URL: https://surgery.face8ook.org/
Submission Tags: @phishunt_io
Submission: On October 23 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 27 HTTP transactions. The main IP is 172.104.67.159, located in Tokyo, Japan and belongs to LINODE-AP Linode, LLC, US. The main domain is surgery.face8ook.org.
TLS certificate: Issued by R3 on October 23rd 2021. Valid for: 3 months.
This is the only time surgery.face8ook.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.104.67.159 63949 (LINODE-AP...)
15 142.250.74.193 15169 (GOOGLE)
2 142.250.185.138 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 172.217.23.99 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
1 172.217.18.110 15169 (GOOGLE)
1 142.250.181.238 15169 (GOOGLE)
1 1 142.250.185.174 15169 (GOOGLE)
1 1 66.102.1.156 15169 (GOOGLE)
1 1 172.217.23.100 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
27 11
Domain Requested by
15 cdn.ampproject.org surgery.face8ook.org
cdn.ampproject.org
2 fonts.googleapis.com surgery.face8ook.org
2 surgery.face8ook.org surgery.face8ook.org
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.google-analytics.com 1 redirects
1 ampcid.google.de cdn.ampproject.org
1 ampcid.google.com cdn.ampproject.org
1 d-2174948266698832231.ampproject.net cdn.ampproject.org
1 adservice.google.com cdn.ampproject.org
1 fonts.gstatic.com fonts.googleapis.com
1 pagead2.googlesyndication.com cdn.ampproject.org
27 13

This site contains links to these domains. Also see Links.

Domain
www.face8ook.org
facebook.com
twitter.com
Subject Issuer Validity Valid
surgery.face8ook.org
R3
2021-10-23 -
2022-01-21
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google.de
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
www.google.de
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://surgery.face8ook.org/
Frame ID: 14FBB15D48784FE22EDD14AA4828B994
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

Plastic SurgeryLinkedInReddit iconFacebookinstagramTwitter

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

27
Requests

96 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

11
IPs

2
Countries

413 kB
Transfer

1097 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Plastic%20Surgery&sr=1600x1200&_utmht=1635024261798&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&tid=UA-153100602-3&dl=https%3A%2F%2Fsurgery.face8ook.org%2F&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.8621907183325366&_r=1&a=3486&z=0.4928358760310745 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-153100602-3&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&jid=0.8621907183325366&_v=a1&z=0.4928358760310745 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153100602-3&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&jid=0.8621907183325366&_v=a1&z=0.4928358760310745 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153100602-3&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&jid=0.8621907183325366&_v=a1&z=0.4928358760310745&slf_rd=1&random=3553059616

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
surgery.face8ook.org/
89 KB
89 KB
Document
General
Full URL
https://surgery.face8ook.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.104.67.159 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1677-159.members.linode.com
Software
nginx/1.14.1 /
Resource Hash
654012053cf253baaa40f49857f0947bfb34e84c64fb819712cba595171acd67

Request headers

Host
surgery.face8ook.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.14.1
Date
Sat, 23 Oct 2021 21:24:31 GMT
Content-Type
text/html
Content-Length
91329
Last-Modified
Sat, 23 Oct 2021 09:21:45 GMT
Connection
keep-alive
ETag
"6173d429-164c1"
Accept-Ranges
bytes
v0.js
cdn.ampproject.org/
270 KB
70 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
dd33bf7cb75bb31858016496711f4f44cd67a1cf33d38167c1a950a50a426b72
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
71042
x-xss-protection
0
server
sffe
date
Sat, 23 Oct 2021 21:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"890d5f316e372e21"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Oct 2021 21:24:21 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/
100 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
8d99ad082ddaca5df51a077845df94ba2a8fe6b89b0e2f7552e604197ee6eb69
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30825
x-xss-protection
0
server
sffe
date
Sat, 23 Oct 2021 21:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"b68e82777bf8338e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Oct 2021 21:24:21 GMT
amp-bind-0.1.js
cdn.ampproject.org/v0/
45 KB
15 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-bind-0.1.js
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
01acce2f6586650b6a97e90fb4fb4b97810601acf1cbeb4f8745c30acc1d8e40
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15605
x-xss-protection
0
server
sffe
date
Sat, 23 Oct 2021 21:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"3c7588d5408f3174"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Oct 2021 21:24:21 GMT
amp-youtube-0.1.js
cdn.ampproject.org/v0/
33 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-youtube-0.1.js
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
f8dca5eb70402e90e23e4e358217e6f2f95ddfb5fde3a13c6b4db80974925727
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10273
x-xss-protection
0
server
sffe
date
Sat, 23 Oct 2021 21:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"755f89a001546b65"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Oct 2021 21:24:21 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/
21 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
4f0bd6a98e9b10f93035b5823608adeba4dbea904c54cc7bec3e32fe6787dbe2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6728
x-xss-protection
0
server
sffe
date
Sat, 23 Oct 2021 21:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"298fed857750a2c0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Oct 2021 21:24:21 GMT
amp-iframe-0.1.js
cdn.ampproject.org/v0/
23 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
d47e1e9731efe05b249ed238fef1df90c716ee960f6889ed462d9def49c6c7bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8386
x-xss-protection
0
server
sffe
date
Sat, 23 Oct 2021 21:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"709bb4ba6e9ebfa3"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Oct 2021 21:24:21 GMT
amp-ad-0.1.js
cdn.ampproject.org/v0/
72 KB
21 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-ad-0.1.js
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
784b108a962241036e082ddd713cd837f3743a13abd7ec87ff72b99b27759de0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
21006
x-xss-protection
0
server
sffe
date
Sat, 23 Oct 2021 21:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"e99be16fce5ac957"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Oct 2021 21:24:21 GMT
amp-carousel-0.1.js
cdn.ampproject.org/v0/
32 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-carousel-0.1.js
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
b4758d92f344481feba9ef8b991acefc527b264d9ed4c7e17d090c7134fb46c7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9907
x-xss-protection
0
server
sffe
date
Sat, 23 Oct 2021 21:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"96311313c4b114ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Oct 2021 21:24:21 GMT
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
88101eccef0707bd7ee54179eb036631c5139d41892067f13b7c9efac1a48009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 20:30:16 GMT
server
ESF
date
Sat, 23 Oct 2021 21:24:21 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 21:24:21 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
27 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
cbcf1961930bfee7a0ffaa7a4b384f48f7499b0836f3fc4c0112f22c03e0f19b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8893
x-xss-protection
0
server
sffe
date
Sat, 23 Oct 2021 21:24:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"24494e9efc970cb9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 23 Oct 2021 21:24:21 GMT
css
fonts.googleapis.com/
4 KB
705 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
54cf1b815896196459b541b68f06b911ab0f9bcb51c42e57419d49174dc5e68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 23 Oct 2021 20:17:01 GMT
server
ESF
date
Sat, 23 Oct 2021 21:24:21 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 23 Oct 2021 21:24:21 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012110011758000/v0/
7 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110011758000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
81357d5396e008da027bc9346a0662a4ee090503dbac99cd37e7bb316ce573be
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://surgery.face8ook.org/
Origin
https://surgery.face8ook.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
133612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2914
x-xss-protection
0
server
sffe
date
Fri, 22 Oct 2021 08:17:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f63269c6dc6042cd"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Oct 2022 08:17:29 GMT
ama
pagead2.googlesyndication.com/getconfig/
288 B
638 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-2730293094729387&plah=surgery.face8ook.org&ama_t=amp&url=https%3A%2F%2Fsurgery.face8ook.org%2F&__amp_source_origin=https%3A%2F%2Fsurgery.face8ook.org
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
ee33b0a60719af77df1994445916908ff23656ca4a36db11958563280740af74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://surgery.face8ook.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 21:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
219
x-xss-protection
0
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v15/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v15/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f3.1e100.net
Software
sffe /
Resource Hash
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://surgery.face8ook.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 22:11:45 GMT
x-content-type-options
nosniff
age
256356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
16256
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Oct 2022 22:11:45 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012110011758000/v0/
15 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110011758000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
7ac14b356ae0adf5701877a861769687d71ebe6cdfb23a481e1372dbc2350d85
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://surgery.face8ook.org/
Origin
https://surgery.face8ook.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246108
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3694
x-xss-protection
0
server
sffe
date
Thu, 21 Oct 2021 01:02:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f93790c16d0166fa"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 01:02:33 GMT
leakednews.png
surgery.face8ook.org/img/
6 KB
7 KB
Image
General
Full URL
https://surgery.face8ook.org/img/leakednews.png
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.104.67.159 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li1677-159.members.linode.com
Software
nginx/1.14.1 /
Resource Hash
444cb88d57f17baf82a51d9a1c6796bb4f45000ca1c33b331a18a2d604b8b735

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
surgery.face8ook.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://surgery.face8ook.org/
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 23 Oct 2021 21:24:32 GMT
Last-Modified
Sat, 23 Oct 2021 09:21:45 GMT
Server
nginx/1.14.1
ETag
"6173d429-1955"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6485
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012110011758000/v0/
36 KB
9 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110011758000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
e9f340f9c87d6ea6b9db4bb6f56c9d0c5370a7bb6640946124c4f0cb3f19127e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://surgery.face8ook.org/
Origin
https://surgery.face8ook.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
175934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9312
x-xss-protection
0
server
sffe
date
Thu, 21 Oct 2021 20:32:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e6a661a439b46c4b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 20:32:07 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012110011758000/v0/
199 KB
52 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110011758000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
c31cde4b6c44c3f983c9cececa14474cb6c20550a9e15c2967c089575cdaeda0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://surgery.face8ook.org/
Origin
https://surgery.face8ook.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
156976
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
53695
x-xss-protection
0
server
sffe
date
Fri, 22 Oct 2021 01:48:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3daff23dce984866"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Oct 2022 01:48:05 GMT
integrator.json
adservice.google.com/adsid/
86 B
549 B
Fetch
General
Full URL
https://adservice.google.com/adsid/integrator.json?domain=surgery.face8ook.org
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://surgery.face8ook.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 23 Oct 2021 21:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://surgery.face8ook.org
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
83
x-xss-protection
0
nameframe.html
d-2174948266698832231.ampproject.net/2110011758000/
0
0
Other
General
Full URL
https://d-2174948266698832231.ampproject.net/2110011758000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
ww.js
cdn.ampproject.org/rtv/012110011758000/
47 KB
47 KB
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012110011758000/ww.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
39a2b43f857817992c83c03626c4c5ee0ba59366156754723949ddedcf98154e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
text/plain
Referer
https://surgery.face8ook.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
x-content-type-options
nosniff
age
141157
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
48017
x-xss-protection
0
server
sffe
date
Fri, 22 Oct 2021 06:11:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"089f135627fc6976"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 22 Oct 2022 06:11:44 GMT
11f83c85-5516-4120-99f5-52862dcfa7e7
https://surgery.face8ook.org/
47 KB
0
Other
General
Full URL
blob:https://surgery.face8ook.org/11f83c85-5516-4120-99f5-52862dcfa7e7
Requested by
Host: surgery.face8ook.org
URL: https://surgery.face8ook.org/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc74e74668108034bb3e82af517d45279b481db0b03be6f2def14e8e73367cec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
48084
Content-Type
text/javascript
googleanalytics.json
cdn.ampproject.org/rtv/012110011758000/v0/analytics-vendors/
2 KB
812 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012110011758000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://surgery.face8ook.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
278452
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 16:03:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"143c3ed237f43f12"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 16:03:29 GMT
publisher:getClientId
ampcid.google.com/v1/
74 B
506 B
Fetch
General
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f110.1e100.net
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://surgery.face8ook.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 23 Oct 2021 21:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://surgery.face8ook.org
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/
3 B
435 B
Fetch
General
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://surgery.face8ook.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 23 Oct 2021 21:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://surgery.face8ook.org
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Plastic%20Surgery&sr=1600x1200&_utmht=1635024261798&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&tid=UA-153100602-3&dl=https%3A%2F%2Fsurger...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-153100602-3&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&jid=0.8621907183325366&_v=a1&z=0.4928358760310745
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153100602-3&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&jid=0.8621907183325366&_v=a1&z=0.4928358760310745
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153100602-3&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&jid=0.8621907183325366&_v=a1&z=0.4928358760310745&slf_rd=1&random=3553059616
42 B
472 B
Ping
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153100602-3&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&jid=0.8621907183325366&_v=a1&z=0.4928358760310745&slf_rd=1&random=3553059616
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://surgery.face8ook.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 23 Oct 2021 21:24:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 23 Oct 2021 21:24:22 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-153100602-3&cid=amp-cJd4mDkk1MK-ejwX4R8jnw&jid=0.8621907183325366&_v=a1&z=0.4928358760310745&slf_rd=1&random=3553059616
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| AMP object| global object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator

2 Cookies

Domain/Path Name / Value
.face8ook.org/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.face8ook.org/ Name: _ga
Value: amp-cJd4mDkk1MK-ejwX4R8jnw

1 Console Messages

Source Level URL
Text
javascript warning URL: https://surgery.face8ook.org/
Message:
The resource https://d-2174948266698832231.ampproject.net/2110011758000/nameframe.html was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ampcid.google.com
ampcid.google.de
cdn.ampproject.org
d-2174948266698832231.ampproject.net
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
stats.g.doubleclick.net
surgery.face8ook.org
www.google-analytics.com
www.google.com
www.google.de
142.250.181.227
142.250.181.238
142.250.185.138
142.250.185.174
142.250.185.226
142.250.186.35
142.250.74.193
172.104.67.159
172.217.18.110
172.217.23.100
172.217.23.99
216.58.212.162
66.102.1.156
01acce2f6586650b6a97e90fb4fb4b97810601acf1cbeb4f8745c30acc1d8e40
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
39a2b43f857817992c83c03626c4c5ee0ba59366156754723949ddedcf98154e
444cb88d57f17baf82a51d9a1c6796bb4f45000ca1c33b331a18a2d604b8b735
4f0bd6a98e9b10f93035b5823608adeba4dbea904c54cc7bec3e32fe6787dbe2
54cf1b815896196459b541b68f06b911ab0f9bcb51c42e57419d49174dc5e68d
654012053cf253baaa40f49857f0947bfb34e84c64fb819712cba595171acd67
68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5
784b108a962241036e082ddd713cd837f3743a13abd7ec87ff72b99b27759de0
7ac14b356ae0adf5701877a861769687d71ebe6cdfb23a481e1372dbc2350d85
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
81357d5396e008da027bc9346a0662a4ee090503dbac99cd37e7bb316ce573be
88101eccef0707bd7ee54179eb036631c5139d41892067f13b7c9efac1a48009
8d99ad082ddaca5df51a077845df94ba2a8fe6b89b0e2f7552e604197ee6eb69
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
b4758d92f344481feba9ef8b991acefc527b264d9ed4c7e17d090c7134fb46c7
bc74e74668108034bb3e82af517d45279b481db0b03be6f2def14e8e73367cec
c31cde4b6c44c3f983c9cececa14474cb6c20550a9e15c2967c089575cdaeda0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbcf1961930bfee7a0ffaa7a4b384f48f7499b0836f3fc4c0112f22c03e0f19b
d47e1e9731efe05b249ed238fef1df90c716ee960f6889ed462d9def49c6c7bb
dd33bf7cb75bb31858016496711f4f44cd67a1cf33d38167c1a950a50a426b72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f340f9c87d6ea6b9db4bb6f56c9d0c5370a7bb6640946124c4f0cb3f19127e
ee33b0a60719af77df1994445916908ff23656ca4a36db11958563280740af74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8dca5eb70402e90e23e4e358217e6f2f95ddfb5fde3a13c6b4db80974925727