grau9xAg4VzEmy
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2996667320775849&plah=wwwnakflweb.sidbrowser.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://wwwnakflweb.sidbrowser.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 00:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jun 2024 00:02:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B810 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://wwwnakflweb.sidbrowser.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
21715
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jun 2024 18:00:59 GMT
expires
Mon, 23 Jun 2025 18:00:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webcounter.goweb.de
URL
https://webcounter.goweb.de/96781
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240618&jk=1500834473165252&bg=!kpGlkd7NAAb64txl2uI7ADQBe5WfODgAwHewvUNf0wqSt1az7MqOvOe4S8D22_PVQMmag5E3XG4FEp4DeIATKRtbB3HoAgAAADlSAAAAAmgBB34ANvAYQSr149Hv-UchgTRkKmNx0uMAGP2_IXrTGxBeNpEmeJOpebfbSzoTJ2pTwdsqcHaM6DY6t5kC6ukW-_gRi3Ujt9juhYy10t94WzgbGUvz6wppjv8xPqartWaJqd5tqA8Q7qwJPR_x3SGDDGKYeq-dTBMjWl46Yhur4vfFr6F5BNV8uCKWJEZ4AkiJlC87yrWybYzWVZLX7BqzfSHcMD97RsFFuyHH3chLniHhpWUaOT0_sgcHT7tPsauCASmoj1ykTTvTS-eGJtr7EmfAdR-QNxis6ml5NE6iCSrxVSvDKxYy9GlYUsl2KY66zc2eKcty_Dd8fp7_sRzeymfjZQZ4Af0pvUrgHcF1sRAT4EAg5_dXV1BMns1ApypWD61baW8yu-lMdzjMetheI-8bzTkrukjsbDler4Ov2OQT7yks4G_Ynjg0fIKCEXThtWc-RypvcQcb7eCLrC8bCJ8vwoDExWrlThXGzXq5SmiAdX3cJ9Y-1AoJFe8PfsSwueJZYZ5Lb9V7_IZznvDqXafsWdI5rj0Ggv_anId3SNykN_e3cEvuN7oZgV_Bjs52HuygR_o540kTmL0bhtWTQSRFeVrtM46J-1HnxgEFuavXhhcpnZEEMMOfXo6OlSn08HmUfNqQ3gshHpKO_NMwYc_AMOQ1_XxW7CsEvG0BNwd-89SeFg6ADUi82PENEOn-eTfbWyZH6Y63-taDx4bDSdTBgcYxs8WlDpohP3xxTAf1D6XRje6EqVDPb0Js66k7S3Ut9kBTNHziZFvj6pEoQWdgVF5RFUgh4AzsRj9i5lnhFZSrAC0Jo4WoKnTByKVkl2spvCqnAnBwkJYgAxFRXQU-FIpbbvjQvypyevrYtn64LUc-gtmoe5iOtI0aH3ch-U4jQK6B0W-DQTlBKtaFj200tjg9WE6fzC7af1b40_lYX7cDuyW88mtqZlbxX3PhdV6g_nouLCFQdZ7ifsBEdnLd-bVjbbVVop9QheCjeDK-aXpuI90kc1AsYK8OKfPZOIGS5htSPbdj5LzFK1JDwGa1xRUvUfCsIwFIjrA_Ydk81gVKIi5k

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
wwwnakflweb.sidbrowser.com/ Name: _lcp
Value: a
wwwnakflweb.sidbrowser.com/ Name: _lcp2
Value: a
.paypal.com/ Name: ts
Value: vreXpYrS%3D1813795373%26vteXpYrS%3D1719189173%26vr%3D478d7e5a1900a552c828e1c1ff481d7a%26vt%3D478d7e5a1900a552c828e1c1ff481d79%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D478d7e5a1900a552c828e1c1ff481d7a%26vt%3D478d7e5a1900a552c828e1c1ff481d79
.sidbrowser.com/ Name: __eoi
Value: ID=dacdb9e7482f77f0:T=1719187373:RT=1719187373:S=AA-AfjaJCRIwelqndk0NTZqwgRHD

1 Console Messages

Source Level URL
Text
network error URL: https://webcounter.goweb.de/96781
Message:
Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload