ebesucher-klicker.de Open in urlscan Pro
144.126.134.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ebesucher-klicker.de/
Submission: On October 05 via manual (October 5th 2023, 1:52:14 pm UTC) from DE — Scanned from DE

Summary HTTP 123 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 37 domains to perform 123 HTTP transactions. The main IP is 144.126.134.105, located in St Louis, United States and belongs to NL-811-40021, US. The main domain is ebesucher-klicker.de. The Cisco Umbrella rank of the primary domain is 873756.
TLS certificate: Issued by R3 on August 18th 2023. Valid for: 3 months.

This is the only time ebesucher-klicker.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	144.126.134.105 144.126.134.105	40021 (NL-811-40021) (NL-811-40021)
6	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:6800:3:a... 2a00:6800:3:a0b::2	42730 (EVANZOAS) (EVANZOAS)
1	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	213.239.205.245 213.239.205.245	24940 (HETZNER-AS) (HETZNER-AS)
7	162.0.208.108 162.0.208.108	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2606:4700:303... 2606:4700:3032::ac43:ab44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3032::6815:47b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e0:... 2606:4700:e0::ac40:640f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::6815:53c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	162.19.58.156 162.19.58.156	16276 (OVH) (OVH)
7	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	170.249.194.154 170.249.194.154	63410 (PRIVATESY...) (PRIVATESYSTEMS)
2	2606:4700:303... 2606:4700:3030::ac43:8265	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3036::ac43:b751	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::2009	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
16	2a0d:da00:a:4... 2a0d:da00:a:401c::	205072 (LAYERSHIFT) (LAYERSHIFT)
1	104.22.7.169 104.22.7.169	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:c790	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a0d:da00:a:4... 2a0d:da00:a:4018::	205072 (LAYERSHIFT) (LAYERSHIFT)
2	68.65.121.78 68.65.121.78	22612 (NAMECHEAP...) (NAMECHEAP-NET)
123	30

7 144.126.134.105 (St Louis, United States)

ASN40021 (NL-811-40021, US)

ebesucher-klicker.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
netzwerk-ad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:6800:3:a0b::2 (Germany)

ASN42730 (EVANZOAS, DE)

media.hubuhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adnade.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::9 (United States)

ASN13335 (CLOUDFLARENET, US)

bitspush.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 213.239.205.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.239.205.245.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acceptable.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.0.208.108 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: nc-ph-2974.zerads.com

zerads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
traffic2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hash512.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simbabtc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:ab44 (United States)

ASN13335 (CLOUDFLARENET, US)

free-btc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::6815:47b2 (United States)

ASN13335 (CLOUDFLARENET, US)

adsluffa.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bestcrypto4earning.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e0::ac40:640f (United States)

ASN13335 (CLOUDFLARENET, US)

video.onetouch8.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:53c3 (United States)

ASN13335 (CLOUDFLARENET, US)

house-of-btc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.58.156 (France)

ASN16276 (OVH, FR)
PTR: ns3096358.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cryptocoinsad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zcash.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.249.194.154 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.1245inc.com

my-banner-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:8265 (United States)

ASN13335 (CLOUDFLARENET, US)

gobits.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:b751 (United States)

ASN13335 (CLOUDFLARENET, US)

1dogecoin.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a0d:da00:a:401c:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

appsha-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.7.169 (None, )

ASN13335 (CLOUDFLARENET, US)

static1.freebitco.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:c790 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adsfcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a0d:da00:a:4018:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

apps-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.65.121.78 (New Kensington, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server1.autotradelot.com

donaldco.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
digimonbtc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ctengine.io appsha-pnd.ctengine.io — Cisco Umbrella Rank: 231409 apps-pnd.ctengine.io — Cisco Umbrella Rank: 270671	41 KB
17	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 35458 static.a-ads.com — Cisco Umbrella Rank: 46836 acceptable.a-ads.com — Cisco Umbrella Rank: 160266	5 MB
7	blogger.com www.blogger.com — Cisco Umbrella Rank: 9861	173 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	187 KB
6	ebesucher-klicker.de ebesucher-klicker.de — Cisco Umbrella Rank: 873756	108 KB
5	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 18875	2 KB
5	cryptocoinsad.com cryptocoinsad.com — Cisco Umbrella Rank: 286196	358 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 125	148 KB
4	onetouch8.info video.onetouch8.info — Cisco Umbrella Rank: 92307	15 KB
4	adsluffa.online adsluffa.online — Cisco Umbrella Rank: 985288	38 KB
3	zerads.com zerads.com — Cisco Umbrella Rank: 634938	2 KB
2	gstatic.com csi.gstatic.com	288 B
2	zcash.one www.zcash.one	974 B
2	1dogecoin.work 1dogecoin.work	996 B
2	gobits.me gobits.me
2	traffic2bitcoin.com traffic2bitcoin.com — Cisco Umbrella Rank: 668528	2 KB
2	ibb.co i.ibb.co — Cisco Umbrella Rank: 10991	2 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	14 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	147 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 498	356 KB
2	blogspot.com bestcrypto4earning.blogspot.com	12 KB
2	free-btc.org free-btc.org — Cisco Umbrella Rank: 555172	34 KB
2	adnade.net adnade.net — Cisco Umbrella Rank: 378991	10 KB
1	digimonbtc.com digimonbtc.com	535 B
1	donaldco.in donaldco.in	547 B
1	simbabtc.com simbabtc.com	518 B
1	hash512.com hash512.com	489 B
1	adsfcdn.com cdn.adsfcdn.com — Cisco Umbrella Rank: 425659	2 KB
1	freebitco.in static1.freebitco.in — Cisco Umbrella Rank: 116746	43 KB
1	my-banner-ads.com my-banner-ads.com — Cisco Umbrella Rank: 721862	286 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	17 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
1	house-of-btc.com house-of-btc.com	115 KB
1	bitspush.io bitspush.io — Cisco Umbrella Rank: 519366	11 KB
1	netzwerk-ad.de netzwerk-ad.de	2 KB
1	hubuhost.com media.hubuhost.com — Cisco Umbrella Rank: 928002	2 KB
0	libertad-ads.de Failed libertad-ads.de Failed
123	37

	Domain	Requested by
16	appsha-pnd.ctengine.io	www.zcash.one 1dogecoin.work appsha-pnd.ctengine.io
8	apps-pnd.ctengine.io	appsha-pnd.ctengine.io
8	static.a-ads.com	ad.a-ads.com acceptable.a-ads.com
7	www.blogger.com	bestcrypto4earning.blogspot.com www.blogger.com apis.google.com
6	cdn.jsdelivr.net	ebesucher-klicker.de cdn.jsdelivr.net
6	ebesucher-klicker.de	ebesucher-klicker.de
5	acceptable.a-ads.com	hash512.com simbabtc.com digimonbtc.com donaldco.in
5	resources.blogblog.com	bestcrypto4earning.blogspot.com www.blogger.com
5	cryptocoinsad.com	zerads.com traffic2bitcoin.com
4	apis.google.com	bestcrypto4earning.blogspot.com apis.google.com www.blogger.com
4	video.onetouch8.info	free-btc.org imasdk.googleapis.com
4	adsluffa.online	netzwerk-ad.de adsluffa.online
4	ad.a-ads.com	netzwerk-ad.de adsluffa.online bestcrypto4earning.blogspot.com traffic2bitcoin.com
3	zerads.com	netzwerk-ad.de
2	csi.gstatic.com	imasdk.googleapis.com
2	www.zcash.one	adsluffa.online
2	1dogecoin.work	adsluffa.online
2	gobits.me	adsluffa.online
2	traffic2bitcoin.com	zerads.com traffic2bitcoin.com
2	i.ibb.co	zerads.com
2	pagead2.googlesyndication.com	imasdk.googleapis.com bestcrypto4earning.blogspot.com
2	www.googletagmanager.com	adsluffa.online www.googletagmanager.com
2	imasdk.googleapis.com	video.onetouch8.info imasdk.googleapis.com
2	bestcrypto4earning.blogspot.com	netzwerk-ad.de bestcrypto4earning.blogspot.com
2	free-btc.org	netzwerk-ad.de free-btc.org
2	adnade.net	netzwerk-ad.de
1	digimonbtc.com	traffic2bitcoin.com
1	donaldco.in	traffic2bitcoin.com
1	simbabtc.com	traffic2bitcoin.com
1	hash512.com	traffic2bitcoin.com
1	cdn.adsfcdn.com	traffic2bitcoin.com
1	static1.freebitco.in	traffic2bitcoin.com
1	my-banner-ads.com	zerads.com
1	s0.2mdn.net	imasdk.googleapis.com
1	www.google-analytics.com	adsluffa.online
1	house-of-btc.com	free-btc.org
1	bitspush.io	netzwerk-ad.de
1	netzwerk-ad.de	ebesucher-klicker.de
1	media.hubuhost.com	ebesucher-klicker.de
0	libertad-ads.de Failed	bestcrypto4earning.blogspot.com
123	40

This site contains links to these domains. Also see Links.

Domain
t.me

Subject Issuer	Validity	Valid
ebesucher-klicker.de R3	`2023-08-18` - `2023-11-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
media.hubuhost.com R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
netzwerk-ad.de R3	`2023-08-20` - `2023-11-18`	3 months	crt.sh
adnade.net R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
bitspush.io GTS CA 1P5	`2023-08-16` - `2023-11-14`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh
zerads.com cPanel, Inc. Certification Authority	`2023-09-17` - `2023-12-16`	3 months	crt.sh
free-btc.org GTS CA 1P5	`2023-08-08` - `2023-11-06`	3 months	crt.sh
adsluffa.online GTS CA 1P5	`2023-08-17` - `2023-11-15`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
onetouch8.info E1	`2023-09-28` - `2023-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
ibb.co R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
cryptocoinsad.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.traffic2bitcoin.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
my-banner-ads.com R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
1dogecoin.work GTS CA 1P5	`2023-09-24` - `2023-12-23`	3 months	crt.sh
zcash.one GTS CA 1P5	`2023-09-11` - `2023-12-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.ctengine.io Gandi Standard SSL CA 2	`2023-01-13` - `2024-01-13`	a year	crt.sh
freebitco.in Cloudflare Inc ECC CA-3	`2023-06-05` - `2024-06-04`	a year	crt.sh
adsfcdn.com GTS CA 1P5	`2023-09-01` - `2023-11-30`	3 months	crt.sh
hash512.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.simbabtc.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
donaldco.in cPanel, Inc. Certification Authority	`2023-09-18` - `2023-12-17`	3 months	crt.sh
digimonbtc.com cPanel, Inc. Certification Authority	`2023-08-01` - `2023-10-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 35 frames:

Primary Page: https://ebesucher-klicker.de/
Frame ID: 4831D997AE3881D4545C2A0C5108C605
Requests: 13 HTTP requests in this frame

Frame: https://netzwerk-ad.de/webbi_traffic.php
Frame ID: 0BA0DB44ABD19BEE1E08C50FB8318BF2
Requests: 4 HTTP requests in this frame

Frame: https://ad.a-ads.com/1551779?size=468x60
Frame ID: F33AD1DDD1AFDD91AFD1F02F2CC9D9FB
Requests: 2 HTTP requests in this frame

Frame: https://zerads.com/ad/ad.php?width=300&ref=3082
Frame ID: D943662DFDA07333EFCF22F92A4185C7
Requests: 3 HTTP requests in this frame

Frame: https://zerads.com/ad/ad.php?width=468&ref=3082
Frame ID: 62E73459661AB33E2F142A4D40944C88
Requests: 3 HTTP requests in this frame

Frame: https://free-btc.org/banner/u=frechdax/size=468x60
Frame ID: 077229F17E649E0B5205AAD183A432E8
Requests: 6 HTTP requests in this frame

Frame: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Frame ID: 8017E558A7E4AE61CD1A5B53A1422393
Requests: 5 HTTP requests in this frame

Frame: https://bestcrypto4earning.blogspot.com/
Frame ID: 8198A793FDC1C0CE3774AB12DC332E51
Requests: 15 HTTP requests in this frame

Frame: https://zerads.com/ad/ad.php?width=728&ref=3082
Frame ID: 1CB61B82095F34255416AB6C124C0E7A
Requests: 2 HTTP requests in this frame

Frame: https://adsluffa.online/ads.php
Frame ID: 2EE35568E944E3CDE1E639320F036652
Requests: 1 HTTP requests in this frame

Frame: https://adsluffa.online/allads.php
Frame ID: 4FDF5C0C302675427D18981E72386C3A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Frame ID: 0A3A83A61D7C775C3D810A1DE15B57B7
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5CD1A6E387DB51C6A97D5E30DA4396F4
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/2253261?size=728x90
Frame ID: 5BADFAA6266D2B7642B821625B9EEED0
Requests: 3 HTTP requests in this frame

Frame: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1
Frame ID: 5B4764043C036D29B3EE8560ECC18B75
Requests: 5 HTTP requests in this frame

Frame: https://my-banner-ads.com/banimg.php?uid=1146&size=1
Frame ID: 243C308B11F9BDF2E5987FDBE6C54360
Requests: 1 HTTP requests in this frame

Frame: https://gobits.me/cointraffic.io.php
Frame ID: A1C3DFBDD64D4836470E1D041E8F8FC6
Requests: 1 HTTP requests in this frame

Frame: https://1dogecoin.work/cointraffic.io.php
Frame ID: 9F269AC728D5992BCCB9AD880218E35E
Requests: 6 HTTP requests in this frame

Frame: https://www.zcash.one/cointraffic.io.php
Frame ID: 1AEB4B52068AC3521E6E1C4844DB62C7
Requests: 6 HTTP requests in this frame

Frame: https://gobits.me/cointraffic.io.php
Frame ID: 2E5859761929B774F0F6C7E426C21B2E
Requests: 1 HTTP requests in this frame

Frame: https://1dogecoin.work/cointraffic.io.php
Frame ID: 0BB5A9C7C1E01ACC9498C9C72B09C4C1
Requests: 6 HTTP requests in this frame

Frame: https://www.zcash.one/cointraffic.io.php
Frame ID: BC3C34028DF35E180D6C47B869FDC151
Requests: 6 HTTP requests in this frame

Frame: https://ad.a-ads.com/2186928?size=468x60
Frame ID: 9CBECCE75F767A1A6FE76E0FD575B37F
Requests: 3 HTTP requests in this frame

Frame: https://traffic2bitcoin.com/qlt.php?ref=zerads&keycode=3227&type=&sitetype=1
Frame ID: 00BDE49483B3C44A9ACEC0C48EA25E0A
Requests: 1 HTTP requests in this frame

Frame: https://hash512.com/templates/ads.php
Frame ID: 1B1282F66A0CD79894BF4B7FB582E21D
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=7787420603375400551&blogName=BestCryptoEarning&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://bestcrypto4earning.blogspot.com/search&blogLocale=de&v=2&homepageUrl=https://bestcrypto4earning.blogspot.com/&vt=3853649479754722906&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__
Frame ID: 6C71D6D331DF849278BCE6A50B7CFB80
Requests: 5 HTTP requests in this frame

Frame: https://simbabtc.com/templates/ads.php
Frame ID: 3A8C160F831E6EE035EEDE124AE3BCDF
Requests: 1 HTTP requests in this frame

Frame: https://donaldco.in/templates/ad.php
Frame ID: 9D019F8BD12A2D119A56F274203BDB5C
Requests: 1 HTTP requests in this frame

Frame: https://digimonbtc.com/templates/aads.php
Frame ID: 52BB57A7652727C22371790A6A3E62FD
Requests: 1 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1705833?size=728x90
Frame ID: 9181B8D5D0A86C686EA76EF5CAF052CA
Requests: 2 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1690893?size=728x90
Frame ID: 9E969821BA28595E84F95D99DA12B5EE
Requests: 2 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1690896?size=468x60
Frame ID: 465567367EB1D97BBDFD72A365AB5DD4
Requests: 2 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1141394?size=728x90
Frame ID: A42AAA28AB2BA905616E86DB85BF315F
Requests: 2 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1690418?size=468x60
Frame ID: C2F3FC57CDF3873EA592A7EF2411AB73
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/741663?size=300x250
Frame ID: A78285AD28B5E835D5EBA200C3CC603C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ebesucher-klicker Claim Faucet

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

123
Requests

99 %
HTTPS

76 %
IPv6

37
Domains

40
Subdomains

30
IPs

5
Countries

6514 kB
Transfer

8652 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/foursedev
Title: Made With Love by 4SE DEV

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

123 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ebesucher-klicker.de/ 26 KB
9 KB 830ms
128ms Document
text/html 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

nginx /

Resource Hash

4f1068edc99916546acb5d121fd05577874fc7455973c96050f94d68b61568ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/ 156 KB
25 KB 73ms
27ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/bootstrap.min.css

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19459111
x-jsd-version: 4.4.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230099-FRA, cache-yyz4563-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"26f1b-0wURD7eRE6lhOUtDPYUaNBA0K4w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWUirqsD6nh9qPurFj%2BxVlxGNpSbfAhMEwi%2FaICi2u1dh4uETXEu6WVuJUaT%2BTjEdLhKcccKifypPtNONqwoeCtPDu12fZRIWy%2B4adMbD6Qb%2FBA3YTbaTFNGMyw6qXWydnbSQOg8%2FoehTQztUtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 811624b768166961-FRA

GET
H2 200 all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/ 58 KB
13 KB 69ms
23ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33200
x-jsd-version: 5.15.4
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230089-FRA, cache-yyz4525-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P38Uoola6M%2BkqdRA1LvRCoHx0Y8COSSB0rXxPixfBVZIJZgJmeUtvJMCj%2BTqSQ5l%2FPctdSVGI6fs6fn9jws95pJQIXWtoAOKJmR39f8uT0PmiSPpJOLVtmEHntwzuQP9VJqF8us8aIaSe8ZQNek%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 811624b768176961-FRA

GET
H2 200 v4-shims.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/ 26 KB
5 KB 65ms
20ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/v4-shims.min.css

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26402
x-jsd-version: 5.15.4
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230094-FRA, cache-yyz4578-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"684e-8hfU3tC8n3hr2bocCc6Irtuu124"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSEXDQlPvX9zwlqHdO98PFjidHUk1EOGuH2%2Fbs8IG9E%2Fcxcz4vAd%2BehagdB7G7nfbSjgUNIjmdIrycnjx1LcI%2BULNedt5kSIHO1q72dujV5JFotA37CGqvzX1gC4Am2DH8KvCRyPZ7s7kyevHAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 811624b768186961-FRA

GET
H2 200 theme.css
ebesucher-klicker.de/template/default/static/ 23 KB
6 KB 116ms
115ms Stylesheet
text/css 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://ebesucher-klicker.de/template/default/static/theme.css?v=2.1.6

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

nginx /

Resource Hash

68dbe5c296ae30d165dcdd69f09cb983b7f915cb08aa3753bbb685a2b869047b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:08 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Sun, 01 Oct 2023 17:14:07 GMT
server: nginx
etag: W/"6519a8df-5d7d"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/combine/npm/jquery@3.4.1,npm/popper.js@1.16.0,npm/bootstrap@4.4.1/dist/js/ 166 KB
54 KB 74ms
29ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/combine/npm/jquery@3.4.1,npm/popper.js@1.16.0,npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35e0589c4787a8852d5a6b21fc4e9c0363ddcd552c9a1d6073b39f7824cd9c84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19458969
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230107-FRA, cache-yyz4554-YYZ
server: cloudflare
etag: W/"2971a-YGlrr8A15LKZGhqHsrOuMrpy/xc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FAfwuqH9rwSJzOn%2FkAT9KfU2uBZ9HAAM1NoLz7SGR%2BsYbxIoFEQoHVhm%2F6UpzZaWBKFJuUhZLbHWHExXxPFNqFbEU7vnuV2dBmkBbvNfB2yBSzUCD2WS%2FrjV76DjAKUp%2BHrbAARG1waVKSrJZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 811624b7681a6961-FRA

GET
H2 200 countdown-timer.min.js Show response
ebesucher-klicker.de/static/js/ 5 KB
3 KB 116ms
115ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://ebesucher-klicker.de/static/js/countdown-timer.min.js

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

nginx /

Resource Hash

2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:08 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Sun, 01 Oct 2023 17:13:25 GMT
server: nginx
etag: W/"6519a8b5-14db"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
ebesucher-klicker.de/static/img/ 11 KB
12 KB 115ms
115ms Image
image/png 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ebesucher-klicker.de/static/img/logo.png

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

nginx /

Resource Hash

37a15a0d02dc56bef5e9d4678017aaea3f8bfb941a36dd127993ad76c314c1d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sun, 01 Oct 2023 18:10:59 GMT
server: nginx
etag: "6519b633-2da0"
content-type: image/png
accept-ranges: bytes
content-length: 11680
x-xss-protection: 1; mode=block

GET
H2 200 intro.png
ebesucher-klicker.de/static/img/ 54 KB
55 KB 229ms
228ms Image
image/png 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ebesucher-klicker.de/static/img/intro.png

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

nginx /

Resource Hash

548b7c77437489bfdf13c760bb7788f2149d967bf128370e1f81f75d8132b1ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sun, 01 Oct 2023 17:49:21 GMT
server: nginx
etag: "6519b121-d97a"
content-type: image/png
accept-ranges: bytes
content-length: 55674
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
media.hubuhost.com/ 8 KB
2 KB 112ms
31ms Script
text/html 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://media.hubuhost.com/?key=17A178

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

26ed6f88ea2f1a0d30cf83650370ee61c292682079b4cfb53236bd9d1576ff76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: deny
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 webbi_traffic.php Show response
netzwerk-ad.de/ Frame 0BA0 4 KB
2 KB 381ms
118ms Document
text/html 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/webbi_traffic.php

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

nginx /

Resource Hash

316f53b0f5aa9fb1fb910eb812b1eef8fd7ad88a00b16b7a72bd795aebb97e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ebesucher-klicker.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:09 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 background.jpg
ebesucher-klicker.de/template/default/static/images/ 24 KB
24 KB 335ms
335ms Image
image/jpeg 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ebesucher-klicker.de/template/default/static/images/background.jpg

Requested by

Host: ebesucher-klicker.de
URL: https://ebesucher-klicker.de/template/default/static/theme.css?v=2.1.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

Software

nginx /

Resource Hash

92546e4d768c9c235fedf39b1ab9f1752cb8bd42a78a569f4c421b0874896c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ebesucher-klicker.de/template/default/static/theme.css?v=2.1.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Sun, 01 Oct 2023 17:14:08 GMT
server: nginx
etag: "6519a8e0-600a"
content-type: image/jpeg
accept-ranges: bytes
content-length: 24586
x-xss-protection: 1; mode=block

GET
H3 200 fa-solid-900.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 76 KB
77 KB 54ms
36ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-solid-900.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin: https://ebesucher-klicker.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 12610
x-jsd-version: 5.15.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78268
x-served-by: cache-fra-eddf8230048-FRA, cache-yyz4576-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"131bc-DMssgUp+TKEsR3iCFjOAnLA2Hqo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FIW552oBTvzfY37uPF1FkZ1qVVfiXz49hsfP03muMb1SGIuTn6b4xodpOvQJhExkFwabliDSleqCgIyTVvDyXbSKNGFRHB3W7dpnfvZlI91UEnOyVCdSXL%2B58ie4q3ghUvX6HqEaHf5h4YD2Co%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811624b84a1c35fd-FRA

GET
H3 200 fa-regular-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/ 13 KB
14 KB 41ms
24ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/webfonts/fa-regular-400.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5/css/all.min.css
Origin: https://ebesucher-klicker.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 24203
x-jsd-version: 5.15.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13224
x-served-by: cache-fra-eddf8230106-FRA, cache-yyz4531-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"33a8-E1F1Ka/6OeJYXFkayubcM2tqqRc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcDRuQbJ%2Fa%2B%2F47mKbiD6iUtXo0%2FXNMJpmlOfcBFW0kszIY95LzZAsyUL2EwocYkPPSDVC0FwCTk67uA0AbT45%2Bf%2FKfGnp7rUrCiudFu%2BRiyA6F%2FehQw%2BoVXuwIOnhM%2FM84ALKbrqZg0s%2F%2BURPPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811624b84a1e35fd-FRA

GET
H2 200 01.gif
adnade.net/images/ Frame 0BA0 5 KB
5 KB 69ms
14ms Image
image/gif 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/01.gif
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 39857e01d4d4f756029ecb3a0963d161ef857ef5a573d734c982badefbb9f973

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
last-modified: Tue, 03 Oct 2023 01:49:07 GMT
server: nginx
etag: "651b7313-1364"
content-type: image/gif
cache-control: max-age=31536000, public, no-transform, max-age=31536000
accept-ranges: bytes
content-length: 4964
expires: Fri, 04 Oct 2024 13:52:09 GMT

GET
H2 200 02.gif
adnade.net/images/ Frame 0BA0 5 KB
5 KB 69ms
14ms Image
image/gif 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/02.gif
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d525bbc62853a3dd657416f2e9e69959936ee4e488191e55f16bd946dc557662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
last-modified: Tue, 03 Oct 2023 01:49:07 GMT
server: nginx
etag: "651b7313-1390"
content-type: image/gif
cache-control: max-age=31536000, public, no-transform, max-age=31536000
accept-ranges: bytes
content-length: 5008
expires: Fri, 04 Oct 2024 13:52:09 GMT

GET
H2 200 items.php Show response
bitspush.io/display/ Frame 0BA0 61 KB
11 KB 103ms
56ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitspush.io/display/items.php?357&239&468&60&0&0&0
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 981847f402169e12bc39c9233d4e70552b4f20535271df6a2f21fb5870c22be3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 13:52:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 05 Oct 2023 13:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdrDkPzXo8RoLEadSe2Uigg4BJfxt34fWvklNaD77nmfxyNI2c%2B8eoFbTv%2F%2F1fMc06uOBjDFqoVrK7cZCB6NIndItE0SpV3zqxeQ0FIUoUKoELIylXnAEbVnr3p6M6q2SdoN%2BQHCWhF3IA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 811624bac9c29b6e-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1551779 Show response
ad.a-ads.com/ Frame F33A 12 KB
5 KB 66ms
26ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1551779?size=468x60

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

a5aac7edc136d84ae5ea2817cd812b61d2394e047348562f7472401eb5793f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 13:52:09 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ad.php Show response
zerads.com/ad/ Frame D943 739 B
679 B 616ms
156ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zerads.com/ad/ad.php?width=300&ref=3082
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 29648ec8fbf7e1fdf37d1a0cae3568094df13d6f923db6c9c6b6328081529d28

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 433
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2023 13:52:09 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK ad.php Show response
zerads.com/ad/ Frame 62E7 738 B
680 B 614ms
155ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zerads.com/ad/ad.php?width=468&ref=3082
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: ffb77a63c3eb6edad6a880d11caa2c98aaf1bbe88b5a726e6286d060b1d87de8

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 434
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2023 13:52:09 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 200 size=468x60 Show response
free-btc.org/banner/u=frechdax/ Frame 0772 2 KB
1 KB 129ms
86ms Document
text/html 2606:4700:3032::ac43:ab44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://free-btc.org/banner/u=frechdax/size=468x60
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f754e34f6d30997352756f5f3e36fccc41ec0b20ba5066a7c77e72b8fac9ce1

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 811624bacc291e66-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:09 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmXhCYpPbF%2BnWiIHh0Se95eWTAU749%2Fj0ahteqBO26ZMFrrdK6w2S1adCmTR1%2BUWFD7IOqy8gie4jL9zTYmwJ9xNorj2rfSZwGS327I7OWsZ%2FFfXCvIFqeXlHm1BHdri872AnM%2Fpll2CJLE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bits-ads.php Show response
adsluffa.online/ Frame 8017 6 KB
3 KB 363ms
314ms Document
text/html 2606:4700:3032::6815:47b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:47b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 881796fd02c384bf069accaa32d5eefebea20b045bf921507ac798a8db3efe5f

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 811624bad96e6951-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:09 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgXV0pDcmGSJVqJyOC9EUfCo%2FAtSxMYl%2Bs5QHD0yqlV4JPhR%2BsXn08QwewgGa5km7Nb8JoUBaWUrfKGykKUBZQ4TnEitJ7rDHrnDSU63ncAd68aFn%2F0I4cKZ6F9n6z0vMagYnQDTC3ELugnGORc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 / Show response
bestcrypto4earning.blogspot.com/ Frame 8198 41 KB
10 KB 779ms
657ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bestcrypto4earning.blogspot.com/

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37deffcdf508a2d6ec8d97e73bec9b0f8cc2e971b20401c2a9bbaba844dd8122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-length: 10025
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:10 GMT
etag: W/"e4fb14fee161db26b422a488287d616334ab9d23484168b9483c01c1b8366aee"
expires: Thu, 05 Oct 2023 13:52:10 GMT
last-modified: Mon, 02 Oct 2023 15:24:06 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ad.php Show response
zerads.com/ad/ Frame 1CB6 728 B
627 B 611ms
156ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://zerads.com/ad/ad.php?width=728&ref=3082
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: ef7a44f1564d4f0a0701139a4f970777f20cb0131dc9e2a5d3d43b274c82cc79

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 381
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2023 13:52:09 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
DATA 200
OK truncated
/ Frame F33A 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d-video.js Show response
video.onetouch8.info/ Frame 0772 91 KB
13 KB 65ms
30ms Script
application/javascript 2606:4700:e0::ac40:640f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/d-video.js?b=24
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1825cfe3f18db5a062e4f37b134b6d4a3568c67d557921939e4b5e26ca1ae723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 10:57:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5622
etag: W/"61c1b305-16d04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msVRpWVeCWk%2Bi1B8DXu7oGWttOavrCg%2BojCDeMI9MCf6E5I5qEtWm15wzKoanDAP89Dxu2SEhuLf9a4AwD36EgatIx2GQK5K%2F00ocJ%2B4BBe%2FryArnJI78uZNTcKUGnQNFpvQdm56dHTrvFvH21CdY8%2FZFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 811624bb9f7a18df-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bico.gif
free-btc.org/img/ Frame 0772 32 KB
32 KB 21ms
21ms Image
image/gif 2606:4700:3032::ac43:ab44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-btc.org/img/bico.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/banner/u=frechdax/size=468x60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245039
alt-svc: h3=":443"; ma=86400
content-length: 32521
last-modified: Sat, 19 Feb 2022 15:54:05 GMT
server: cloudflare
etag: "6211129d-7f09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVEX6PHQ9d2%2Ffii8Kxm%2FQCrIVOye3iK%2F2E3GyvZn6A9QoPUkIkbgJWm4XqpSayENxmj0EyZiOEuqiIjF8vGkPRmJ9np8xbXeulTCCVNds1hUgTfaYwtub6ssC%2F86eLQ9gpG1fIaSfrjw%2F4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 811624bb5cf11e66-FRA
expires: Mon, 09 Oct 2023 17:48:10 GMT

GET
H2 200 468HOB.gif
house-of-btc.com/img/ Frame 0772 115 KB
115 KB 71ms
22ms Image
image/gif 2606:4700:3037::6815:53c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://house-of-btc.com/img/468HOB.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:53c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1c20b5703c1b5f489280ef52add2057b8cc15f3f380723d9623b204791e139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26371
alt-svc: h3=":443"; ma=86400
content-length: 117290
last-modified: Tue, 18 Oct 2022 09:42:11 GMT
server: cloudflare
etag: "634e74f3-1ca2a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pu4KWtSceMof8oChgBRe8FJE4Sdv204iAs3RugNNhT3LuFmkmHJdZdJhiF5dtqWwTX0ggKjv8OVILG%2BWJ%2FlRJhxrV3uDlYZ1PMt3NiTBdo4Aa2d1JDWFs6HRa67d%2BNgMPZJE%2BVpM93k7equNI9TE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 811624bbc8d618c5-FRA
expires: Fri, 06 Oct 2023 06:32:37 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0772 359 KB
123 KB 150ms
46ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.onetouch8.info
URL: https://video.onetouch8.info/d-video.js?b=24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0577359952b714e119cc1aa6e318656f7d7c642adb87cc84ff00e87c949dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125855
x-xss-protection: 0
expires: Thu, 05 Oct 2023 13:52:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8017 52 KB
21 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 147
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 05 Oct 2023 15:49:42 GMT

GET
H2 200 b-2_728x90_b7v623q3h76.jpg
adsluffa.online/files/banners/ Frame 8017 34 KB
34 KB 22ms
22ms Image
image/jpeg 2606:4700:3032::6815:47b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsluffa.online/files/banners/b-2_728x90_b7v623q3h76.jpg
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:47b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40a0064b6078c8faef30b799c94a9a81a6378d590ea7ff3176f316dd3ca2741

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41120
alt-svc: h3=":443"; ma=86400
content-length: 34680
last-modified: Thu, 24 Aug 2023 19:26:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn6FlXAB3lvX5TB%2FJNVFtbeO4xzCHnbTaHBCtHj5ukn4C7KT5gz1qpS4%2FX3UwNnP6IV1LPKBVaqYY7KyhzZaJ95Kf6MN6B0edwIJeYg1q1Nq2jq7RkG4YWtNsQ3LgMeUWeyUFYCUh0GLz8fnoeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 811624bcdbd56951-FRA
expires: Thu, 12 Oct 2023 02:26:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 8017 185 KB
68 KB 151ms
68ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27aaede74e561ff195a5c4f16365d497b8342a188165b70b5d55ef2c1046d8c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69005
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Oct 2023 13:52:09 GMT

GET
H2 200 ads.php Show response
adsluffa.online/ Frame 2EE3 200 B
412 B 168ms
168ms Document
text/html 2606:4700:3032::6815:47b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsluffa.online/ads.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:47b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 087abd3b6ae04f8f9d2443455d229aa61a9d37754fe9dfbfc011eedb6a3f382c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811624bcdbd76951-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTK29Ulb8UWAzggZII06%2Fj0RqnBzn9SHuvDxERHDWmN4ZfL%2BnpseLU7xK4FZ5JGn%2BStcOmkCA%2FEcUCS5t39%2FYNtIo3qOSpWRHrLN2Vf8IjAfipSNmtsI5C5UmSjeB3P8GQcGMr7jM02zy8vjXl0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 allads.php Show response
adsluffa.online/ Frame 4FDF 978 B
451 B 336ms
336ms Document
text/html 2606:4700:3032::6815:47b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsluffa.online/allads.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:47b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b8adfd7cad0e918ca9632aedf4bb10b5e27a44d564cd1af8abc3f997c007f1fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811624bcdbd86951-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAQ4GQMW3yvaAe5Vq3Nne0cVxzBAJ3faiI7hksNg9fD5S0E9XpCSn6XPvlogzDzadMsEhNLXrzkELbcam0otcvqC2BYLsAf4nFS8QvWPyH8HbgSBMcMse3FrNqD8qDV7vtm%2BnXffbQUThL7pMC0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 bridge3.594.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 0A3A 724 KB
232 KB 40ms
40ms Document
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://free-btc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 60595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 237562
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 21:02:14 GMT
expires: Thu, 03 Oct 2024 21:02:14 GMT
last-modified: Wed, 04 Oct 2023 14:44:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0772 44 KB
17 KB 190ms
77ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Oct 2023 13:52:09 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5CD1 40 KB
14 KB 127ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 05 Oct 2023 14:12:40 GMT

GET
H2 200 2253261 Show response
ad.a-ads.com/ Frame 5BAD 12 KB
5 KB 23ms
22ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2253261?size=728x90

Requested by

Host: adsluffa.online
URL: https://adsluffa.online/ads.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

56f4224017c2836b33ca27f86d4629098c51f500b5e400e64bb236cfc10af67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 13:52:09 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/393754/ Frame 5BAD 674 KB
676 KB 30ms
23ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393754/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2253261?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:09 GMT
x-amz-version-id: Cv2H_W5cOvreEnPXeLYKrZR901XKye4u
last-modified: Tue, 31 May 2022 13:28:31 GMT
server: nginx
x-amz-request-id: Q8T25ZAP2KWMQFC3
etag: "17ab32789bf26b9a63481f7a9a076d53"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 690666
x-amz-id-2: vwXWk6B7w8y9SMWktnELgx1wqTcIJfazxc5G4O50+lGVMWA49vQhgYSIQMDMLP+4GTrpPH7t8rQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 5BAD 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fav.png
i.ibb.co/zbtMxW5/ Frame 62E7 657 B
900 B 59ms
15ms Image
image/png 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zbtMxW5/fav.png
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=468&ref=3082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
last-modified: Sat, 08 Jan 2022 17:29:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 657
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 26911.png
cryptocoinsad.com/banner/ads_banner/ Frame 62E7 45 KB
46 KB 68ms
25ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/26911.png
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=468&ref=3082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 058b2079b8b9729ee3b4cee08997756e713c61d21b03387927b0c73661d61098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Sep 2023 10:29:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5381
etag: "6506d522-b5dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ivYf5%2BK5LzizETyEjUw%2BFGnLQhvVkx5GqBsK02dvjX6OXnPyPDxpbF54sVJ8bSMR4eZujwJdvjcSGymTk5TmCnQvL3%2BUsJ%2BxIrSADGBXxYz6jOnFJuv1Zrt7eB0BscqTANM53ZbFyU6acsKvs8QFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 811624bef95d9c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46557

GET
H2 200 26914.jpg
cryptocoinsad.com/banner/ads_banner/ Frame 1CB6 21 KB
21 KB 60ms
17ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/26914.jpg
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=728&ref=3082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b0e9474d8dd057a8748bfc0c571a0ac718f03121320fd4ad1716d92b34da55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Sep 2023 20:49:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2443
etag: "65076646-52f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwSImuim5UxUdeZgE0kNFwfsL%2Fiywm5bQBKm5OryrjVGZwOKmvWXw6LT%2FvQKGZ9izm1TmBnhg34WozaALRQmAl8sTnLGWgpsD4la01IzO6uFBFim5pzKCL1mCg2rU7r%2FtatyE8mAnURlGpAu2plYxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 811624bef9609c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21233

GET
H2 200 fav.png
i.ibb.co/zbtMxW5/ Frame D943 657 B
899 B 52ms
15ms Image
image/png 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zbtMxW5/fav.png
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=300&ref=3082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
last-modified: Sat, 08 Jan 2022 17:29:49 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 657
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 26806.png
cryptocoinsad.com/banner/ads_banner/ Frame D943 87 KB
88 KB 54ms
19ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/26806.png
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=300&ref=3082
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40f62dfd6fc563671edee14a64c628ce282c2fa5f5dfeed1cd8cafd87fc9260b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zerads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
cf-cache-status: HIT
last-modified: Thu, 31 Aug 2023 15:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2806
etag: "64f0b210-15c52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mMCs6wqWtkhv%2B45artoVt4R7DYdmmKTOu2vnQLSpb14LcBO7dcb7WZ3KO93ADu%2B7JPojDHI2bamVyRSM5Lzs2AKxPkcK7Ckyh4OUBtZdi%2BRE%2B4w0k2BwMQTg6avxBHtnHIaeCloqVIzIWXX5m8IxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 811624bef95e9c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 89170

GET
H/1.1 200
OK ptp.php Show response
traffic2bitcoin.com/ Frame 5B47 4 KB
2 KB 500ms
150ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=728&ref=3082
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 74587ef639d61074081f224f0ff456133d828891b56626f06f3423cecf6008c1

Request headers

Referer: https://zerads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1576
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2023 13:52:10 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 403 banimg.php Show response
my-banner-ads.com/ Frame 243C 199 B
286 B 455ms
107ms Document
text/html 170.249.194.154
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://my-banner-ads.com/banimg.php?uid=1146&size=1
Requested by: Host: zerads.com
URL: https://zerads.com/ad/ad.php?width=728&ref=3082
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.249.194.154 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.1245inc.com
Software: Apache/2 /
Resource Hash: 5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10

Request headers

Referer: https://zerads.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 199
content-type: text/html; charset=iso-8859-1
date: Thu, 05 Oct 2023 13:52:10 GMT
server: Apache/2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 8017 223 KB
79 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

160567168281bac718c3669dceb72135c2de8bde9b0ab6fa5149b4035277c22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 13:52:10 GMT

GET
H2 200 tag Show response
video.onetouch8.info/api/video/ Frame 0A3A 42 B
829 B 29ms
28ms XHR
application/xml 2606:4700:e0::ac40:640f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=48220&tmax=500&video-skipafter=5&count=3&tagId=yrjwzxsr99dwl93a
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:640f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cv9Vx0jxqwh40EAuwh1h%2FCjXDObpIUiNfaskbIQeKi8bs3yJfsX9EEWLRrwS2y3y7pc5MpaXnOWbzUmR%2BdoNZwDeQrV0c9nP6OEdzGDY5L%2Fr4BZkRQu5D62xO2PNUmNCySguek2tuqI3yYeqpOTC1xARQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 811624bf4c0318df-FRA
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 403 cointraffic.io.php
gobits.me/ Frame A1C3 0
0 54ms
18ms Document
text/html 2606:4700:3030::ac43:8265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gobits.me/cointraffic.io.php

Requested by

Host: adsluffa.online
URL: https://adsluffa.online/allads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8265 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 811624bf79599a21-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 05 Oct 2023 13:52:10 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbPYUYFO4%2FWPPCptGMW2ug%2FhBy6%2BDmjgwjgsSBGruM8jKzN0mUGcBieJGXdU%2FKvGtVwKSfYfRmYh1IzVBFNdYpPmQSVcWLoWMaTx0Y%2FhjXqha%2FXyHWIeABAs8bdxieJ4xcgLYf7Re24%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cointraffic.io.php Show response
1dogecoin.work/ Frame 9F26 123 B
605 B 362ms
328ms Document
text/html 2606:4700:3036::ac43:b751
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1dogecoin.work/cointraffic.io.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/allads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 627b71329076b19918cd241db80b9a358e800f05e7fcff15f4930ddf91c887e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811624bf7f479a03-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giZbT4IaOlwtV38Jg1ycRAmuhiVYBWuo9KbS3UFrTzTf1OelRFk3X5FljHvyxcj1%2F6%2BZzUrJ3MCfokf3XmCaI02zmhV0MWOzg3VIoNYUG2hqvWb0Dw7Cpyyrl9AwU%2FhC8wF%2FOTbn38cdl6H%2F%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 cointraffic.io.php Show response
www.zcash.one/ Frame 1AEB 157 B
376 B 378ms
341ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zcash.one/cointraffic.io.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/allads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5c795928556b12979db821b031bb3c828582864b24a3d8ebd784fd314ebbb7fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811624bf8b1bbbaf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfXu%2FbfDI0BC4BK7UWgzzgyIgjT8kuFEG6n%2B3qZJMkReItRd8vJsrVEt4vbhgWqUovfZBkxStEHM%2Bde66yrtmFKagVxA5Dps5dNHYsgLBjCYzikKOZrX3J6tTf1CtW5BVrWcY0a0bmtgJZ1q"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 403 cointraffic.io.php
gobits.me/ Frame 2E58 0
0 54ms
21ms Document
text/html 2606:4700:3030::ac43:8265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gobits.me/cointraffic.io.php

Requested by

Host: adsluffa.online
URL: https://adsluffa.online/allads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8265 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 811624bf895a9a21-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 05 Oct 2023 13:52:10 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jW81j1D6LhAw51JnvjYqC99yY2Rk%2Fi36jFtdkjwKmrtPbuqMC4Q%2Bwlboodv%2FU4PKBPkYnUJZn5iD5KOQMYKwgbCEDbTX2zcdpMF3iKym5jBYrXGfeOz0%2B5Jn12ezVy6jTxftLpbLW8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cointraffic.io.php Show response
1dogecoin.work/ Frame 0BB5 123 B
391 B 373ms
342ms Document
text/html 2606:4700:3036::ac43:b751
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1dogecoin.work/cointraffic.io.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/allads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b751 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 627b71329076b19918cd241db80b9a358e800f05e7fcff15f4930ddf91c887e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811624bf7f4a9a03-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIGZXRBBxqA%2F%2BQfsY8mV%2Bbh0lJkYO7vRFS%2FpsnOd5mGBZOQpBuW4UcyEtafhfqADpMN5paRj7Y%2FRU7Ua0pss663%2FV%2FSoLaWsl7REvmpApFSqorsOLSe2aVCMncFM7j65v78QIOztnjRfbOmP%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 cointraffic.io.php Show response
www.zcash.one/ Frame BC3C 157 B
598 B 349ms
315ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zcash.one/cointraffic.io.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/allads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5c795928556b12979db821b031bb3c828582864b24a3d8ebd784fd314ebbb7fb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 811624bf8b1ebbaf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zinf7i1UFJkYxF2HpcVUdYaMCqug9B2UZ%2FFPVemwXYSQihaik59QuP46gOlkNQQ7bV6NFrWIE4B4HkUTfbCt3anC03yXA1hKWD9DL1cGmQwM0u9BOTi8VvY68KpZiXV5XmpOhOJU9lbdQiE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

POST
H2 204 csi
csi.gstatic.com/ Frame 0A3A 0
234 B 50ms
18ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lnd8la8q&c=6468205937143&slotId=3234102968571.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ Frame 8198 35 KB
8 KB 288ms
41ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 00:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7756
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 15:56:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 03 Oct 2024 00:03:36 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ Frame 8198 1 B
684 B 433ms
188ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7787420603375400551&zx=a564d2e1-70fd-4fe1-ade0-c442ad570fd6

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Oct 2023 13:52:10 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag Show response
video.onetouch8.info/api/video/ Frame 0A3A 42 B
893 B 30ms
30ms XHR
application/xml 2606:4700:e0::ac40:640f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=48220&tmax=500&video-skipafter=5&count=3&tagId=yrjwzxsr99dwl93a&repeat=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:640f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8LMQDFuRlZLAWDWPh9CPPx7Iyo4N0UASOxhQCGZVqQLQJUdp4mR9wh2qrygrrWOhkrMqK9CWHAOf%2Bl4%2BVnr5eQSwoF4TekSqHml8EiYEV0WMLaXEqy7xSFL7ko7nmH5HyFtQTvmdylj%2B0r3kDZCe1CSoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 811624bf8be8bb8b-FRA
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 platform.js Show response
apis.google.com/js/ Frame 8198 56 KB
22 KB 282ms
48ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecfb48718a6edc5e924f385d0ed226cde5dfdebde87049970779bd5d9f86c435

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 13:52:10 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21949
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ce58d6b1676e880c"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 13:52:10 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ Frame 8198 162 B
299 B 134ms
117ms Image
image/gif 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:23:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 17:57:59 GMT
server: sffe
age: 34141
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 12 Oct 2023 04:23:09 GMT

GET werbeCounterAufruf.php
libertad-ads.de/kamp/ Frame 8198 0
0

GET
H2 200 cookienotice.js Show response
bestcrypto4earning.blogspot.com/js/ Frame 8198 6 KB
2 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bestcrypto4earning.blogspot.com/js/cookienotice.js

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:55:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2026
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 17:57:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 12 Oct 2023 06:55:32 GMT

GET
H2 200 1633206389-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame 8198 156 KB
157 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1633206389-widgets.js

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53fcff215fa86d4eb5e34b88b6587b127ea804a9c5f056f0becbd92572fa4724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 01:25:28 GMT
x-content-type-options: nosniff
age: 44802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160214
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 01:54:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 04 Oct 2024 01:25:28 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0A3A 0
54 B 18ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lnd8lacp&c=6468205937143&slotId=3234102968571.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797965%2C44801604%2C44802402
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag Show response
video.onetouch8.info/api/video/ Frame 0A3A 42 B
862 B 34ms
34ms XHR
application/xml 2606:4700:e0::ac40:640f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=48220&tmax=500&video-skipafter=5&count=3&tagId=yrjwzxsr99dwl93a&repeat=2
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.594.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:640f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53pZCOaDMIcPlI9FKpltYhIsDsyNCR0a0YFYK2BXWewyOZQuO%2BeJN%2FA0mf6ATyTs%2BFKjw2pNEUamqVKQKt%2Fv%2B3zXLTjDmShVeNXYJJn4ymzlFjD9Zy%2F5uI%2BVmuWloBnPf4ZxnHH24Z4SLo91J2SPyBGvwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 811624bfdc66bb8b-FRA
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 body_background_dark.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ Frame 8198 106 B
203 B 134ms
118ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/body_background_dark.png

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d8a5573603d9819f10428efb4bdb6ff418aedbeb830d19e8c848b8f1df8677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:36:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 17:57:59 GMT
server: sffe
age: 11753
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 12 Oct 2023 10:36:17 GMT

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame BC3C 6 KB
3 KB 100ms
28ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Requested by: Host: www.zcash.one
URL: https://www.zcash.one/cointraffic.io.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 32c4b1174aa0f2e800841410626842e143f2671b43b53fe58b1e2f69c9ee22db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ Frame 8198 180 KB
60 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

913575d835a17ddbf479babf07021582e5fe5579d5c0f6e12648cc67637e9904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60917
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 17:31:21 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8198 47 B
328 B 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 17:44:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 17:44:58 GMT

GET
H2 200 2186928 Show response
ad.a-ads.com/ Frame 9CBE 12 KB
5 KB 32ms
31ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2186928?size=468x60

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

b12a07bb2e4e6f1db1abe0f0899638a01c0f808300b4ea4c043d2915082c2015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame 9F26 6 KB
3 KB 91ms
28ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Requested by: Host: 1dogecoin.work
URL: https://1dogecoin.work/cointraffic.io.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: c4212d4acc477ebfa3f0c59d00ceb5e8bd1c048ec4e47c1d46024ee9b4186e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

GET
H2 200 body_gradient_dark.png
resources.blogblog.com/blogblog/data/1kt/awesomeinc/ Frame 8198 141 B
230 B 99ms
99ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/awesomeinc/body_gradient_dark.png

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

625d4151db99dc578ae3e643b34ec849ed01078bbc6c8f368d5ca0d7e90c6186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:38:27 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 17:57:59 GMT
server: sffe
age: 15223
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 12 Oct 2023 09:38:27 GMT

GET
H2 200 share_buttons_20_3.png
www.blogger.com/img/ Frame 8198 5 KB
5 KB 99ms
99ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:49:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 14:54:57 GMT
server: sffe
age: 25376
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 12 Oct 2023 06:49:14 GMT

GET
H2 200 logo-16.png
www.blogger.com/img/ Frame 8198 279 B
369 B 99ms
99ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:50:29 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 17:57:59 GMT
server: sffe
age: 32501
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 12 Oct 2023 04:50:29 GMT

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame 0BB5 6 KB
3 KB 71ms
28ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Requested by: Host: 1dogecoin.work
URL: https://1dogecoin.work/cointraffic.io.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: c4212d4acc477ebfa3f0c59d00ceb5e8bd1c048ec4e47c1d46024ee9b4186e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame 1AEB 6 KB
3 KB 90ms
48ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Requested by: Host: www.zcash.one
URL: https://www.zcash.one/cointraffic.io.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 32c4b1174aa0f2e800841410626842e143f2671b43b53fe58b1e2f69c9ee22db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/393745/ Frame 9CBE 428 KB
429 KB 12ms
12ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393745/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2186928?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
x-amz-version-id: OCdZGo21C0eofzydi4BulScJFjE6rXPN
last-modified: Tue, 31 May 2022 13:28:27 GMT
server: nginx
x-amz-request-id: PQ7FHW3DTJRZHBTC
etag: "9ecf8ce917854a0c481254a2d97e2ac6"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 438215
x-amz-id-2: skbQ6DNnfB1rDq4lDCFhVIUhryU4YBC2xCUjwg4zkLqe3hBHOFIsTerd6qiyEDQrD6EVKUOuECU=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 9CBE 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 26834.png
cryptocoinsad.com/banner/ads_banner/ Frame 5B47 139 KB
139 KB 18ms
17ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/26834.png
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3c2228c96253957b887ecf5e5300d625f04068d11dd31442d98052b3fb23cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://traffic2bitcoin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
cf-cache-status: HIT
last-modified: Sun, 03 Sep 2023 23:14:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2493
etag: "64f5136b-22adf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2Fee5utn502j3V5g1TilxzNmpJF6i1maf6qTbH1rtM7EN8ra2IIjJqgDL0DlMD09QQBp0cEKrecv9YsoqBoQIO6toWZEhmqJ%2BkMYJt5Xezpx0zCoUvEdN1dohtEB2NYbe%2FuotNLc6yAayH0XJlnU3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 811624c20cfd9c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 142047

GET
H2 200 728x90-3.png
static1.freebitco.in/banners/ Frame 5B47 43 KB
43 KB 58ms
21ms Image
image/webp 104.22.7.169
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.freebitco.in/banners/728x90-3.png
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.7.169 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ab5eb8e9350691a15053498f7cc3e0da4a76f6b2a0b90d6bf42301035dd8c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://traffic2bitcoin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 05 Oct 2023 00:26:58 GMT
server: cloudflare
age: 48312
cf-polished: origFmt=png, origSize=60358
vary: Accept
content-type: image/webp
cache-control: max-age=315360000
content-disposition: inline; filename="728x90-3.webp"
accept-ranges: bytes
cf-ray: 811624c239912c41-FRA
content-length: 43640
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 26887.png
cryptocoinsad.com/banner/ads_banner/ Frame 5B47 64 KB
64 KB 17ms
16ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptocoinsad.com/banner/ads_banner/26887.png
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43fc347d67c18b1e3ec526ce467d99029a2d9075988e7f0e38af949ef42f7dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://traffic2bitcoin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Sep 2023 20:39:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4823
etag: "64ff7aeb-fe77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zc25eYgcjaQTy2g927nWjpxyWycKKSpES6gIHr63UURUILssBXHWJ%2BKgcHy9juIy2A6ThsFh7Z15tr6LdSpg5GA2dDLRXBVdXUyCGRTpCIepvWSo717Yn6mO%2BOjTKvm7DPMaMCEeZqJSO4HzpLs9oA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 811624c20d059c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 65143

GET
H2 200 UVJBOUhZdmJhSjQ9.js Show response
cdn.adsfcdn.com/js/ Frame 5B47 3 KB
2 KB 73ms
21ms Script
application/javascript 2606:4700:3032::ac43:c790
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsfcdn.com/js/UVJBOUhZdmJhSjQ9.js
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d52f89527bab3391154917c16fc40468087f6af7a016b7cf4ab2b4cb00b117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://traffic2bitcoin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jul 2022 19:09:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 17825
etag: W/"62e03c03-d7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7fyzYMyrxsnarYOdTBqYIKW7CuuyF6wduUwyUcNb5mOkA76xobQgqROumNfGDMwQ7oEZel%2B2hsB5KtZuoarqt27HJ00rxSmRmUm9atBnZdQSpS1mhFbLB4HGm0G10xBvHkathpkYzBiWTCNUzxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 811624c25e9b91d5-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 05 Oct 2023 20:55:05 GMT

GET
H/1.1 200
OK qlt.php Show response
traffic2bitcoin.com/ Frame 00BD 766 B
452 B 167ms
167ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://traffic2bitcoin.com/qlt.php?ref=zerads&keycode=3227&type=&sitetype=1
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: ead677a55d6bff7010a060f011c2a987ef01ae333a9dba27511e440172122489

Request headers

Referer: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 206
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2023 13:52:10 GMT
Keep-Alive: timeout=5, max=49
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK ads.php Show response
hash512.com/templates/ Frame 1B12 321 B
489 B 615ms
149ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://hash512.com/templates/ads.php
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 551546f184fb2b9d24a7bcc7b33dacc79a404b84c051b196901f5060ffab02a3

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 243
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2023 13:52:11 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame 6C71 7 KB
3 KB 648ms
645ms Document
text/html 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=7787420603375400551&blogName=BestCryptoEarning&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://bestcrypto4earning.blogspot.com/search&blogLocale=de&v=2&homepageUrl=https://bestcrypto4earning.blogspot.com/&vt=3853649479754722906&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91e5fde9e205dfbf09d435121977d3e9ffb5cfa02d5f6e7e9d24e3ca45aa6cd4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2599
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 13:52:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ Frame 8198 1 B
43 B 639ms
638ms Stylesheet
text/css 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7787420603375400551&zx=a564d2e1-70fd-4fe1-ade0-c442ad570fd6

Requested by

Host: bestcrypto4earning.blogspot.com
URL: https://bestcrypto4earning.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 05 Oct 2023 13:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Oct 2023 13:52:11 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ Frame 0BB5 14 KB
3 KB 77ms
25ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/inpage.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 31b2dd7d40ab3b966fe85fbcd9932d8903b03a3f6dda5d315458f00568e083c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 sticky.js Show response
appsha-pnd.ctengine.io/static/ Frame 0BB5 15 KB
3 KB 104ms
53ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/sticky.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame 0BB5 696 B
1 KB 102ms
51ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/popunder.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 289972ee91859dcbaaed043fcb29c6d3764cc5422178d4f8ae5024aba5ae5e43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 696

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ Frame BC3C 14 KB
3 KB 95ms
50ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/inpage.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 31b2dd7d40ab3b966fe85fbcd9932d8903b03a3f6dda5d315458f00568e083c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame BC3C 696 B
1 KB 96ms
51ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/popunder.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 289972ee91859dcbaaed043fcb29c6d3764cc5422178d4f8ae5024aba5ae5e43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 696

GET
H2 200 sticky.js Show response
appsha-pnd.ctengine.io/static/ Frame BC3C 15 KB
3 KB 98ms
53ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/sticky.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ Frame 9F26 14 KB
3 KB 89ms
49ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/inpage.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 31b2dd7d40ab3b966fe85fbcd9932d8903b03a3f6dda5d315458f00568e083c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 sticky.js Show response
appsha-pnd.ctengine.io/static/ Frame 9F26 15 KB
3 KB 66ms
26ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/sticky.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame 9F26 696 B
1 KB 89ms
50ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/popunder.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 289972ee91859dcbaaed043fcb29c6d3764cc5422178d4f8ae5024aba5ae5e43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 696

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ Frame 1AEB 14 KB
3 KB 59ms
26ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/inpage.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 31b2dd7d40ab3b966fe85fbcd9932d8903b03a3f6dda5d315458f00568e083c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame 1AEB 696 B
1 KB 85ms
52ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/popunder.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 289972ee91859dcbaaed043fcb29c6d3764cc5422178d4f8ae5024aba5ae5e43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 696

GET
H2 200 sticky.js Show response
appsha-pnd.ctengine.io/static/ Frame 1AEB 15 KB
3 KB 95ms
62ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/sticky.js?v=1691487635590
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame 9F26 47 B
485 B 99ms
47ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 100ms
25ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 98ms
24ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame BC3C 47 B
485 B 101ms
49ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 89ms
25ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame 0BB5 47 B
486 B 99ms
47ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame 1AEB 47 B
486 B 107ms
55ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 84ms
25ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Thu, 05 Oct 2023 13:52:10 GMT
server: nginx

GET
H/1.1 200
OK ads.php Show response
simbabtc.com/templates/ Frame 3A8C 527 B
518 B 708ms
148ms Document
text/html 162.0.208.108
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://simbabtc.com/templates/ads.php
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/qlt.php?ref=zerads&keycode=3227&type=&sitetype=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.208.108 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: nc-ph-2974.zerads.com
Software: Apache /
Resource Hash: 3a86a63b372d92b7ad83d1ca52132175b26f4c6d1db741187eac72502ea7ac6b

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 272
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2023 13:52:11 GMT
Keep-Alive: timeout=5, max=50
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK ad.php Show response
donaldco.in/templates/ Frame 9D01 309 B
547 B 1211ms
282ms Document
text/html 68.65.121.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://donaldco.in/templates/ad.php
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/qlt.php?ref=zerads&keycode=3227&type=&sitetype=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.65.121.78 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.autotradelot.com
Software: Apache /
Resource Hash: 745ca8a3ee453bae3e8cfe6df05d2d9d704f3b1bd6e52ce407747e4ffef4bb85

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=172800
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 230
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2023 13:52:11 GMT
Expires: Sat, 07 Oct 2023 13:52:11 GMT
Keep-Alive: timeout=5, max=25
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK aads.php Show response
digimonbtc.com/templates/ Frame 52BB 328 B
535 B 734ms
235ms Document
text/html 68.65.121.78
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://digimonbtc.com/templates/aads.php
Requested by: Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/qlt.php?ref=zerads&keycode=3227&type=&sitetype=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.65.121.78 New Kensington, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server1.autotradelot.com
Software: Apache /
Resource Hash: e97caecbc5e6c0dacceae03fe2a2740bb6124e234e3887b0717d9a0e1e2eeab1

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 05 Oct 2023 13:52:11 GMT
Keep-Alive: timeout=5, max=25
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 1705833 Show response
acceptable.a-ads.com/ Frame 9181 25 KB
6 KB 42ms
27ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/1705833?size=728x90

Requested by

Host: hash512.com
URL: https://hash512.com/templates/ads.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

d769b3678ebadf2f35643b45f774201a95e7dc456473dcbb5cd507e0744e33d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hash512.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 13:52:11 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://hash512.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/393754/ Frame 9181 674 KB
676 KB 11ms
11ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393754/728x90?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1705833?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:11 GMT
x-amz-version-id: Cv2H_W5cOvreEnPXeLYKrZR901XKye4u
last-modified: Tue, 31 May 2022 13:28:31 GMT
server: nginx
x-amz-request-id: Q8T25ZAP2KWMQFC3
etag: "17ab32789bf26b9a63481f7a9a076d53"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 690666
x-amz-id-2: vwXWk6B7w8y9SMWktnELgx1wqTcIJfazxc5G4O50+lGVMWA49vQhgYSIQMDMLP+4GTrpPH7t8rQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame 6C71 57 KB
21 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=7787420603375400551&blogName=BestCryptoEarning&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://bestcrypto4earning.blogspot.com/search&blogLocale=de&v=2&homepageUrl=https://bestcrypto4earning.blogspot.com/&vt=3853649479754722906&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.B-JjfXXjM2M.O%2Fd%3D1%2Frs%3DAHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51194aecafe4835b383905f4dc2b32fab7b65c583572807455e8b6917565c264

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 13:52:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21959
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "514f5f227f187f0b"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 13:52:11 GMT

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame 6C71 907 B
930 B 38ms
38ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:51:43 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 14:54:57 GMT
server: sffe
age: 28
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 12 Oct 2023 13:51:43 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame 6C71 117 B
140 B 38ms
38ms Image
image/png 2a00:1450:4001:813::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:07:58 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 17:57:59 GMT
server: sffe
age: 13453
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 12 Oct 2023 10:07:58 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ Frame 6C71 133 KB
44 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1057a329bc50d1f693c95c4e3604a62e5171aed78b2ef21b2f96a77db6912d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45507
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 17:31:24 GMT

GET
H2 200 1690893 Show response
acceptable.a-ads.com/ Frame 9E96 25 KB
6 KB 26ms
26ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/1690893?size=728x90

Requested by

Host: simbabtc.com
URL: https://simbabtc.com/templates/ads.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

897f3b2686b4218ca3884f2e94e244f70d17ba372f159b9424830543b37a5d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simbabtc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 13:52:11 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://simbabtc.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 1690896 Show response
acceptable.a-ads.com/ Frame 4655 25 KB
6 KB 30ms
30ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/1690896?size=468x60

Requested by

Host: simbabtc.com
URL: https://simbabtc.com/templates/ads.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

980ca32cc32d0f843d46a0b5ffdb9396b93158b6e8e4d2285488cbba2e318a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://simbabtc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 13:52:11 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://simbabtc.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/393754/ Frame 9E96 674 KB
676 KB 11ms
11ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393754/728x90?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1690893?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:11 GMT
x-amz-version-id: Cv2H_W5cOvreEnPXeLYKrZR901XKye4u
last-modified: Tue, 31 May 2022 13:28:31 GMT
server: nginx
x-amz-request-id: Q8T25ZAP2KWMQFC3
etag: "17ab32789bf26b9a63481f7a9a076d53"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 690666
x-amz-id-2: vwXWk6B7w8y9SMWktnELgx1wqTcIJfazxc5G4O50+lGVMWA49vQhgYSIQMDMLP+4GTrpPH7t8rQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1141394 Show response
acceptable.a-ads.com/ Frame A42A 25 KB
6 KB 36ms
35ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/1141394?size=728x90

Requested by

Host: digimonbtc.com
URL: https://digimonbtc.com/templates/aads.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

cf90035e80433c02695d8f493f651d238e235203117e9d2c43f9f150b1b41b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://digimonbtc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 13:52:11 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://digimonbtc.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/393777/ Frame 4655 428 KB
429 KB 19ms
18ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393777/468x60?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1690896?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:11 GMT
x-amz-version-id: uLgJt0kG8h9_6Yb2PhHXE0X7UZZ61_vh
last-modified: Tue, 31 May 2022 13:36:38 GMT
server: nginx
x-amz-request-id: 1JT6QC6567GJ6QF0
etag: "9ecf8ce917854a0c481254a2d97e2ac6"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 438215
x-amz-id-2: iPUtDAtGVdJxfG5Zodcf4sBJP8Eamlp2CerlzF4TQyes6F0+mHylp865zfkC1lsRfsuWxFWfvBE=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 728x90
static.a-ads.com/a-ads-banners/393804/ Frame A42A 674 KB
676 KB 11ms
11ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393804/728x90?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1141394?size=728x90
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:11 GMT
x-amz-version-id: QbiY4NoT4ulkvDSEPsy._qf5G5I0yZLz
last-modified: Tue, 31 May 2022 13:40:42 GMT
server: nginx
x-amz-request-id: AEEYM9C96DEA3PPJ
etag: "17ab32789bf26b9a63481f7a9a076d53"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 690666
x-amz-id-2: gFfBGLFz6PS5dSJevN1gcMg8+eVTncZaqoVsBJuQAoPeP3p2PnDlzxZdT02FyOizYqj2uC4DMaA=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1690418 Show response
acceptable.a-ads.com/ Frame C2F3 25 KB
6 KB 29ms
29ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/1690418?size=468x60

Requested by

Host: donaldco.in
URL: https://donaldco.in/templates/ad.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

081669625018b59d6b5068c8f5728bb6809b4c1104596d98943be28ac24d9865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donaldco.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 13:52:12 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://donaldco.in/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/393793/ Frame C2F3 428 KB
429 KB 11ms
11ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393793/468x60?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1690418?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acceptable.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:12 GMT
x-amz-version-id: z255ENYiUlJNOhBGq31VF7sK56UjqNd9
last-modified: Tue, 31 May 2022 13:40:38 GMT
server: nginx
x-amz-request-id: K48V59XHFCGQH6B0
etag: "9ecf8ce917854a0c481254a2d97e2ac6"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 438215
x-amz-id-2: jtIw72xV7O9rYs+Cy7WGAPilOyXeNRbaDYC9qxlVnKFrfYk8ozHe8IFMO4jk9D7rIRKfbzhmBo8=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 741663 Show response
ad.a-ads.com/ Frame A782 12 KB
5 KB 27ms
27ms Document
text/html 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/741663?size=300x250

Requested by

Host: traffic2bitcoin.com
URL: https://traffic2bitcoin.com/ptp.php?ref=zerads&sitetype=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.213.239.205.245.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

e62de4e1d81d9bc7cc0a778af662e651b26e13760f49b380cb06cae7aa0233f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://traffic2bitcoin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 05 Oct 2023 13:52:13 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://traffic2bitcoin.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393746/ Frame A782 609 KB
610 KB 11ms
11ms Image
image/gif 213.239.205.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393746/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/741663?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.213.239.205.245.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:52:13 GMT
x-amz-version-id: FOGynYQlla8njUZxgta1uuTSww4lT2p7
last-modified: Tue, 31 May 2022 13:28:30 GMT
server: nginx
x-amz-request-id: T3RBB2R3QD628K70
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: Wpx9XUEo7BZR9jpwAt5w7BMN9IDp8Iw8FwaYsYC+olQykLvDbXm5dxFfazQzQwgcok5iOohqhU0=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame A782 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: libertad-ads.de
URL: https://libertad-ads.de/kamp/werbeCounterAufruf.php?seitenID=54&colorCode=0&bannerArt=1

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ebesucher-klicker.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: q52jt12o8c8pa3aavt200naup1
			.google.com/	1970-01-20 19:38:45	Name: NID Value: 511=NI9ef65epQ7Fu8tYeMNNlzckDDHk-ZxIeuVJnvk4b5cg3UCEOcxZZdyzvO8OfCunh5e-Dre-r33jmqxZhrQFfoRuYo-QmkgAmoDZsHxZBZbcQk0giT6uByCiNPXlXu-d_9NszklmzTvV2jNTVEEhLipMy9usaj3aAL2NCxR953w

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://my-banner-ads.com/banimg.php?uid=1146&size=1 Message: Failed to load resource: the server responded with a status of 403 ()
security	error	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs(Line 175) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.blogger.com') does not match the recipient window's origin ('null').
security	error	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs(Line 175) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.blogger.com') does not match the recipient window's origin ('null').
security	error	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs(Line 175) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://bestcrypto4earning.blogspot.com') does not match the recipient window's origin ('null').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1dogecoin.work
acceptable.a-ads.com
ad.a-ads.com
adnade.net
adsluffa.online
apis.google.com
apps-pnd.ctengine.io
appsha-pnd.ctengine.io
bestcrypto4earning.blogspot.com
bitspush.io
cdn.adsfcdn.com
cdn.jsdelivr.net
cryptocoinsad.com
csi.gstatic.com
digimonbtc.com
donaldco.in
ebesucher-klicker.de
free-btc.org
gobits.me
hash512.com
house-of-btc.com
i.ibb.co
imasdk.googleapis.com
libertad-ads.de
media.hubuhost.com
my-banner-ads.com
netzwerk-ad.de
pagead2.googlesyndication.com
resources.blogblog.com
s0.2mdn.net
simbabtc.com
static.a-ads.com
static1.freebitco.in
traffic2bitcoin.com
video.onetouch8.info
www.blogger.com
www.google-analytics.com
www.googletagmanager.com
www.zcash.one
zerads.com
libertad-ads.de
104.22.7.169
144.126.134.105
162.0.208.108
162.19.58.156
170.249.194.154
2001:4860:4802:32::3
213.239.205.245
2606:4700:3030::ac43:8265
2606:4700:3032::6815:47b2
2606:4700:3032::ac43:ab44
2606:4700:3032::ac43:c790
2606:4700:3036::ac43:b751
2606:4700:3037::6815:53c3
2606:4700::6810:5914
2606:4700:e0::ac40:640f
2a00:1450:4001:803::200e
2a00:1450:4001:806::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2006
2a00:1450:4001:813::2008
2a00:1450:4001:813::2009
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:6800:3:a0b::2
2a06:98c1:3120::9
2a06:98c1:3121::3
2a0d:da00:a:4018::
2a0d:da00:a:401c::
68.65.121.78
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
058b2079b8b9729ee3b4cee08997756e713c61d21b03387927b0c73661d61098
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
081669625018b59d6b5068c8f5728bb6809b4c1104596d98943be28ac24d9865
087abd3b6ae04f8f9d2443455d229aa61a9d37754fe9dfbfc011eedb6a3f382c
0f754e34f6d30997352756f5f3e36fccc41ec0b20ba5066a7c77e72b8fac9ce1
102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9
160567168281bac718c3669dceb72135c2de8bde9b0ab6fa5149b4035277c22a
1825cfe3f18db5a062e4f37b134b6d4a3568c67d557921939e4b5e26ca1ae723
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
26ed6f88ea2f1a0d30cf83650370ee61c292682079b4cfb53236bd9d1576ff76
27aaede74e561ff195a5c4f16365d497b8342a188165b70b5d55ef2c1046d8c6
289972ee91859dcbaaed043fcb29c6d3764cc5422178d4f8ae5024aba5ae5e43
29648ec8fbf7e1fdf37d1a0cae3568094df13d6f923db6c9c6b6328081529d28
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
316f53b0f5aa9fb1fb910eb812b1eef8fd7ad88a00b16b7a72bd795aebb97e53
31b2dd7d40ab3b966fe85fbcd9932d8903b03a3f6dda5d315458f00568e083c0
32c4b1174aa0f2e800841410626842e143f2671b43b53fe58b1e2f69c9ee22db
35e0589c4787a8852d5a6b21fc4e9c0363ddcd552c9a1d6073b39f7824cd9c84
36d52f89527bab3391154917c16fc40468087f6af7a016b7cf4ab2b4cb00b117
37a15a0d02dc56bef5e9d4678017aaea3f8bfb941a36dd127993ad76c314c1d6
37deffcdf508a2d6ec8d97e73bec9b0f8cc2e971b20401c2a9bbaba844dd8122
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
39857e01d4d4f756029ecb3a0963d161ef857ef5a573d734c982badefbb9f973
39b0e9474d8dd057a8748bfc0c571a0ac718f03121320fd4ad1716d92b34da55
3a86a63b372d92b7ad83d1ca52132175b26f4c6d1db741187eac72502ea7ac6b
40f62dfd6fc563671edee14a64c628ce282c2fa5f5dfeed1cd8cafd87fc9260b
43fc347d67c18b1e3ec526ce467d99029a2d9075988e7f0e38af949ef42f7dd2
4f1068edc99916546acb5d121fd05577874fc7455973c96050f94d68b61568ae
50d8a5573603d9819f10428efb4bdb6ff418aedbeb830d19e8c848b8f1df8677
51194aecafe4835b383905f4dc2b32fab7b65c583572807455e8b6917565c264
53fcff215fa86d4eb5e34b88b6587b127ea804a9c5f056f0becbd92572fa4724
548b7c77437489bfdf13c760bb7788f2149d967bf128370e1f81f75d8132b1ea
551546f184fb2b9d24a7bcc7b33dacc79a404b84c051b196901f5060ffab02a3
56f4224017c2836b33ca27f86d4629098c51f500b5e400e64bb236cfc10af67e
5ab5eb8e9350691a15053498f7cc3e0da4a76f6b2a0b90d6bf42301035dd8c27
5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10
5c795928556b12979db821b031bb3c828582864b24a3d8ebd784fd314ebbb7fb
5d0577359952b714e119cc1aa6e318656f7d7c642adb87cc84ff00e87c949dde
625d4151db99dc578ae3e643b34ec849ed01078bbc6c8f368d5ca0d7e90c6186
627b71329076b19918cd241db80b9a358e800f05e7fcff15f4930ddf91c887e0
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
68dbe5c296ae30d165dcdd69f09cb983b7f915cb08aa3753bbb685a2b869047b
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
74587ef639d61074081f224f0ff456133d828891b56626f06f3423cecf6008c1
745ca8a3ee453bae3e8cfe6df05d2d9d704f3b1bd6e52ce407747e4ffef4bb85
7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171
7f3c2228c96253957b887ecf5e5300d625f04068d11dd31442d98052b3fb23cb
7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4
881796fd02c384bf069accaa32d5eefebea20b045bf921507ac798a8db3efe5f
897f3b2686b4218ca3884f2e94e244f70d17ba372f159b9424830543b37a5d3e
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
913575d835a17ddbf479babf07021582e5fe5579d5c0f6e12648cc67637e9904
91e5fde9e205dfbf09d435121977d3e9ffb5cfa02d5f6e7e9d24e3ca45aa6cd4
92546e4d768c9c235fedf39b1ab9f1752cb8bd42a78a569f4c421b0874896c8f
980ca32cc32d0f843d46a0b5ffdb9396b93158b6e8e4d2285488cbba2e318a1e
981847f402169e12bc39c9233d4e70552b4f20535271df6a2f21fb5870c22be3
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98fa96669f1c1e20102e4101636ed3b684bad2766a69eab9195a191815bc65d3
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31
a5aac7edc136d84ae5ea2817cd812b61d2394e047348562f7472401eb5793f82
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
b12a07bb2e4e6f1db1abe0f0899638a01c0f808300b4ea4c043d2915082c2015
b8adfd7cad0e918ca9632aedf4bb10b5e27a44d564cd1af8abc3f997c007f1fd
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c4212d4acc477ebfa3f0c59d00ceb5e8bd1c048ec4e47c1d46024ee9b4186e7d
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf90035e80433c02695d8f493f651d238e235203117e9d2c43f9f150b1b41b89
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d525bbc62853a3dd657416f2e9e69959936ee4e488191e55f16bd946dc557662
d769b3678ebadf2f35643b45f774201a95e7dc456473dcbb5cd507e0744e33d2
dc1c20b5703c1b5f489280ef52add2057b8cc15f3f380723d9623b204791e139
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
e1057a329bc50d1f693c95c4e3604a62e5171aed78b2ef21b2f96a77db6912d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e62de4e1d81d9bc7cc0a778af662e651b26e13760f49b380cb06cae7aa0233f7
e97caecbc5e6c0dacceae03fe2a2740bb6124e234e3887b0717d9a0e1e2eeab1
ead677a55d6bff7010a060f011c2a987ef01ae333a9dba27511e440172122489
ecfb48718a6edc5e924f385d0ed226cde5dfdebde87049970779bd5d9f86c435
ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156
ef7a44f1564d4f0a0701139a4f970777f20cb0131dc9e2a5d3d43b274c82cc79
f40a0064b6078c8faef30b799c94a9a81a6378d590ea7ff3176f316dd3ca2741
ffb77a63c3eb6edad6a880d11caa2c98aaf1bbe88b5a726e6286d060b1d87de8

ebesucher-klicker.de Open in urlscan Pro 144.126.134.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

123 Requests

99 %HTTPS

76 %IPv6

37 Domains

40 Subdomains

30 IPs

5 Countries

6514 kBTransfer

8652 kBSize

2 Cookies

1 Outgoing links

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ebesucher-klicker.de Open in urlscan Pro
144.126.134.105 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

99 %
HTTPS

76 %
IPv6

37
Domains

40
Subdomains

30
IPs

5
Countries

6514 kB
Transfer

8652 kB
Size

2
Cookies

123 HTTP transactions
4 data transactions