www.siceu.de Open in urlscan Pro
85.13.135.3 Public Scan

Software

nginx /

Resource Hash

7e5a17bf1306cf602ed87985ff0e2727aaf36c987bd68d5c62a0b1a5a06687fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-type: text/javascript;charset=UTF-8

GET
H2 200 jw.js Show response
ho47no3iry.de/ Frame 5EC5 3 KB
838 B 277ms
56ms Script
text/javascript 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ho47no3iry.de/jw.js?de=E6eMu7U8GN5V2QLU

Requested by

Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

c69eb8a1c2f84a31f78dadadd117c9db6b93fde53d520fa12b3c0b9be4e0af67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *, *
x-xss-protection: 1; mode=block

GET
H2 200 jquery.php Show response
aluhutmafia.de/ Frame 9120 726 B
641 B 171ms
32ms Script
text/javascript 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://aluhutmafia.de/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1

Requested by

Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

a605cc7765800b9b25189037ca17eceac5f0384bf66ac479e548067d1573c618

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-xss-protection: 1; mode=block
content-type: text/javascript;charset=UTF-8

GET
H2 200 jw.js Show response
cdn-fastcounter.de/ Frame 9120 4 KB
1023 B 243ms
109ms Script
text/javascript 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-fastcounter.de/jw.js?de=E6eMu7U8GN5V2QLU

Requested by

Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

94b4b75b3d7014286e7a137b19ca7deb73b81e37a36acfcc93eb1248471e2de0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *, *
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
wirverkaufennichts.de/ Frame 5E0F 379 B
435 B 45ms
45ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://wirverkaufennichts.de/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1

Requested by

Host: wirverkaufennichts.de
URL: https://wirverkaufennichts.de/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

690029bff3c14a5b02c523ca17f7336c3deb111312ed18beb7a996978296ae8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 matomo.js Show response
tool.hubu.link/ Frame 5EC5 67 KB
25 KB 110ms
29ms Script
application/javascript 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://tool.hubu.link/matomo.js
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/impressum.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: a593b8c7f66906ce81e5ec4d0be9b246a1f3d3497e0f8205f9b10c65b32d8d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 22:14:47 GMT
server: nginx
etag: W/"63d84157-10d05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 / Show response
deli.misaglam.com/prepare/channel/ Frame D94C 384 B
460 B 181ms
50ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://deli.misaglam.com/prepare/channel/?chilli=facebook

Requested by

Host: wirverkaufennichts.de
URL: https://wirverkaufennichts.de/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3baed33e198745e1224d18a0b9204563d180ad48dd8a488514b0ae72acba189

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
aluhutmafia.de/ Frame 7119 379 B
435 B 38ms
38ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://aluhutmafia.de/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1

Requested by

Host: aluhutmafia.de
URL: https://aluhutmafia.de/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

690029bff3c14a5b02c523ca17f7336c3deb111312ed18beb7a996978296ae8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 matomo.js Show response
tool.hubu.link/ Frame 9120 67 KB
25 KB 60ms
58ms Script
application/javascript 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://tool.hubu.link/matomo.js
Requested by: Host: www.siceu.de
URL: http://www.siceu.de/impressum.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: a593b8c7f66906ce81e5ec4d0be9b246a1f3d3497e0f8205f9b10c65b32d8d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 22:14:47 GMT
server: nginx
etag: W/"63d84157-10d05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 / Show response
deli.misaglam.com/prepare/channel/ Frame 75C5 384 B
459 B 96ms
51ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://deli.misaglam.com/prepare/channel/?chilli=facebook

Requested by

Host: aluhutmafia.de
URL: https://aluhutmafia.de/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3baed33e198745e1224d18a0b9204563d180ad48dd8a488514b0ae72acba189

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
ref.cdnplus.de/ Frame 0B35 392 B
514 B 228ms
81ms Document
text/html 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.cdnplus.de/

Requested by

Host: ho47no3iry.de
URL: https://ho47no3iry.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

d71ecfdc639636333de881c1e0b1669d74efe67861471fb77250775ff52479e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: * *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 1616084 Show response
ad.a-ads.com/ Frame 320F 12 KB
5 KB 165ms
58ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1616084?size=300x250

Requested by

Host: ho47no3iry.de
URL: https://ho47no3iry.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

62148b8c2de67ecc91e31ceb3b000f75508ecbce0a6a16115197e5cd108ed382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2

200

bettellink.php Show response
www.mandolose.de/ Frame A8DB
Redirect Chain

https://billigerscheiss.de/?t=1678357548&ln=0
https://www.mandolose.de/bettellink.php?uid=34

120 B
233 B

211ms
45ms

Document
text/html

167.235.7.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mandolose.de/bettellink.php?uid=34
Requested by: Host: ho47no3iry.de
URL: https://ho47no3iry.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.7.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mnode1003.your-node.de
Software: Apache /
Resource Hash: e8871ac90942ed6141c665b372a332f60f008f8c71da03f6403d10a142bf6e9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 129
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
location: https://www.mandolose.de/bettellink.php?uid=34
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
adnade.net/ptp/ Frame DF97
Redirect Chain

https://billigerscheiss.de/?t=1678357548&ln=0
https://adnade.net/ptp/?user=werberlos

8 KB
3 KB

177ms
52ms

Document
text/html

2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adnade.net/ptp/?user=werberlos

Requested by

Host: ho47no3iry.de
URL: https://ho47no3iry.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

39630cd84cc4a2dae919966ca9876c6d8d921f2fd164275fe91e2b0f8c51dc8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
location: https://adnade.net/ptp/?user=werberlos
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

POST
H2 204 matomo.php
tool.hubu.link/ Frame 5EC5 0
186 B 144ms
143ms Ping
text/plain 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tool.hubu.link/matomo.php?action_name=&idsite=zgE1aJ7MjXkV&rec=1&r=073144&h=10&m=25&s=48&url=https%3A%2F%2Fwww.fastcounter.de%2Fb.php&urlref=http%3A%2F%2Fwww.siceu.de%2F&_id=&_idn=1&send_image=0&_refts=1678357548&_ref=http%3A%2F%2Fwww.siceu.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=NuvMXi&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=0&pf_srv=170&pf_tfr=1&uadata=%7B%7D

Requested by

Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.fastcounter.de
date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-credentials: true
server: nginx
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
ref.cdnplus.de/ Frame 3095 392 B
515 B 172ms
65ms Document
text/html 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.cdnplus.de/

Requested by

Host: cdn-fastcounter.de
URL: https://cdn-fastcounter.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

d71ecfdc639636333de881c1e0b1669d74efe67861471fb77250775ff52479e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: * *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 1616084 Show response
ad.a-ads.com/ Frame 6B11 12 KB
5 KB 152ms
82ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1616084?size=300x250

Requested by

Host: cdn-fastcounter.de
URL: https://cdn-fastcounter.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

62148b8c2de67ecc91e31ceb3b000f75508ecbce0a6a16115197e5cd108ed382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.schaschlikhaus.com/ Frame 7106
Redirect Chain

https://billigerscheiss.de/?t=1678357548&ln=0
https://www.schaschlikhaus.com/

179 KB
32 KB

555ms
401ms

Document
text/html

2a02:26f0:dc::6853:433
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.schaschlikhaus.com/

Requested by

Host: cdn-fastcounter.de
URL: https://cdn-fastcounter.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:433 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7ab61796a2c8e6b77bcf7cfb6bd2cd5f2c75d8ef4ca8575574053a79aed63718

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 31108
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 10:25:48 GMT
expires: Thu, 09 Mar 2023 10:25:48 GMT
glf-server: sow
pragma: no-cache
server: nginx
server-timing: cdn-cache; desc=MISS edge; dur=181 origin; dur=172 ak_p; desc="466210_1750271023_284592359_35214_5798_39_0";dur=1
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-akamai-transformed: 9 35119 0 pmb=mTOE,4mRUM,2

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
location: https://www.schaschlikhaus.com/
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
adnade.net/ptp/ Frame 2E6D
Redirect Chain

https://billigerscheiss.de/?t=1678357548&ln=0
https://adnade.net/ptp/?user=kein_Werber

7 KB
3 KB

177ms
53ms

Document
text/html

2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adnade.net/ptp/?user=kein_Werber

Requested by

Host: cdn-fastcounter.de
URL: https://cdn-fastcounter.de/jw.js?de=E6eMu7U8GN5V2QLU

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

44e9ff01e1f797162369cdfff396a4b9e870686869658f5d8642c863b0dba61b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
location: https://adnade.net/ptp/?user=kein_Werber
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H/1.0

200
OK

antibot
de-c114.cdnplus.de/ Frame 9120
Redirect Chain

https://thisis.aninter.net/?dev=b5eb5d7b4a934c8cf1017b3b8d4f9395
https://de-c114.cdnplus.de/antibot

131 KB
0

343ms
170ms

Media
audio/mpeg

178.254.53.60
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://de-c114.cdnplus.de/antibot
Requested by: Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol: HTTP/1.0
Server: 178.254.53.60 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS: rv3054.1blu.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

icy-name: Hubu.FM | Radio Hunteburg
X-Clacks-Overhead: GNU Terry Pratchett
icy-br: 128
icy-notice2: Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url: https://hubu.fm
Access-Control-Allow-Origin: *
icy-pub: 1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0
icy-genre: Misc, News
icy-sr: 44100
Connection: close
Accept-Ranges: none
icy-notice1: <BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
content-type: audio/mpeg

Redirect headers

location: https://de-c114.cdnplus.de/antibot
access-control-allow-origin: *
date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

POST
H2 204 matomo.php
tool.hubu.link/ Frame 9120 0
186 B 151ms
151ms Ping
text/plain 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tool.hubu.link/matomo.php?action_name=&idsite=zgE1aJ7MjXkV&rec=1&r=416177&h=10&m=25&s=48&url=https%3A%2F%2Fwww.fastcounter.de%2Fb.php&urlref=http%3A%2F%2Fwww.siceu.de%2F&_id=&_idn=1&send_image=0&_refts=1678357548&_ref=http%3A%2F%2Fwww.siceu.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=hQz6eI&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=0&pf_srv=250&pf_tfr=1&uadata=%7B%7D

Requested by

Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://www.fastcounter.de
date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-credentials: true
server: nginx
x-xss-protection: 1; mode=block

GET
H2 200 wgpizbdq.js Show response
ad4m.at/ Frame D94C 35 KB
13 KB 119ms
40ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/wgpizbdq.js
Requested by: Host: deli.misaglam.com
URL: https://deli.misaglam.com/prepare/channel/?chilli=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd14737bbf7545b7aa7ce5ecd13d55596a8f40028fb6f8925dd2b47d3feb001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deli.misaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 111541
etag: W/"a5bcd41c7f7360eff92ced08a546ec0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaDQHKnvr8qqCfwQKg2KEuNX3mUiLxbtadBzsDjola40LP3Rsx8Vibwi%2BCjfWfqIQtzOTXxbkY%2FT8QKjUULLTf8ZfXEivwAeQOjAlHtLSIqGT6zkLidJwNmbELMmuDk6JqITvQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7a529db5ec8c3a4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Mar 2023 15:28:06 GMT

GET
H2 200 wgpizbdq.js Show response
ad4m.at/ Frame 75C5 35 KB
12 KB 112ms
43ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/wgpizbdq.js
Requested by: Host: deli.misaglam.com
URL: https://deli.misaglam.com/prepare/channel/?chilli=facebook
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd14737bbf7545b7aa7ce5ecd13d55596a8f40028fb6f8925dd2b47d3feb001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deli.misaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 111541
etag: W/"a5bcd41c7f7360eff92ced08a546ec0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2oCVWTQT73oymV31tCCsEdNK%2BhnOBUgXAbeO7jze49xxnHv9RbAOXf4F0jagHJAkwt6T50rSyWSNLWZ6YaHRaEo7qOm1xtZX3SBDSLpsF8b95xcYVQmow3ZkBE4vbJVqsJUt5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7a529db5ec8f3a4a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Mar 2023 15:28:06 GMT

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393746/ Frame 320F 609 KB
610 KB 43ms
42ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393746/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
x-amz-version-id: FOGynYQlla8njUZxgta1uuTSww4lT2p7
last-modified: Tue, 31 May 2022 13:28:30 GMT
server: nginx
x-amz-request-id: QJSN763R321JXCCQ
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: mkXxKcUdtjvcTpTSrxNMRNmco3NCUBq6TVfmaNCT8DcE/9zZCm9LUJiB1t27Z08/BXPJ2Ylu5wM=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393746/ Frame 6B11 609 KB
610 KB 63ms
62ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393746/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
x-amz-version-id: FOGynYQlla8njUZxgta1uuTSww4lT2p7
last-modified: Tue, 31 May 2022 13:28:30 GMT
server: nginx
x-amz-request-id: QJSN763R321JXCCQ
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: mkXxKcUdtjvcTpTSrxNMRNmco3NCUBq6TVfmaNCT8DcE/9zZCm9LUJiB1t27Z08/BXPJ2Ylu5wM=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ref.cdnplus.de/ Frame 3095 94 KB
38 KB 109ms
108ms Script
application/javascript 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ref.cdnplus.de/jquery.min.js
Requested by: Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h109.hubuhost.com
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ref.cdnplus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 14:16:34 GMT
server: nginx
etag: W/"628f8bc2-1762a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Thu, 16 Mar 2023 10:25:48 GMT

GET
H2 200 jquery.min.js Show response
ref.cdnplus.de/ Frame 0B35 94 KB
38 KB 92ms
91ms Script
application/javascript 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ref.cdnplus.de/jquery.min.js
Requested by: Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h109.hubuhost.com
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ref.cdnplus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 14:16:34 GMT
server: nginx
etag: W/"628f8bc2-1762a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Thu, 16 Mar 2023 10:25:48 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame F6A0 2 KB
1 KB 46ms
45ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1950130
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7a529db64d0e3a4a-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 10:25:48 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNq6DGAVQsEZsVs2vII8r0Q89%2BUkwwn%2B%2FPOklHd3s%2BBi9aZJGVRxVeyfklZLM%2BwPSsAD3UUEXi6z8HH4ZshzCckGsHQBTOoan%2BcuQ81WnC%2BUqHpH0IsmimXmgw%2BWN5RYizUyYMQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 frame.html Show response
ad4m.at/ Frame 4264 2 KB
1 KB 41ms
41ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1950130
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7a529db65d143a4a-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 10:25:48 GMT
expires: Thu, 19 Jan 2023 19:22:47 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2FzhOwZktuPqwWc6mlDS7brmb9oj1hAbSMOH8jO16vCNXZy3ZX0s%2F58MQYY7pN24c5sBQyb6umx1ri3gDRhPAHnxlzzuF5RWnHWFIzs5KHLqcQ5OL9970QIuTTD39TjaxR05wpE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame D94C 468 B
857 B 52ms
52ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9fed52ae754abe6f1b9c686fadad4aeb0e9016ab618f6d72d3a23a65a9d3bc9

Request headers

Referer: https://deli.misaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuogbnISYHZcxh36CiKyGGhfqVAJoDcUduPqMzezEdNP%2BU5S5izBwfWg0nxZEv%2BUq5pLoV0JIg1dssmhnTXlf7CJgcrb0x7de9he4FByu0LY3m19UoRbCzcEWWwKh8EL28%2F1%2FbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://deli.misaglam.com
access-control-allow-credentials: true
cf-ray: 7a529db75f5d9152-FRA
x-backend-server: aa-reachservice-group-europe-west1-1vtx
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 88ms
55ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://deli.misaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://deli.misaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a529db70eff9152-FRA
content-length: 24
content-type: text/plain
date: Thu, 09 Mar 2023 10:25:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPcrGo8G9D8NGyWLubnRLekhmM8hbyYqtHdEjj7qtYE1w15btwYrGLmlmaQArJCLW9T5msTewsNGQcYvjOad0XLAAnvRr%2F48uU42fsj98YjPAI3%2FUHZhc2BvrDAp%2FwnDNJgzlSs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-1vtx

POST
H3 200 rs Show response
ad4m.at/ Frame 75C5 471 B
856 B 52ms
51ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9b3bd64522492ffc4d60d56830d4a6735476d6c92681eef0490454c85e92881

Request headers

Referer: https://deli.misaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlTrUlaJBBk8f2mpn95hkKz%2B4FSveAbq8u2nPfJktZi4mKnpiJ2HcVNirEqP%2FRfpVg7OhPxQly4lpBElqBbb1HSysy0HaXlFnk5uFdP9GXVJvPIGD1Ga%2Bb1xgsNhyYrhuLJbc2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://deli.misaglam.com
access-control-allow-credentials: true
cf-ray: 7a529db75f559152-FRA
x-backend-server: aa-reachservice-group-europe-west1-1vtx
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 82ms
52ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://deli.misaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://deli.misaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a529db70efe9152-FRA
content-length: 24
content-type: text/plain
date: Thu, 09 Mar 2023 10:25:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vm%2FN0Vz1wRI281aQ0rPBdsfnqbyYs234P%2BPQOidxVExlGcRf2YredzAPFCYwiPjcC%2F%2BW6wGWkXmKn3bzjGud24Nj3dwBtY42lVYWvPM%2BPkmb2dqgoId1tU4l6jjX%2B7Nehj7xy4I%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-1vtx

GET
H2 200 ml.gif
adnade.net/images/ Frame DF97 6 KB
6 KB 38ms
38ms Image
image/gif 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/ml.gif
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6de1a06737e1d3a1281a0c4bb7df5b4923b25044c5edfe851666dc1ed9f86f6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=werberlos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
last-modified: Sat, 31 Dec 2022 17:02:58 GMT
server: nginx
etag: "63b06b42-167a"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5754
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 ptp.png
adnade.net/ptp/ Frame DF97 343 B
535 B 39ms
38ms Image
image/png 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/ptp/ptp.png
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=werberlos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
last-modified: Tue, 03 Jan 2023 04:34:09 GMT
server: nginx
etag: "63b3b041-157"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 343
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 jw.js Show response
cdn.wrly.de/ Frame DF97 2 KB
728 B 239ms
76ms Script
text/javascript 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

675f6974a422e21d3bcba863e1a1cfb882bdce195ce9d51abd0196099e1f9513

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *, *
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.6.3.min.js Show response
adnade.net/ptp/ Frame DF97 88 KB
36 KB 39ms
38ms Script
application/javascript 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adnade.net/ptp/jquery-3.6.3.min.js
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=werberlos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2023 04:21:15 GMT
server: nginx
etag: W/"63b3ad3b-15f5b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 consent.js Show response
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame DF97 2 KB
2 KB 176ms
71ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: Cookie First CDN-AT1-731 /
Resource Hash: 5e62a952b93ef40342984beb6c09fcc52b3dca1eb0d7c94daf4544107bc68df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-storageserver: DE-164
cdn-cachedat: 03/09/2023 10:25:48
cdn-pullzone: 236985
visitor-location: DE
last-modified: Mon, 13 Feb 2023 03:22:44 GMT
server: Cookie First CDN-AT1-731
cdn-fileserver: 555
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63e9ad04-925"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=30
cdn-requestid: c88a5b00e073841175f10df502a8d934
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ml.gif
adnade.net/images/ Frame 2E6D 6 KB
6 KB 40ms
39ms Image
image/gif 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/ml.gif
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=kein_Werber
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6de1a06737e1d3a1281a0c4bb7df5b4923b25044c5edfe851666dc1ed9f86f6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=kein_Werber
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
last-modified: Sat, 31 Dec 2022 17:02:58 GMT
server: nginx
etag: "63b06b42-167a"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5754
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 ptp.png
adnade.net/ptp/ Frame 2E6D 343 B
535 B 40ms
40ms Image
image/png 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/ptp/ptp.png
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=kein_Werber
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=kein_Werber
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
last-modified: Tue, 03 Jan 2023 04:34:09 GMT
server: nginx
etag: "63b3b041-157"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 343
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 jw.js Show response
cdn.wrly.de/ Frame 2E6D 2 KB
729 B 230ms
73ms Script
text/javascript 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=kein_Werber

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

675f6974a422e21d3bcba863e1a1cfb882bdce195ce9d51abd0196099e1f9513

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *, *
x-xss-protection: 1; mode=block

GET
H2 200 consent.js Show response
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame 2E6D 2 KB
2 KB 173ms
73ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=kein_Werber
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: Cookie First CDN-AT1-731 /
Resource Hash: 5e62a952b93ef40342984beb6c09fcc52b3dca1eb0d7c94daf4544107bc68df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-storageserver: DE-569
cdn-cachedat: 03/09/2023 10:25:48
cdn-pullzone: 236985
visitor-location: DE
last-modified: Mon, 13 Feb 2023 03:22:44 GMT
server: Cookie First CDN-AT1-731
cdn-fileserver: 555
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63e9ad04-925"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=30
cdn-requestid: 5265e8f4d714c49326776c35a4b4afe1
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ptp.png
adnade.net/ptp/ Frame DF97 343 B
535 B 39ms
38ms Image
image/png 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/ptp/ptp.png
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=werberlos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
last-modified: Tue, 03 Jan 2023 04:34:09 GMT
server: nginx
etag: "63b3b041-157"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 343
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 / Show response
cduspenden.de/partner/ Frame 0116 333 B
531 B 162ms
33ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cduspenden.de/partner/

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

aa8e3adbf0b5c901a3909a38faa3cddd4ae183dff1fec4c954d2bab3aa40f3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adnade.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 333
content-type: text/html
date: Thu, 09 Mar 2023 10:25:48 GMT
etag: "63e99d0e-14d"
last-modified: Mon, 13 Feb 2023 02:14:38 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
adnade.net/ptp/banner/ Frame 350F
Redirect Chain

https://adnade.net/ptp/banner
https://adnade.net/ptp/banner/

605 B
561 B

73ms
72ms

Document
text/html

2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adnade.net/ptp/banner/

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

13602ac925b60bac75f8ba0a5c4f6931f58165c98d8c7283cf88562828f16966

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adnade.net/ptp/?user=werberlos
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-length: 162
content-type: text/html
date: Thu, 09 Mar 2023 10:25:48 GMT
location: https://adnade.net/ptp/banner/
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 ptp.png
adnade.net/ptp/ Frame 2E6D 343 B
535 B 70ms
69ms Image
image/png 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/ptp/ptp.png
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=kein_Werber
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=kein_Werber
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
last-modified: Tue, 03 Jan 2023 04:34:09 GMT
server: nginx
etag: "63b3b041-157"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 343
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 / Show response
cduspenden.de/partner/ Frame 15A8 333 B
530 B 157ms
33ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cduspenden.de/partner/

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=kein_Werber

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

aa8e3adbf0b5c901a3909a38faa3cddd4ae183dff1fec4c954d2bab3aa40f3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adnade.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 333
content-type: text/html
date: Thu, 09 Mar 2023 10:25:48 GMT
etag: "63e99d0e-14d"
last-modified: Mon, 13 Feb 2023 02:14:38 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
adnade.net/ptp/banner/ Frame E16F
Redirect Chain

https://adnade.net/ptp/banner
https://adnade.net/ptp/banner/

843 B
639 B

67ms
67ms

Document
text/html

2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adnade.net/ptp/banner/

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=kein_Werber

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

ec2a86592c830048d6b1db98ebc28d89f1fb0f2a03535a4029fdca99ca81ee57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adnade.net/ptp/?user=kein_Werber
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-length: 162
content-type: text/html
date: Thu, 09 Mar 2023 10:25:48 GMT
location: https://adnade.net/ptp/banner/
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 1C4A 6 KB
3 KB 70ms
53ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1de7bdadbf7557826adab06b040070b59debc3ee74cee1c4d08babab653e853

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529db7cebc3a4a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:25:48 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 2574 6 KB
2 KB 69ms
56ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2553254e3e76726062209f43765dbaf3a9a675d46afe88ab411e80c1f0b9a2f3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529db7cebd3a4a-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:25:48 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 klick4creditsgoto.php Show response
adnade.net/ Frame ECEE 404 B
442 B 99ms
99ms Document
text/html 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adnade.net/klick4creditsgoto.php?surfsid=2e656edd02c66ee79ea4899271ed0cd7

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/banner/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

fb78885c0198ddd662df5014dd39c2ed464feffa1fa8574278464640c855cb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adnade.net/ptp/banner/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 empty.gif
adnade.net/ptp/ Frame E16F 43 B
233 B 51ms
51ms Image
image/gif 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/ptp/empty.gif
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/banner/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2c9c5820db6f7a8a6c3912b60454a491326c2712a0db3ba10c751b0bc3816469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/banner/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
last-modified: Tue, 03 Jan 2023 05:01:01 GMT
server: nginx
etag: "63b3b68d-2b"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 43
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2

200

webbi_traffic.php Show response
netzwerk-ad.de/ Frame BAAD
Redirect Chain

https://adnade.net/surfbar/?sid=1678357548&img=1&ln=40
https://netzwerk-ad.de/webbi_traffic.php

4 KB
2 KB

496ms
146ms

Document
text/html

144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/webbi_traffic.php

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/banner/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ea04cc14c98a79b76117b7e642d1444935aa6530148999731734e99588364c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adnade.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
location: https://netzwerk-ad.de/webbi_traffic.php
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 1C4A 94 KB
12 KB 42ms
42ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 690737
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nudaJ7mSVF2kTLB317pxfrw2I%2Fu5geAy5AKFguOFkeJBYzHSZCAAjpeBMlLfyqlr1qUcnvJ2pG4j4dzhfVchfukKlivfkGrk9Cm1L1RFlfQjih80ghrorJ4VoKBFlVEwb0Xyw7Fle9I%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a529db84adb366d-FRA
expires: Thu, 09 Mar 2023 11:25:48 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 1C4A 44 KB
44 KB 39ms
38ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457234
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDfI4Di1MMwjf0HbOMSNdc5OopvneIn%2B3qY5GbisMvMsNKt9gNIiI2bsNcrcO4Jul0KPmgR9g%2FdYU6BTid%2FmgEioJ%2Fu4FT3nGqpYBMJF5Vu%2FYZpopNYZ%2FyYp0IAiYlSDDVsxK329wzae1UT4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db84f6e3a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 1C4A 222 KB
222 KB 53ms
50ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457234
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226916
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JPdXui6a6%2F6R3k2%2BtD6wYMTDXYW%2BlDcFBIfWems6lUzpcGwJCiztbPZeUkOt72DjktCxdLsSWdlAXkzHLv201svnNRUgW1md3txrf8Vb5O3h9th6XLu%2FgF3N%2BMPLbczXVHX82vVGMkEz%2Fu%2Bn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db86fa13a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 1C4A
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidpqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FEoneid__Influencer_FB_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1678357549_c2a7fe70-be64-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=

0
474 B

144ms
59ms

Image
text/plain

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1678357549_c2a7fe70-be64-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
cache-control: no-cache
cf-ray: 7a529dbaba12bbce-FRA
content-length: 0
expires: -1

Redirect headers

Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1678357549_c2a7fe70-be64-11ed-9d45-2261c3620022&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 75A9A7DCDA92D6C9798186AAFB9695F711D4C5E54B41723D9C2E3B2D9B85E5033C6C1B6444156F35ADA461293C42CD0BB905FD146374E81BD9C87AD36BB7586D
assets.ad4m.at/logo/ Frame 1C4A 18 KB
19 KB 51ms
47ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/75A9A7DCDA92D6C9798186AAFB9695F711D4C5E54B41723D9C2E3B2D9B85E5033C6C1B6444156F35ADA461293C42CD0BB905FD146374E81BD9C87AD36BB7586D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4268930fa58c002aa995568ad261ae90dd6b94517f449d4751c5e5952359934f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1714150
cf-polished: origFmt=png, origSize=32513
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18680
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Feb 2023 12:45:48 GMT
server: cloudflare
etag: "9ccb6d9945a880713e50b6a2da5cbb82"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1GLWLkj4rgETc57FPFhen37N5n4Wcxhpw%2BvdV9I%2ByvXslFr4kWg1kojl2nLfDWn2CZqPq5QrA%2BscrHN44BgsBfa%2Bb4spGBIeCAbsWybXgpe5DOr%2FONpKyfA1C9kcvuM7ypN0cvhjadf%2BPoo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db86fa23a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H2 200 8BA869F120B7A698E52C3D3F6B16AD5C117AA52AF87C656FA0FBFEB51E2CD0B2917A7A6774EBF9E698068FC8D46B9AB59F44CEE744FE0C6DB139717E5ADF792B
assets.ad4m.at/product_image/ Frame 1C4A 356 KB
357 KB 51ms
48ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8BA869F120B7A698E52C3D3F6B16AD5C117AA52AF87C656FA0FBFEB51E2CD0B2917A7A6774EBF9E698068FC8D46B9AB59F44CEE744FE0C6DB139717E5ADF792B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b9cdce07eebb49f80760f7ae4593b18bde9c1f1c6efb6f5a4810a8a072685a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1714150
cf-polished: origFmt=png, origSize=586157
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 364938
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Feb 2023 12:58:32 GMT
server: cloudflare
etag: "1e032f0b6ee128c5ba54d77ee1a5b56a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lF8fdYUF%2BTpN%2BXYOMRJIHZWY6aesBLJCGmf29ZEAOhTpRt8oQFe1i%2BQX7iQ1e%2F17aSFPegugut%2F2US8MrHsBf%2B9gQnFYa3zF0h5hRneUiAuLTr%2F0nCQM%2Bx6Tat4ZcNQ1Dm6p3dvvKV3Vizhd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db86fa43a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1C4A 43 B
704 B 202ms
95ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3238410&v=28431&q=438087&r=412871&pv=1&pref3=oneidMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3oneid__Influencer_FB_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 1C4A 10 KB
10 KB 51ms
48ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85b1179ca4ed7dc5ea897d1b565a69ccae8d2aad29dff7bb874da7d94538bff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457231
cf-polished: qual=85, origFmt=jpeg, origSize=58124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9782
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 Jul 2022 10:19:52 GMT
server: cloudflare
etag: "b4342e277c43aad9c5020a04564bfd1e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FB9w4ZON%2BGTOyXfYAvIC2Vtau7PF6YkENDQhW5DCwrVCqptIA5jyCxYkGGYg9lfZtg%2BWDAGc585ZrOkuFVvHIR7R1YH1cKf14kaOG%2FoO%2FayR3TTxrQnPfIVoUCM6bXYSTOPXK8VVjG4e8Euw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db86fa53a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H2 200 7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame 1C4A 51 KB
51 KB 52ms
50ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C337243%2C15573&b=pqg6C1fgfwAgskH4HmtztQkMu9S7t8V4FE%2CMB86tzfrfgkx7SWHEHGtDtmeZ5aBS9txrWh3%2C7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHM&f=Jm1kczf5fZj9TBH6H7tqCp5BaxSdt4EjsX%2C6RX3tef3fpE13FeHmHYtEC3gG4TYSBt3VWH7%2CExRXcDfEf7ZwtzHAHjt6C7Q1HKSrtYrmS7&c=300&d=250&e=&g=da27394134c8a813816d095d93facb75%2F9441697374277180835&i=21596%2C114490%2C26474&j=16%2C16%2C41&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548711&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a7f4c8a9af17cac4c92d0fad28e07cc781825be9dd19da205c028b2a49e634a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457232
cf-polished: qual=85, origFmt=jpeg, origSize=128978
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52014
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 May 2022 12:16:42 GMT
server: cloudflare
etag: "aa8c145ca1b6cb2be4e511f8f6f2685d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mKwyB1q6v2Zr%2BNYY8LBPAVc1zyOJQIJuPnQq2%2FKcy8Vs6UxDJSL4MI1CHz38zq8orzh7%2BAL0tiorLhXNS%2BCm%2Fzcz%2BC6XoSDq3DqXHSApGWgSTt6iv8iDkIn7R59vloiskrA%2BoeU4oZCOM5v"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db86fa73a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H2

200

view.aspx
pb.media01.eu/ Frame 1C4A
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneid7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHMoneid__Influencer_FB_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHMoneid__Influencer_FB_advancedad_300x250&actionid=981741&pro...

0
608 B

191ms
52ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHMoneid__Influencer_FB_advancedad_300x250&actionid=981741&produktid=&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 09 Mar 2023 11:25:48 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 5413AFB7:ECB2_91EFC182:01BB_6409B42C_B204933:C02A
X-IPLB-Instance: 40028
Content-Type: application/javascript
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneid7A4bUqfzfdrRsrHXHgtAt4XeH4SgtQ8RHMoneid__Influencer_FB_advancedad_300x250&actionid=981741&produktid=&dt_url=
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H2 200 / Show response
deli.misaglam.com/prepare/channel/ Frame 5950 384 B
458 B 32ms
31ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://deli.misaglam.com/prepare/channel/?chilli=tiktok

Requested by

Host: cduspenden.de
URL: https://cduspenden.de/partner/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6e1124c2a4ec102a94cb13c376e0f9a289ec6291b15c05acf787d18073de6160

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cduspenden.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 2574 94 KB
12 KB 61ms
60ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 690737
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwHYRFX7Vq7M113cvzdUQbzEhgy4caU0zGXfHT%2FfQyjfWJ8FDf7YHPTwkuER6irdULGKNAH%2F1wIyP9eBG7MpoNPiOlzzcBuD6mb0qJv72BIZxCKOvwY2VJ31C1jVtMj9u7%2BS%2Fwp8Ikk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a529db85aec366d-FRA
expires: Thu, 09 Mar 2023 11:25:48 GMT

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 2574 36 KB
36 KB 41ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 242505
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2m9cMK1J7oTjAoyq%2FqoHbsolWbGzqpDIFME%2BWhemChihBF9lQ6W44ggcn2ZQW60LUnIMcFHm2oib5Ube9NJb%2BPgpEUBzg5BDBJ0lsNs%2BXJDANe3gLs%2BgL%2B%2BytiBtVcAXUkQh4Bn5BFPKamC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db85f7d3a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 2574 38 KB
38 KB 47ms
46ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75743518d10d4b4a939717f66c07ef13fb128590c0b05df5c26835efa5280c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 244005
cf-polished: degrade=85, origSize=133780, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38661
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5VYGen45koXrdf94cCarMrsWGNcT4dwOE5B4NsH06lfUT2LqsPY5iH4%2FydNMDGyIItlc9vb83rJwg1FBugkXgsU%2BQS4Ag4w1l%2FoK4fHugL%2Fd3NdjnEYPqx%2BXH3nWlTWdsQf2WYb8s46fm%2FH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db87faa3a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2574 43 B
704 B 196ms
94ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidqxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3oneid__Influencer_FB_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 521816B122764001ADB70A517984F37BFF9BF6A673BABF5D86AB411E7DB29F110A1EE88B26C2C779693C09EA30E537FC99BF58A2C05EC7C7FC76B7121E2F0D23
assets.ad4m.at/logo/ Frame 2574 3 KB
4 KB 49ms
48ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/521816B122764001ADB70A517984F37BFF9BF6A673BABF5D86AB411E7DB29F110A1EE88B26C2C779693C09EA30E537FC99BF58A2C05EC7C7FC76B7121E2F0D23
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0563b45e7f8099573475a80a342c9e71a371e453ae363335dcee0987ce087655

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457156
cf-polished: origFmt=png, origSize=12409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3270
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Nov 2022 09:42:26 GMT
server: cloudflare
etag: "66b1eff8bdbba24886f7b1fc8575650c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCJmznUh0N3RIBSVLQxkFbvyN%2FVQj%2BwHm%2BMyRzZ%2BMhmh2LrZBjec3ZIbhpcMRzl%2ByizCKS02KOHeP3kqquSzvSx8vXVJGw9uzWvpB3BIdwuf%2FJbsMppjr6KuSVRUtXacb5obuIoZu96Z3VDh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db87fad3a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H2 200 069D6AC8048C845ED241E4D08FED5C8BF19DF09CD5D31CEFFF7C284512B39110035A45A716C9107E61A08153C69FFB45D9A6249AF8BFA59770C31521FB495CCB
assets.ad4m.at/product_image/ Frame 2574 382 KB
383 KB 47ms
46ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/069D6AC8048C845ED241E4D08FED5C8BF19DF09CD5D31CEFFF7C284512B39110035A45A716C9107E61A08153C69FFB45D9A6249AF8BFA59770C31521FB495CCB
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49552a1b265626ae43788c7a552f0e83b2a60c3b80a03f0a3ac5d897e19e5a4f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457156
cf-polished: origFmt=png, origSize=567269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 391308
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Dec 2022 15:02:50 GMT
server: cloudflare
etag: "364fb0bbdd277cfa57c3290ca877647c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BKXP21wbx92kdd4Aw9hTDEnlj4wCnxeHHJLs2ry1DbcBPVKbtGuvlZhxNjLs0lhaYsEQ7Z0eLkABmbdyAS1yNUyabaZKQVsxwQm4diKq3z%2BsA57tHt2WV5%2BMyNmifMA1T7Z0lJg%2FYrFBnik"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db87fae3a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2574 43 B
702 B 182ms
81ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3254070&v=14598&q=371862&r=412863&pv=1&pref3=oneidwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5oneid__Influencer_FB_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 3271150BBEADFF808BD3CEA2867AF32C66EE15C6D39FE71CF862B7A8D99CB33E9F2D127B9D6D9EDB7068CEB7C91884CBD793F32CD570416A15B7DDADCC3A17AE
assets.ad4m.at/logo/ Frame 2574 3 KB
3 KB 73ms
72ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/3271150BBEADFF808BD3CEA2867AF32C66EE15C6D39FE71CF862B7A8D99CB33E9F2D127B9D6D9EDB7068CEB7C91884CBD793F32CD570416A15B7DDADCC3A17AE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da02bcb0d36c0139860e4c05d46f6a55e23843fbb0a2fe63f771c03ab6fd17c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457131
cf-polished: origFmt=png, origSize=7704
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2792
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Jun 2020 10:41:21 GMT
server: cloudflare
etag: "4d60e5c369913e19a36335fa394a2918"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8rST6SJALPkiZd1Ror7LLCMXsH1dnVRkcA14p3vNVc1Gmiaep0QHaDnw2ClIYXt0uxZMT%2B8K8Nm1tCtH7wzu2j9EkZjwnDvz5ea3%2FD3jG%2F6qKwVIbHQMrke%2BwwEX0OdC89IM%2FJsJ04POwQF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db88fcb3a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H2 200 E13DED61705B4376A55CBAAC337EBAA64E3F91EF81AEEB4D123E9DA4883BA3DEFE10C7AC9777FEB90520081B5E82B952B0340DB3FCB79D9B5DDF7CF35D16E40F
assets.ad4m.at/product_image/ Frame 2574 96 KB
96 KB 74ms
73ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/E13DED61705B4376A55CBAAC337EBAA64E3F91EF81AEEB4D123E9DA4883BA3DEFE10C7AC9777FEB90520081B5E82B952B0340DB3FCB79D9B5DDF7CF35D16E40F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19769%2C327780%2C29524&b=qxgMcmfWfpgbfZHgHDtJtX9ETeS3tJDxC3%2CwxkGcdfjfxm43TEHRH2tXtEWgTzS9tmrAa5%2CJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsX&f=RBkmtgfQfXxZckHwH3tzCdqRT9SxtYMPS7%2CgAWwU8frfWbKdfPHbH8txCP31umSjt9pjhe%2CGDYZcBfpfm9rtKHeHGtBC9PXHZSjtJ7ZCE&c=300&d=250&e=&g=aa4caa6ec9219099d127e0ef60dd3e73%2F5464857224191582090&i=21630%2C22886%2C27626&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_FB_advancedad_300x250&r=1678357548714&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cd2f6f9c24f2942cd4ba0ab02b94ee32c481a26d73613dd4b3e8344b96f1efc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 457131
cf-polished: origFmt=png, origSize=167931
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 98220
cf-bgj: imgq:85,h2pri
last-modified: Wed, 20 Apr 2022 12:57:56 GMT
server: cloudflare
etag: "2553b78b6500db798be51b8b354afc8d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Eh52dpHJHd3ppx68rxHHR2NGTdYo%2BpkON8HzHzDzrKd8aLJh20F1blsPeDBi6Gvo7HpldXhTR%2F9dtOjzcc84hQhP6IU3ME3MR2YBqVb6QCvCpKo81syxJzpBl1CFvuelT%2B1NJwfwTj05vzX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529db88fcc3a4a-FRA
expires: Fri, 10 Mar 2023 10:25:48 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 2574 43 B
704 B 197ms
96ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2660143&v=11833&q=333809&r=137680&pv=1&pref3=oneidJm1kczf5fe7AHBH6H7tptYPDfxSdt4EjsXoneid__Influencer_FB_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 / Show response
deli.misaglam.com/prepare/channel/ Frame 4348 384 B
458 B 33ms
33ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://deli.misaglam.com/prepare/channel/?chilli=tiktok

Requested by

Host: cduspenden.de
URL: https://cduspenden.de/partner/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

6e1124c2a4ec102a94cb13c376e0f9a289ec6291b15c05acf787d18073de6160

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cduspenden.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H3 200 wgpizbdq.js Show response
ad4m.at/ Frame 5950 35 KB
13 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/wgpizbdq.js
Requested by: Host: deli.misaglam.com
URL: https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd14737bbf7545b7aa7ce5ecd13d55596a8f40028fb6f8925dd2b47d3feb001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deli.misaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103765
etag: W/"a5bcd41c7f7360eff92ced08a546ec0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6y%2FsVrBPiXnqEeqZqOb3nVJWmtlZfhrbKm7AdVORSESFrrb8XmfkuICC00Kcmlu3HBSxDR4jdogcia%2BmCWCTJv5D9EAgPLZCs2zFxlUT53XysjwlrjkElpQTya5PfJf%2FZJvDVR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7a529db8ab7e366d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Mar 2023 15:28:06 GMT

GET
H2

200

ban2.gif
www.websyndic.com/banners/ Frame ECEE
Redirect Chain

https://libertad-ads.de/kamp/b_view.php?uid=32&bid=24549&sid=47
https://websyndic.com/banners/ban2.gif
https://www.websyndic.com/banners/ban2.gif

3 KB
3 KB

207ms
119ms

Image
image/gif

15.235.118.190
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.websyndic.com/banners/ban2.gif
Requested by: Host: adnade.net
URL: https://adnade.net/klick4creditsgoto.php?surfsid=2e656edd02c66ee79ea4899271ed0cd7
Protocol: H2
Server: 15.235.118.190 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns5019653.ip-15-235-118.net
Software: nginx / PleskLin
Resource Hash: 99a4809214013a710aa354986e2c2c823761b49821c83055b8e3b6a605138b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
last-modified: Sun, 11 Dec 2022 04:26:43 GMT
server: nginx
etag: "63955c03-caa"
x-powered-by: PleskLin
content-type: image/gif
accept-ranges: bytes
content-length: 3242

Redirect headers

location: https://www.websyndic.com/banners/ban2.gif
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H3 200 wgpizbdq.js Show response
ad4m.at/ Frame 4348 35 KB
13 KB 48ms
47ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/wgpizbdq.js
Requested by: Host: deli.misaglam.com
URL: https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bd14737bbf7545b7aa7ce5ecd13d55596a8f40028fb6f8925dd2b47d3feb001

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deli.misaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 15:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 103765
etag: W/"a5bcd41c7f7360eff92ced08a546ec0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1O0wuMRuNpR92cPh0NEvIm2YhT4Tnqj%2BoKMIjp%2F4eXlbNSEmWQTCl8HFd5gDD6NjqP07%2FNa8%2FfLRHIUowvnElpeoG5gweUoPoh2OSzcQ4BZx8DXV0d%2FMcyA1P6UghKJzYdS1Foo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7a529db8cbad366d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 02 Mar 2023 15:28:06 GMT

GET
H2 200 / Show response
ref.cdnplus.de/ Frame F46D 392 B
514 B 59ms
58ms Document
text/html 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.cdnplus.de/

Requested by

Host: cdn.wrly.de
URL: https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

d71ecfdc639636333de881c1e0b1669d74efe67861471fb77250775ff52479e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: * *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 1616084 Show response
ad.a-ads.com/ Frame E187 12 KB
5 KB 55ms
55ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1616084?size=300x250

Requested by

Host: cdn.wrly.de
URL: https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

f327d949d129a396f17f44cccba41dac86ef58411dc20a88951c7e1fe2a519ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2

200

bettellink.php Show response
mandol.de/ Frame A12C
Redirect Chain

https://billigerscheiss.de/?t=1678357548&ln=0
https://mandol.de/bettellink.php?uid=11

120 B
233 B

179ms
46ms

Document
text/html

167.235.7.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mandol.de/bettellink.php?uid=11
Requested by: Host: cdn.wrly.de
URL: https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.7.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mnode1003.your-node.de
Software: Apache /
Resource Hash: e8871ac90942ed6141c665b372a332f60f008f8c71da03f6403d10a142bf6e9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 129
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
location: https://mandol.de/bettellink.php?uid=11
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2

200

webbi_traffic.php Show response
www.netzwerk-ad.de/ Frame A9D6
Redirect Chain

https://billigerscheiss.de/?t=1678357548&ln=0
https://www.netzwerk-ad.de/webbi_traffic.php

4 KB
2 KB

472ms
139ms

Document
text/html

144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netzwerk-ad.de/webbi_traffic.php

Requested by

Host: cdn.wrly.de
URL: https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

ea04cc14c98a79b76117b7e642d1444935aa6530148999731734e99588364c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
location: https://www.netzwerk-ad.de/webbi_traffic.php
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
ref.cdnplus.de/ Frame DBD8 392 B
514 B 50ms
49ms Document
text/html 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ref.cdnplus.de/

Requested by

Host: cdn.wrly.de
URL: https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

d71ecfdc639636333de881c1e0b1669d74efe67861471fb77250775ff52479e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: * *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 1616084 Show response
ad.a-ads.com/ Frame F61A 12 KB
5 KB 52ms
52ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1616084?size=300x250

Requested by

Host: cdn.wrly.de
URL: https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

62148b8c2de67ecc91e31ceb3b000f75508ecbce0a6a16115197e5cd108ed382

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 09 Mar 2023 10:25:48 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
bitporno.de/ Frame 2C9B
Redirect Chain

https://billigerscheiss.de/?t=1678357548&ln=0
https://bitporno.de/

58 KB
8 KB

197ms
49ms

Document
text/html

94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitporno.de/

Requested by

Host: cdn.wrly.de
URL: https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server-108-157-217-78.arn56.r.cloudfront.net

Software

nginx /

Resource Hash

eb1182438e9ee3d7e5dd0c9b3920bccd53dfe1f85344fde5f34424f9de2c8d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Thu, 09 Mar 2023 10:25:49 GMT
etag: W/"639158d1-e7a3"
last-modified: Thu, 08 Dec 2022 03:24:01 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
location: https://bitporno.de
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
klick-welt.de/ Frame 6A55
Redirect Chain

https://billigerscheiss.de/?t=1678357548&ln=0
https://klick-welt.de/?content=/betteln&ref=770

12 KB
4 KB

186ms
56ms

Document
text/html

195.201.245.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://klick-welt.de/?content=/betteln&ref=770
Requested by: Host: cdn.wrly.de
URL: https://cdn.wrly.de/jw.js?de=vzR36LZn94q8BwYA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.245.226 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: panel.your-node.de
Software: Apache /
Resource Hash: 4467a6fc75da7395bfe161bc58e4d776fce9ba91744e05d9cec3ba7129c77318

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 3776
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
location: https://klick-welt.de/?content=/betteln&ref=770
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 matomo.js Show response
tool.hubu.link/ Frame 2E6D 67 KB
25 KB 44ms
42ms Script
application/javascript 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://tool.hubu.link/matomo.js
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=kein_Werber
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: a593b8c7f66906ce81e5ec4d0be9b246a1f3d3497e0f8205f9b10c65b32d8d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 22:14:47 GMT
server: nginx
etag: W/"63d84157-10d05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 banner.js Show response
consent.cookiefirst.com/ Frame 2E6D 70 KB
27 KB 43ms
42ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: Cookie First CDN-AT1-731 /
Resource Hash: 4648c413e723a8c14d0aa05304beea73cc47fb8ad4223caebaadbc0c0753b851

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-storageserver: DE-567
cdn-cachedat: 03/06/2023 13:10:24
cdn-pullzone: 236985
visitor-location: DE
last-modified: Mon, 06 Mar 2023 13:07:25 GMT
server: Cookie First CDN-AT1-731
cdn-fileserver: 56
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6405e58d-11724"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=300
cdn-requestid: a9c26cb6630424aecf35d54410074952
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 index.php Show response
adnade.net/ptp/ Frame DF97 4 B
223 B 48ms
47ms XHR
text/html 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://adnade.net/ptp/index.php?tsp=36f06734811ef33415140a518eed436e&d=1678357548948

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/jquery-3.6.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

561b2814d3c09e62a92442c946307918f7f63f833c84876c08bd4c406767e53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 matomo.js Show response
tool.hubu.link/ Frame DF97 67 KB
25 KB 53ms
51ms Script
application/javascript 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://tool.hubu.link/matomo.js
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: a593b8c7f66906ce81e5ec4d0be9b246a1f3d3497e0f8205f9b10c65b32d8d3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 22:14:47 GMT
server: nginx
etag: W/"63d84157-10d05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 08 Mar 2024 10:25:48 GMT

GET
H2 200 banner.js Show response
consent.cookiefirst.com/ Frame DF97 70 KB
27 KB 45ms
44ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: Cookie First CDN-AT1-731 /
Resource Hash: 4648c413e723a8c14d0aa05304beea73cc47fb8ad4223caebaadbc0c0753b851

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:48 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-storageserver: DE-567
cdn-cachedat: 03/06/2023 13:10:24
cdn-pullzone: 236985
visitor-location: DE
last-modified: Mon, 06 Mar 2023 13:07:25 GMT
server: Cookie First CDN-AT1-731
cdn-fileserver: 56
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6405e58d-11724"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=300
cdn-requestid: ac52b57bf05aa6bebaf9f9070745ef96
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/117617/ Frame E187 187 KB
187 KB 43ms
42ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117617/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
x-amz-version-id: 9rF0H2vdVY_HJMQUZBdQKii0bOEwqr9J
last-modified: Sun, 19 Apr 2020 16:08:09 GMT
server: nginx
x-amz-request-id: 6RQW68NVY8MK0Q66
etag: "5896f969c3c0d5de143c2f56c20489d9"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 191448
x-amz-id-2: w2cTUal5Jtf11AZgIiGYTuf2Se3LTMOQu5LbzuICDsGzgJlL81S59l3kAL/qMTMYlwf5Mdf60eE=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4E5B 2 KB
1 KB 39ms
39ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 450602
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7a529db94c47366d-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 10:25:49 GMT
expires: Mon, 27 Feb 2023 21:37:06 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADYLDa7R2V6GE15eDCvR8ajXHoq1WY%2Ft5u5l4YQXjEiMswDMISid1JUWd0RkEIoPlIxEuGUcDKoreQrXz131gNl2g3SZGLMLWMKUsxDoU93YxWsTcrorr6QIs0Th356F84xB4VE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ref.cdnplus.de/ Frame F46D 94 KB
38 KB 70ms
70ms Script
application/javascript 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ref.cdnplus.de/jquery.min.js
Requested by: Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h109.hubuhost.com
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ref.cdnplus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 14:16:34 GMT
server: nginx
etag: W/"628f8bc2-1762a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Thu, 16 Mar 2023 10:25:49 GMT

GET
H2 200 jquery.min.js Show response
ref.cdnplus.de/ Frame DBD8 94 KB
38 KB 62ms
57ms Script
application/javascript 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ref.cdnplus.de/jquery.min.js
Requested by: Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h109.hubuhost.com
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ref.cdnplus.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
last-modified: Thu, 26 May 2022 14:16:34 GMT
server: nginx
etag: W/"628f8bc2-1762a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, public
expires: Thu, 16 Mar 2023 10:25:49 GMT

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393746/ Frame F61A 609 KB
610 KB 52ms
52ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393746/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
x-amz-version-id: FOGynYQlla8njUZxgta1uuTSww4lT2p7
last-modified: Tue, 31 May 2022 13:28:30 GMT
server: nginx
x-amz-request-id: QJSN763R321JXCCQ
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: mkXxKcUdtjvcTpTSrxNMRNmco3NCUBq6TVfmaNCT8DcE/9zZCm9LUJiB1t27Z08/BXPJ2Ylu5wM=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2997b5eb-3fe5-4e39-9ccc-c7667fccbe51.jpg
dmkz2i5qfmsty.cloudfront.net/ Frame 7106 127 KB
127 KB 154ms
50ms Image
image/jpeg 108.138.198.138
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmkz2i5qfmsty.cloudfront.net/2997b5eb-3fe5-4e39-9ccc-c7667fccbe51.jpg
Requested by: Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.198.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-198-138.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 135f82422167e62205bde3d93a53c12326cfbe2979587dbf72582364fb9819cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 10 Feb 2023 22:19:51 GMT
Via: 1.1 e4a3689d7c24fed4b0731b7a6a3b65fe.cloudfront.net (CloudFront)
Last-Modified: Fri, 21 Oct 2016 12:57:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MXP64-P2
Age: 2289959
ETag: "89101ad1c0ba2939269e94ca6a504b1e"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 129759
X-Amz-Cf-Id: mlPn2vZ-N6qIfZtHJxR9EBSUD9mIs0IVF_Mbnw7kB4rG7FsG_nLJvA==

GET
H2 200 34344277 Show response
www.schaschlikhaus.com/akam/13/ Frame 7106 26 KB
9 KB 49ms
47ms Script
application/javascript 2a02:26f0:dc::6853:433
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.schaschlikhaus.com/akam/13/34344277
Requested by: Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:433 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6feb8825b331e458c390691ad137e08442b33b86efc089b2761b50c3319e46ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:08:06 GMT
etag: "224eeefee93fab5cac5c0c94fae44a3cfd4e4b252fe379f6c0574465d304eef9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466210_1750271023_284593188_52_3814_42_0";dur=1
content-length: 8758
expires: Thu, 09 Mar 2023 10:25:49 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 1BCC 2 KB
1 KB 48ms
47ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 450602
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7a529db99cae366d-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 10:25:49 GMT
expires: Mon, 27 Feb 2023 21:37:06 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9R0Y%2FPLCfbYzYt3Xcd82DBhcfuzRIe3c5%2B0uH7PXQUtLnBKXQW0mAPYKzVoM6Z7o2ZCY7fZ6y8HvnPiex3k%2Bo8LB8EuXC6IF%2B14G5BPydYMv4OAg0Rh2pLHMjQUzUoYchjUUes%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 AMBYG-YZ7ZH-C5TCM-754LR-SMJB4 Show response
s.go-mpulse.net/boomerang/ Frame 7106 205 KB
49 KB 162ms
42ms Script
application/javascript 2a02:26f0:dc:18c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/AMBYG-YZ7ZH-C5TCM-754LR-SMJB4
Requested by: Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:18c::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
last-modified: Tue, 28 Feb 2023 19:56:53 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

POST
H2 204 matomo.php
tool.hubu.link/ Frame 2E6D 0
180 B 143ms
142ms Ping
text/plain 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tool.hubu.link/matomo.php?action_name=AdNade.net%20-%20PTP%20link&idsite=VlA4an6aWb5e&rec=1&r=787208&h=10&m=25&s=49&url=https%3A%2F%2Fadnade.net%2Fptp%2F%3Fuser%3Dkein_Werber&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=wQIBK4&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=0&pf_srv=54&pf_tfr=0&pf_dm1=333&uadata=%7B%7D

Requested by

Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://adnade.net
date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-credentials: true
server: nginx
x-xss-protection: 1; mode=block

GET
H2 200 gloriafood.png
d2skenm2jauoc1.cloudfront.net/websites/img/ Frame 7106 2 KB
2 KB 275ms
121ms Image
image/png 108.157.217.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2skenm2jauoc1.cloudfront.net/websites/img/gloriafood.png

Requested by

Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.217.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fba5eb6e7fa0ff63e1b02226a19798e2b7a71845857e91a735f9251ccc54e5cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
date: Mon, 23 Jan 2023 06:51:00 GMT
x-content-type-options: nosniff
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
age: 3900889
x-cache: Hit from cloudfront
content-length: 1597
last-modified: Mon, 22 Aug 2016 05:57:21 GMT
server: nginx
etag: "57ba9441-63d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=29643698
accept-ranges: bytes
x-amz-cf-id: CFaW8H2CP5PZJuop9gVOE09JfR7AjKEj2xtHwmtaU28vKV7DqdXZwQ==
expires: Mon, 01 Jan 2024 09:12:38 GMT

GET
H2 200 ewm2.js Show response
www.fbgcdn.com/embedder/js/ Frame 7106 11 KB
5 KB 167ms
51ms Script
application/javascript 2a02:26f0:dc::6853:432
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fbgcdn.com/embedder/js/ewm2.js

Requested by

Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:432 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13729fbf618d8963c759e8e9cf6538bc8ab957a8fa93e3c556a27d6e82bb3750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: Kp1PCu5Wm2QbNAK5UqRkDXyHexO6iU9I
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: XXW6AW9NMAMBG6WK
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466210_1750271022_855983941_17_6935_40_0";dur=1
content-length: 4312
x-amz-id-2: JZdRQ5Z+woXxZEj/3klqRXKEdU04XqP03GvpfOUIfNcbPTKE4WXiqQh0+R3UH8AqqwSFS9Fx2D4=
last-modified: Thu, 16 Feb 2023 07:50:37 GMT
server: AmazonS3
etag: "839a71b9093818f9d18aa75d4bf71574"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=194
accept-ranges: bytes
expires: Thu, 09 Mar 2023 10:29:03 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
d2skenm2jauoc1.cloudfront.net/websites/js/ Frame 7106 87 KB
36 KB 216ms
66ms Script
application/javascript 108.157.217.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2skenm2jauoc1.cloudfront.net/websites/js/jquery-3.6.0.min.js

Requested by

Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.217.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-217-78.arn56.r.cloudfront.net

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 00:56:41 GMT
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
age: 4354148
x-cache: Hit from cloudfront
content-length: 36046
last-modified: Wed, 18 Aug 2021 08:06:27 GMT
server: nginx
etag: W/"611cbf83-15d9d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=30708896
x-amz-cf-id: 3xAM2JUot_9i9N1Qikwanf5cn_OxbCKD2kJzqX-Xv6EjOWxHCs5Nbg==
expires: Mon, 08 Jan 2024 11:11:37 GMT

GET
H2 200 jquery.swipebox.js Show response
d2skenm2jauoc1.cloudfront.net/websites/swipebox-1.5.1/js/ Frame 7106 25 KB
8 KB 269ms
119ms Script
application/javascript 108.157.217.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2skenm2jauoc1.cloudfront.net/websites/swipebox-1.5.1/js/jquery.swipebox.js

Requested by

Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.217.78 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-217-78.arn56.r.cloudfront.net

Software

nginx /

Resource Hash

d32e055f2fc0ea89a54c61959f0c128bbe04fcd644aee6d4dcb1abb6d608a909

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:54:36 GMT
via: 1.1 bfeae0ecbffe44ad98e5cd0ae83bdb4a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
age: 5459473
x-cache: Hit from cloudfront
content-length: 7342
last-modified: Wed, 18 Aug 2021 08:06:27 GMT
server: nginx
etag: W/"611cbf83-62ea"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: B-dwFYmlB5SMa0QYB_SOGRCSis3kCQwAABtFceKqpau_W8xWY8d_-w==
expires: Fri, 05 Jan 2024 05:54:36 GMT

POST
H2 204 matomo.php
tool.hubu.link/ Frame DF97 0
180 B 101ms
100ms Ping
text/plain 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://tool.hubu.link/matomo.php?action_name=AdNade.net%20-%20PTP%20link&idsite=VlA4an6aWb5e&rec=1&r=836665&h=10&m=25&s=49&url=https%3A%2F%2Fadnade.net%2Fptp%2F%3Fuser%3Dwerberlos&_id=&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=qdt9Xq&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=125&pf_srv=52&pf_tfr=1&pf_dm1=351&uadata=%7B%7D

Requested by

Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://adnade.net
date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-credentials: true
server: nginx
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
klick-welt.de/css/ Frame 6A55 152 KB
23 KB 102ms
99ms Stylesheet
text/css 195.201.245.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://klick-welt.de/css/bootstrap.min.css
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.245.226 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: panel.your-node.de
Software: Apache /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/?content=/betteln&ref=770
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 19:15:16 GMT
server: Apache
etag: "2606e-5e1591bb66c87-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 23238

GET
H2 200 all.min.css
klick-welt.de/css/ Frame 6A55 55 KB
12 KB 53ms
50ms Stylesheet
text/css 195.201.245.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://klick-welt.de/css/all.min.css
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.245.226 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: panel.your-node.de
Software: Apache /
Resource Hash: 7dd70534588132b35f58be8e700190cfa8c380d4d1c67acb11de2f25815649c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/?content=/betteln&ref=770
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 19:15:16 GMT
server: Apache
etag: "dcc5-5e1591bac2b83-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 12274

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ Frame 6A55 4 KB
1 KB 113ms
42ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1767491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEpveC%2BgGOi6LYUiSErgNw3TSPzUHNMuwdvBXyJQ6ycYZSUGK2Ycdb3V9eurqPrn5EMX5TuuwZsv%2Bl80xFeZgvl47rFsSJthiwuaGvLPL42MDext9dF4XizzBGkO4oHUJQb3AMbzVGXYoGkBKryMqP9e"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a529dbb4a695c4a-FRA
expires: Tue, 27 Feb 2024 10:25:49 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
klick-welt.de/js/ Frame 6A55 86 KB
30 KB 158ms
155ms Script
application/javascript 195.201.245.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://klick-welt.de/js/jquery-3.4.1.min.js
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.245.226 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: panel.your-node.de
Software: Apache /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/?content=/betteln&ref=770
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 19:15:53 GMT
server: Apache
etag: "15851-5e1591de31167-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 30677

GET
H2 200 lay.php Show response
l.adcocktail.com/ Frame 6A55 262 B
670 B 170ms
56ms Script
text/html 104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://l.adcocktail.com/lay.php?uid=59162&wsid=195107
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b315ef69d08e8e485d7162ecbca4b0955ebdf6f0a2a62e9057abaf0b017892a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Mar 2023 10:25:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgyebcxCAuoo077Vc41VU6OxKouuXFvvRyqNhwgg6EDGPEcy4H2CqvtbtI38e%2FQR8iK0l2Mv48DQwYa7ohBSUnQVL5WaoQKtS7eH4lxljxgVQsaDz9bQSW9DJGIgKe%2B59B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
note: CACHING IS DISABLED
cf-ray: 7a529dbb8d7b2bb4-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 pp_p.php Show response
pop.adcocktail.com/ Frame 6A55 921 B
1 KB 163ms
73ms Script
text/html 104.26.3.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pop.adcocktail.com/pp_p.php?uid=59162&wsid=195107
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc7ef3eb5aceed56b84ee9cdf26b2590d9d4e7e5ff872f81ca29d86bba254949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Mar 2023 10:25:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVBtr2Yb4cwQZJWbiOgD3KG75DHPQvR9Um1MwM1W9KOGtFGKjQFmRSmaO5x%2FDB1vhxHBlPBPpgTlk%2BhZGr6FYOz70ueqc2MACVxNYmxfZS03X3EsNfQOSB%2B067Il%2FIcVw5UN%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
note: CACHING IS DISABLED
cf-ray: 7a529dbb6a71bb89-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
klick-welt.de/js/ Frame 6A55 77 KB
22 KB 100ms
98ms Script
application/javascript 195.201.245.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://klick-welt.de/js/bootstrap.bundle.min.js
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.245.226 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: panel.your-node.de
Software: Apache /
Resource Hash: 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/?content=/betteln&ref=770
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
last-modified: Mon, 13 Jun 2022 19:15:51 GMT
server: Apache
etag: "1332b-5e1591dc20c3a-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 22295

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ Frame 6A55 19 KB
6 KB 108ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4199051
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JV7buUi8c5B16u9NQCphTWOScubuwKngagP3dGvuZ4VC4uazeAcg1D9X9LlC0IaJUh9EeztmEc6AnrJjDl%2FRLayOMnjvjCvJgAcG11yRVQgZcyFE98QBemh18UabuTL1jcIRnX3qyCNHicv%2F7aTVWePe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a529dbb4a6b5c4a-FRA
expires: Tue, 27 Feb 2024 10:25:49 GMT

GET
H2 200 layout.css
bitporno.de/Bitporno_files/ Frame 2C9B 41 KB
10 KB 85ms
83ms Stylesheet
text/css 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitporno.de/Bitporno_files/layout.css

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

4cb249a0471222e8f1bb7982b649fa30ce28f17b949500f6798c877ed38a50d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 22:10:32 GMT
server: nginx
etag: W/"6376b158-a5c5"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 jquery-ui.css
bitporno.de/Bitporno_files/ Frame 2C9B 34 KB
10 KB 85ms
84ms Stylesheet
text/css 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitporno.de/Bitporno_files/jquery-ui.css

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 21:38:53 GMT
server: nginx
etag: W/"6376a9ed-898c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 image-picker.css
bitporno.de/Bitporno_files/ Frame 2C9B 1020 B
1 KB 86ms
85ms Stylesheet
text/css 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitporno.de/Bitporno_files/image-picker.css

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

32008300233eaa25ecfbaaec83513d29559ce1ede590ffc84de495df2fdaa369

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 21:38:53 GMT
server: nginx
etag: "6376a9ed-3fc"
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1020
x-xss-protection: 1; mode=block

GET
H2 200 logobt.png
bitporno.de/Bitporno_files/ Frame 2C9B 8 KB
8 KB 70ms
62ms Image
image/png 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/logobt.png

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

1f418c444a9efe0567ec74f94202d33d0e462f3debc5b88eb18c15c732d474fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 21:38:53 GMT
server: nginx
etag: "6376a9ed-1e21"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7713
x-xss-protection: 1; mode=block

GET
H2 200 us.png
bitporno.de/Bitporno_files/ Frame 2C9B 609 B
829 B 70ms
62ms Image
image/png 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/us.png

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 21:38:54 GMT
server: nginx
etag: "6376a9ee-261"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 609
x-xss-protection: 1; mode=block

GET
H2 200 detail_list_icon_grey.png
bitporno.de/Bitporno_files/ Frame 2C9B 220 B
440 B 70ms
63ms Image
image/png 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/detail_list_icon_grey.png

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

30f1478485f21c28becc24064c4c611cc546d93dc273edf818a834ec5a8bc765

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 21:38:54 GMT
server: nginx
etag: "6376a9ee-dc"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 220
x-xss-protection: 1; mode=block

GET
H2 200 short_list_icon.png
bitporno.de/Bitporno_files/ Frame 2C9B 296 B
516 B 70ms
63ms Image
image/png 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/short_list_icon.png

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

3356bfa621dcadda9484a7ac6a9d702ee41301abe74951602177b91f85883f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 21:38:54 GMT
server: nginx
etag: "6376a9ee-128"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 296
x-xss-protection: 1; mode=block

GET
H2 200 bitporno_thumbgjon1.png
bitporno.de/Bitporno_files/ Frame 2C9B 4 KB
5 KB 71ms
63ms Image
image/png 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/bitporno_thumbgjon1.png

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

ce3b643de5b0c06a7ff3125a5e563b1bc7c47d4f4839820eaf5ad117d20f89d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 21:38:53 GMT
server: nginx
etag: "6376a9ed-11cf"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4559
x-xss-protection: 1; mode=block

GET
H2 200 h88qmn2apqu2lfh5krriulacposm5ruzov.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 15 KB
15 KB 71ms
63ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88qmn2apqu2lfh5krriulacposm5ruzov.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

0105923f3b93c6b1f6c6582e89c29b0087be3e2a0b69cfb99f63ce27d4220318

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:19:59 GMT
server: nginx
etag: "6376b38f-3acb"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 15051
x-xss-protection: 1; mode=block

GET
H2 200 h88qkif82spffv7zxohm3tmwauch9o8quo.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 18 KB
19 KB 113ms
106ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88qkif82spffv7zxohm3tmwauch9o8quo.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

f257a6e5cea223685386d912730de29f4188ef669100cd228b8175256d88bb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:19:59 GMT
server: nginx
etag: "6376b38f-491c"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18716
x-xss-protection: 1; mode=block

GET
H2 200 h88qe77vcfyfhbzq2ornfg2g3oumgpzu4w.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 23 KB
23 KB 114ms
108ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88qe77vcfyfhbzq2ornfg2g3oumgpzu4w.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

f864b73835436c6a72184c6689da744f45b073d96e7fb578fe35449c0f120fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:19:59 GMT
server: nginx
etag: "6376b38f-5cee"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 23790
x-xss-protection: 1; mode=block

GET
H2 200 h88qd5i070zuf7o3cqvprh1xwdliauvahm.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 17 KB
17 KB 114ms
109ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88qd5i070zuf7o3cqvprh1xwdliauvahm.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

f48a9a59e43f29cd04b213b009420f665daf65f3265d833e197241c08fea7021

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:19:59 GMT
server: nginx
etag: "6376b38f-43ef"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17391
x-xss-protection: 1; mode=block

GET
H2 200 h88q9069k9up40ywzhiu5f4yw2kwnarqvw.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 20 KB
20 KB 115ms
109ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88q9069k9up40ywzhiu5f4yw2kwnarqvw.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

5b42b3a12145045a6863a735d8f75335b2cf1e971f9c7c67342b4f64b681a4ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:02 GMT
server: nginx
etag: "6376b392-4f94"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20372
x-xss-protection: 1; mode=block

GET
H2 200 h88q2qtij0uztahrckg0avrnl8l529kzso.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 17 KB
17 KB 115ms
110ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88q2qtij0uztahrckg0avrnl8l529kzso.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

6b4019a21270c43c57a452aff6784977f0a8e6b80264aea83372e61a396f7205

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:00 GMT
server: nginx
etag: "6376b390-44cd"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17613
x-xss-protection: 1; mode=block

GET
H2 200 h88pzn8r7apmcxbdwy6tybwsc4wdi1iyqc.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 18 KB
18 KB 115ms
110ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88pzn8r7apmcxbdwy6tybwsc4wdi1iyqc.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

529ed29148578341a072bd3286243bdd5c34900effadce7cbb32b2a435a2590d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:19:59 GMT
server: nginx
etag: "6376b38f-461f"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17951
x-xss-protection: 1; mode=block

GET
H2 200 h88pqaxcbycc1pqhaymez8ouzeznwaqp2z.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 14 KB
14 KB 116ms
111ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88pqaxcbycc1pqhaymez8ouzeznwaqp2z.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

33122d6ec853c27ae4fa86323516e571a6c574192f62aa5a50ad264a2bb81877

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:19:59 GMT
server: nginx
etag: "6376b38f-3901"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14593
x-xss-protection: 1; mode=block

GET
H2 200 h88pfv0ukrx47dhg66mgnvreiaevoyh1cf.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 26 KB
27 KB 116ms
111ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88pfv0ukrx47dhg66mgnvreiaevoyh1cf.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

7cbd886cfa79c7f027b66faeaab1a7e5ca461a8777f027145722f86ed5115f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:19:59 GMT
server: nginx
etag: "6376b38f-6913"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 26899
x-xss-protection: 1; mode=block

GET
H2 200 h88p6hidb9qaa8olkkhemczna4iyzzzzlq.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 21 KB
21 KB 116ms
111ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88p6hidb9qaa8olkkhemczna4iyzzzzlq.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

89aaad1d0532db014206b50b287361885143f6f37d9e579a12099656d14b3542

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:19:59 GMT
server: nginx
etag: "6376b38f-54bd"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21693
x-xss-protection: 1; mode=block

GET
H2 200 h83r52ib0iio4ulm0h08rgcpf5oglkon9e.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 26 KB
26 KB 116ms
112ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h83r52ib0iio4ulm0h08rgcpf5oglkon9e.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

6844464c75e6932a1e0ee4d55a9be40a489f5751411c774333dcac212a28b9b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:00 GMT
server: nginx
etag: "6376b390-6722"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 26402
x-xss-protection: 1; mode=block

GET
H2 200 h88p3hdjrsvlnub7fyc5uuq6loockbfgot.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 23 KB
23 KB 117ms
112ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88p3hdjrsvlnub7fyc5uuq6loockbfgot.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

838476c67cd9937bfde3f9030e7215ddc4606c71c3683e0a98dd48dee08bd160

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:00 GMT
server: nginx
etag: "6376b390-5a4a"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 23114
x-xss-protection: 1; mode=block

GET
H2 200 h88p3ecsw8tkfxdurnjp8h4xcdwpmbr2f3.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 14 KB
15 KB 117ms
112ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88p3ecsw8tkfxdurnjp8h4xcdwpmbr2f3.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

baa60433cdd46fa02b819c76332f4dfc693bcf80e8bc689a91bfe22e2ea071b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:00 GMT
server: nginx
etag: "6376b390-39b9"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14777
x-xss-protection: 1; mode=block

GET
H2 200 h88a19wu1ytmubegrp2bvi8zyperxsbbca.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 13 KB
13 KB 117ms
113ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88a19wu1ytmubegrp2bvi8zyperxsbbca.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

0d31d1b308613540b2b533c69a0498b60985f130c8295c3e350f0a4cd4b46506

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:01 GMT
server: nginx
etag: "6376b391-34ae"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 13486
x-xss-protection: 1; mode=block

GET
H2 200 h88p1k2dusewbxrmi6xco6dm6sq4bywyf6.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 24 KB
24 KB 117ms
113ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88p1k2dusewbxrmi6xco6dm6sq4bywyf6.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

d2449212cb8ac4c2d8763dec1bde6a36ef6d26cb8eed7f0e509637ec8d7b3ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:01 GMT
server: nginx
etag: "6376b391-5fbe"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 24510
x-xss-protection: 1; mode=block

GET
H2 200 h88p1hrk7jh1vqd2qvcbonpwxyut6mvsgd.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 26 KB
26 KB 117ms
114ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88p1hrk7jh1vqd2qvcbonpwxyut6mvsgd.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

d1154b622015a5587909711581050bc1f111c41ed2105c579d2880f4078bb907

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:00 GMT
server: nginx
etag: "6376b390-6744"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 26436
x-xss-protection: 1; mode=block

GET
H2 200 h88kl1oh6xsstq2xoafuwiwjlvr3ptvlsa.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 25 KB
25 KB 117ms
114ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88kl1oh6xsstq2xoafuwiwjlvr3ptvlsa.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

c205f7c9151f57a641b28857209c4310f3080bbff3f50be519fea2854f3bbc8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:00 GMT
server: nginx
etag: "6376b390-6214"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 25108
x-xss-protection: 1; mode=block

GET
H2 200 h88nj72tzclydwlkahfhvejgecsz6fqnaj.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 14 KB
14 KB 118ms
114ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88nj72tzclydwlkahfhvejgecsz6fqnaj.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

376fd8e5137c4cd4cc907d20d2874f83073e5e847695bf0a86818abae9e20c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:00 GMT
server: nginx
etag: "6376b390-37a9"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14249
x-xss-protection: 1; mode=block

GET
H2 200 h88mydf7p8tqosdinn83anwerdmicenuer.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 16 KB
16 KB 118ms
115ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88mydf7p8tqosdinn83anwerdmicenuer.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

8f44d207aced88e1e6a42f4d437fde77761f4a74dcdaff5fd1f7852a1499ca81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:00 GMT
server: nginx
etag: "6376b390-3fa8"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16296
x-xss-protection: 1; mode=block

GET
H2 200 h88n1kfgj1bz02ceqb98ydhbdwpnddckz3.jpg
bitporno.de/Bitporno_files/ Frame 2C9B 14 KB
15 KB 118ms
115ms Image
image/jpeg 94.130.9.175
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitporno.de/Bitporno_files/h88n1kfgj1bz02ceqb98ydhbdwpnddckz3.jpg

Requested by

Host: bitporno.de
URL: https://bitporno.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

bb8aaf72f91660bf36f7131177861794a7d9e80ac9a87c05d9d37b3fd25d4543

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Thu, 17 Nov 2022 22:20:00 GMT
server: nginx
etag: "6376b390-3930"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 14640
x-xss-protection: 1; mode=block

GET
H2 200 vs.js Show response
cdn.tubecorp.com/vs/ Frame 2C9B 45 KB
15 KB 192ms
41ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tubecorp.com/vs/vs.js
Requested by: Host: bitporno.de
URL: https://bitporno.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 50d520806d55eb54fff829764da81ef097da6d8f789a8cb1a516bf8cb7c0dd79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Thu, 09 Mar 2023 11:25:49 GMT
date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
last-modified: Fri, 26 Feb 2021 08:59:15 GMT
server: nginx/1.20.1
etag: W/"6038b863-b46b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
x-request-id: e07a8c5e4f2b0b8b4d0d7fdeb26353fa
x-proxy-cache: HIT

POST
H3 200 rs Show response
ad4m.at/ Frame 5950 474 B
856 B 70ms
64ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aa7c8e0b5090214f7c3d52255fedb12a84357d507defd2b0e5bba24717dce57

Request headers

Referer: https://deli.misaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoYmrNm1Q7D9L9BlQJbc6DUE69iv6AwIWEnb4i6a39JiLIQ9W9yM2hJ4oigEKlKCyJqn0JCK286PSI1EPYNnVVHTtgRHV1jY44rL6WXNe9eH4eciWmPcDHCRt0b2AhxABZvQs7I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://deli.misaglam.com
access-control-allow-credentials: true
cf-ray: 7a529dbb8c4d9152-FRA
x-backend-server: aa-reachservice-group-europe-west1-1vtx
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 61ms
60ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://deli.misaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://deli.misaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a529dbb1bd69152-FRA
content-length: 24
content-type: text/plain
date: Thu, 09 Mar 2023 10:25:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArFDrv7ji%2FdKyaSSBkAgPnQs%2Fgq%2BGML1qEe%2BnLAjlQZ7i9LXOvm1ynFhgQ04z75nIkQfu6BkdBeZhX5GOaGBvdPEPP4xSOKDD742prfbGtTgMHfL8hZ82dPVtuLuvZmwq2jxYlU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-1vtx

POST
H3 200 rs Show response
ad4m.at/ Frame 4348 474 B
861 B 60ms
59ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a043cb3c4e13535fceead18ad5944f041cbef5ad189f34e8cbcd18c88dd71371

Request headers

Referer: https://deli.misaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdaf7fiTOkhVmRkRgmRXutP4Gr9O4XfADd9UyUjbg%2Bc4GHKmKptXHllUsIUcxEYesl%2FN5LxNzhA0GqvUAdbgOSOSOK9XmetITG0QehxglULeocEWlj6qwppma3mkGk0g2AEsT6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://deli.misaglam.com
access-control-allow-credentials: true
cf-ray: 7a529dbb8c599152-FRA
x-backend-server: aa-reachservice-group-europe-west1-1vtx
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 60ms
57ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://deli.misaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://deli.misaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a529dbb2be99152-FRA
content-length: 24
content-type: text/plain
date: Thu, 09 Mar 2023 10:25:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KirQ6WzdEJoj6d2N3tPqIytNussjxkEC31PpVWeF5OkxMHcq6FdM%2Bl0Jmv8cVEU1X6Y6WGfV94Hs7PAuASmoH1tvTB33B5fgnkxzXByRvi4EjrkOhSinjt4RiF8IWyw96cKxQBs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-1vtx

GET
H2 200 order-online.css
www.fbgcdn.com/embedder/css/ Frame 7106 3 KB
2 KB 57ms
56ms Stylesheet
text/css 2a02:26f0:dc::6853:432
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fbgcdn.com/embedder/css/order-online.css

Requested by

Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:432 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d84306d9d6d77c3daed7c6555b70f9c513a91ef56dfea1e499f16b672013ae62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: o1y.4G8jo1UFkXI9nP1lh3TAR2PYNRwe
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: X3BWERBF8ZJ63W6S
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466210_1750271022_855984402_15_5933_41_0";dur=1
content-length: 1258
x-amz-id-2: tKYK1i1w8DI4exRWGIsK3beB/O1t2GSyImt6pUnpE6R81nCmnEzj8QT2zjwv6NwctyVglhzU5Dk=
last-modified: Thu, 16 Feb 2023 07:50:37 GMT
server: AmazonS3
etag: "72ef1238b360f03f57442fc106fb17da"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=119
accept-ranges: bytes
expires: Thu, 09 Mar 2023 10:27:48 GMT

GET
H2 200 sp.js Show response
www.fbgcdn.com/embedder/js/static/ Frame 7106 77 KB
27 KB 70ms
70ms Script
application/javascript 2a02:26f0:dc::6853:432
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fbgcdn.com/embedder/js/static/sp.js

Requested by

Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc::6853:432 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

841bb97f07fb4e9bc0a09335b0fba8b83578043803475ad51b96700d084996a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: uKIeJQBZn83UuwrXn7gUtStppofFta.P
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=31536000
x-amz-request-id: BFBJB8DJSP4R5NHD
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="466210_1750271022_855984443_385_6471_41_0";dur=1
content-length: 27055
x-amz-id-2: mJ1jGTujdYFs9vV65WWq/s8mdaZjyAUrbtx0JBEC18/D5VZGzCdB+eW+0ik+d8/vKzdIyP9dR8g=
last-modified: Thu, 16 Feb 2023 07:50:37 GMT
server: AmazonS3
etag: "b00489cec1d3d6c2908ada7ba202272a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=248
accept-ranges: bytes
expires: Thu, 09 Mar 2023 10:29:57 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 7106 51 B
323 B 202ms
78ms XHR
application/json 2a02:26f0:dc:394::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=AMBYG-YZ7ZH-C5TCM-754LR-SMJB4&d=www.schaschlikhaus.com&t=5594525&v=1.720.0&sl=0&si=15c7383d-4fdc-4a10-a182-e7015ed80fc8-rr90z0&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=840674
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/AMBYG-YZ7ZH-C5TCM-754LR-SMJB4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:dc:394::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: acc262ce9b22aec8119ea96cdb25ca5e7ec143f0288c249ce86f099a5c208123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 09 Mar 2023 10:25:49 GMT
Cache-Control: private, max-age=120, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 51
Content-Type: application/json

GET
H2 200 items.php Show response
bitspush.io/display/ Frame BAAD 61 KB
11 KB 178ms
72ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitspush.io/display/items.php?357&239&468&60&0&0&0
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eb3879fe30c18bbe26697019d2539fe17288e22aa33317c7f1e7c7557130bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Mar 2023 10:25:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1s2rX2Bm%2BjPNEq70UDXAnJBEUtx9Ci22%2FUg5zN1Y6h3YIK9ITmiZ%2BK33nh%2Bxyw6NFYEPMvuJxBKAKadyQPJ7GvrSWqUBEZh5e5NNwCdHH8JpVk9xj2Fb%2BtxUOORmjPVTz3NLTnhjIhpGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a529dbc79c62bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4126WQs.gif
i.imgur.com/ Frame BAAD 565 KB
566 KB 169ms
43ms Image
image/gif 199.232.16.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/4126WQs.gif

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

dcf38d0738d4d14303dfe51cc8c5cc57b887b0f5494b9caa4a6491d5f7b1ce75

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1894041
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 578903
x-served-by: cache-iad-kiad7000081-IAD, cache-vie6321-VIE
last-modified: Thu, 27 Apr 2017 03:35:23 GMT
server: cat factory 1.0
x-timer: S1678357550.539334,VS0,VE1
etag: "8839b1c01cacc1c7ee5f182820ca7c67"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 66529, 1

GET
H2 200 1551779 Show response
ad.a-ads.com/ Frame 1644 12 KB
5 KB 68ms
55ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1551779?size=468x60

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

d53d506361c33c4eccfa3bbb498fb163483e745630a5988d0bbb9f5a93b7e72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 60 Show response
neon.today/context/get/84795/25444/1/468/ Frame FDA2 898 B
777 B 2303ms
2086ms Document
text/html 213.183.48.30

General

Check archive.org

Show headers Download Go to

Full URL: https://neon.today/context/get/84795/25444/1/468/60
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.183.48.30 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 55f24faec55fc64f9ca607c073a33960c112c83c907f1f2e26e148d34ec170d3

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 574
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 10:25:51 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 1551779 Show response
ad.a-ads.com/ Frame D804 12 KB
5 KB 65ms
60ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1551779?size=468x60

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

d53d506361c33c4eccfa3bbb498fb163483e745630a5988d0bbb9f5a93b7e72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET bits-ads.php
blatcoin.net/ Frame 4B5C 0
0

GET
H2 200 size=468x60 Show response
free-btc.org/banner/u=frechdax/ Frame CE08 1 KB
1 KB 198ms
111ms Document
text/html 2606:4700:3033::6815:1d16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://free-btc.org/banner/u=frechdax/size=468x60
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1d16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be4de8a5a70910d8d59b1585afbf422e390e94ccc08474873da53d1d99035b88

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dbcab1490fb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hvx0BUU8qoxfaKzMrr3%2BbwhkmqATowZ77ctAe8hg8iDsZZWbJFHWQ9Cyc43lYEihrWQcbSqaE7Ej0SaB3mI620qZNKxC6trDhNUQnrjcZKwB2oX2grlqwJ%2FUjUtX%2FEje0CPhntzAO8NYB0c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 mediacpmrot.php Show response
netzwerk-ad.de/ Frame F3D2 9 KB
4 KB 138ms
138ms Document
text/html 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/mediacpmrot.php

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fd6a2c133431c3d9c3aa0d66fc66ecced4d5726b3def9fff646d6b09ab779791

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/webbi_traffic.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 bits-ads.php Show response
beycoin.xyz/ Frame 3DFC 6 KB
3 KB 531ms
440ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=779
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: c79ddbb679bcae0af3195824dbaace36773d3621c687ea90724361a87be7fa83

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dbcbed69be0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVDiUt0Sb1o3iC34HAxmNyJ7wDJndpc5eW9XYXiNdTo6%2FPfxMKnYDMbUZ6RkY90KzE7rTzki8peeNvgt9tuq41XF4GH1HLdyKp5WmIXgvMREWejEv333EKHu7PQYrPpmk%2FMqDGCBuuhxNw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 bits-ads.php Show response
beycoin.xyz/ Frame A230 7 KB
2 KB 635ms
547ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=779
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8a3c63adf67e5990abcef930768453e293311efc37dac6bb7304255c80b09a02

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dbcbeda9be0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:50 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v8EtzwBBCO9cbowvDIFHNNKMg1rYA2%2BQuGJ%2F9knTThtw3uaHp07HWIuYPRvAIOF7pJxW4aL%2B%2BoUjV27QZIazPpA%2FVGUhYW%2FFiMuzWiA2kZ9pOC3pdwtKNe9Umf93SQDrGENbhmKfiHcdkg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E5A8 6 KB
3 KB 52ms
52ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20c60e41a58f02ddad6c4245fd261480bb66613a2aad23b4d4ce478e9ea0e49c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dbc2803366d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:25:49 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9265 6 KB
3 KB 61ms
59ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bae290ddb603bda6565788c996bdfde5b5be5612a12e1afbf49772cfb9608055

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dbc380e366d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 10:25:49 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 i
analytics.fbgcdn.com/ Frame 7106 43 B
297 B 376ms
258ms Image
image/gif 2a02:26f0:dc::6853:412
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.fbgcdn.com/i?stm=1678357549485&e=pv&url=https%3A%2F%2Fwww.schaschlikhaus.com%2F&page=%2Fwidget%2F_events%2Fbutton-view&tv=js-2.16.1&tna=prod_legacy_5f7e9661-a4ed-434e-93a6-858a76cf7d65&aid=5f7e9661-a4ed-434e-93a6-858a76cf7d65&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=228b16ea-52c1-4f9c-8fea-38a2c6c1117e&dtm=1678357549482&vp=0x0&ds=0x0&vid=1&sid=5522c10e-3a57-421a-ab5d-52f6410cb0c7&duid=7efacb83-71ad-4d69-9c5c-db7e044d0008&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI1ZmJkMDI5ZC1lYjBjLTQ3MmYtYjNhNi0xNTJjZTY3MjQ4NzgifX1dfQ
Requested by: Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:412 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / Express
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=31, origin; dur=156, ak_p; desc="466210_1750270990_305134791_18731_8902_41_0";dur=1
x-powered-by: Express
content-length: 43
etag: W/"2b-6n31g5gxM7YnErXnO/+81FzFNzY"
content-type: image/gif

GET
H2 200 layer.css
l.adcocktail.com/ Frame 6A55 2 KB
861 B 60ms
58ms Stylesheet
text/css 104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://l.adcocktail.com/layer.css?id=2
Requested by: Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=59162&wsid=195107
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57626b4cb21c6c7c1225f83b6eba4c3f4fad0f23db4baa7ed5888494828ac5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Feb 2018 13:34:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"684-565180dcd5f3b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgIkL94o6ws%2FtILpWTlO%2Bf0O%2FqZyg7Ha%2Fb7VoIihQ8jsEHQZM1FXV372OI0qIekUBsLHhifnD8vzFwgEXlTyH6pFm1RTU3FTiPmyfRwCKj4zopHxM45epplTlJT9xbxeH28%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7a529dbc8eac2bb4-FRA

GET
H2 200 layerhead.js Show response
l.adcocktail.com/ Frame 6A55 3 KB
2 KB 62ms
60ms Script
application/javascript 104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://l.adcocktail.com/layerhead.js?id=2
Requested by: Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=59162&wsid=195107
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e239671b46bfac19cd71a0b44f3d9ea7d04af229ba161c826394de2f510a1be4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Feb 2018 09:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"d67-5651497f64282-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwT7sUgAM0BLaU1zNt9xexiVfLBYeEW9qAQLwQeEB9w9%2FQMfd6M5JPg5YtncxFgRekam2M8yYz0Dn%2F3VwpomD%2F8fPqtHXQS1XckdQaoy%2FrYakn8xuTsA8vAfYwcnH2jAmoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7a529dbc8eb12bb4-FRA

GET
H2 200 l_rota_v.php Show response
l.adcocktail.com/ Frame 6A55 2 KB
911 B 49ms
47ms Script
text/html 104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://l.adcocktail.com/l_rota_v.php?uid=59162&wsid=195107&wid=
Requested by: Host: l.adcocktail.com
URL: https://l.adcocktail.com/lay.php?uid=59162&wsid=195107
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1896b28b9f18d39d0c72f0d9035680106524f77d300653cdeac15ecb52210ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Mar 2023 10:25:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhgGlKRrv9PNqCXu09nBJksC8cbI70Zbk34DRv9Wa4Uqlf9VFtrq21lHt%2FMIjJDlEmRNXj7fD5Q%2Fn8Z%2BAQv49O4Lx5sYm1%2FZ5YuYf6V27KOJHVb2m%2BSBPAJB4D6i8arvb2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
note: CACHING IS DISABLED
cf-ray: 7a529dbc8eb32bb4-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7106 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7106 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/393745/ Frame 1644 428 KB
429 KB 44ms
43ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393745/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
x-amz-version-id: OCdZGo21C0eofzydi4BulScJFjE6rXPN
last-modified: Tue, 31 May 2022 13:28:27 GMT
server: nginx
x-amz-request-id: M4G67NCDDC0CBTMH
etag: "9ecf8ce917854a0c481254a2d97e2ac6"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 438215
x-amz-id-2: /YBVn6TVJ57WVdTQ2Mh9HCxVM14teMpIMDrkA6VeMmbsElxsathJKTYgrheqLrYWs9QJ9DBa6ZQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/393745/ Frame D804 428 KB
429 KB 91ms
90ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393745/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
x-amz-version-id: OCdZGo21C0eofzydi4BulScJFjE6rXPN
last-modified: Tue, 31 May 2022 13:28:27 GMT
server: nginx
x-amz-request-id: M4G67NCDDC0CBTMH
etag: "9ecf8ce917854a0c481254a2d97e2ac6"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 438215
x-amz-id-2: /YBVn6TVJ57WVdTQ2Mh9HCxVM14teMpIMDrkA6VeMmbsElxsathJKTYgrheqLrYWs9QJ9DBa6ZQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 items.php Show response
bitspush.io/display/ Frame A9D6 61 KB
11 KB 117ms
115ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitspush.io/display/items.php?357&239&468&60&0&0&0
Requested by: Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eb3879fe30c18bbe26697019d2539fe17288e22aa33317c7f1e7c7557130bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Mar 2023 10:25:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLca%2BWnpC3sA9zLIycr1movS9kn3jtYsOnxyKVN%2BfufbnMgBQkz5AHR7aRy4aZZ9vDzjyER1eDsqjeT1EaB%2B1ZW3Fs%2FR%2Fy553jHAcCNIqI1ljGjZZkTWAEvUtuw%2FTLgiPqMSAeWxfA98XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a529dbd2aa42bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 4126WQs.gif
i.imgur.com/ Frame A9D6 565 KB
566 KB 91ms
90ms Image
image/gif 199.232.16.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/4126WQs.gif

Requested by

Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.16.193 Vienna, Austria, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

dcf38d0738d4d14303dfe51cc8c5cc57b887b0f5494b9caa4a6491d5f7b1ce75

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 1894041
x-cache: HIT, HIT
x-amz-storage-class: STANDARD_IA
content-length: 578903
x-served-by: cache-iad-kiad7000081-IAD, cache-vie6321-VIE
last-modified: Thu, 27 Apr 2017 03:35:23 GMT
server: cat factory 1.0
x-timer: S1678357550.635215,VS0,VE0
etag: "8839b1c01cacc1c7ee5f182820ca7c67"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 66529, 2

GET
H2 200 i
analytics.fbgcdn.com/ Frame 7106 43 B
297 B 248ms
247ms Image
image/gif 2a02:26f0:dc::6853:412
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.fbgcdn.com/i?stm=1678357549621&e=pv&url=https%3A%2F%2Fwww.schaschlikhaus.com%2F&page=schaschlikhaus.com%2F&tv=js-2.16.1&tna=prod_sow&aid=5f7e9661-a4ed-434e-93a6-858a76cf7d65&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=eaeb0267-24a3-46a9-9b2c-b1b6f0919e62&dtm=1678357549620&vp=0x0&ds=0x0&vid=1&sid=5522c10e-3a57-421a-ab5d-52f6410cb0c7&duid=7efacb83-71ad-4d69-9c5c-db7e044d0008&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy93ZWJfcGFnZS9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJpZCI6IjNlYmIxMjYwLTYyMzEtNGVhOC1hYjA1LWFkNzFlM2E5M2U3NCJ9fV19
Requested by: Host: www.schaschlikhaus.com
URL: https://www.schaschlikhaus.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:412 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: / Express
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.schaschlikhaus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=31, origin; dur=150, ak_p; desc="466210_1750270990_305134818_18079_8725_41_0";dur=1
x-powered-by: Express
content-length: 43
etag: W/"2b-6n31g5gxM7YnErXnO/+81FzFNzY"
content-type: image/gif

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame E5A8 94 KB
12 KB 43ms
43ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 690738
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t28rXL6tBudYStoRvd2XBsXf2nbQt8cX0Qt%2BNPKO6G%2FVvEFtEPrWfvxaeOqISJ9B602iSzI%2FzDoiiFBoLKDLMqEX1hreU4BfZLDNOciMiKX5Xp4kfG2KFOQQYAha7rHEkcVDszJ0%2Fok%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a529dbd6957366d-FRA
expires: Thu, 09 Mar 2023 11:25:49 GMT

GET
H3 200 A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame E5A8 2 KB
3 KB 44ms
42ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 450298
cf-polished: origFmt=png, origSize=9357
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2330
cf-bgj: imgq:85,h2pri
last-modified: Thu, 08 Apr 2021 14:26:03 GMT
server: cloudflare
etag: "8cc161b392f5744da5319a4da549b763"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULZ5s3QG8W2f%2BVitIVCWaNxbVExXiEn3lyxgsS9Ta4xeocE67qSoP3RYfYXuDsnst%2F6nz6uHIZ3rHIo27E0S%2FHJaI3Mt1nVpgrmLUZS%2FrndE2vVDZKvAogFVTW4WmDGwV36ITuHuXkKfBjTB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbd695b366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H3 200 B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame E5A8 339 KB
340 KB 89ms
72ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 450298
cf-polished: origFmt=png, origSize=563367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347098
cf-bgj: imgq:85,h2pri
last-modified: Fri, 09 Apr 2021 07:22:09 GMT
server: cloudflare
etag: "ff5ac113643d20bec15acfffe32cb75e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30FUr%2BcYw2dHoDW11IsB%2BD8SO0LygGyQ%2FMehe3luGAp8KQUIPPzuz21V4nas8lpXMfrawhnfBbLzjHKPFgazTQQeWbI2tUv4IzmcGYhH%2BOT7uEcJSR3X2BKjfotWDnFgEtDKqAuWuOstNXwm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a06366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E5A8 43 B
704 B 117ms
101ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidVQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQoneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 120F96A75D6F4DFA8C180C0B166F56DE52DF6CCE7132AA81A0F39370D0B66A11D11DF772A5F37667D848D1EFAD34C7BB21F4F1EC3CC3BACAA138FC27CB46D84C
assets.ad4m.at/logo/ Frame E5A8 4 KB
5 KB 55ms
39ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/120F96A75D6F4DFA8C180C0B166F56DE52DF6CCE7132AA81A0F39370D0B66A11D11DF772A5F37667D848D1EFAD34C7BB21F4F1EC3CC3BACAA138FC27CB46D84C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c331eb86d87b1684540ddb6544a96d3f9b975141681f028ae97b0c5bcf4b64b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449383
cf-polished: origFmt=png, origSize=12853
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4258
cf-bgj: imgq:85,h2pri
last-modified: Wed, 31 Aug 2022 11:57:56 GMT
server: cloudflare
etag: "40eca896a1af9011ff26d05bf97e80fc"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJDDswDbfRssPjojj1sxSPwQ8827t%2Fz2rm3CKyLf38Pj8vcSuucHxRW%2FqiLsldw6CN8f6wLEZsWjgrcX7ifXg1nxSdMFsOdfpOXzdh4fFO3aoO92hFkGcdSGEPTtJxMGBzLFFSBXAZyv%2BLij"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a0c366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H3 200 71613ACF08169DC6086C040AE52307CEF098D4B356E4B796716A9DBCF0EC1F05DFBCD36FB6577E1AFB510DCB27E1A87ABB105BDF2D2322D292DF64F8BA6C23F2
assets.ad4m.at/product_image/ Frame E5A8 395 KB
396 KB 193ms
177ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/71613ACF08169DC6086C040AE52307CEF098D4B356E4B796716A9DBCF0EC1F05DFBCD36FB6577E1AFB510DCB27E1A87ABB105BDF2D2322D292DF64F8BA6C23F2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baf6e1fbc8672ca7564dc5292ecfbacf2eef6edd5eb6190b9f8449cbf22175c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449384
cf-polished: origFmt=png, origSize=601914
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 404308
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 May 2022 09:21:48 GMT
server: cloudflare
etag: "f069261d576d3a64b17a9a79c2d0288a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ebV28gVZZXn15ATc5Knlm44zzjaW%2FOB4ZTKzc2xYqRvzCoLwxj6Uh6t91yDTB7F1cPmibjamO46lOUUwiMaKOgoY2W0pPXiWsIfR0WPxpoRbo4Giz9U%2FhvnFfzLUdjj7AdL6PraQA%2B581WL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a0d366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E5A8 43 B
704 B 150ms
134ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2974903&v=22835&q=421902&r=412871&pv=1&pref3=oneidbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJoneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 CC8B1D9792BD6CE6D76CF9AA0038BE6853780CC480185A5A9524B096078F733790C723844ECB26595FFCA0144473AC7F43AE765F0B6DABCDD7D5600F9458A111
assets.ad4m.at/logo/ Frame E5A8 9 KB
10 KB 56ms
40ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CC8B1D9792BD6CE6D76CF9AA0038BE6853780CC480185A5A9524B096078F733790C723844ECB26595FFCA0144473AC7F43AE765F0B6DABCDD7D5600F9458A111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b0cc12c262c6c8f62b15eed6e8be80a55bcfec822e3b4af38d92404dc5d4a68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2429179
cf-polished: origSize=16504, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9598
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Jul 2020 14:39:48 GMT
server: cloudflare
etag: "bfceb1c7edb12a3e0b2d6f65547fe58f"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qs%2BW%2F6%2BrWP1cZxl%2BhwTjayfCbLwpGQMfTuRWTaQp450GQieUi4PQmJhPSwM7NW7dyBgLhkWuBLhJfEF1PpCq7Ae6MZ0xow6x3X7aixEKYI85JzO32rgTVs1Hh5%2B6PKkVMA5qDZtOh6dzJ6HJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a0e366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H3 200 9FB46C539BD39BDAB9CB865C15916E5DBEDB29EA3B6CC7FA71DB52CE2EB36C08FFBA2ABFCAD081D7E12B15979F9F710A191CAB00DFC0240B395D1BA63D484D57
assets.ad4m.at/product_image/ Frame E5A8 115 KB
116 KB 57ms
40ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/9FB46C539BD39BDAB9CB865C15916E5DBEDB29EA3B6CC7FA71DB52CE2EB36C08FFBA2ABFCAD081D7E12B15979F9F710A191CAB00DFC0240B395D1BA63D484D57
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=117569%2C191668%2C22527&b=VQqZawfmfrBQMhVHbHAtRt6qdcBSDtgbBtQ%2CbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2CBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFM&f=mQ94aefGfDm5qamHZHZtQCwV9cKSJte3mHA%2C3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CjePbTEfGfQmKCYHEH2tWCEMrHZSDt1Bwa9&c=300&d=250&e=&g=72b27114ba0744a03fd7525e4c0c0440%2F17791318741439613488&i=29981%2C75452%2C20214&j=16%2C16%2C14&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9238b38f21c2c922b2e749ccfb5f91fd1b8b3edd389a1dcc915e5d40fc75ec3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1746448
cf-polished: origFmt=png, origSize=225806
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117786
cf-bgj: imgq:85,h2pri
last-modified: Thu, 18 Mar 2021 21:47:15 GMT
server: cloudflare
etag: "e23596a24bf65dc83fbc4d1b76f23cf8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiW4vVNczY3VfRseOKm8kSLEjARH%2F4DeOav2u1%2BSx6zhtz4JKL9DsCNaizmafM6bu1ju32flSBxgU8NI%2Fc5E9OG5BR43btqNpIapC70jpcLrmv9VbvSEXEmW1lxAckDhTXOrTbQgpO%2B49arB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a10366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H2

200

spacer.gif
www.lead-alliance.net/images/ Frame E5A8
Redirect Chain

https://www.primefashionads.com/tpv.php?t=112510V1342137676M&subid=oneidBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFMoneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=112510V1342137676M&subid=oneidBdRpFgfPfAPXuxH6H3t9tbrqcjSdt89jFMoneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/images/spacer.gif

43 B
221 B

33ms
32ms

Image
image/gif

84.200.5.215
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lead-alliance.net/images/spacer.gif

Requested by

Protocol

Server

84.200.5.215 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Nov 2018 09:35:57 GMT
server: nginx
etag: "5bf526fd-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:50 GMT
x-content-type-options: nosniff
server: nginx
content-type: text/html; charset=UTF-8
location: images/spacer.gif
cache-control: no-store, no-cache, must-revalidate
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.35/one-ad/ Frame 9265 94 KB
12 KB 54ms
53ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.35/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1677666448
age: 690738
cf-polished: origSize=96968
x-guploader-uploadid: ADPycduxnnyMRJTFaD4Dg7Hd8aRn6xTYu1PRy7TXWWh0GjCBxwAMZMkehaNAf-UCycuwqnGLPQWuj1EZCp5aL6ZRZOMYGSoR-sy7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 01 Mar 2023 10:28:06 GMT
server: cloudflare
etag: W/"6110dc3a24c902508647a582294bcc25"
vary: Accept-Encoding
x-goog-generation: 1677666486645030
content-type: text/css
x-goog-hash: crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uILJ1BXvF7EWANNGGU2wNtHgH3X2mws4DK%2Ftd6K0FIvjY0SxYHuhVLjaYV5DiRgT6yipqFbSsJ3AaTbK6T2JOJK14Z3tBCorT1S%2BV3rXrs%2Bv1XlCT1qq5w2BpY1EWLGCr94jR5a5VoY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 96968
cf-ray: 7a529dbd9985366d-FRA
expires: Thu, 09 Mar 2023 11:25:49 GMT

GET
H3 200 B90C033FDDAFE167216DAF45DAAB37F1181AC05EF28902E3E1F90AC2DEA8CE7C9387B125DC766B6BAB57022C1203C04455D55F4174F4D63926705C8E99633B35
assets.ad4m.at/logo/ Frame 9265 5 KB
5 KB 56ms
56ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B90C033FDDAFE167216DAF45DAAB37F1181AC05EF28902E3E1F90AC2DEA8CE7C9387B125DC766B6BAB57022C1203C04455D55F4174F4D63926705C8E99633B35
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8a28a7d0b8e9db6897e2ae410d4a3de1a0293d4191e485e961c6f2302420428

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449406
cf-polished: origFmt=png, origSize=16781
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4630
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Jun 2022 08:42:24 GMT
server: cloudflare
etag: "4366a1ae234691137cdd835c429b2708"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5Yqnjak%2B0PueEjzabFmbJZ6XRo2wHaNMp0bxZi%2F8regdCM8qodFscq5Hr1%2FvW4k3IF46blFmwU5fWOoNn7IkDLaUnZ2c5RnqLgEAqhwjb8mnljrjesF6%2F4wOnZqC2h0jybcdSdDCdc41fmP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbd9986366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H3 200 C39F4180FB3CC590443915294E6B8009CBFD4EBFDB613D0FADC7B8687648583D39C590F9F1C1777D572B425366E2A6ECC8C89EAB32733D33E383B1199E591F09
assets.ad4m.at/product_image/ Frame 9265 265 KB
266 KB 163ms
147ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/C39F4180FB3CC590443915294E6B8009CBFD4EBFDB613D0FADC7B8687648583D39C590F9F1C1777D572B425366E2A6ECC8C89EAB32733D33E383B1199E591F09
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec9e287187c9da429783138588863a147e8aeb035c9539e4c434f01a31a6e069

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449406
cf-polished: origFmt=png, origSize=404692
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 271702
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Jun 2022 13:24:08 GMT
server: cloudflare
etag: "b15b5c0454dd7acc29c0cbe4cc9323eb"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6Op3vCUMvg59X88MUmdVN8K4Lh7J%2BfglV63SElflu0EHYAe5noc5F2X6tNuFF0qMaNMdPAG9tUWIx6WSCDJvOnwuBVPkPhjcxPJLV%2F4Pa07R7%2Frr3E2%2BJ3ddhOoqAZNu5yEj3bajHHWpRD0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a11366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H/1.1

200
OK

/
a.nonstoppartner.net/a/ Frame 9265
Redirect Chain

https://cdn.retailads.net/tb.php?t=150269V2180132361B&subid=oneidMB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3oneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://a.nonstoppartner.net/a/?i=view&client=gewinnarena&camp=registrierung&l=de&size=234x60&nw=read

22 KB
22 KB

217ms
94ms

Image
image/png

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.nonstoppartner.net/a/?i=view&client=gewinnarena&camp=registrierung&l=de&size=234x60&nw=read
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 17e4dcc550cf8a482dd97219ff85e385b9398696d9769a552a89a4cb7ceeac5a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:25:50 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/png
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 22275

Redirect headers

location: https://a.nonstoppartner.net/a/?i=view&client=gewinnarena&camp=registrierung&l=de&size=234x60&nw=read
date: Thu, 09 Mar 2023 10:25:49 GMT
xphp81: true
server: Apache
content-length: 0
content-type: text/html; charset=utf-8

GET
H3 200 7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame 9265 7 KB
7 KB 238ms
222ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e7bfe2aaa1b8be1ff5792cf190eb4b9e7d922240eea9ccc0a835b2bbde9f56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 449414
cf-polished: qual=85, origFmt=jpeg, origSize=20298
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 19 Jul 2022 19:05:28 GMT
server: cloudflare
etag: "dcdbfc63ef930c205a6c8ec70a6f5e71"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSKx%2B4y0lXY0kjfF8rOAuucXTxuCyMBjuxBk8tSKHtJH7i5LszC6i2botI1%2F3yfSHrCjXFt7dWuC5qJdtSVv1C3W0ToU16bShZ8eCG6PM4GV0DuK9FrUDYHgCqA%2BxGKqsFHF1Y%2Fv5X7XlUuT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a13366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H3 200 EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame 9265 351 KB
351 KB 238ms
223ms Image
image/png 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a3d3433477eba018b75e45a59df58f7cd3f98913e522460f3e3d7d5a746c241

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1947673
cf-polished: origSize=404140, status=vary_header_present
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 359224
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 May 2022 12:50:17 GMT
server: cloudflare
etag: "2ffe877a2fd7c65a1f5b57fbcb242dc1"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVIc1718eC7Q5cgGoqlXxDdVBiKlS%2BF8VsezqkNFo5zHptPZboWMjGXir7%2FU0Yj9t9UNgZAvad6pXXxU4GhH0uRRhgl4zTMa0tjM3qkttbSdC%2F2tjq5jMC3wtzJnrFHHuOaSFpCUfryArqzS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a14366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H2

200

/
pvx.freenet-mobilfunk.de/ Frame 9265
Redirect Chain

https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3oneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1678357549_c3267d40-be64-11ed-b6bf-22318f8574b4

43 B
800 B

138ms
50ms

Image
image/gif

2606:4700:4400::ac40:9b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1678357549_c3267d40-be64-11ed-b6bf-22318f8574b4

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0

Protocol

Server

2606:4700:4400::ac40:9b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP="ALL CUR DEV PSA OUR IND STA"
date: Thu, 09 Mar 2023 10:25:50 GMT
strict-transport-security: max-age=31536001; includeSubDomains; preload;, max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a529dbf89bebbf7-FRA
content-type: image/gif

Redirect headers

Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://pvx.freenet-mobilfunk.de/?vp_nummer=41006061&subvpid=412871&eventid=11420_412871_1678357549_c3267d40-be64-11ed-b6bf-22318f8574b4
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 F01DD11BDE70C444C67296F1D98E1068FCB71E1CD6FA575EA853D54A5B8333F3E3029B3EBD5855FB8E6352E35768DFBB5F6F3BA9E3A4ED1E1DDEAC6ED973BC35
assets.ad4m.at/logo/ Frame 9265 4 KB
5 KB 270ms
255ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F01DD11BDE70C444C67296F1D98E1068FCB71E1CD6FA575EA853D54A5B8333F3E3029B3EBD5855FB8E6352E35768DFBB5F6F3BA9E3A4ED1E1DDEAC6ED973BC35
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd3bd8ee6b6499da5c933c8e98f905967011659fbc233bc5102ccbcfb9a3c5ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230071
cf-polished: origFmt=png, origSize=13032
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4240
cf-bgj: imgq:85,h2pri
last-modified: Thu, 22 Jul 2021 10:26:22 GMT
server: cloudflare
etag: "920d37d2bd2e4466a36309e69d22f12d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zwwfm8dLoaWGZIx%2Bp6UCQz%2FPef4Z9%2BAVRnlCqzZ%2BTHrR30jwkHZ3qDdxSuzCuWmwbeJCTYeTqj8oum%2FRPFPWHbp7h9xBghc2JMGeYtLT0TcBfXUQPpOZ%2FfaGW5LH%2BGY0qXZytPExLQTMdL%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a16366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H3 200 EA58366904E8FB7B9FFCDB2DFC84DA636DBD34836B163E06588951FB0E279C045535C1031B8C7D28ECCB2B4E92CB1D9ACE95E86CEAC12B9A9C4DA60C18393184
assets.ad4m.at/ Frame 9265 365 KB
365 KB 271ms
257ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/EA58366904E8FB7B9FFCDB2DFC84DA636DBD34836B163E06588951FB0E279C045535C1031B8C7D28ECCB2B4E92CB1D9ACE95E86CEAC12B9A9C4DA60C18393184
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196283%2C29002%2C343511&b=MB8qTzfrfjzrKSWHEHGtDtX6ZbhBS9txrWh3%2CqxgqhmfWfMJqtZHgHDtJtZQdheS3tJDxC3%2Ce5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1&f=6RXKfef3fMwrDTeHmHYtEC9WGZHYSBt3VWH7%2CRBkgTgfQfWGrckHwH3tzCPG8U9SxtYMPS7%2CDZRWS3fwfmb5ps3HmH9twCQKzsxSVtYEJSV&c=300&d=250&e=&g=a7e3203840288dcba8e8f35a4b552ec8%2F13337494120820833397&i=75492%2C25052%2C28209&j=35%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1678357549387&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412ece5172cb62e8700bf74ce2fd0e82d92c52b3a9a6943f692c4d322b94df92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230071
cf-polished: origFmt=png, origSize=538153
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 373456
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Mar 2023 11:54:54 GMT
server: cloudflare
etag: "a05ed67755b70c2d5e6e53af08acb38d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8qORtZvI5yCE%2BSSotAuLCN9wtA3ZpwwDts025TMRx1XD8DH5oa0KJ5icNhuchiA3Q1yDXsW6soFLUmz4kNeILr9fsV90S05o7xM%2FE7p3jcTa22%2BySfx1RRNtILZQYIH13sK%2B7jKIaRtzK%2BF"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a529dbe1a19366d-FRA
expires: Fri, 10 Mar 2023 10:25:49 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9265 43 B
704 B 141ms
127ms Image
image/gif 104.87.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3267277&v=19276&q=407668&r=412871&pv=1&pref3=oneide5pJh3fVfJx1bHjHZHet1tZxGSwSbtK3BC1oneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.87.133.65 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-87-133-65.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 10:25:49 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 style.css
netzwerk-ad.de/ Frame F3D2 6 KB
2 KB 156ms
153ms Stylesheet
text/css 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/style.css

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

1e2fa970341b6dc1981473780cc702344215a0a81756ec602ac46557df1c016d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 14:26:11 GMT
server: nginx
etag: W/"63a46903-1674"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 jquery-1.3.2.min.js Show response
netzwerk-ad.de/js/ Frame F3D2 56 KB
22 KB 157ms
154ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/jquery-1.3.2.min.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 14:26:36 GMT
server: nginx
etag: W/"63a4691c-dfa6"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 script.js Show response
netzwerk-ad.de/js/ Frame F3D2 186 B
386 B 157ms
154ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/script.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

250125d7130c6f0d0c53cb4a6adc7d5bea98a9525b07f7b408bf5c90b67b2f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Thu, 22 Dec 2022 14:26:35 GMT
server: nginx
etag: "63a4691b-ba"
content-type: application/javascript
accept-ranges: bytes
content-length: 186
x-xss-protection: 1; mode=block

GET
H2 200 cufon-yui.js Show response
netzwerk-ad.de/js/ Frame F3D2 18 KB
8 KB 157ms
154ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/cufon-yui.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

186707c7ae0d45cba1490a5556f59fc371f6ab88cc16c452fef8b70072cb5e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 14:26:35 GMT
server: nginx
etag: W/"63a4691b-4751"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 arial.js Show response
netzwerk-ad.de/js/ Frame F3D2 454 KB
126 KB 157ms
155ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/arial.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

3811387a8142cdfbab3592a252f474419107d5df71cbff5c6415d7ef53cda116

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 14:26:36 GMT
server: nginx
etag: W/"63a4691c-7193f"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 cuf_run.js Show response
netzwerk-ad.de/js/ Frame F3D2 58 B
257 B 157ms
155ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/cuf_run.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

091f183120ebafa52a6fa06a25558ea70f4b7077c88531b91e5d5a1ba2b683af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Thu, 22 Dec 2022 14:26:35 GMT
server: nginx
etag: "63a4691b-3a"
content-type: application/javascript
accept-ranges: bytes
content-length: 58
x-xss-protection: 1; mode=block

GET
H2 200 header_images.jpg
netzwerk-ad.de/images/ Frame F3D2 12 KB
12 KB 151ms
150ms Image
image/jpeg 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netzwerk-ad.de/images/header_images.jpg

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

fc6b008e5dc94f56068b77adce16b3dc0d25b04b9bb3ff275aef11437d0bf101

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Thu, 22 Dec 2022 14:26:16 GMT
server: nginx
etag: "63a46908-2f69"
content-type: image/jpeg
accept-ranges: bytes
content-length: 12137
x-xss-protection: 1; mode=block

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ Frame F3D2 4 KB
1 KB 41ms
40ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1767492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ls8QKpTaBWHFFu0YrBLDrrTxIgEGUo0eWa%2B6Z65EMK7%2Bt32tgTTtUhw4TAAnKab%2FtvYXkjrirRpmGWUNp5iWaBd2K5tq%2B%2Ba%2Bt15UwpPqEiK4pReSNphUnyRfpz5dyZUA0zBvX1MWeik8q%2Fp4Oyiv8k0N"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a529dbfd8005c4a-FRA
expires: Tue, 27 Feb 2024 10:25:50 GMT

GET
H3 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ Frame F3D2 19 KB
6 KB 43ms
39ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1147959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x8ppfiwEkg4%2BRK%2F4lQpQazHs2zwE4EzGs5kC68dfr81IdwFPM2a90HwlP4sKGGJZ0YANTklsdCXE%2F03Oh0JF5VRNC4vNQ1icRLDfnF7lf6GygycfW8MGT3WqvUVyUuSXDEXk%2B3VGZwZTZjLCuvT3jZm7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a529dc02cb2bb67-FRA
expires: Tue, 27 Feb 2024 10:25:50 GMT

GET
H2 200 ads.js Show response
admediatex.net/serve/ Frame F3D2 1 KB
962 B 137ms
38ms Script
application/javascript 2606:4700:20::ac43:444a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://admediatex.net/serve/ads.js
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 07 Nov 2022 17:04:40 GMT
server: cloudflare
age: 522409
etag: W/"63693aa8-449"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ps6w2uadtlFbRghnAnEUxO7WdIQW%2FiySLR2XJnVm6lEAejffhKB55w%2BuzTzO87OxJudqBP%2Bs5PxSHxNqMsFd98B06cg4cw9eoL%2FvlFipQN1TD8gwTpilNvY139y1k%2BR5iMabxejogy%2BaJkk1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7a529dc188be995a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
media.hubuhost.com/ Frame F3D2 0
237 B 211ms
38ms Script
text/html 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://media.hubuhost.com/?key=17A178

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: deny
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 1551779 Show response
ad.a-ads.com/ Frame B73C 12 KB
5 KB 56ms
53ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1551779?size=468x60

Requested by

Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

d53d506361c33c4eccfa3bbb498fb163483e745630a5988d0bbb9f5a93b7e72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://www.netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 60
neon.today/context/get/84795/25444/1/468/ Frame 9B64 898 B
777 B 2478ms
2330ms Document
text/html 213.183.48.30

General

Check archive.org

Show headers Download Go to

Full URL: https://neon.today/context/get/84795/25444/1/468/60
Requested by: Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.183.48.30 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 574
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 10:25:52 GMT
Server: nginx
Vary: Accept-Encoding

GET
H2 200 1551779 Show response
ad.a-ads.com/ Frame 5A9B 12 KB
5 KB 80ms
52ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1551779?size=468x60

Requested by

Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

d53d506361c33c4eccfa3bbb498fb163483e745630a5988d0bbb9f5a93b7e72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://www.netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET bits-ads.php
blatcoin.net/ Frame 7E25 0
0

GET
H2 200 size=468x60 Show response
free-btc.org/banner/u=frechdax/ Frame 719E 1 KB
823 B 235ms
211ms Document
text/html 2606:4700:3033::6815:1d16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://free-btc.org/banner/u=frechdax/size=468x60
Requested by: Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1d16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f43fec8449e54162b41b874d66d86f6540eebbbfbd927ccaf9bd68871d3b1443

Request headers

Referer: https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dbe1c6190fb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xuyqzwdmNyNZqFCJhmOUtIuHMUTuQQKvtjsza8cPY99%2FA4vz2ePbr3XOIykPtMBnFtiFOcLrn3A%2Faqh2ae8tBvGW5OqpkBHeegfpcATqtDLv4yfFS%2BLtwmTUwu%2F%2FD%2BX3ioeRxuNwNsxCnE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 mediacpmrot.php Show response
netzwerk-ad.de/ Frame 160A 9 KB
4 KB 409ms
385ms Document
text/html 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/mediacpmrot.php

Requested by

Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

fd6a2c133431c3d9c3aa0d66fc66ecced4d5726b3def9fff646d6b09ab779791

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
vast.yomeno.xyz/ Frame 2C9B 3 KB
2 KB 178ms
76ms XHR
text/xml 2a02:128:7:4722::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.yomeno.xyz/?tcid=16279
Requested by: Host: cdn.tubecorp.com
URL: https://cdn.tubecorp.com/vs/vs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4722::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: a5c2cfa49e60c5972d331e839de3f08eaa2db00cbab4ebead6e5ac4c981609f7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://bitporno.de
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,

GET
H2 200 bico.gif
free-btc.org/img/ Frame CE08 32 KB
32 KB 59ms
35ms Image
image/gif 2606:4700:3033::6815:1d16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-btc.org/img/bico.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1d16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/banner/u=frechdax/size=468x60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 259891
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32521
last-modified: Sat, 19 Feb 2022 15:54:05 GMT
server: cloudflare
etag: "6211129d-7f09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p440sRx4ZRebb7bqqoD4Ipt0%2FJ94CzfstCAIcSSl7n78C5vftseOWFqFvtWgx04KqsAm5NWgb2v33EsPleBDvlvr78CxGWLbU9m0eP3JG%2FoaJ6HEgbtGqrCLeS63Dd3qvqenGA9EkYfVwk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7a529dbe1c6790fb-FRA
expires: Mon, 13 Mar 2023 10:14:18 GMT

GET
H2 200 468.gif
crypto-fire.website/ Frame CE08 242 KB
242 KB 147ms
39ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto-fire.website/468.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 853c74f8049dbd5e39f02ceee62065dde6d645c89e5ec34f086fb765ce7247ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 158265
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 247390
last-modified: Mon, 01 Nov 2021 11:03:29 GMT
server: cloudflare
etag: "617fc981-3c65e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oziQ%2BAJ%2BK42A%2FuiO0nhdgK%2Fbby%2B%2FTHK17yg9yREY2U%2BOlfWq%2F%2Fkpv1%2FVduhy%2F6Bs2Sh1VZz9xgKIqVUX0na8J5%2FmAz0SoIHBm0XrMMs4zH9iL1WAyC7FxOLvZTWwBln1CZx19nEr%2FsmCUKyFdwHuXxeE"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7a529dbeaeec6997-FRA
expires: Tue, 14 Mar 2023 14:28:04 GMT

GET
H2 200 bits-ads.php Show response
beycoin.xyz/ Frame 8D2E 6 KB
2 KB 380ms
375ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=779
Requested by: Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 3b5895a0b09ca856260feeb264f7fdffeaeb1a66cc6fcb8bf911e22f4cb379a9

Request headers

Referer: https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dbe28c39be0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:50 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZfwyULv16D1QwCfXtkgtxsyPogtwPP%2Fduzn6IGTr5c%2FMQr4CLQF2FPno%2FwBDj3ZecQMsziA%2B0CIhlFm4%2B%2F%2Btb9rA07srJThkSyf4%2BaqIMTTLSC3kt6uVpshWP4BX7s62oKxCG4pzomuwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 bits-ads.php Show response
beycoin.xyz/ Frame 4D21 6 KB
2 KB 393ms
391ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=779
Requested by: Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 15971ef20389ea181bb97ac78887494f4a55dfed7a2dc81f0826fee3a294e5b8

Request headers

Referer: https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dbe28c99be0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:50 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXyJTn0J8EH1rflqS%2F4FwgDNMDCH%2BmgJFpnrONReP%2BxQKz2k7KWIQ2EoEQQHp%2BvH0CEE%2F5Ef6ubKuXsd8HKJ46xbX6xP3KsDi5xHOzOJ0HfGJZ%2BlAIRSVVVn7S95iOGTaND9sjrbYmraTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 bk_rota.php Show response
bk.adcocktail.com/ Frame 6A55 279 B
632 B 86ms
58ms Script
text/html 104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bk.adcocktail.com/bk_rota.php?format=468x60&uid=59162&wsid=195107
Requested by: Host: l.adcocktail.com
URL: https://l.adcocktail.com/l_rota_v.php?uid=59162&wsid=195107&wid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6595451cbf83e03521420346a66ff52a02d3364e2eabbf1724555a7bfb93c5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhmpmsMDQbjsooX81CmZd4JzG7fyLp8MLp%2Fk83ijljRfLTW8lIUI%2FLXdxOx0zUFoWyXq%2F%2Fjar%2Fb6CniyLFKN8tJ0RG7Nedgvb7bTvdNTymEGqzNw0Yv%2BIWM0GRL6i17H9QU%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
note: CACHING IS DISABLED
cf-ray: 7a529dbe795c2bb4-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 adc_layer_logo.png
l.adcocktail.com/images/ Frame 6A55 5 KB
5 KB 40ms
38ms Image
image/png 104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.adcocktail.com/images/adc_layer_logo.png
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a712480f1063437e1f893fd7e5be4e344ed4ea0e255a8c485d462d545323953e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2018 11:16:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2030
etag: "1448-56502018ce55d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0%2B2x0yI%2Bx5l7%2FPb8EIErcVPIkKxj6c9vXARra2vwjD7LRT1m4I5daXBAC8k3mr2emBJbItdrsjzrErrqWJVA29ot6HZ5yU9OD1%2Flv2FN%2F80HaGgWG8v14jPjELo0cuhZdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7a529dbe49252bb4-FRA
content-length: 5192

GET
H2 200 adc_layer_fav.png
l.adcocktail.com/images/ Frame 6A55 2 KB
2 KB 38ms
37ms Image
image/png 104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.adcocktail.com/images/adc_layer_fav.png
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bed4938c07839355b679781de23060982a4118e57124b21ed66509696c3cfd1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2018 11:16:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2030
etag: "68b-56502018c397b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsRYk2jmXlo1iuixnmSHzZp7usvf%2BNciV%2Bbgd476heKqbC2MdLLlfG8Pqffagb%2BPMxQT3ilv5lQhwh%2FcEkqbGXkQMc8rx4aabGd2bXLRcpis6zFFipvASE%2BhJpkb9oU8PGE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7a529dbe49272bb4-FRA
content-length: 1675

GET
H2 200 adc_layer_new.png
l.adcocktail.com/images/ Frame 6A55 1 KB
2 KB 43ms
41ms Image
image/png 104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.adcocktail.com/images/adc_layer_new.png
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 511ee72f5e0453830953617a7a7f81b96950e63bb43ae5dfa1386eaf835f3ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2018 11:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2030
etag: "54c-56502018e6c02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOUl%2B3oHf1NuXur9HmnaHMJiGIedjfjpOScLuTdie%2BpCs%2FixMYgJ%2Bx%2BFXyw4LscHdk6C9ToUTbAb29PF%2FkGgrgV5mkdVtFVhtSLQBvEe5rN7BlTn%2BWTWMa2hD%2F%2FBxVI%2FliU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7a529dbe49292bb4-FRA
content-length: 1356

GET
H2 200 adc_layer_stop.png
l.adcocktail.com/images/ Frame 6A55 1 KB
2 KB 39ms
38ms Image
image/png 104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.adcocktail.com/images/adc_layer_stop.png
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e02bfcdfb9333b90284e0a7c3c5f2064e6df73e457e3181031c6c8ceacfffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Feb 2018 11:16:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2030
etag: "4ea-56502018f0844"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdWPM8IL7kEjd4ttdmmt3B2ynRy8CizLOazFjHWxrIzzKTzQEqIkRecLZAz%2FdD9CPe2z9Dtoml3GFFkc3CHfxAL3E44zdqJMNGMs6O6B1gy2bpUT2LCuRRoApnLEZ%2FEshrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 7a529dbe492a2bb4-FRA
content-length: 1258

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/393745/ Frame B73C 428 KB
429 KB 43ms
42ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393745/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
x-amz-version-id: OCdZGo21C0eofzydi4BulScJFjE6rXPN
last-modified: Tue, 31 May 2022 13:28:27 GMT
server: nginx
x-amz-request-id: M4G67NCDDC0CBTMH
etag: "9ecf8ce917854a0c481254a2d97e2ac6"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 438215
x-amz-id-2: /YBVn6TVJ57WVdTQ2Mh9HCxVM14teMpIMDrkA6VeMmbsElxsathJKTYgrheqLrYWs9QJ9DBa6ZQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/393745/ Frame 5A9B 428 KB
429 KB 44ms
44ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393745/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
x-amz-version-id: OCdZGo21C0eofzydi4BulScJFjE6rXPN
last-modified: Tue, 31 May 2022 13:28:27 GMT
server: nginx
x-amz-request-id: M4G67NCDDC0CBTMH
etag: "9ecf8ce917854a0c481254a2d97e2ac6"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 438215
x-amz-id-2: /YBVn6TVJ57WVdTQ2Mh9HCxVM14teMpIMDrkA6VeMmbsElxsathJKTYgrheqLrYWs9QJ9DBa6ZQ=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

links2000.gif
www.spiele.links2000.de/ Frame 6A55
Redirect Chain

https://bk.adcocktail.com/bk_rota_v.php?tan=MzMzNzd8NTkxNjJ8MTk1MTA3fDE2NzgzNTc1NDk=
https://www.spiele.links2000.de/links2000.gif

18 KB
19 KB

295ms
77ms

Image
image/gif

212.53.214.163
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.spiele.links2000.de/links2000.gif
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Server: 212.53.214.163 Geesthacht, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
Software: Apache /
Resource Hash: 608c6f10838f82cab43378458f60f0b295cb7351950531f34b6d65ade1d0c7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://klick-welt.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
last-modified: Sat, 17 Aug 2019 06:53:04 GMT
server: Apache
accept-ranges: bytes
etag: "4997-5904a8f0006b6"
content-length: 18839
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:49 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Mar 2023 10:25:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JyzDG8nmoKZdYoWUYcx9g0BVII4ayyF7UbTjcbLVIqX%2FhmtzEPkRW9tahNdu5LJ0SKJXMMFQjzX5MZ0LcJigLHLcbhjPrZ7QK0Qh0vF6Uq92xgN3hNbr%2BpBKoN95NPM2Ogk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
location: https://www.spiele.links2000.de/links2000.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
note: CACHING IS DISABLED
cf-ray: 7a529dbefa042bb4-FRA
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 1221377 Show response
ad.a-ads.com/ Frame 956B 12 KB
5 KB 62ms
52ms Document
text/html 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1221377?size=160x600

Requested by

Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

49e2b32ef3e519d624f7d078470e9bf349adb3dfa565a0002606127e94f022c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://klick-welt.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 09 Mar 2023 10:25:49 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://klick-welt.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ziel.php Show response
www.ad-mix.de/kamp/ Frame BCC1
Redirect Chain

https://www.ad-mix.de/kamp/rot.php?art=traffic&uid=36&sid=140
https://www.ad-mix.de/kamp/ziel.php?uid=36&bid=735491&sid=140

841 B
939 B

62ms
57ms

Document
text/html

178.63.98.119
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ad-mix.de/kamp/ziel.php?uid=36&bid=735491&sid=140

Requested by

Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

178.63.98.119 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

srv.ms-i-service.net

Software

nginx / PHP/7.4.33 PleskLin

Resource Hash

55bc843a2f69141aa8491df337ec15130f4661e70f2d2fc6a94c4f07c29ed7c6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

Referer: https://klick-welt.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 538
Content-Security-Policy: upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 10:25:50 GMT
Server: nginx
Vary: Accept-Encoding
X-Cache-Status: BYPASS
X-Powered-By: PHP/7.4.33 PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Security-Policy: upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline';
Content-Type: text/html; charset=UTF-8
Date: Thu, 09 Mar 2023 10:25:50 GMT
Server: nginx
X-Cache-Status: BYPASS
X-Powered-By: PHP/7.4.33 PleskLin
location: https://www.ad-mix.de/kamp/ziel.php?uid=36&bid=735491&sid=140

GET
H2

200

tt_maa.php Show response
tt.adcocktail.com/ Frame 0EC8
Redirect Chain

https://tt.adcocktail.com/tt_rota.php?uid=59162&wsid=195107
https://tt.adcocktail.com/tt.php?adc_tan=MzUxOTB8NTkxNjJ8MTk1MTA3fDE2NzgzNTc1NDk=
https://tt.adcocktail.com/tt_ma.php?adc_tan=MzUxOTB8NTkxNjJ8MTk1MTA3fDE2NzgzNTc1NDk=&ref=klick-welt.de
https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8NTkxNjJ8MTk1MTA3fDE2NzgzNTc1NTA=&ref=klick-welt.de/

530 B
588 B

47ms
47ms

Document
text/html

104.26.2.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8NTkxNjJ8MTk1MTA3fDE2NzgzNTc1NTA=&ref=klick-welt.de/
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/?content=/betteln&ref=770
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.2.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1c75c4e5b6db9235b1b870ace5c29c4aa78a42ea722771ed9bcfd6dbdab41c

Request headers

Referer: https://klick-welt.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dc00b632bb4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:50 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
note: CACHING IS DISABLED
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEDjhUO38JwaBWZpN37AOyFpYrKZWmZ1thOWfA%2F0OC5yb1JKIExcErxKgswN5OfvEuVksXS4W6PUi%2BNvtBLJB3lJFDEQrL1pbTtvTJsmlAEWpggSGjZqX84bHKq8UY8bEb6D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a529dbfbafc2bb4-FRA
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:50 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8NTkxNjJ8MTk1MTA3fDE2NzgzNTc1NTA=&ref=klick-welt.de/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
note: CACHING IS DISABLED
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdZ9ckWSPf4JSGmxOUbAKRfyxTe1W7skbg1gPQd3ANj%2FWFYyHL6VoA6SUJ7Bx6VXCJTM%2FH5jSXkXhVHUh6OjQilCqOtPfKZMnJrL%2Bo5wHT4BFaSIku3klbRY85CC06b9OmR3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 helper.php Show response
klick-welt.de/ Frame 6A55 2 B
91 B 54ms
44ms XHR
text/html 195.201.245.226
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://klick-welt.de/helper.php?refresh=5
Requested by: Host: klick-welt.de
URL: https://klick-welt.de/js/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.245.226 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: panel.your-node.de
Software: Apache /
Resource Hash: 1a6562590ef19d1045d06c4055742d38288e9e6dcd71ccde5cee80f1d5a774eb

Request headers

Accept: */*
Referer: https://klick-welt.de/?content=/betteln&ref=770
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 10:25:49 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
content-length: 22
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK splash.php Show response
syndication.realsrv.com/ Frame 2C9B 6 KB
3 KB 156ms
47ms XHR
text/xml 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.realsrv.com/splash.php?idzone=3918598&sub=999044201&ad_tags=
Requested by: Host: cdn.tubecorp.com
URL: https://cdn.tubecorp.com/vs/vs.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 Huizen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8d1216c384dd1ed04a643a49521ffeeda7852289f0c7458f5b2584355d56b843

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 10:25:50 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://bitporno.de
Content-Type: text/xml;charset=UTF-8
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, follow

GET
H2 200 160x600
static.a-ads.com/a-ads-banners/117616/ Frame 956B 69 KB
69 KB 45ms
45ms Image
image/gif 213.239.209.209
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117616/160x600?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1221377?size=160x600
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 213-239-209-209.clients.your-server.de
Software: nginx /
Resource Hash: 20f3a387fbcb1f55acf43b88e0628d8caae1cce02fd5c09bbf573de755fd8ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:49 GMT
x-amz-version-id: Vly2RmS64q4VblC2nRqz_g1rs.jq2Fic
last-modified: Sun, 19 Apr 2020 16:08:09 GMT
server: nginx
x-amz-request-id: A7BH5P5NHK6HMQ7Z
etag: "c848631aa56eb03b8cf56723624828e8"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 70430
x-amz-id-2: bjAQYQOPWfza6o2g5DCB9c2J+UNCDHgIegqYXwIIDRdvIu4iU73yQ5bL452cYP3yYkb8RQKFZyY=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bico.gif
free-btc.org/img/ Frame 719E 32 KB
32 KB 75ms
74ms Image
image/gif 2606:4700:3033::6815:1d16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-btc.org/img/bico.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1d16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/banner/u=frechdax/size=468x60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 280343
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32521
last-modified: Sat, 19 Feb 2022 15:54:05 GMT
server: cloudflare
etag: "6211129d-7f09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hyu1FXx877g3mCaelmKtM6U5z0TdYOug8WLgw35j8a5Etk7r%2FGKlTM3F%2B%2FjhpsUE0pzGIFe64Sr8vqZFpQlwcUooL6gAYnCwXs9AIfEsLMqOAPISDNCbjpleiE%2BWq8Dr6lEOq2oTQ2UgDBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7a529dbf7f84922b-FRA
expires: Mon, 13 Mar 2023 04:33:27 GMT

GET
H3 200 468x60.gif
free-btc.org/banner/ Frame 719E 167 KB
168 KB 45ms
44ms Image
image/gif 2606:4700:3033::6815:1d16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-btc.org/banner/468x60.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1d16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a323ef02fe1933eedd0b0127f9526080ca6b98353da15dbd7181797d0df8d71f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/banner/u=frechdax/size=468x60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 239727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171382
last-modified: Tue, 01 Feb 2022 18:00:14 GMT
server: cloudflare
etag: "61f9752e-29d76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc4r87vLSrKcx2aZBC2rUmFmNg2MZ6c7aoROSJiwJ5ez3UIOmWZe1x1u80xGkK%2F2qKBuk1VYC0152N9H77LpLtxBPB9vlPWfYNj7ZdGlzjLF%2FyrhptzzkbZ7vEZzZ82x%2BCSxwpF3dbQ%2Bx3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7a529dbf7f85922b-FRA
expires: Mon, 13 Mar 2023 15:50:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3DFC 49 KB
20 KB 163ms
45ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 09:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4100
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 11:17:30 GMT

GET
H2 200 b-3_468x60_1tbnt40.jpg
beycoin.xyz/files/banners/ Frame 3DFC 7 KB
7 KB 41ms
34ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beycoin.xyz/files/banners/b-3_468x60_1tbnt40.jpg
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=779
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a398483a7e7867e0e4f1468e6330a8a1dbe779db21fd6922eb74093dd02c4743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/bits-ads.php?type=0&&ids=779
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89231
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6998
last-modified: Tue, 17 Jan 2023 23:01:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNJy2Muolrd5NfZRDeF0wXCBlXwP1evtQKDpnQphDoHKUmN%2FCAZzjN%2F6xPNuKiq7Ttc0Y2i16YS8o1gj3%2B30P7Ysfbftqep%2F3clQ%2FZ6qllKx7LcGYfLtSAuTs7EpWhm01S5wYa5moS2XIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7a529dbfbb129be0-FRA
expires: Wed, 15 Mar 2023 09:38:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 3DFC 112 KB
44 KB 201ms
68ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bacc14b53dd9600003fd4a80f847b369f2d151bbbb7ebb1ed780c88132a9f110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44812
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 10:25:50 GMT

GET
H2 200 allads.php Show response
beycoin.xyz/ Frame 7067 218 B
419 B 186ms
185ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/allads.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=779
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 7e4f6ec8e4f3b0d369fdbf560e66021a22796ea409baad05b73ee41aa9ccadc6

Request headers

Referer: https://beycoin.xyz/bits-ads.php?type=0&&ids=779
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a529dbfdb1d9be0-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBUPzqPjhQxVgFkDeXt9CUO9oaGdMXTkNVbhJbcR9hbAHvHjhgYnih9SYS6a78azzsaSQz%2BN4%2Fb2neT%2FxNMfVgf%2F36cwxczR%2BPU5oRNv4T4hFaw7GU3WE18HRpXzdISKQE4Anb4FfVEmqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 206 f137f8901a923ebb6b7a422cefe666e71ccd5ddc.mp4
u3y8v8u4.aucdn.net/library/802424/ Frame 2C9B 4 MB
0 242ms
104ms Media
video/mp4 2a02:6ea0:ce00::5
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://u3y8v8u4.aucdn.net/library/802424/f137f8901a923ebb6b7a422cefe666e71ccd5ddc.mp4
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=werberlos
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:ce00::5 Warsaw, Poland, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

x-77-pop: warsawPL
date: Thu, 09 Mar 2023 10:25:50 GMT
x-cache-op: HIT
x-cache: HIT
x-77-cache: HIT
Content-Range: bytes 0-5820149/5820150
x-age: 3140765
Content-Length: 5820150
x-77-nzt: AYrHEbYzaxj/newvAA
x-accel-expires: @1706752785
last-modified: Wed, 01 Feb 2023 01:52:02 GMT
server: CDN77-Turbo
etag: "63d9c5c2-58cef6"
x-77-nzt-ray: e5c46810df490bed2eb40964e665c30e
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
x-robots-tag: noindex, follow
expires: Thu, 01 Feb 2024 01:54:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame A230 49 KB
20 KB 121ms
86ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 09:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4100
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 11:17:30 GMT

GET
H3 200 b-3_728x90_mmkymz07rlg.jpg
beycoin.xyz/files/banners/ Frame A230 23 KB
23 KB 42ms
42ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beycoin.xyz/files/banners/b-3_728x90_mmkymz07rlg.jpg
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=779
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 306899239ee36784a2cd71f9ba26c01187ff5f057aca6543ef4b824a6471ac91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/bits-ads.php?type=1&&ids=779
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89252
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23357
last-modified: Tue, 17 Jan 2023 22:29:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gVVJvjbLj4yt3rDg4qlFFKAU0gsCQbUTEyW7hFbzRwPUZhxfcZ9Ta84x6hKmGeQAMXqejd60qCrH0AIaaeYiUydyv6uDZa%2BdUj1x2ecedGGLcXNkYe9WrmRbNEMra4drz%2Fg64mImDqweiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7a529dc03bd23637-FRA
expires: Wed, 15 Mar 2023 09:38:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame A230 112 KB
44 KB 162ms
135ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d8abed0ed56faf7ed730f1d5c14af80f96ff3fbb05a96dd48bab599b2e3247f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44809
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 10:25:50 GMT

GET
H3 200 allads.php Show response
beycoin.xyz/ Frame 63EE 68 B
561 B 202ms
201ms Document
text/html 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/allads.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=1&&ids=779
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: b2e8809d8611c2efd71b9f8558e99da0b808ef5e91e35160f961e05518e78616

Request headers

Referer: https://beycoin.xyz/bits-ads.php?type=1&&ids=779
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a529dc07c053637-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 10:25:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3cqySW%2FINP4Sq89WZWnN9I%2F%2Fp8FLUi1JxE%2Fc9maPiV9%2FpwkXJCdHKWAkauZmgvgWZViJDT%2FEZIIWgBcRWO0100gHYTGa6xbfdMLjzfxzNIvcqQUgcqlsmwmGe1%2BV4GyzjbFop7Wz4ilrw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8D2E 49 KB
20 KB 69ms
69ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 09:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4100
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 11:17:30 GMT

GET
H3 200 b-3_468x60_uxsjwpej4l.jpg
beycoin.xyz/files/banners/ Frame 8D2E 11 KB
12 KB 38ms
37ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beycoin.xyz/files/banners/b-3_468x60_uxsjwpej4l.jpg
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=779
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c3cff49dbd79553a9079fa88afa12074dc51de6a339b79ece884fc830e3553b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/bits-ads.php?type=0&&ids=779
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89347
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11425
last-modified: Tue, 17 Jan 2023 22:50:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNVihPY9ZJyj5PwtH%2BzEljc8R%2BcYdK5mGijDTGlKdAMTkMkkcRW3sWh2YzkBpFTa3RwtB6xnJRttRcB4gaN6MliNehfl0Cc6Fgn9co4D0j65H4tca0QeDttdib1xaR2G9K7yOjcMBgKDIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7a529dc0ac353637-FRA
expires: Wed, 15 Mar 2023 09:36:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 8D2E 112 KB
44 KB 111ms
110ms Script
application/javascript 2a00:1450:400d:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=779

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bacc14b53dd9600003fd4a80f847b369f2d151bbbb7ebb1ed780c88132a9f110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44812
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Mar 2023 10:25:50 GMT

GET
H2 200 style.css
netzwerk-ad.de/ Frame 160A 6 KB
2 KB 141ms
139ms Stylesheet
text/css 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/style.css

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

1e2fa970341b6dc1981473780cc702344215a0a81756ec602ac46557df1c016d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 14:26:11 GMT
server: nginx
etag: W/"63a46903-1674"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: 1; mode=block

GET
H2 200 jquery-1.3.2.min.js Show response
netzwerk-ad.de/js/ Frame 160A 56 KB
22 KB 141ms
140ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/jquery-1.3.2.min.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 14:26:36 GMT
server: nginx
etag: W/"63a4691c-dfa6"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 script.js Show response
netzwerk-ad.de/js/ Frame 160A 186 B
386 B 142ms
140ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/script.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

250125d7130c6f0d0c53cb4a6adc7d5bea98a9525b07f7b408bf5c90b67b2f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Thu, 22 Dec 2022 14:26:35 GMT
server: nginx
etag: "63a4691b-ba"
content-type: application/javascript
accept-ranges: bytes
content-length: 186
x-xss-protection: 1; mode=block

GET
H2 200 cufon-yui.js Show response
netzwerk-ad.de/js/ Frame 160A 18 KB
8 KB 142ms
141ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/cufon-yui.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

186707c7ae0d45cba1490a5556f59fc371f6ab88cc16c452fef8b70072cb5e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 14:26:35 GMT
server: nginx
etag: W/"63a4691b-4751"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 arial.js Show response
netzwerk-ad.de/js/ Frame 160A 454 KB
126 KB 144ms
143ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/arial.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

3811387a8142cdfbab3592a252f474419107d5df71cbff5c6415d7ef53cda116

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 14:26:36 GMT
server: nginx
etag: W/"63a4691c-7193f"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 cuf_run.js Show response
netzwerk-ad.de/js/ Frame 160A 58 B
257 B 144ms
143ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/js/cuf_run.js

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

Software

nginx /

Resource Hash

091f183120ebafa52a6fa06a25558ea70f4b7077c88531b91e5d5a1ba2b683af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 10:25:50 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Thu, 22 Dec 2022 14:26:35 GMT
server: nginx
etag: "63a4691b-3a"
content-type: application/javascript
accept-ranges: bytes
content-length: 58
x-xss-protection: 1; mode=block

GET
H2 200 header_images.jpg
netzwerk-ad.de/images/ Frame 160A 12 KB
12 KB 137ms
136ms Image
image/jpeg 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netzwerk-ad.de/images/header_images.jpg

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/mediacpmrot.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS