urlscan.io logo urlscan.io
SecurityTrails logo

watchvideo.pro Open in urlscan Pro
178.132.6.250  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://acciondd.com/
Effective URL: https://watchvideo.pro/click.php?key=gp3unhy34pi93is2vpxz&click_id=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b...
Submission: On March 17 via manual from AR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 46 HTTP transactions. The main IP is 178.132.6.250, located in Naaldwijk, Netherlands and belongs to WORLDSTREAM, NL. The main domain is watchvideo.pro.
TLS certificate: Issued by R3 on February 19th 2023. Valid for: 3 months.
This is the only time watchvideo.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 66.97.43.119 27823 (Dattatec.com)
1 6 162.55.76.206 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 45.9.148.165 49447 (NICEIT)
1 3 134.209.192.77 14061 (DIGITALOC...)
1 2 2001:978:2:1a... 174 (COGENT-174)
2 178.132.6.250 49981 (WORLDSTREAM)
46 9
24    66.97.43.119 (Rosario, Argentina)

ASN27823 (Dattatec.com, AR)
PTR: vps-1927153-x.dattaweb.com
acciondd.com
6    162.55.76.206 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.206.76.55.162.clients.your-server.de
way.specialblueitems.com
stats.statisticline.com
get.sortyellowapples.com
far.statisticline.com
come.sortyellowapples.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    45.9.148.165 (Amsterdam, Netherlands)

ASN49447 (NICEIT, DM)
cdn.statisticline.com
3    134.209.192.77 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
whiteforwardlines.com
0.whiteforwardlines.com
2    2001:978:2:1a::30:134 (France)

ASN174 (COGENT-174, US)
eu.slowww.xyz
2    178.132.6.250 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 178-132-6-250.hosted-by-worldstream.net
watchvideo.pro
Apex Domain
Subdomains		 Transfer
24 acciondd.com
acciondd.com
2 MB
6 gstatic.com
fonts.gstatic.com
141 KB
4 statisticline.com
stats.statisticline.com
cdn.statisticline.com — Cisco Umbrella Rank: 327681
far.statisticline.com — Cisco Umbrella Rank: 456307 Failed
5 KB
3 whiteforwardlines.com
whiteforwardlines.com Failed
0.whiteforwardlines.com
36 KB
2 watchvideo.pro
watchvideo.pro
10 KB
2 slowww.xyz
eu.slowww.xyz — Cisco Umbrella Rank: 817902
3 KB
2 sortyellowapples.com
get.sortyellowapples.com
come.sortyellowapples.com — Cisco Umbrella Rank: 446511
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
2 KB
1 specialblueitems.com
way.specialblueitems.com
2 KB
46 9
Domain Requested by
24 acciondd.com acciondd.com
6 fonts.gstatic.com fonts.googleapis.com
2 watchvideo.pro watchvideo.pro
2 eu.slowww.xyz 1 redirects acciondd.com
2 0.whiteforwardlines.com 1 redirects acciondd.com
2 stats.statisticline.com way.specialblueitems.com
get.sortyellowapples.com
1 whiteforwardlines.com come.sortyellowapples.com
1 come.sortyellowapples.com cdn.statisticline.com
1 far.statisticline.com cdn.statisticline.com
1 cdn.statisticline.com stats.statisticline.com
1 get.sortyellowapples.com acciondd.com
1 fonts.googleapis.com acciondd.com
1 way.specialblueitems.com acciondd.com
46 13

This site contains no links.

Subject Issuer Validity Valid
acciondd.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-27 -
2023-07-28		 a year crt.sh
way.specialblueitems.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
stats.statisticline.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
get.sortyellowapples.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
cdn.statisticline.com
R3		 2023-03-17 -
2023-06-15		 3 months crt.sh
come.sortyellowapples.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
whiteforwardlines.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
*.slowww.xyz
R3		 2023-01-27 -
2023-04-27		 3 months crt.sh
watchvideo.pro
R3		 2023-02-19 -
2023-05-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://watchvideo.pro/click.php?key=gp3unhy34pi93is2vpxz&click_id=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe&price=0.0023&sub1=487d99f0223b81f7c0af5d8376c1d7fe&sub2=8914&sub3=0.0023&sub4=DEU&sub5=dd1e23175e1aeb0400e8ed25cfec4f76&mcount=0&type=direct
Frame ID: CB4C173F0095C8CFB575508013200D91
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Warning

Page URL History Show full URLs

  1. https://acciondd.com/ Page URL
  2. https://far.statisticline.com/away/go.php?id=64785e55-66-45776433 HTTP 302
    https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=561756 Page URL
  3. https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=561756 Page URL
  4. https://0.whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=561756 Page URL
  5. https://0.whiteforwardlines.com/?auf=myzdgzbwmi5diojygyxtqmbrgixtemrpge3doojqha2dinrz&s=1&sub1=&sub2=561756&... HTTP 302
    https://eu.slowww.xyz/postback/click?key=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7... Page URL
  6. https://eu.slowww.xyz/postback/click?key=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7... HTTP 302
    https://watchvideo.pro/click.php?key=gp3unhy34pi93is2vpxz&click_id=v2-1679084469674-4-8914-1138639-... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

46
Requests

91 %
HTTPS

38 %
IPv6

9
Domains

13
Subdomains

9
IPs

4
Countries

1827 kB
Transfer

3490 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://acciondd.com/ Page URL
  2. https://far.statisticline.com/away/go.php?id=64785e55-66-45776433 HTTP 302
    https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=561756 Page URL
  3. https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=561756 Page URL
  4. https://0.whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=561756 Page URL
  5. https://0.whiteforwardlines.com/?auf=myzdgzbwmi5diojygyxtqmbrgixtemrpge3doojqha2dinrz&s=1&sub1=&sub2=561756&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
    https://eu.slowww.xyz/postback/click?key=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe Page URL
  6. https://eu.slowww.xyz/postback/click?key=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe&token=8c0428d903c2a26de8cbf871d3159dbf&timezone=0&iframe_test=false&webdriver_test=false HTTP 302
    https://watchvideo.pro/click.php?key=gp3unhy34pi93is2vpxz&click_id=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe&price=0.0023&sub1=487d99f0223b81f7c0af5d8376c1d7fe&sub2=8914&sub3=0.0023&sub4=DEU&sub5=dd1e23175e1aeb0400e8ed25cfec4f76&mcount=0&type=direct Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://far.statisticline.com/away/go.php?id=64785e55-66-45776433 HTTP 302
  • https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=561756
Request Chain 43
  • https://0.whiteforwardlines.com/?auf=myzdgzbwmi5diojygyxtqmbrgixtemrpge3doojqha2dinrz&s=1&sub1=&sub2=561756&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
  • https://eu.slowww.xyz/postback/click?key=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
acciondd.com/ 		222 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache / PHP/7.4.14
Resource Hash
aa514b4b79254b4b406de7a1dd3b0e4dcbec4f154b9409d5678b70cca52116a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
34660
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 20:22:10 GMT
link
<https://acciondd.com/wp-json/>; rel="https://api.w.org/", <https://acciondd.com/wp-json/wp/v2/pages/121>; rel="alternate"; type="application/json", <https://acciondd.com/>; rel=shortlink
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.4.14
main.js
way.specialblueitems.com/src/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://way.specialblueitems.com/src/main.js?v=4.0.4
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
0fbe83485f74f46dffd55c0015ea41574ba33498c4db5b08e5abb4f5f6e69942

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:21:05 GMT
Last-Modified
Sat, 11 Mar 2023 11:23:06 GMT
Server
nginx
ETag
"640c649a-73c"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1852
Expires
Mon, 27 Mar 2023 20:21:05 GMT
style.min.css
acciondd.com/wp-includes/css/dist/block-library/ 		93 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Fri, 17 Mar 2023 20:18:41 GMT
server
Apache
etag
"172a9-5f71e488dfa28-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
12518
classic-themes.min.css
acciondd.com/wp-includes/css/ 		217 B
265 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 16:45:16 GMT
server
Apache
etag
"d9-5ebdea1f4df00-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
189
style.css
acciondd.com/wp-content/plugins/td-composer/td-multi-purpose/ 		37 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:12:41 GMT
server
Apache
etag
"92ec-5e261f0b42460-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4816
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPaytone+One%3A500%2C700%2C400%7CMontserrat%3A600%2C500%2C700%2C800%2C400%7CLimelight%3A400&display=swap&ver=11.5.1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cce1fca68422d639eeb83cc7dd2f945a1bc6b5d838811b19aeb0ba3801cb5701
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 20:21:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 20:21:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 20:21:05 GMT
tds-front.css
acciondd.com/wp-content/plugins/td-subscription/assets/css/ 		36 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.3.1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
498f6cca2268ef161d6a0dc97bd182cbc1ccd935c626a7a228e02d2b9e1f46c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:23:12 GMT
server
Apache
etag
"913d-5e2621648d2e8-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6119
font-awesome.css
acciondd.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6ea45b81e47c58269b68289d05535e19x
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:12:39 GMT
server
Apache
etag
"ab38-5e261f08e0690-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7225
style.css
acciondd.com/wp-content/themes/Newspaper/ 		147 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
e0bfab163b0b139943e2adcc4c126125461d95899402d2729577668a46bcb2e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:12:33 GMT
server
Apache
etag
"24a56-5e261f036ce70-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
25032
td_legacy_main.css
acciondd.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 		159 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
a90f3071f749920d5c06cd9fbbd71919955e7d38736a8ef285b31a19b9e9ea85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:12:39 GMT
server
Apache
etag
"27b2d-5e261f08fac70-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
24226
td_standard_pack_main.css
acciondd.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 		715 KB
62 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=32b0396dacab6790bdbb765eba5d6338
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:18:00 GMT
server
Apache
etag
"b2ccc-5e26203baa020-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
62628
jquery.min.js
acciondd.com/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 17:16:24 GMT
server
Apache
etag
"15e54-5e90adf02ca00-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30995
jquery-migrate.min.js
acciondd.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:11 GMT
content-encoding
gzip
last-modified
Wed, 18 Nov 2020 12:06:06 GMT
server
Apache
etag
"2bd8-5b4606f9d6780-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4169
add-log-horizonral-fondo-negro-1.png
acciondd.com/wp-content/uploads/2022/06/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acciondd.com/wp-content/uploads/2022/06/add-log-horizonral-fondo-negro-1.png
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
6f3a10ea180130031029a872ddf01f4eefcd25e96c738298396bc0a76cf613ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
last-modified
Mon, 27 Jun 2022 04:55:54 GMT
server
Apache
accept-ranges
bytes
etag
"2797-5e266bc26f6c8"
content-length
10135
content-type
image/png
cropped-0.png
acciondd.com/wp-content/uploads/2021/05/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acciondd.com/wp-content/uploads/2021/05/cropped-0.png
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
ec7c31dd666e25e0db5eabd3e1f03f32bb80f122f6043ff36e684c9091fee778

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
last-modified
Mon, 09 Aug 2021 02:56:47 GMT
server
Apache
accept-ranges
bytes
etag
"684a-5c91789383c1a"
content-length
26698
content-type
image/png
underscore.min.js
acciondd.com/wp-includes/js/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-includes/js/underscore.min.js?ver=1.13.4
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
content-encoding
gzip
last-modified
Tue, 27 Sep 2022 18:18:26 GMT
server
Apache
etag
"4991-5e9acab970080-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7311
js_posts_autoload.min.js
acciondd.com/wp-content/plugins/td-cloud-library/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:12:47 GMT
server
Apache
etag
"14a0-5e261f10d2d58-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2011
tagdiv_theme.min.js
acciondd.com/wp-content/plugins/td-composer/legacy/Newspaper/js/ 		275 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
235be8bfdd19de9bbd0b0291b2b588b6c295093a33120f06d1e1b8803708c7fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:12:41 GMT
server
Apache
etag
"44c89-5e261f0ae4c48-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
comment-reply.min.js
acciondd.com/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 23:07:18 GMT
server
Apache
etag
"ba5-5dc2ca7f3d580-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1351
js_files_for_front.min.js
acciondd.com/wp-content/plugins/td-subscription/assets/js/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.3.1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
a642eab338616e43fdd2e6a746740d619f32dc42408265a6fc54044c5c424a60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:23:12 GMT
server
Apache
etag
"7859-5e2621648e288-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
8041
js_files_for_front.min.js
acciondd.com/wp-content/plugins/td-cloud-library/assets/js/ 		41 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
cda5f084c2c6f858fafe20b03ed46c19082233f70cb20282f1090ac1a2415719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
content-encoding
gzip
last-modified
Sun, 26 Jun 2022 23:12:47 GMT
server
Apache
etag
"a461-5e261f10d2970-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
9436
Y1hjNr
stats.statisticline.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.statisticline.com/Y1hjNr?&se_referrer=&default_keyword=&&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
Requested by
Host: way.specialblueitems.com
URL: https://way.specialblueitems.com/src/main.js?v=4.0.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 20:21:06 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
851
Expires
0
wp-emoji-release.min.js
acciondd.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 08:56:24 GMT
server
Apache
etag
"48b9-5dc713c431e00-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5009
get.js
get.sortyellowapples.com/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.sortyellowapples.com/scripts/get.js
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
0fbe83485f74f46dffd55c0015ea41574ba33498c4db5b08e5abb4f5f6e69942

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:21:06 GMT
Last-Modified
Sat, 11 Mar 2023 11:17:05 GMT
Server
nginx
ETag
"640c6331-73c"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1852
Expires
Mon, 27 Mar 2023 20:21:06 GMT
65.jpg
acciondd.com/wp-content/uploads/2022/06/ 		212 KB
214 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acciondd.com/wp-content/uploads/2022/06/65.jpg
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
3e1620c2ee33d61b3ff7899d223df29f4fe5396cec122365f16f773757356491

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
last-modified
Sun, 26 Jun 2022 23:23:20 GMT
server
Apache
accept-ranges
bytes
etag
"35033-5e26216c175b8"
content-length
217139
content-type
image/jpeg
xxx_td-footer-bg_xxx.png
acciondd.com/wp-content/uploads/2022/06/ 		962 KB
965 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acciondd.com/wp-content/uploads/2022/06/xxx_td-footer-bg_xxx.png
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
last-modified
Sun, 26 Jun 2022 23:23:47 GMT
server
Apache
accept-ranges
bytes
etag
"f07c6-5e262185d9d70"
content-length
985030
content-type
image/png
newspaper.woff
acciondd.com/wp-content/themes/Newspaper/images/icons/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by
Host: acciondd.com
URL: https://acciondd.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Request headers

Referer
https://acciondd.com/wp-content/themes/Newspaper/style.css?ver=11.5.1
Origin
https://acciondd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
last-modified
Sun, 26 Jun 2022 23:12:33 GMT
server
Apache
accept-ranges
bytes
etag
"703c-5e261f0343a48"
content-length
28732
content-type
application/x-font-woff
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPaytone+One%3A500%2C700%2C400%7CMontserrat%3A600%2C500%2C700%2C800%2C400%7CLimelight%3A400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://acciondd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 13:48:40 GMT
x-content-type-options
nosniff
age
23546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Mar 2024 13:48:40 GMT
0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2
fonts.gstatic.com/s/paytoneone/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/paytoneone/v18/0nksC9P7MfYHj2oFtYm2ChTtgPs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPaytone+One%3A500%2C700%2C400%7CMontserrat%3A600%2C500%2C700%2C800%2C400%7CLimelight%3A400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c2e574095d0c6b8168c39204503cece88e2755b0b0fed8c84c293e0ea5b5694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://acciondd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 11 Mar 2023 19:53:34 GMT
x-content-type-options
nosniff
age
520052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20384
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:58:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Mar 2024 19:53:34 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPaytone+One%3A500%2C700%2C400%7CMontserrat%3A600%2C500%2C700%2C800%2C400%7CLimelight%3A400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://acciondd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:05:33 GMT
x-content-type-options
nosniff
age
141333
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 05:05:33 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPaytone+One%3A500%2C700%2C400%7CMontserrat%3A600%2C500%2C700%2C800%2C400%7CLimelight%3A400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://acciondd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 16 Mar 2023 05:21:08 GMT
x-content-type-options
nosniff
age
140398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Mar 2024 05:21:08 GMT
fontawesome-webfont.woff2
acciondd.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://acciondd.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: acciondd.com
URL: https://acciondd.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6ea45b81e47c58269b68289d05535e19x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.97.43.119 Rosario, Argentina, ASN27823 (Dattatec.com, AR),
Reverse DNS
vps-1927153-x.dattaweb.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://acciondd.com/wp-content/plugins/td-composer/assets/fonts/font-awesome/font-awesome.css?ver=6ea45b81e47c58269b68289d05535e19x
Origin
https://acciondd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:22:12 GMT
last-modified
Sun, 26 Jun 2022 23:12:39 GMT
server
Apache
accept-ranges
bytes
etag
"12d68-5e261f08e0e60"
content-length
77160
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPaytone+One%3A500%2C700%2C400%7CMontserrat%3A600%2C500%2C700%2C800%2C400%7CLimelight%3A400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://acciondd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 10 Mar 2023 21:07:17 GMT
x-content-type-options
nosniff
age
602029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Mar 2024 21:07:17 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CPaytone+One%3A500%2C700%2C400%7CMontserrat%3A600%2C500%2C700%2C800%2C400%7CLimelight%3A400&display=swap&ver=11.5.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://acciondd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 09:37:51 GMT
x-content-type-options
nosniff
age
38595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Mar 2024 09:37:51 GMT
Y1hjNr
stats.statisticline.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.statisticline.com/Y1hjNr?&se_referrer=&default_keyword=ADD%20-%20Acci%C3%B3n%20Din%C3%A1mica%20Digital%20S.A&&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
Requested by
Host: get.sortyellowapples.com
URL: https://get.sortyellowapples.com/scripts/get.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Mar 2023 20:21:07 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
851
Expires
0
swaynew.js
cdn.statisticline.com/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.statisticline.com/scripts/swaynew.js
Requested by
Host: stats.statisticline.com
URL: https://stats.statisticline.com/Y1hjNr?&se_referrer=&default_keyword=&&_cid=d4781ca6-febb-b55e-c21a-3eadeb9b0105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.9.148.165 Amsterdam, Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acciondd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 20:21:07 GMT
strict-transport-security
max-age=15768000;
content-encoding
gzip
last-modified
Fri, 17 Mar 2023 16:25:37 GMT
server
nginx
etag
W/"64149481-101c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
go.php
far.statisticline.com/away/ 		0
0
go.php
come.sortyellowapples.com/away/
Redirect Chain
  • https://far.statisticline.com/away/go.php?id=64785e55-66-45776433
  • https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=561756
849 B
669 B 		Document
General
Check archive.org
Download Go to
Full URL
https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=561756
Requested by
Host: cdn.statisticline.com
URL: https://cdn.statisticline.com/scripts/swaynew.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Referer
https://acciondd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Mar 2023 20:21:08 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Mar 2023 20:21:08 GMT
Location
https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=561756
Server
nginx
Transfer-Encoding
chunked
/
whiteforwardlines.com/ 		0
0
/
whiteforwardlines.com/ 		0
0
/
whiteforwardlines.com/ 		0
0
/
whiteforwardlines.com/ 		18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=561756
Requested by
Host: come.sortyellowapples.com
URL: https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=561756
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.192.77 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
1b8ef4f5abb0b3fee62d626a39be88ca3f88a756c4406b07aa809b87772f4fb5
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://come.sortyellowapples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 20:21:09 GMT
server
nginx
strict-transport-security
max-age=31536000
/
0.whiteforwardlines.com/ 		18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0.whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=561756
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.192.77 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
f3cc1ec70d6620ead6ab77599fbf8b8a32333617e891493a53ff042fb9dbf539
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://whiteforwardlines.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 20:21:09 GMT
server
nginx
strict-transport-security
max-age=31536000
click
eu.slowww.xyz/postback/
Redirect Chain
  • https://0.whiteforwardlines.com/?auf=myzdgzbwmi5diojygyxtqmbrgixtemrpge3doojqha2dinrz&s=1&sub1=&sub2=561756&sub3=&sub4=&cpc=0&cpm=0
  • https://eu.slowww.xyz/postback/click?key=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eu.slowww.xyz/postback/click?key=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe
Requested by
Host: acciondd.com
URL: https://acciondd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2001:978:2:1a::30:134 , France, ASN174 (COGENT-174, US),
Reverse DNS
Software
openresty/1.15.8.3 /
Resource Hash

Request headers

Referer
https://0.whiteforwardlines.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
2089
content-type
text/html;charset=UTF-8
date
Fri, 17 Mar 2023 20:21:09 GMT
server
openresty/1.15.8.3

Redirect headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 20:21:09 GMT
location
https://eu.slowww.xyz/postback/click?key=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe
server
nginx
strict-transport-security
max-age=31536000
Primary Request click.php
watchvideo.pro/
Redirect Chain
  • https://eu.slowww.xyz/postback/click?key=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe&token=8c0428d903c2a26de8cbf871d3159dbf&timezone=0&iframe_test=false&webdriver_test=false
  • https://watchvideo.pro/click.php?key=gp3unhy34pi93is2vpxz&click_id=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe&price=0.0023&sub1=487d99f0223b81f7c0af5d8376c1d7fe&sub2=8914&...
13 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://watchvideo.pro/click.php?key=gp3unhy34pi93is2vpxz&click_id=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe&price=0.0023&sub1=487d99f0223b81f7c0af5d8376c1d7fe&sub2=8914&sub3=0.0023&sub4=DEU&sub5=dd1e23175e1aeb0400e8ed25cfec4f76&mcount=0&type=direct
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.132.6.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
178-132-6-250.hosted-by-worldstream.net
Software
nginx/1.20.2 /
Resource Hash
0f28986362fbdc371fa5395f3a388e2818878d4b6efd9344a319b5ab0fce509c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://eu.slowww.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Mar 2023 20:21:10 GMT
Server
nginx/1.20.2
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked

Redirect headers

content-length
0
date
Fri, 17 Mar 2023 20:21:09 GMT
location
https://watchvideo.pro/click.php?key=gp3unhy34pi93is2vpxz&click_id=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe&price=0.0023&sub1=487d99f0223b81f7c0af5d8376c1d7fe&sub2=8914&sub3=0.0023&sub4=DEU&sub5=dd1e23175e1aeb0400e8ed25cfec4f76&mcount=0&type=direct
server
openresty/1.15.8.3
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6aec7ffafe5f95cac8294e762c850a65219b74953237cbf1cb0939f7d551e91

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
bg.gif
watchvideo.pro/sk_pre/9/img/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://watchvideo.pro/sk_pre/9/img/bg.gif
Requested by
Host: watchvideo.pro
URL: https://watchvideo.pro/click.php?key=gp3unhy34pi93is2vpxz&click_id=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe&price=0.0023&sub1=487d99f0223b81f7c0af5d8376c1d7fe&sub2=8914&sub3=0.0023&sub4=DEU&sub5=dd1e23175e1aeb0400e8ed25cfec4f76&mcount=0&type=direct
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.132.6.250 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
178-132-6-250.hosted-by-worldstream.net
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://watchvideo.pro/click.php?key=gp3unhy34pi93is2vpxz&click_id=v2-1679084469674-4-8914-1138639-5d6f5d4a-6928-c337-b68b-7eaa02fdaffe&price=0.0023&sub1=487d99f0223b81f7c0af5d8376c1d7fe&sub2=8914&sub3=0.0023&sub4=DEU&sub5=dd1e23175e1aeb0400e8ed25cfec4f76&mcount=0&type=direct
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 20:21:10 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Server
nginx/1.20.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
far.statisticline.com
URL
https://far.statisticline.com/away/go.php?id=64785e55-66-45776433
Domain
whiteforwardlines.com
URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=561756
Domain
whiteforwardlines.com
URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=561756
Domain
whiteforwardlines.com
URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=561756

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

8 Cookies

Domain/Path Name / Value
eu.slowww.xyz/postback Name: platform_user_id
Value: desktop:a5f3565e24c31e1f2f2f7740df00179f
eu.slowww.xyz/postback Name: platform_user_id_3rd_party
Value: desktop:a5f3565e24c31e1f2f2f7740df00179f
acciondd.com/ Name: wp-simple-duser
Value: 1
.whiteforwardlines.com/ Name: uuid
Value: 2c30c8dd-e0fb-4edc-b274-77e3cdb80bd8
.0.whiteforwardlines.com/ Name: uuid
Value: 2c30c8dd-e0fb-4edc-b274-77e3cdb80bd8
0.whiteforwardlines.com/ Name: uuid
Value: 2c30c8dd-e0fb-4edc-b274-77e3cdb80bd8
watchvideo.pro/ Name: uclick
Value: 17hedusy6o
watchvideo.pro/ Name: uclickhash
Value: 17hedusy6o-17hedux90-ho-qd0-4k8n-bgbl-bg8n-3da13a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.whiteforwardlines.com
acciondd.com
cdn.statisticline.com
come.sortyellowapples.com
eu.slowww.xyz
far.statisticline.com
fonts.googleapis.com
fonts.gstatic.com
get.sortyellowapples.com
stats.statisticline.com
watchvideo.pro
way.specialblueitems.com
whiteforwardlines.com
far.statisticline.com
whiteforwardlines.com
134.209.192.77
162.55.76.206
178.132.6.250
2001:978:2:1a::30:134
2a00:1450:4001:813::2003
2a00:1450:4001:813::200a
45.9.148.165
66.97.43.119
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0f28986362fbdc371fa5395f3a388e2818878d4b6efd9344a319b5ab0fce509c
0fbe83485f74f46dffd55c0015ea41574ba33498c4db5b08e5abb4f5f6e69942
1b8ef4f5abb0b3fee62d626a39be88ca3f88a756c4406b07aa809b87772f4fb5
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
235be8bfdd19de9bbd0b0291b2b588b6c295093a33120f06d1e1b8803708c7fb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3e1620c2ee33d61b3ff7899d223df29f4fe5396cec122365f16f773757356491
3ed2e42d3ce5e24dcb11cddde4126e4f07c3afc590f708ad2cfbf7669002f92e
498f6cca2268ef161d6a0dc97bd182cbc1ccd935c626a7a228e02d2b9e1f46c0
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
6f3a10ea180130031029a872ddf01f4eefcd25e96c738298396bc0a76cf613ca
726b820e44f6ab90ad991d30a4bf26d3a5d71493cbcd1fb1efd0d14e89b9df2a
7a89d23287ae3c749a356c76da7ef88c34d0ed018c049701b05304c3f6601ab7
7c2e574095d0c6b8168c39204503cece88e2755b0b0fed8c84c293e0ea5b5694
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
a642eab338616e43fdd2e6a746740d619f32dc42408265a6fc54044c5c424a60
a90f3071f749920d5c06cd9fbbd71919955e7d38736a8ef285b31a19b9e9ea85
aa514b4b79254b4b406de7a1dd3b0e4dcbec4f154b9409d5678b70cca52116a4
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af49f53268c08752ca4c11e7f467dbb93d1c3a192a123c837e278869754f94f7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b6aec7ffafe5f95cac8294e762c850a65219b74953237cbf1cb0939f7d551e91
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cce1fca68422d639eeb83cc7dd2f945a1bc6b5d838811b19aeb0ba3801cb5701
cda5f084c2c6f858fafe20b03ed46c19082233f70cb20282f1090ac1a2415719
e0bfab163b0b139943e2adcc4c126125461d95899402d2729577668a46bcb2e5
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7c31dd666e25e0db5eabd3e1f03f32bb80f122f6043ff36e684c9091fee778
eee5d4b33b49d21af643b7c5827d5d9aa8dd4bc75d7b72ec761c9927bec2993e
f3cc1ec70d6620ead6ab77599fbf8b8a32333617e891493a53ff042fb9dbf539
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615