secure.sidbrowser.com Open in urlscan Pro
91.216.248.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.sidbrowser.com/
Submission: On September 16 via automatic, source certstream-suspicious (September 16th 2024, 11:52:20 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 91.216.248.21, located in Germany and belongs to TTM, DE. The main domain is secure.sidbrowser.com.
TLS certificate: Issued by E6 on September 16th 2024. Valid for: 3 months.

This is the only time secure.sidbrowser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	91.216.248.21 91.216.248.21	47447 (TTM) (TTM)
1 1	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
6	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
19	6

7 91.216.248.21 (Germany)

ASN47447 (TTM, DE)
PTR: frontend.lima-city.de

secure.sidbrowser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.21 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 162	210 KB
7	sidbrowser.com secure.sidbrowser.com	28 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 106
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2946	2 KB
1	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 3280	955 B
0	goweb.de Failed webcounter.goweb.de Failed
19	6

	Domain	Requested by
7	secure.sidbrowser.com	secure.sidbrowser.com
6	pagead2.googlesyndication.com	secure.sidbrowser.com pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.facebook.com	secure.sidbrowser.com
1	www.paypalobjects.com	secure.sidbrowser.com
1	www.paypal.com	1 redirects
0	webcounter.goweb.de Failed	secure.sidbrowser.com
19	7

This site contains links to these domains. Also see Links.

Domain
www.mathesoft.de
www.hvsc.de
upx.sourceforge.net
upo.mathesoft.de
sbwv.mathesoft.de
www.marderabwehr.com

Subject Issuer	Validity	Valid
secure.sidbrowser.com E6	`2024-09-16` - `2024-12-15`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-26` - `2024-09-24`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://secure.sidbrowser.com/
Frame ID: 71E316A120D3F408362386521F38FFBE
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.sidbrowser.com&layout=button_count&show_faces=false&width=200&action=like&font=verdana&colorscheme=light
Frame ID: FE089F65CE70E6AFFE18D71496ADA32B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240912/r20110914/zrt_lookup_fy2021.html
Frame ID: AE6C131B0DABBAFD25356B443F2CEE10
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2996667320775849&output=html&h=90&slotname=5108168414&adk=3998976602&adf=1336118064&pi=t.ma~as.5108168414&w=728&abgtt=3&lmt=1726530736&format=728x90&url=https%3A%2F%2Fsecure.sidbrowser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726530736334&bpp=2&bdt=213&idt=135&shv=r20240912&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=6359981247973&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=814&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795921%2C95338229%2C95342016%2C95342338&oid=2&pvsid=2029513107153859&tmod=1994272186&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=145
Frame ID: ABDA3409401DB060F236CBBEB76B4F89
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2996667320775849&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1726530736&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecure.sidbrowser.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.46927&aiapmi=0.48129&aiombap=1&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726530736336&bpp=1&bdt=215&idt=155&shv=r20240912&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=728x90&nras=1&correlator=6359981247973&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795921%2C95338229%2C95342016%2C95342338&oid=2&pvsid=2029513107153859&tmod=1994272186&uas=0&nvt=1&fsapi=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=162
Frame ID: 708095F9883DD6FD44218825EE751A5B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA12BEBDFE39E0BEACFFA35014AB66C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SIDBrowser by MATHEsoft!

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

19
Requests

84 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

241 kB
Transfer

634 kB
Size

5
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.mathesoft.de/download.php?this=sidbrowser-setup.exe
Title: Download SIDBrowser

Search URL Search Domain Scan URL

URL: http://www.hvsc.de/
Title: High Voltage SID Collection (HVSC)

Search URL Search Domain Scan URL

URL: http://www.mathesoft.de/link.php?go=sidplay
Title: SIDplay

Search URL Search Domain Scan URL

URL: http://www.mathesoft.de/link.php?go=composers.c64.org
Title: Actual Photolist of musicians

Search URL Search Domain Scan URL

URL: http://www.mathesoft.de/download.php?this=sidplay2w.zip
Title: sidplay2w

Search URL Search Domain Scan URL

URL: http://upx.sourceforge.net/
Title: upx

Search URL Search Domain Scan URL

URL: http://upo.mathesoft.de/
Title: UPack

Search URL Search Domain Scan URL

URL: http://sbwv.mathesoft.de/
Title: workversion

Search URL Search Domain Scan URL

URL: http://www.marderabwehr.com/
Title: www.marderabwehr.com

Search URL Search Domain Scan URL

URL: http://www.mathesoft.de/
Title: MATHEsoft

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.paypal.com/en_US/i/btn/x-click-but04.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secure.sidbrowser.com/ 10 KB
4 KB 157ms
65ms Document
text/html 91.216.248.21
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sidbrowser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.216.248.21 , Germany, ASN47447 (TTM, DE),

Reverse DNS

frontend.lima-city.de

Software

openresty / PHP/8.1.29

Resource Hash

94d8f41321667e7a90b74f7afc69d75aefdbd6cdb14d9eafe9bca19ea409957d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 16 Sep 2024 23:52:16 GMT
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-lima-id: atiaFwcbwi7QcgO7uq
x-powered-by: PHP/8.1.29

GET
H2 200 t_l.png
secure.sidbrowser.com/gifs/ 2 KB
2 KB 53ms
53ms Image
image/png 91.216.248.21
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sidbrowser.com/gifs/t_l.png

Requested by

Host: secure.sidbrowser.com
URL: https://secure.sidbrowser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.216.248.21 , Germany, ASN47447 (TTM, DE),

Reverse DNS

frontend.lima-city.de

Software

openresty /

Resource Hash

939009622f60caa9fd8d7ffa13e689074cbb5cfa559b10ae400a6af480683dfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 16 May 2013 16:48:22 GMT
server: openresty
etag: "73e-4dcd8a25ea180"
content-type: image/png
x-lima-id: atOmWkyvd41CWAHlxD
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1854
expires: Wed, 16 Oct 2024 23:52:16 GMT

GET
H2 200 t_m.gif
secure.sidbrowser.com/gifs/ 145 B
513 B 59ms
59ms Image
image/gif 91.216.248.21
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sidbrowser.com/gifs/t_m.gif

Requested by

Host: secure.sidbrowser.com
URL: https://secure.sidbrowser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.216.248.21 , Germany, ASN47447 (TTM, DE),

Reverse DNS

frontend.lima-city.de

Software

openresty /

Resource Hash

ca328e9717f31bae63c79d4a7d0d3c429121fb8bdcd7e0463d6a91dede591236

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Sat, 18 May 2013 16:21:51 GMT
server: openresty
etag: "91-4dd007f38a5c0"
content-type: image/gif
x-lima-id: atQA5QJJ6EziZQ5Zzm
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 145
expires: Wed, 16 Oct 2024 23:52:16 GMT

GET
H2 200 t_r.png
secure.sidbrowser.com/gifs/ 2 KB
3 KB 59ms
58ms Image
image/png 91.216.248.21
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sidbrowser.com/gifs/t_r.png

Requested by

Host: secure.sidbrowser.com
URL: https://secure.sidbrowser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.216.248.21 , Germany, ASN47447 (TTM, DE),

Reverse DNS

frontend.lima-city.de

Software

openresty /

Resource Hash

1ba613b5872758d7935ae03b458c285ea4e5536e7e901d688c0a957e7c03f3ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 16 May 2013 16:48:18 GMT
server: openresty
etag: "9ae-4dcd8a2219880"
content-type: image/png
x-lima-id: atZ9qhHZdEqFR7y3QU
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2478
expires: Wed, 16 Oct 2024 23:52:16 GMT

GET
H2 200 splash06.jpg
secure.sidbrowser.com/gifs/ 14 KB
14 KB 74ms
72ms Image
image/jpeg 91.216.248.21
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sidbrowser.com/gifs/splash06.jpg

Requested by

Host: secure.sidbrowser.com
URL: https://secure.sidbrowser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.216.248.21 , Germany, ASN47447 (TTM, DE),

Reverse DNS

frontend.lima-city.de

Software

openresty /

Resource Hash

021dbacc6bee88eb3bb616d7d19d29032bc11b773cc5a1e7231fbffb8d80e45d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 16 May 2013 16:48:31 GMT
server: openresty
etag: "3636-4dcd8a2e7f5c0"
content-type: image/jpeg
x-lima-id: at21DJHNqK0e7t2QXW
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13878
expires: Wed, 16 Oct 2024 23:52:16 GMT

GET
H2

200

x-click-but04.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/x-click-but04.gif
https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif

2 KB
2 KB

194ms
46ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif

Requested by

Host: secure.sidbrowser.com
URL: https://secure.sidbrowser.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC7) /

Resource Hash

a8f36837d21e73e1a17fa2936ec161187b3d1e6b08c0335433aec8153cd41049

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: e3ed805e968c0
dc: ccg11-origin-www-1.paypal.com
content-length: 2127
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/4CC7)
traceparent: 00-0000000000000000000e3ed805e968c0-a11c753bc76f3cdb-01
etag: "5d5637bd-84f"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 17 Sep 2024 00:52:16 GMT

Redirect headers

date: Mon, 16 Sep 2024 23:52:16 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f773508ba8b5a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-served-by: cache-fra-etou8220106-FRA, cache-fra-etou8220106-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f773508ba8b5a-2bd5f4b6b245a758-01
x-timer: S1726530736.257282,VS0,VE139
location: https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 138ms
58ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: secure.sidbrowser.com
URL: https://secure.sidbrowser.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

b285bd5a8415a1afcc0bd1ec4e2a2b3016eb0eff917280dd9aee0a53270b1d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52279
x-xss-protection: 0
server: cafe
etag: 18306478110761547681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 16 Sep 2024 23:52:16 GMT

GET 96781
webcounter.goweb.de/ 0
0

GET
H2 200 like.php
www.facebook.com/plugins/ Frame FE08 0
0 151ms
67ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.sidbrowser.com&layout=button_count&show_faces=false&width=200&action=like&font=verdana&colorscheme=light

Requested by

Host: secure.sidbrowser.com
URL: https://secure.sidbrowser.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
date: Mon, 16 Sep 2024 23:52:16 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415393047553983796"}]}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415393047553983796"
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2762, tp=-1, tpl=-1, uplat=28, ullat=0
x-fb-debug: 1ylybWrPu1VLlvPvQRy4we2QqHpUArmLmjAvbj9EfeGMp7va59P8hqNrOn5rkEqKc8KFMRtETHwbIc/bR46kIA==
x-xss-protection: 0

GET
H2 200 bg.gif
secure.sidbrowser.com/gifs/ 3 KB
4 KB 56ms
56ms Image
image/gif 91.216.248.21
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.sidbrowser.com/gifs/bg.gif

Requested by

Host: secure.sidbrowser.com
URL: https://secure.sidbrowser.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.216.248.21 , Germany, ASN47447 (TTM, DE),

Reverse DNS

frontend.lima-city.de

Software

openresty /

Resource Hash

abebe37366e66e58b091ebf1dedc4172eb56d40ee8b73bdf71bdd1367af65cb3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 16 May 2013 16:49:11 GMT
server: openresty
etag: "d59-4dcd8a54a4fc0"
content-type: image/gif
x-lima-id: atxI0RfS74PXV37Pcf
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3417
expires: Wed, 16 Oct 2024 23:52:16 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/ 416 KB
140 KB 69ms
68ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2996667320775849&plah=secure.sidbrowser.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

d6857fba2005244117faa4a06db960a9d5481ea70bc8342be37fa3012565f53e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142867
x-xss-protection: 0
server: cafe
etag: 11412906649773060052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Sep 2024 23:52:16 GMT

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240912/r20110914/ Frame AE6C 0
0 117ms
39ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240912/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2996667320775849&plah=secure.sidbrowser.com

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sidbrowser.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 64402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4126
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Sep 2024 05:58:54 GMT
etag: 14908419571193397619
expires: Mon, 30 Sep 2024 05:58:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame ABDA 0
0 182ms
107ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2996667320775849&output=html&h=90&slotname=5108168414&adk=3998976602&adf=1336118064&pi=t.ma~as.5108168414&w=728&abgtt=3&lmt=1726530736&format=728x90&url=https%3A%2F%2Fsecure.sidbrowser.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726530736334&bpp=2&bdt=213&idt=135&shv=r20240912&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&eoidce=1&correlator=6359981247973&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=814&ady=872&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795921%2C95338229%2C95342016%2C95342338&oid=2&pvsid=2029513107153859&tmod=1994272186&uas=0&nvt=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=145

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sidbrowser.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 299
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Sep 2024 23:52:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
pagead2.googlesyndication.com/pagead/ Frame 7080 0
0 105ms
53ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2996667320775849&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1726530736&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fsecure.sidbrowser.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&itsi=-1&aiapm=0.46927&aiapmi=0.48129&aiombap=1&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726530736336&bpp=1&bdt=215&idt=155&shv=r20240912&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=728x90&nras=1&correlator=6359981247973&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44795921%2C95338229%2C95342016%2C95342338&oid=2&pvsid=2029513107153859&tmod=1994272186&uas=0&nvt=1&fsapi=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=162

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sidbrowser.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Sep 2024 23:52:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 133ms
55ms XHR
application/json 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240912&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

9e3dccce2ebd5f86474674855803c8976a7589da012710b5e72e5d2615ac2d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12877
x-xss-protection: 0

GET
H2 200 favicon.ico
secure.sidbrowser.com/ 766 B
702 B 60ms
60ms Other
image/vnd.microsoft.icon 91.216.248.21
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.sidbrowser.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.216.248.21 , Germany, ASN47447 (TTM, DE),

Reverse DNS

frontend.lima-city.de

Software

openresty /

Resource Hash

eb341588a33b8d510be169b83ff68aaa9bc2fda17b66556ee577d316e7d59e09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 16 May 2013 16:50:06 GMT
server: openresty
etag: W/"2fe-4dcd8a8918b80"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
x-lima-id: atTWzCeSCD3p17N0KT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 142ms
48ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sidbrowser.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 16 Sep 2024 23:52:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Sep 2024 23:52:16 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA12 0
0 123ms
39ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.sidbrowser.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 121704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 15 Sep 2024 14:03:53 GMT
expires: Mon, 15 Sep 2025 14:03:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: webcounter.goweb.de
URL: https://webcounter.goweb.de/96781

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240912&jk=2029513107153859&bg=!WlmlWRbNAAbpMHvgyTA7ADQBe5WfOOyFfP0aOlC9T9Wi4ipGb5YZ40dKaC1WEvh8hykq8_qJkIocjBDrM6qKGGDG7dEbAgAAAD5SAAAAA2gBB34ANqBW-DVRjtbjo3KZc_NPvTkeulXd-Zpu-IQD89E98jRZRyiblUbLWZJh30o1UPqC0cAGn816WgoADvETkqSBXGUkg4Cak-U6mQKlFu7BYs-XnKY4raFO9U9P-BghUMpx4mXg6o8ZFDEr2em0El-iWmQPA3jt1Dhwd_D355cgKBpS7bP8P8nOGWRkJ9nb03_iVgB7aD1UPxFlc1RvY53Hq3gblSL8RuD5YkoQzBHY_JTqvqj0G3MsBW5e7IP0VdKCp-HNgN56UKcrm8bjA_J3rxRQEqm0sv-LByyfRItn95ZyLpBJire3vs3TuJ1q_iVjGqkhG_9zmAc7GBblI9yehQcPLDGvG3XFhuFejZfPW8-epkI9d28vWN9QzAMOnTJYOW2yxvfd4mcKSELyHkej059Cuwht7bFMFhjM1NljQAK0U_YKM9SFULOv2R8fWlZLkl1Dfx_nC3bA8PqoHg_NsgrOOsd3uYqIH1CcM6SyzajwSLvQQAbckG8QJskjZ6KmMUiWw2YB620EELR8onPVAv-dg1vwU5RYd7Jsw3Tzn0zpLkxUVZPigP5i5oLxqXEHjTanmTFuE7xh3gU6wGEYLYumFI9oVgDvBid_fKjISyZxxUun89VmqA2kUKNR5wmECIX5OWpzj5FrKZ14m7TOlSv9IrCgseXHWFwAHN1CCl7cgmYzvxeWF1g7gocdFnTsXz1K54DFeWLrBIw_RjfjpvXQtD8eF2C5FgvVsZaaO48mEoHteFytVs_o_hUl32FeD06R1-QM9f4rgIrYZuvFmMnQ1PKJgaFwI0ve6etGZgZ0-dYNB6ZWctHbCejF04NWcnVGkoLnKX-13gBFJ7-TbJYzRgrCmWZiqU3z8nOQyADROZuK60AOUCx9i8I8x9_eS2JgZuDd7R7rkLN_d0cx4xxOefn4BQ7wd6mjqfJAxIw3W423RmQf1884O0HJiAtrf-alAVDgEW3HSOnNwQg1LPvjhBoEB8lEQ5KMfvqAUpc

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.sidbrowser.com/	1970-01-21 09:11:30	Name: _lcp Value: a
secure.sidbrowser.com/	1970-01-21 09:11:30	Name: _lcp2 Value: a
.paypal.com/	1970-01-21 09:11:30	Name: ts Value: vreXpYrS%3D1821138736%26vteXpYrS%3D1726532536%26vr%3Dfd4050c91910aa30586853eeff1512d5%26vt%3Dfd4050c91910aa30586853eeff1512d4%26vtyp%3Dnew
.paypal.com/	1970-01-21 09:11:30	Name: ts_c Value: vr%3Dfd4050c91910aa30586853eeff1512d5%26vt%3Dfd4050c91910aa30586853eeff1512d4
.sidbrowser.com/	1970-01-21 03:54:42	Name: __eoi Value: ID=2d644991e9e823eb:T=1726530736:RT=1726530736:S=AA-AfjbuFoiCuk5dyqt2OclZ2EmA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://webcounter.goweb.de/96781 Message: Failed to load resource: net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pagead2.googlesyndication.com
secure.sidbrowser.com
tpc.googlesyndication.com
webcounter.goweb.de
www.facebook.com
www.paypal.com
www.paypalobjects.com
pagead2.googlesyndication.com
webcounter.goweb.de
151.101.1.21
172.217.18.98
192.229.221.25
2a00:1450:4001:800::2001
2a03:2880:f177:185:face:b00c:0:25de
91.216.248.21
021dbacc6bee88eb3bb616d7d19d29032bc11b773cc5a1e7231fbffb8d80e45d
1ba613b5872758d7935ae03b458c285ea4e5536e7e901d688c0a957e7c03f3ea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
939009622f60caa9fd8d7ffa13e689074cbb5cfa559b10ae400a6af480683dfe
94d8f41321667e7a90b74f7afc69d75aefdbd6cdb14d9eafe9bca19ea409957d
9e3dccce2ebd5f86474674855803c8976a7589da012710b5e72e5d2615ac2d3c
a8f36837d21e73e1a17fa2936ec161187b3d1e6b08c0335433aec8153cd41049
abebe37366e66e58b091ebf1dedc4172eb56d40ee8b73bdf71bdd1367af65cb3
b285bd5a8415a1afcc0bd1ec4e2a2b3016eb0eff917280dd9aee0a53270b1d60
ca328e9717f31bae63c79d4a7d0d3c429121fb8bdcd7e0463d6a91dede591236
d6857fba2005244117faa4a06db960a9d5481ea70bc8342be37fa3012565f53e
eb341588a33b8d510be169b83ff68aaa9bc2fda17b66556ee577d316e7d59e09

secure.sidbrowser.com Open in urlscan Pro 91.216.248.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

84 %HTTPS

33 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

241 kBTransfer

634 kBSize

5 Cookies

10 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

5 Cookies

1 Console Messages

Security Headers

Indicators

secure.sidbrowser.com Open in urlscan Pro
91.216.248.21 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

84 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

241 kB
Transfer

634 kB
Size

5
Cookies

19 HTTP transactions
0 data transactions