157.230.41.236 Open in urlscan Pro
157.230.41.236  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

• https://mcpuwpush.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI1OTIzNzIxNDAiLCJzcG90X2lkIjo2ODUzMX19XSwic2l0ZSI6eyJpZCI6IjY4NTMxIiwicGFnZSI6Imh0dHA6Ly8xNTcuMjMwLjQxLjIzNi8ifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiZTllMmUxOTUwNzgxZjJiZjBmMGJhOGQ5NjM2MThlOGUifSwiZXh0Ijp7ImR0IjoxNjYzMTY4MzQwNTMzfX0= HTTP 302
• https://mcpuwpush.com/popunder/in/click/?mid=2114435289&pid=0&site=68531&sc=DE&usage_type=DCH&subid=592372140&sid=0&cid=10035&price=0&is_cpm=1&cpm=0.71&ecpm=0.71&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=157.230.41.236&hostname=auc-popunder-hz-1&site_id=0&spot_id=68531&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=3&auction_queue=0&burl=http%3A%2F%2Fwin.exrtbsrv.com%2Fwinbid.php%3Ftc%3D1%26id%3D1599928939%26impid%3Ditem_1%26price%3D0.71%26p%3Dp119337215%26pi%3D119337215%26s%3Ds3%26ip%3DK0pUd2xYclJpdUUwL2lMVk1ENjQ0V1laMTZ1d0w4NzkyNFV3RDdKZFRibz0%2C%26uid%3D1nscikb%26q%3D0%26node%3Dfr4&pop_winurl=&ip=2a03:1b20:6:f011::4e&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=&iabcat=&min_cpm=0.0001&placement_type_id=7&skin_test=&verify_hash=&score=94&durl=&ml=&tag_ab=&original_bid=0&pop_type=0&space_id=1095&verify_hash=&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=&url=https%3A%2F%2Fgon.exrtbsrv.com%2Fr.php%3Fi%3D1599928939%26p%3Dp119337215%26s%3Ds3%26c%3DV0Nza2RuTi92M0R2ZHpoTVBjNVRFUT09&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0 HTTP 302
• https://gon.exrtbsrv.com/r.php?i=1599928939&p=p119337215&s=s3&c=V0Nza2RuTi92M0R2ZHpoTVBjNVRFUT09

Request Chain 112

• https://rtbrennab.com/banner/in/show/?mid=134244926&pid=0&site=68623&sc=DE&usage_type=DCH&subid=1923670762&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=157.230.41.236&hostname=auc-banner-hz-2&site_id=0&spot_id=68623&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=2a03:1b20:6:f011::4e&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB25&min_cpm=0.00015000000000000001&placement_type_id=&skin_test=&verify_hash=&score=82&ml=&ttl=&space_id=1946&banner_width=300&banner_height=600&accel=0&gyr=0&iabcat=IAB25&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D68623%26source%3D1923670762%26idzone%3D0%26w%3D300%26h%3D600%26mo%3D%26ve%3D%26site_id%3D68623%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DBula%252C%282022%29%252C%25E2%2580%2593%252CKURAKURA21%2520%26spot_id%3D68623%26p%3Dhttp%253A%252F%252F157.230.41.236%252Fbula-2022%252F%26katds_labels%3D%26btype%3D2%26score%3D82&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Bula%2C(2022)%2C%E2%80%93%2CKURAKURA21%20&stratagem= HTTP 302
• https://btds.zog.link/in/912/?sid=68623&source=1923670762&idzone=0&w=300&h=600&mo=&ve=&site_id=68623&utm1=&utm2=&utm3=&utm4=&ad_tags=Bula%2C(2022)%2C%E2%80%93%2CKURAKURA21%20&spot_id=68623&p=http%3A%2F%2F157.230.41.236%2Fbula-2022%2F&katds_labels=&btype=2&score=82 HTTP 302
• https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),%E2%80%93,KURAKURA21

Request Chain 117

• https://whos.amung.us/swidget/streamsbm HTTP 307
• https://widgets.amung.us/draw/?w=small&n=22900&c=ffc20e000000&p=left

Request Chain 118

• https://whos.amung.us/swidget/streamsbx HTTP 307
• https://widgets.amung.us/draw/?w=small&n=75400&c=ffc20e000000&p=left

Request Chain 122

• https://mc.yandex.com/watch/64815175?wmode=7&page-url=https%3A%2F%2Fsbspeed.com%2Fe%2Fyu68suy3okrf.html%3Fposter%3Dhttp%3A%2F%2F157.230.41.236%2Fwp-content%2Fuploads%2F2022%2F09%2FQ71kmkvWYF6Zclq1Ie5R7nm75m.jpg&page-ref=http%3A%2F%2F157.230.41.236%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1141030544838%3Ahid%3A90666593%3Az%3A0%3Ai%3A20220914151221%3Aet%3A1663168342%3Ac%3A1%3Arn%3A21446880%3Arqn%3A1%3Au%3A1663168342750134865%3Aw%3A790x444%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1663168340845%3Ads%3A14%2C26%2C210%2C44%2C0%2C0%2C%2C165%2C0%2C%2C%2C%2C461%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663168342%3At%3A&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
• https://mc.yandex.com/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsbspeed.com%2Fe%2Fyu68suy3okrf.html%3Fposter%3Dhttp%3A%2F%2F157.230.41.236%2Fwp-content%2Fuploads%2F2022%2F09%2FQ71kmkvWYF6Zclq1Ie5R7nm75m.jpg&page-ref=http%3A%2F%2F157.230.41.236%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1141030544838%3Ahid%3A90666593%3Az%3A0%3Ai%3A20220914151221%3Aet%3A1663168342%3Ac%3A1%3Arn%3A21446880%3Arqn%3A1%3Au%3A1663168342750134865%3Aw%3A790x444%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1663168340845%3Ads%3A14%2C26%2C210%2C44%2C0%2C0%2C%2C165%2C0%2C%2C%2C%2C461%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663168342%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 158

• https://ba8ebf97e3.24f6bf5f7e.com/in/show/?mid=308098527&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1774807143&sid=387230069&cid=2766&price=0.0003453207105398178&is_cpm=0&cpm=0&ecpm=0.027954328076643498&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=7.3.0&ver_c=&refdom=157.230.41.236&hostname=auc-inpage-hz-2-c&site_id=3127695&spot_id=27695&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1663254745&created_at=2022-09-14&is_native=2&auction_queue=0&burl=pgIUCvnCzkvgFJsdU2R7yngZA8I6hsFKQ2jZI6RY0O6CtVlEbPdqjA&pop_winurl=&ip=185.213.155.164&testab=0&px_id=3127695&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=lq-pop&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.023032734894400442&placement_type_id=&skin_test=0&verify_hash=9c2ce6241d5e69dc7e5c24f49788895f&score=38.608813843893806&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1774807143%26spot_id%3D27695%26is_adult%3D1%26p%3Dhttp%253A%252F%252F157.230.41.236%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.0003453207105398178&v2_track=0&url=lZ_gDcyrLWrRr5DGniMoOQMHRAAX_cfdBaR7E21c-lIOHmDvwY6vUvUOa2X1JFj-6r4iu8_dSaW4QTji7mSajAJGITIoQRk3DTJx1-eTeCI_JxQOatsryzAf-u8FALbLeCdbty8tKC3Mo83xw1vnjuTAfWGdoAbJ-6k8thDd4ZuudtibkQ&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0.0003384142963290215&pr=&user_keywords=&auc_type=1&aid=412&ext_cid=0&device_theme=light&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=b19d7a14-76a3-4b12-bc25-66ef9c2fbcf8 HTTP 302
• https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp

Request Chain 177

• https://ba8ebf97e3.24f6bf5f7e.com/in/show/?mid=308098527&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1774807143&sid=387230069&cid=13261&price=0.00792&is_cpm=0&cpm=0&ecpm=0.013576982086410014&crid=&crtid=9f4233dab20b69699f9f0212e36907ab&tcid=0&out_id=0&ver=7.3.0&ver_c=&refdom=157.230.41.236&hostname=auc-inpage-hz-2-c&site_id=3127695&spot_id=27695&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1663240345&created_at=2022-09-14&is_native=1&auction_queue=0&burl=L9cguIFfd5VcfhaGsiDHfT1NcVlnWk5V9Z5JZY9u58pHp9kdE_aaOA&pop_winurl=&ip=185.213.155.164&testab=0&px_id=7327695&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25-3&min_cpm=0.0006927461571509805&placement_type_id=&skin_test=0&verify_hash=960ad34ccb9a8d6f83b2560c7ead1c70&score=38.608813843893806&durl=https%3A%2F%2Fts.cvastico.com%2Fin%2F1546%2F%3Fad_sub%3D1774807143%26spot_id%3D27695%26is_adult%3D1%26p%3Dhttp%253A%252F%252F157.230.41.236%252F%26idzone%3D0%26sid%3D1886&ml=&tag_ab=a&original_bid=0.00792&v2_track=0&url=joNtYK-lxE-n33v4FSYYAGhwOE888zWwN4daJxWrqIr-V83-PTLfpjwKZ3DYQ2QkOvyRvb8HaI_ZdQ-KGcINx5on_V_ZgxEBsn-9Y-xCcZM3LR_gifiPgWfpaeUWLszPjMIPMLR-LQu_J44PJ3-MBc_iRT8K_fGldYvxiKCwXTC9jml6hredcD7P37DRITIokmUdT3eqLqsrOHRK9lbbP03bJyXIIIIne3UBWTzo1MVFTqPROqtnT0zzA6Gqd8jd93c7aWezT-4_J2pRnfFVwS4EPiS4gaM0Q2Dy9exZSSoHNF_Wh4A0cocJxDmDGTsUaMET4hMnYw&image_url=https%3A%2F%2Fcdn.adx1.com%2F1758ae77fcdf3f74b8e7cd397123ec88.jpeg&skin_id=2&vertical_id=15&real_bid=0.0054648&pr=&user_keywords=&auc_type=1&aid=3251&ext_cid=0&device_theme=light&format=default-slide-b_r-body&cpa=2934a64a-3c5c-4586-bef3-c5ea39807556 HTTP 302
• https://eu.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1663168344946-7-3674-1170808-afe5317f-43a8-a2a1-a2d1-9d8d3e66418f&img=https%3A%2F%2Fcdn.adx1.com%2Frichads-icon-pack%2Fgambling%2F42.jpg HTTP 302
• https://cdn.adx1.com/richads-icon-pack/gambling/42.jpg

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
18 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 157.230.41.236/bula-2022/	99 KB 18 KB	582ms 398ms	Document text/html	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 7ee692af973b7f4001aa74937f83feac566dd3c999329b553b4d733b6b850895 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 14 Sep 2022 15:12:22 GMT Link <http://157.230.41.236/wp-json/>; rel="https://api.w.org/", <http://157.230.41.236/wp-json/wp/v2/posts/21473>; rel="alternate"; type="application/json", <http://157.230.41.236/?p=21473>; rel=shortlink Server nginx Transfer-Encoding chunked Vary Accept-Encoding X-Pingback http://157.230.41.236/xmlrpc.php
GET H/1.1	200 OK	idmuvi-core.css 157.230.41.236/wp-content/plugins/idmuvi-core/css/	9 KB 4 KB	363ms 184ms	Stylesheet text/css	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/wp-content/plugins/idmuvi-core/css/idmuvi-core.css?ver=2.1.3 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 7aa7a39fa6ec967abe729994991271bbaf3b04f9ce929a888f240bb8c2447b97 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:22 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 16:02:06 GMT Server nginx ETag W/"2523-5e82c8d178a8a" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H2	200	css fonts.googleapis.com/	9 KB 1 KB	150ms 55ms	Stylesheet text/css	2a00:1450:400a:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.7 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400a:803::200a Zurich, Switzerland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8345107827614984231a4ca041e107da12200dc4f640e06099a32be42682170d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 14 Sep 2022 15:09:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 14 Sep 2022 15:12:22 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 14 Sep 2022 15:12:22 GMT
GET H/1.1	200 OK	style.css 157.230.41.236/wp-content/themes/muvipro/	75 KB 18 KB	368ms 185ms	Stylesheet text/css	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/wp-content/themes/muvipro/style.css?ver=2.1.7 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 5c73b82e1e941a5239652b1e1686bef54ee9cb9b9eead470f8ee2b6c9647b429 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:22 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 16:02:07 GMT Server nginx ETag W/"12bb5-5e82c8d20b255" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	ca0d357a.js Show response wf66l5ylwq.com/t/9/fret/meow4/1909505/	66 KB 26 KB	38ms 16ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL http://wf66l5ylwq.com/t/9/fret/meow4/1909505/ca0d357a.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash b42e4688b13e0ece9feb3fbe5993a281240ae2d5741f3e2c616ab917306e41f9 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:22 GMT Content-Encoding gzip Last-Modified Wed, 07 Sep 2022 13:38:24 GMT Server nginx X-JS-AB1 current ETag W/"63189ed0-1091a" Vary Accept-Encoding Content-Type application/javascript Accept-CH sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin *
GET H2	200	pub Show response gomov.site/	160 KB 62 KB	97ms 28ms	Script text/javascript	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gomov.site/pub?id=169 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1642618e178393f71574c193afab7da2ce738530dc3dd8c9ee32997924716764 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:23 GMT content-encoding br cf-cache-status HIT cf-bgj minify server cloudflare age 496 cf-polished origSize=164142 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjM1i8sv4Hz2%2B9e6bJJQd3PPONI9DPWN1tVPLeFDr5eD63BJJLZ9ZyOJtsOnRBCeLoy0wk6yMUYoA%2BxLoOJh8XYPGMwBzh%2BhkH6N2ceIF%2B3trwevEPNnHL5dzBbgvAdn1MyMbtWTvzww"}],"group":"cf-nel","max_age":604800} content-type text/javascript;charset=UTF-8 cache-control max-age=120 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} last-modified Wed, 14 Sep 2022 15:04:07 GMT cf-ray 74aa0f81c8288fe9-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	wp-emoji-release.min.js Show response 157.230.41.236/wp-includes/js/	18 KB 5 KB	361ms 180ms	Script application/javascript	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 13:15:15 GMT Server nginx ETag W/"48b9-5e82a38617ef3" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	Bula-2022-60x90.jpg 157.230.41.236/wp-content/uploads/2022/09/	3 KB 3 KB	364ms 181ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/09/Bula-2022-60x90.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e07451efb8c6e6f69b4c64068b008fb488c21e2a8cea14a2a82cf593568ab648 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Thu, 08 Sep 2022 16:02:09 GMT Server nginx ETag "c9b-5e82c8d3e2d57" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 3227
GET H/1.1	200 OK	code.js Show response bfxytxdpnk.com/lv/esnk/1909508/	122 KB 47 KB	63ms 15ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL http://bfxytxdpnk.com/lv/esnk/1909508/code.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 0c86ab6546d08797e1e776439f7088555dac21036db638750c3341953bb0ec74 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Wed, 07 Sep 2022 13:38:24 GMT Server nginx X-JS-AB1 current ETag W/"63189ed0-1e740" Vary Accept-Encoding Content-Type application/javascript Accept-CH sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	code.js Show response bfxytxdpnk.com/lv/esnk/1931702/	122 KB 47 KB	63ms 16ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL http://bfxytxdpnk.com/lv/esnk/1931702/code.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 9b42e72ce468ca0f3bbbb56cf5b35ec0efd1c3bca93e42860a9bf9dadb6e02fa Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Wed, 07 Sep 2022 13:38:24 GMT Server nginx X-JS-AB1 current ETag W/"63189ed0-1e740" Vary Accept-Encoding Content-Type application/javascript Accept-CH sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	code.js Show response bfxytxdpnk.com/lv/esnk/1931703/	122 KB 47 KB	37ms 17ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL http://bfxytxdpnk.com/lv/esnk/1931703/code.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 97449136cdaf0a6b5c8c74299cc9e137faf5d40c09b57c05178b217caf7abbf6 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Wed, 07 Sep 2022 13:38:24 GMT Server nginx X-JS-AB1 current ETag W/"63189ed0-1e740" Vary Accept-Encoding Content-Type application/javascript Accept-CH sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	code.js Show response bfxytxdpnk.com/lv/esnk/1931704/	122 KB 47 KB	37ms 17ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL http://bfxytxdpnk.com/lv/esnk/1931704/code.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash cd0eb0501a566426880be649bbdc6d4c75dd0fcd239f85a91d968d4c036ea8ff Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Wed, 07 Sep 2022 13:38:24 GMT Server nginx X-JS-AB1 current ETag W/"63189ed0-1e740" Vary Accept-Encoding Content-Type application/javascript Accept-CH sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	code.js Show response bfxytxdpnk.com/lv/esnk/1931768/	122 KB 47 KB	45ms 43ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL http://bfxytxdpnk.com/lv/esnk/1931768/code.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 8d9e039331e641f6e26d6cf402f8b453f2c0ee82091235e8756df4f4f84893c1 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Wed, 07 Sep 2022 13:38:24 GMT Server nginx X-JS-AB1 current ETag W/"63189ed0-1e740" Vary Accept-Encoding Content-Type application/javascript Accept-CH sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	code.js Show response bfxytxdpnk.com/lv/esnk/1931641/	122 KB 47 KB	19ms 17ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL http://bfxytxdpnk.com/lv/esnk/1931641/code.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 42c27a6224ece58141135ae75fa9c9d04760708158be842631a20a5deb5cb239 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Wed, 07 Sep 2022 13:38:24 GMT Server nginx X-JS-AB1 current ETag W/"63189ed0-1e740" Vary Accept-Encoding Content-Type application/javascript Accept-CH sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	code.js Show response bfxytxdpnk.com/lv/esnk/1931642/	128 KB 48 KB	48ms 45ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL http://bfxytxdpnk.com/lv/esnk/1931642/code.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash f883a0cbca6ee3be23af3705bbf5b9dbc209683144f6d4bf35f81892f2cdc94e Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Fri, 02 Sep 2022 09:01:21 GMT Server nginx X-JS-AB1 var24 ETag W/"6311c661-1ff2b" Vary Accept-Encoding Content-Type application/javascript Accept-CH sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	code.js Show response bfxytxdpnk.com/lv/esnk/1931643/	131 KB 48 KB	37ms 35ms	Script application/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL http://bfxytxdpnk.com/lv/esnk/1931643/code.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 390da1f7222f649f3c2d9a56ad1f570d8f94715204b9660b99856fedeccb09fc Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Fri, 02 Sep 2022 09:27:43 GMT Server nginx X-JS-AB1 var27 ETag W/"6311cc8f-20df9" Vary Accept-Encoding Content-Type application/javascript Accept-CH sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data Transfer-Encoding chunked Connection keep-alive Timing-Allow-Origin *
GET H/1.1	200 OK	autocomplate.min.js Show response 157.230.41.236/wp-content/plugins/idmuvi-core/js/	10 KB 4 KB	185ms 184ms	Script application/javascript	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/wp-content/plugins/idmuvi-core/js/autocomplate.min.js?ver=2.1.3 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash c3fbf20e85b47fe6e33235dcbf9fc9980b71a5992857d719e6b1c69be8815ee9 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 16:02:06 GMT Server nginx ETag W/"2654-5e82c8d179a2a" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	js-plugin-min.js Show response 157.230.41.236/wp-content/themes/muvipro/js/	43 KB 16 KB	186ms 186ms	Script application/javascript	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/wp-content/themes/muvipro/js/js-plugin-min.js?ver=2.1.7 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 0812f1ec045cff5fcc841c5ae347cb299f3dbeed4141c9d21bc6a37f63623eae Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 16:02:07 GMT Server nginx ETag W/"aae5-5e82c8d2073d4" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	customscript.js Show response 157.230.41.236/wp-content/themes/muvipro/js/	6 KB 2 KB	185ms 185ms	Script application/javascript	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/wp-content/themes/muvipro/js/customscript.js?ver=2.1.7 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 1c6f518eeb52ac428e414991cc7536284312c34763cb9e385271e63c48cddaab Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 16:02:07 GMT Server nginx ETag W/"1803-5e82c8d2073d4" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	ajax-player.js Show response 157.230.41.236/wp-content/themes/muvipro/js/	2 KB 1 KB	185ms 184ms	Script application/javascript	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/wp-content/themes/muvipro/js/ajax-player.js?ver=2.1.7 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 56e9eb528633f78fb59cae3bd6dfe8895852643ea3f02ef1e650ec5f49dbd43b Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 16:02:07 GMT Server nginx ETag W/"95e-5e82c8d2073d4" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	comment-reply.min.js Show response 157.230.41.236/wp-includes/js/	3 KB 2 KB	334ms 183ms	Script application/javascript	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/wp-includes/js/comment-reply.min.js?ver=6.0.2 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Last-Modified Thu, 08 Sep 2022 13:15:15 GMT Server nginx ETag W/"ba5-5e82a38616f53" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
POST H2	200	solid.gif wf66l5ylwq.com/	43 B 618 B	45ms 14ms	Ping image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://wf66l5ylwq.com/solid.gif?z=1909505&abvar=0 Requested by Host: wf66l5ylwq.com URL: http://wf66l5ylwq.com/t/9/fret/meow4/1909505/ca0d357a.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:23 GMT x-route-id stats.tag.loaded accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
GET H2	200	1909505 Show response wf66l5ylwq.com/get/	4 KB 2 KB	59ms 56ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://wf66l5ylwq.com/get/1909505?zoneid=1909505&jp=_clsr3gopygarhuun8jp5to&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&isRef=1&sp=2&cid=2642272190725874 Requested by Host: wf66l5ylwq.com URL: http://wf66l5ylwq.com/t/9/fret/meow4/1909505/ca0d357a.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash fc16b3105fde9991419349ab77a62cf64d372d1f8671b877ddb53d939bc3688b Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:23 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
GET H/1.1	200 OK	/ 157.230.41.236/bula-2022/	99 KB 99 KB	488ms 359ms	Image text/html	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/bula-2022/ Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers X-Pingback http://157.230.41.236/xmlrpc.php Date Wed, 14 Sep 2022 15:12:23 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Link <http://157.230.41.236/wp-json/>; rel="https://api.w.org/", <http://157.230.41.236/wp-json/wp/v2/posts/21473>; rel="alternate"; type="application/json", <http://157.230.41.236/?p=21473>; rel=shortlink
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	169ms 78ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://157.230.41.236 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Tue, 13 Sep 2022 16:24:40 GMT x-content-type-options nosniff age 82063 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13036 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:04:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Sep 2023 16:24:40 GMT
GET H2	200	pub Show response gomov.site/ Frame 8829	154 KB 60 KB	64ms 17ms	Document text/html	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gomov.site/pub?id=168 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57042cfebc4e53c08cdf901f5f9a0aa112731518718f400705866641dc50219e Request headers Referer http://157.230.41.236/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1204 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=120 cf-cache-status HIT cf-ray 74aa0f81c8258fe9-FRA content-encoding br content-type text/html;charset=UTF-8 date Wed, 14 Sep 2022 15:12:23 GMT last-modified Wed, 14 Sep 2022 14:52:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1QnqjI2lERXOonbYPp%2B%2Faqeo6zTiShzXfj1YFnVGqIJl237%2BDzMpathMUD8ECxEaK34aU2U23t61NP2HvA9zvFX7aRnH4s%2FieGi9dKC1rsA%2FMfhOMWhV8C8uG4CxxyLdHlLTVm7Z1fm"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	/ Show response cadrctlnk.com/in/p/ Frame 0546	41 KB 17 KB	68ms 20ms	Document text/html	2a02:128:7:4910::2 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://cadrctlnk.com/in/p/?spot_id=68531&cat=25&sub_id=592372140 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:128:7:4910::2 , Czech Republic, ASN50245 (SERVEREL-AS, NL), Reverse DNS Software nginx/1.20.1 / Resource Hash 047b8dff89265d78ed220e92d1af8940b77a7e513c6f43308ddf5cb008fb09eb Request headers Referer http://157.230.41.236/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 14 Sep 2022 15:12:23 GMT pragma no-cache server nginx/1.20.1 vary Accept-Encoding *
GET H2	200	pub Show response gomov.site/ Frame FE94	154 KB 60 KB	65ms 21ms	Document text/html	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gomov.site/pub?id=168 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57042cfebc4e53c08cdf901f5f9a0aa112731518718f400705866641dc50219e Request headers Referer http://157.230.41.236/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1204 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=120 cf-cache-status HIT cf-ray 74aa0f81c8278fe9-FRA content-encoding br content-type text/html;charset=UTF-8 date Wed, 14 Sep 2022 15:12:23 GMT last-modified Wed, 14 Sep 2022 14:52:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ldhrPcbutpfX71Ac%2F2VVWJLejKOfblPg5EWnOX5Tb%2FEjaJ8C95K6yWNh5SNRRSrDvKfF7MPgSB4daozUCOH9PgU4UQtkJwdt4DAe%2B8MykqEEvk7tQ7veCWvpN22aaKStonFssx%2B8zc%2B"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	107ms 39ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://157.230.41.236 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 19:24:52 GMT x-content-type-options nosniff age 589651 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12956 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:54:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 07 Sep 2023 19:24:52 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	117ms 50ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=2.1.7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://157.230.41.236 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 07 Sep 2022 19:25:00 GMT x-content-type-options nosniff age 589643 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12924 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:02:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 07 Sep 2023 19:25:00 GMT
GET H/1.1	200 OK	Amakano-2016-152x228.jpg 157.230.41.236/wp-content/uploads/2022/09/	14 KB 14 KB	218ms 183ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/09/Amakano-2016-152x228.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 74eb308d0ce0c6c9d81b0f7b8f47cb2e11e72c15a116d0bd16838a8aeaf10d33 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Wed, 14 Sep 2022 14:46:08 GMT Server nginx ETag "3796-5e8a4306c18fb" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 14230
GET H/1.1	200 OK	TeenFidelity-Stacy-Says-Hello-1-152x228.jpg 157.230.41.236/wp-content/uploads/2022/09/	7 KB 7 KB	184ms 183ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/09/TeenFidelity-Stacy-Says-Hello-1-152x228.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 0417294ee83fa886ecd8172d22c590c82dd565cb67bd8f0895cd56130bd41a8c Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Wed, 14 Sep 2022 14:06:26 GMT Server nginx ETag "1c75-5e8a3a272a722" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 7285
GET H/1.1	200 OK	BadMilfs-Angel-Gostosa-And-Jasmine-Daze-How-To-Please-A-Man1-152x228.jpg 157.230.41.236/wp-content/uploads/2022/09/	11 KB 11 KB	183ms 183ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/09/BadMilfs-Angel-Gostosa-And-Jasmine-Daze-How-To-Please-A-Man1-152x228.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 77a11e80a1fabbee454df96ee428ec186190dfafe5fe999f644d0620f10d36c9 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Wed, 14 Sep 2022 13:55:17 GMT Server nginx ETag "2bb2-5e8a37a978c3e" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 11186
GET H/1.1	200 OK	dadcrush-mila-taylor-we-could-try-it-out-152x228.jpg 157.230.41.236/wp-content/uploads/2022/09/	9 KB 9 KB	179ms 179ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/09/dadcrush-mila-taylor-we-could-try-it-out-152x228.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash c78d4858791acda35c9603feb6d76d4e99b1cfeb97cf12f93f19c73f32f93fa4 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Wed, 14 Sep 2022 13:47:13 GMT Server nginx ETag "23fe-5e8a35dbe6616" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 9214
GET H/1.1	200 OK	VEC-219-SUB-INDO-152x228.jpg 157.230.41.236/wp-content/uploads/2022/09/	12 KB 12 KB	181ms 181ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/09/VEC-219-SUB-INDO-152x228.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash b1ebde817863e230c65613144d953af8a82ec5292da28b953c93ad90fd0d2920 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Wed, 14 Sep 2022 12:43:17 GMT Server nginx ETag "2f85-5e8a27914f8fc" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 12165
GET H/1.1	200 OK	NSPS-525-SUB-INDO-152x228.jpg 157.230.41.236/wp-content/uploads/2022/09/	14 KB 14 KB	183ms 183ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/09/NSPS-525-SUB-INDO-152x228.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 3c0330c61eccae5d4875d028243032581eef1ee1083e3a3034cb867c00d58fcf Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Wed, 14 Sep 2022 12:29:56 GMT Server nginx ETag "3868-5e8a24957da27" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 14440
GET H/1.1	200 OK	VEC-384-SUB-INDO-152x228.jpg 157.230.41.236/wp-content/uploads/2022/09/	13 KB 13 KB	183ms 183ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/09/VEC-384-SUB-INDO-152x228.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 608a7734fddb71bc12982b6f2578070012b1fe166e81436c0a91f470a8f2ac8b Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Wed, 14 Sep 2022 12:17:02 GMT Server nginx ETag "3456-5e8a21b350f2e" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 13398
GET H/1.1	200 OK	ShoplyfterMylf-Nadia-White-152x228.jpg 157.230.41.236/wp-content/uploads/2022/09/	11 KB 11 KB	185ms 185ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/09/ShoplyfterMylf-Nadia-White-152x228.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash ec47c13b8c5e8aae88cd6e08117bc41256944466eb90a3e7109e580e4b16010e Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:24 GMT Last-Modified Tue, 13 Sep 2022 11:52:47 GMT Server nginx ETag "2ab5-5e88da6aa19ca" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 10933
GET H/1.1	200 OK	jeIwmtYOuENAztnhZz7zeiky1pc-60x90.jpg 157.230.41.236/wp-content/uploads/2022/02/	3 KB 3 KB	269ms 183ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/02/jeIwmtYOuENAztnhZz7zeiky1pc-60x90.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash cd139be354c53bb09eadaaab185a2e37117274781dddbe3130dfc7b80a371425 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Thu, 08 Sep 2022 16:02:09 GMT Server nginx ETag "ae6-5e82c8d3c5895" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 2790
GET H/1.1	200 OK	1m3PJGcLcvF4I566ZtB5czQIVAY-60x90.jpg 157.230.41.236/wp-content/uploads/2022/02/	2 KB 2 KB	306ms 181ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/02/1m3PJGcLcvF4I566ZtB5czQIVAY-60x90.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 514e225edee288556de5b1ff0dc7be64a4845d5c7a72913a85e3a57fb03ddfd5 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Thu, 08 Sep 2022 16:02:09 GMT Server nginx ETag "854-5e82c8d390cd1" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 2132
GET H/1.1	200 OK	vZZUyABlSl1281IRrALODuOTRVN-60x90.jpg 157.230.41.236/wp-content/uploads/2022/02/	2 KB 2 KB	280ms 183ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/02/vZZUyABlSl1281IRrALODuOTRVN-60x90.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 95253a8d99a4f4de80d4b93dfa73d49de1254952f7b342d9c380c33792b5c1b4 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Thu, 08 Sep 2022 16:02:08 GMT Server nginx ETag "81d-5e82c8d35b16d" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 2077
GET H/1.1	200 OK	2b1Y6NbZenY45DgC5CwncoLkpo-60x90.jpg 157.230.41.236/wp-content/uploads/2022/03/	3 KB 3 KB	300ms 179ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/03/2b1Y6NbZenY45DgC5CwncoLkpo-60x90.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash dda622259eb74a92e5db84613161ef1b87515a3816e29e9a8f9ef465d8a22ee9 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Thu, 08 Sep 2022 16:02:08 GMT Server nginx ETag "bc0-5e82c8d2c2be2" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 3008
GET H/1.1	200 OK	7D0tnEdjHOjYcGAt0WyLCPdk18y-60x90.jpg 157.230.41.236/wp-content/uploads/2022/02/	3 KB 3 KB	312ms 183ms	Image image/jpeg	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL http://157.230.41.236/wp-content/uploads/2022/02/7D0tnEdjHOjYcGAt0WyLCPdk18y-60x90.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 7ecdf086838c00f819fc9420b141def625a5d3d589c25bee5ee2947f69edcb40 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/bula-2022/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:23 GMT Last-Modified Thu, 08 Sep 2022 16:02:09 GMT Server nginx ETag "a25-5e82c8d383210" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 2597
POST H2	200	creative Show response gomov.site/ Frame 8829	568 B 929 B	42ms 42ms	Fetch application/json	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gomov.site/creative Requested by Host: gomov.site URL: https://gomov.site/pub?id=168 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 030c3a6d0f4f73fc50914e1bc74653b68014123b2d01fc6d3aea82ddc1ffb948 Request headers Referer https://gomov.site/pub?id=168 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 14 Sep 2022 15:12:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json access-control-allow-origin https://gomov.site report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uPx091YNXoIuPFEvD%2B2yqRWLACABmGw8FIZwH69XwLv3vq%2Fw8YL1x%2Bm05UDD%2FQHl5N1533k%2BVCvjsUqhsmmUY2noS%2FQ5M2lScCqMgr29tsQXamC7SqNhVsUQQ4SDl1qYRuYICpgRnit%2B"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74aa0f836aab8fe9-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	204	openrtb Show response gomov.site/ Frame 8829	0 257 B	146ms 146ms	Fetch	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gomov.site/openrtb Requested by Host: gomov.site URL: https://gomov.site/pub?id=168 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gomov.site/pub?id=168 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 14 Sep 2022 15:12:23 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type vary Origin access-control-allow-methods POST, OPTIONS access-control-allow-origin https://gomov.site report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjXJyE%2BJDF0Xeh2vjb5Yrz28CBzhTXuVE3IfRlu3LHCu9%2FSpQghkpztTbn9g8v5S99XCRYcDDBJw55d%2BrJPU2LbdrgYzna%2Bf7LXdodj7VyD02nEWx5AxobiFXBhqUnKDGSROLG5UdbpO"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74aa0f836aae8fe9-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	1931702 Show response bfxytxdpnk.com/get/	3 KB 2 KB	47ms 16ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://bfxytxdpnk.com/get/1931702?zoneid=1931702&jp=_cl61lr2v4d4l11an8chm0y&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=5457021957821982 Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931702/code.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash afd9f981caa46cad3e3ceb56443cb1f54b2b56986c50a439d5107594381bf48d Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:23 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
GET H2	200	1909508 Show response bfxytxdpnk.com/get/	3 KB 2 KB	29ms 15ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://bfxytxdpnk.com/get/1909508?zoneid=1909508&jp=_clqnvobazvonrrm2f2s6mm&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=6301446887907444 Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1909508/code.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash bce1a832b1640bb581a3ff261302f07d6316cd6835ac840d28f576f81224253d Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:23 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
GET H2	200	1931704 Show response bfxytxdpnk.com/get/	3 KB 2 KB	16ms 16ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://bfxytxdpnk.com/get/1931704?zoneid=1931704&jp=_clrx3qvxblt9eu94vnl7q8&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=4612597027695871 Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931704/code.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 71149bf65e91bb543b01fdc9be874b2db77d8f1d5f23ea9ad69fa76a1d8af8fc Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:23 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
GET H2	200	1931703 Show response bfxytxdpnk.com/get/	3 KB 2 KB	15ms 15ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://bfxytxdpnk.com/get/1931703?zoneid=1931703&jp=_cl4ppnt4agtiwh12qasfks&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=390472377033824 Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931703/code.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 882c3012d34b72805c5f9c4d87a544790be959606be93f3c97bf68e6c8244cab Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:23 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
POST H3	200	creative Show response gomov.site/ Frame FE94	568 B 1 KB	62ms 62ms	Fetch application/json	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gomov.site/creative Requested by Host: gomov.site URL: https://gomov.site/pub?id=168 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd6b1631762f81894ea1b12f9b339763b89b95003238e8884aba5e7fff4a9a44 Request headers Referer https://gomov.site/pub?id=168 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 14 Sep 2022 15:12:23 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json access-control-allow-origin https://gomov.site report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLqpmcQbGhXdCsDJ%2BCROk3oh3ZpUUksIwu7aj%2F9K3JBK13YupX8m6MJwS69HwScg4mVsn4X4duIIYzHk2EteuK%2BmPLYiSB%2F%2FXIUmhEhh0%2FLZjNbyl0%2BJ1W1z%2BCKwltBSnX10A8XmL3%2BD"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74aa0f853f559193-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	openrtb Show response gomov.site/ Frame FE94	0 523 B	82ms 82ms	Fetch	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gomov.site/openrtb Requested by Host: gomov.site URL: https://gomov.site/pub?id=168 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gomov.site/pub?id=168 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 14 Sep 2022 15:12:23 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type vary Origin access-control-allow-methods POST, OPTIONS access-control-allow-origin https://gomov.site report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpsvrDO7%2FJsdsVYErEIFW7jJuNN3zs5HRHo3BmDEMGSCQ536Ja1Z2PAJgKqS910nZxXQBBsrrOMy0TGIQA%2BHbYlzQPNnrm3K3pMq6WiY03WB57RD2BRYEUqZNZ70z3FKd2jo3YUby2%2Bl"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74aa0f853f589193-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	creative Show response delivery.taroads.com/	600 B 1 KB	82ms 44ms	Fetch application/json	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://delivery.taroads.com/creative Requested by Host: gomov.site URL: https://gomov.site/pub?id=169 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06e49852d3e0066fd8bd571be6f686997df534dee15e3fa472469aaa02fa42a4 Request headers Referer http://157.230.41.236/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json access-control-allow-origin http://157.230.41.236 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziEQFvKsXsiGg139pi81EhcryWXrI%2FeuL%2FbPo9FIzJu9%2FeLgltcBP%2FNQiEdEapzndxh%2BCzkIFM3w%2B%2Fob5cVjIDqNgwAjaOfukIrqBUHZl1Yrfs%2B6YjsAaD%2FV%2FxmjBrRctLB4cDvBhUy5NuCKpis0WQpbJw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74aa0f86fc12924d-FRA access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	204	openrtb Show response delivery.taroads.com/	0 268 B	99ms 63ms	Fetch	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://delivery.taroads.com/openrtb Requested by Host: gomov.site URL: https://gomov.site/pub?id=169 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://157.230.41.236/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Wed, 14 Sep 2022 15:12:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type vary Origin access-control-allow-methods POST, OPTIONS access-control-allow-origin http://157.230.41.236 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4Tjz9NypeZOMWaZrRacAZbE8xu2gXiCG%2FXUO9w1NLywGxRLCG23HyyAwKZ5UmoyXuu34sjT7ePGkpaYht1Vs3QvyfN1BL6S6EMqOaL4gCBEDaB6hshdERuynl3dT3gODepC2dopsWoQh74LqMGJJ8TysQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74aa0f86fc16924d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	1931641 Show response bfxytxdpnk.com/get/	3 KB 2 KB	17ms 16ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://bfxytxdpnk.com/get/1931641?zoneid=1931641&jp=_cl508fcsrdh8vmzby6zvjx&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=3768172097632390 Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931641/code.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 692016a6873aae7b47f7d0d114ade04da266686ee1c0981b64aa9e927f707d29 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
GET H2	200	1931643 Show response bfxytxdpnk.com/get/	3 KB 2 KB	16ms 16ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://bfxytxdpnk.com/get/1931643?zoneid=1931643&jp=_clpmstde3oxwnz08fqpxib&nojs=0&ix=0&abvar=27&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=5175546981170287 Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931643/code.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 11100f7033f1298061fc49e89e0dab4aa2688ed7d1cfd524343ba93ea6f36937 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
GET H2	200	/ Show response limurol.com/ssp/req/1909505/	7 B 678 B	77ms 15ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://limurol.com/ssp/req/1909505/?pb=49a5ebbb071a86ded0b431680efd25491663175543&psp=7KDXA6hNlb60TfCf3ly3aKpYjFByLriNA3pjFZ3JK4kQTqsmpinit_jGJh7bsdKvCvf9GZmySarxkENpAa8KAK969iiDL8zf_RHy-akf-i_8jJbz5qtxVzRXE3SMk6_WyqySXs-W-8aK2v7gQSQEEGx-VxXB96PBWtvh0Hb9w7kGdm_mIeyjDLFWAEmY65bHnO8scK1tAkhFMRHSqUUbkqHAF9fdouoxYg58EGKfmPPAaXz5DFZORjWmnj-MSyqplizq9gXXV4RStLcSl6uUixSrJqpEm8J_owiyUeFOkAVGXf3cZyA1-rucog5UKeTr-N0rbCnjK5vweYY9Qld9_bhv1vJ9o565SEtAlcrj-JSXAZxjtfm621O4jCMGFy2mEScxGRptUXhEcTRr0DOxeqShuRLPfRV8XmP0KQcs1JW7_qHI_rn0IYOBOpyyfcm06jO2biymxvoRsM1SveOjzm4eSOEWbRTXpbdnSLP0iAJRUfdRnLokYSUdH1VzfZxJ1l2e7nq81P9xBJOTuVP1Jzp10ggBU-5z2vjYnhH3-iHCd1mx0vUas5lqPxSBYwoWT-W9xcvUFFv2kQiL8z3K2bUI-Y99g7lw5tmvCGGxOU5JVs5eDNqU05oap6j-MMnf8-b18TBRERt0ByT_LSmY_IhHOZkTvE2vKis7qbr8nTLS2ZMO4vC4-2FNPQ8lxy-fKvlphjrSg0vk1kAlwmdsnQ0kkiu6vtjj4PNZDKSTHvktyxGlLUcQXWQU6rYIQNsiKAj7wCkkYLBWuJ0bHFs0xxXZ5UogJo9i4dcqR5pi7glYmv5d-iXOZLMxX1e9FK62GlzGICqbHrjRoXK_14EIBwaI9g==&sp=2&cb=_cl5mznlmr08gxmuloz9rsv&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24 Requested by Host: wf66l5ylwq.com URL: http://wf66l5ylwq.com/t/9/fret/meow4/1909505/ca0d357a.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-route-id ssp.bet accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 7 server nginx content-type text/javascript
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	1931642 Show response bfxytxdpnk.com/get/	3 KB 2 KB	16ms 16ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://bfxytxdpnk.com/get/1931642?zoneid=1931642&jp=_cl58rgnpgwecf314lhp7cq&nojs=0&ix=0&abvar=24&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=4612597027741865 Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931642/code.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash e0d5ff1b561da1af2321c1261b0ab255085473187a32488240e1b686d92ddb66 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
GET H2	200	1931768 Show response bfxytxdpnk.com/get/	3 KB 2 KB	18ms 17ms	Script text/javascript	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://bfxytxdpnk.com/get/1931768?zoneid=1931768&jp=_cl0lyqgb0teft1wrywp1gg&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&freq=0&cid=7990296748290123 Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931768/code.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 0a387832a9aa6f066626d5e38316ae97a2ada6a87c4c17b171b913f5649d2678 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding gzip accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id config timing-allow-origin * server nginx
POST H3	200	metric gomov.site/ Frame 8829	2 B 483 B	92ms 92ms	Ping application/octet-stream	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gomov.site/metric?t=0c0d990cc3f90bcd950df1521cda5caa4629e9a86deb47a7712882ad4d9a69732312e6051a7f0afd4c2a7e0a4f74b8bbe93ed751977b4a09b170098ea76f207058bb796313fb4f5a34dc3c4e40acd6a45fcdc41cfccd5fd142da8bedb4eb4e10049584cadc172c73345c0ffc4c1184d5c6a3c0e25c094c740cb1b3baaea2575ed890102fd906592f67b15dbd4f28c1c38c8559feedd198735ea15860922ed3754910a40d48fa6cd3e279d820ca6c3f46i&s=DqxvXHjPGko9vEVW Requested by Host: gomov.site URL: https://gomov.site/pub?id=168 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865 Request headers accept-language de-DE,de;q=0.9 Referer https://gomov.site/pub?id=168 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin access-control-allow-methods POST content-type application/octet-stream access-control-allow-origin https://gomov.site report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5oj3XKbz4JQAUnkfU%2FMgEfUPu2hqEIrCHY%2FcU5v7SdNs9GfLuKyV8hTdJYCkHEKTzW%2BzlQre312jy5dDI2V3YbmO9%2Bnfhn5NKRIQSF8MVfknBxwEiA%2Fd1ACnzVbWTBxXUv6xSKph4GF"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74aa0f880d989193-FRA access-control-allow-headers User-Agent,Content-Type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	xvhepz19cp Show response actuallyhierarchyjudgement.com/ Frame 8829	115 B 914 B	418ms 104ms	Document text/html	192.243.61.227 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://actuallyhierarchyjudgement.com/xvhepz19cp?key=8b295a2deb0a47ac329e4a55c51d795a&subid=168 Requested by Host: gomov.site URL: https://gomov.site/pub?id=168 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.22.0 / Resource Hash f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers Referer https://gomov.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Cache-Control no-cache Connection keep-alive Content-Length 115 Content-Type text/html Date Wed, 14 Sep 2022 15:12:24 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Server nginx/1.22.0 Strict-Transport-Security max-age=0; includeSubdomains X-Request-ID 017cf511b23cbafccf36ab73a1073f76
GET H2	200	r.php gon.exrtbsrv.com/ Frame 0546 Redirect Chain https://mcpuwpush.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI1OTIzNzIxNDAiLCJzcG90X2lkIjo2ODUzMX19XSwic2l0ZSI6eyJpZCI6IjY4... https://mcpuwpush.com/popunder/in/click/?mid=2114435289&pid=0&site=68531&sc=DE&usage_type=DCH&subid=592372140&sid=0&cid=10035&price=0&is_cpm=1&cpm=0.71&ecpm=0.71&crid=&crtid=d41d8cd98f00b204e980099... https://gon.exrtbsrv.com/r.php?i=1599928939&p=p119337215&s=s3&c=V0Nza2RuTi92M0R2ZHpoTVBjNVRFUT09	0 0	97ms 62ms	Document text/html	2606:4700:3108::ac42:284d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gon.exrtbsrv.com/r.php?i=1599928939&p=p119337215&s=s3&c=V0Nza2RuTi92M0R2ZHpoTVBjNVRFUT09 Requested by Host: cadrctlnk.com URL: https://cadrctlnk.com/in/p/?spot_id=68531&cat=25&sub_id=592372140 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3108::ac42:284d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.20 Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests X-Frame-Options DENY Request headers Referer https://cadrctlnk.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 74aa0f89ed329a0f-FRA content-encoding br content-security-policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; style-src 'self' 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests content-type text/html;charset=UTF-8 date Wed, 14 Sep 2022 15:12:24 GMT expires Sat, 26 Jul 1997 05:00:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXTfshGErum3NeOqeAbPYXzYsJXTbQ2ZZDwwVyhtyNrk0eWOnGE8a%2FuEzVXkSon0tCHk7hVoU630KygnpT%2BFzcYAoZFRzYwxo6Zkx1DBtZxN2Zy7fjoMSxmHn%2BXGqhH870e9ptES%2FsJ1pthH6AI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-frame-options DENY x-powered-by PHP/8.0.20 Redirect headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-length 0 date Wed, 14 Sep 2022 15:12:24 GMT location https://gon.exrtbsrv.com/r.php?i=1599928939&p=p119337215&s=s3&c=V0Nza2RuTi92M0R2ZHpoTVBjNVRFUT09 pragma no-cache server nginx/1.16.0 vary Origin
POST H/1.1	200 OK	admin-ajax.php Show response 157.230.41.236/wp-admin/	303 B 810 B	221ms 221ms	XHR text/html	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://157.230.41.236/wp-admin/admin-ajax.php Requested by Host: 157.230.41.236 URL: http://157.230.41.236/wp-content/themes/muvipro/js/ajax-player.js?ver=2.1.7 Protocol HTTP/1.1 Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 4dbee9f882aa3230c7fbc9af565d3af354d0ea82a60b4bed9d1535d195988fe2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer http://157.230.41.236/bula-2022/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Wed, 14 Sep 2022 15:12:24 GMT Content-Encoding gzip Referrer-Policy strict-origin-when-cross-origin Server nginx Transfer-Encoding chunked X-Frame-Options SAMEORIGIN Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://157.230.41.236 Cache-Control no-cache, must-revalidate, max-age=0 Access-Control-Allow-Credentials true Connection keep-alive X-Robots-Tag noindex Vary Accept-Encoding X-Content-Type-Options nosniff Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	d1f657e37007bb8588aa70e1a2ad7f74.js Show response 588d37a62f.465c3b7fb1.com/	87 KB 31 KB	61ms 7ms	Script application/javascript	45.133.44.24 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash fbe0457bb7785a32cce599652a2e2feea0ba1bd19ec96331e7377837741c703b Request headers Referer http://157.230.41.236/ Origin http://157.230.41.236 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding gzip last-modified Wed, 14 Sep 2022 11:55:32 GMT server nginx/1.18.0 etag W/"6321c134-15a62" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Wed, 14 Sep 2022 15:17:24 GMT cache-control max-age=300 x-proxy-cache HIT
POST H3	200	metric gomov.site/ Frame FE94	2 B 476 B	26ms 26ms	Ping application/octet-stream	2a06:98c1:3121::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gomov.site/metric?t=7ec5f965f5a03866e3ddcb8fc5d92091a03f6c0610c7a6e5b7bea2edfdb401f256fcaaad5210975d663919611ec2d25b5e16eae85a466b288a1bfc78968568321823ac8e8555c7efc3d9c18cdab49c05bb41b164b6b094950f1ee9bae18a39ba24e25f977ca0b3f881680eef54c4fba809c3dcc1caab7c175545636013c3eacab4eda92d0794e7cb3b53b0fb84c16fbb6b455e00e3685d0f8cd9fd397884f9040cb836c6e718eea1a48f67ec7d621fe5i&s=JPnzLUCmB7CKFLd0 Requested by Host: gomov.site URL: https://gomov.site/pub?id=168 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865 Request headers accept-language de-DE,de;q=0.9 Referer https://gomov.site/pub?id=168 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin access-control-allow-methods POST content-type application/octet-stream access-control-allow-origin https://gomov.site report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BEGHlDUGvFlcYS%2FFs13AkWxZ1sCqYjA7AJa16SbEYJRoYmpqiXFX8AeEaXChyir9wXMyHUI76IhuNY4WsQmt8Xs9Bn5LaUogFEcNwX5q1pSLQ8QPFxhvdBTyeKe1y6QK5j4nX9sNCwa"}],"group":"cf-nel","max_age":604800} access-control-allow-credentials true cf-ray 74aa0f884e009193-FRA access-control-allow-headers User-Agent,Content-Type alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	xvhepz19cp Show response actuallyhierarchyjudgement.com/ Frame FE94	115 B 914 B	378ms 104ms	Document text/html	192.243.61.227 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://actuallyhierarchyjudgement.com/xvhepz19cp?key=8b295a2deb0a47ac329e4a55c51d795a&subid=168 Requested by Host: gomov.site URL: https://gomov.site/pub?id=168 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.22.0 / Resource Hash f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubdomains Request headers Referer https://gomov.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-CH Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA Cache-Control no-cache Connection keep-alive Content-Length 115 Content-Type text/html Date Wed, 14 Sep 2022 15:12:24 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Server nginx/1.22.0 Strict-Transport-Security max-age=0; includeSubdomains X-Request-ID 5de594d72d60527a6e05774524d5e406
GET H2	200	5168eb4d8942bd25f1cbec81acf9311a355d0823.png cdn.bncloudfl.com/bn/516/8eb/4d8/ Frame 529F	1 KB 2 KB	103ms 22ms	Image image/webp	2606:4700:10::ac43:27d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/516/8eb/4d8/5168eb4d8942bd25f1cbec81acf9311a355d0823.png Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:27d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c535bae3477ff26bb69fde704fb455565a7e656c82c5f6ba65f566769464ccb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-openstack-request-id txb41901d92c9442f686478-0061b09673 cf-cache-status HIT age 6551 cf-polished origFmt=png, origSize=2447 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp content-disposition inline; filename="5168eb4d8942bd25f1cbec81acf9311a355d0823.webp" cf-bgj imgq:100,h2pri alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trans-id txb41901d92c9442f686478-0061b09673 accept-ranges bytes last-modified Mon, 31 May 2021 17:00:29 GMT server cloudflare etag e0be6f0483ee14085537b72f62f24c1b vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1622480428.11687 cache-control max-age=432000 content-length 1142 cf-ray 74aa0f88ddc29b55-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT expires Fri, 16 Sep 2022 13:23:13 GMT
GET H3	200	ffafd2fcc1e3895b80760c6cbf165264fb3420fd.gif cdn.bncloudfl.com/bn/ffa/fd2/fcc/ Frame 7824	2 KB 3 KB	47ms 27ms	Image image/webp	2606:4700:10::ac43:27d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/ffa/fd2/fcc/ffafd2fcc1e3895b80760c6cbf165264fb3420fd.gif Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:27d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f99c37d998b72b65c8f7e6e80f8f7960757faa6d31f818764c9b726fc15eb27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-openstack-request-id txde54208d07c3404db9443-0061b097e3 cf-cache-status HIT age 132273 cf-polished origFmt=gif, origSize=4658 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp content-disposition inline; filename="ffafd2fcc1e3895b80760c6cbf165264fb3420fd.webp" cf-bgj imgq:100,h2pri alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trans-id txde54208d07c3404db9443-0061b097e3 accept-ranges bytes last-modified Fri, 14 May 2021 14:32:28 GMT server cloudflare etag 937da83bcf37c9f9fac58437776e9dd2 vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1621002747.16286 cache-control max-age=432000 content-length 2372 cf-ray 74aa0f891f609186-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT expires Thu, 15 Sep 2022 02:27:51 GMT
GET H3	200	5168eb4d8942bd25f1cbec81acf9311a355d0823.png cdn.bncloudfl.com/bn/516/8eb/4d8/ Frame 3EA5	1 KB 2 KB	54ms 37ms	Image image/webp	2606:4700:10::ac43:27d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/516/8eb/4d8/5168eb4d8942bd25f1cbec81acf9311a355d0823.png Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931704/code.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:27d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c535bae3477ff26bb69fde704fb455565a7e656c82c5f6ba65f566769464ccb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-openstack-request-id txb41901d92c9442f686478-0061b09673 cf-cache-status HIT age 118943 cf-polished origFmt=png, origSize=2447 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp content-disposition inline; filename="5168eb4d8942bd25f1cbec81acf9311a355d0823.webp" cf-bgj imgq:100,h2pri alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trans-id txb41901d92c9442f686478-0061b09673 accept-ranges bytes last-modified Mon, 31 May 2021 17:00:29 GMT server cloudflare etag e0be6f0483ee14085537b72f62f24c1b vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1622480428.11687 cache-control max-age=432000 content-length 1142 cf-ray 74aa0f891f5d9186-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache REVALIDATED expires Thu, 15 Sep 2022 06:10:01 GMT
GET H3	200	5168eb4d8942bd25f1cbec81acf9311a355d0823.png cdn.bncloudfl.com/bn/516/8eb/4d8/ Frame 3D44	1 KB 2 KB	51ms 36ms	Image image/webp	2606:4700:10::ac43:27d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/516/8eb/4d8/5168eb4d8942bd25f1cbec81acf9311a355d0823.png Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931703/code.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:27d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c535bae3477ff26bb69fde704fb455565a7e656c82c5f6ba65f566769464ccb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-openstack-request-id txb41901d92c9442f686478-0061b09673 cf-cache-status HIT age 118943 cf-polished origFmt=png, origSize=2447 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp content-disposition inline; filename="5168eb4d8942bd25f1cbec81acf9311a355d0823.webp" cf-bgj imgq:100,h2pri alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trans-id txb41901d92c9442f686478-0061b09673 accept-ranges bytes last-modified Mon, 31 May 2021 17:00:29 GMT server cloudflare etag e0be6f0483ee14085537b72f62f24c1b vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1622480428.11687 cache-control max-age=432000 content-length 1142 cf-ray 74aa0f891f559186-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache REVALIDATED expires Thu, 15 Sep 2022 06:10:01 GMT
GET H3	200	2ef1cca8fb6950b5709e149354ffbe886d1e4005.png cdn.bncloudfl.com/bn/2ef/1cc/a8f/ Frame 632A	9 KB 9 KB	26ms 22ms	Image image/webp	2606:4700:10::ac43:27d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/2ef/1cc/a8f/2ef1cca8fb6950b5709e149354ffbe886d1e4005.png Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:27d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e67201eb332e47f8e441a9eadc60ae9f1b71b668e0775b20f0da666466d10d9c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-openstack-request-id tx9700aa4d46b64335a5ad3-0063164c8c cf-cache-status HIT age 136932 cf-polished origFmt=png, origSize=16767 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp content-disposition inline; filename="2ef1cca8fb6950b5709e149354ffbe886d1e4005.webp" cf-bgj imgq:100,h2pri alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trans-id tx9700aa4d46b64335a5ad3-0063164c8c accept-ranges bytes last-modified Tue, 16 Aug 2022 10:32:39 GMT server cloudflare etag 9f400dd168ed74197ed1670eac4cdadf vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1660645958.32006 cache-control max-age=432000 content-length 8980 cf-ray 74aa0f891f5a9186-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT expires Thu, 15 Sep 2022 01:10:12 GMT
GET H3	200	5168eb4d8942bd25f1cbec81acf9311a355d0823.png cdn.bncloudfl.com/bn/516/8eb/4d8/ Frame 3EA5	1 KB 2 KB	49ms 49ms	Image image/webp	2606:4700:10::ac43:27d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/516/8eb/4d8/5168eb4d8942bd25f1cbec81acf9311a355d0823.png Requested by Host: bfxytxdpnk.com URL: http://bfxytxdpnk.com/lv/esnk/1931704/code.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:27d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c535bae3477ff26bb69fde704fb455565a7e656c82c5f6ba65f566769464ccb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-openstack-request-id txb41901d92c9442f686478-0061b09673 cf-cache-status HIT age 118943 cf-polished origFmt=png, origSize=2447 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp content-disposition inline; filename="5168eb4d8942bd25f1cbec81acf9311a355d0823.webp" cf-bgj imgq:100,h2pri alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trans-id txb41901d92c9442f686478-0061b09673 accept-ranges bytes last-modified Mon, 31 May 2021 17:00:29 GMT server cloudflare etag e0be6f0483ee14085537b72f62f24c1b vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1622480428.11687 cache-control max-age=432000 content-length 1142 cf-ray 74aa0f891f619186-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache REVALIDATED expires Thu, 15 Sep 2022 06:10:01 GMT
GET H3	200	cd1262e57fa5e922e2886d2c7da0bac4614cd198.png cdn.bncloudfl.com/bn/cd1/262/e57/ Frame 976A	13 KB 14 KB	37ms 37ms	Image image/webp	2606:4700:10::ac43:27d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/cd1/262/e57/cd1262e57fa5e922e2886d2c7da0bac4614cd198.png Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:27d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd817a8c109e560b93e2e049c8042980e180dd0a99904dd1b12c862211c22051 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-openstack-request-id tx968229160c304dab996c3-00630dadb6 cf-cache-status HIT age 136351 cf-polished origFmt=png, origSize=23410 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp content-disposition inline; filename="cd1262e57fa5e922e2886d2c7da0bac4614cd198.webp" cf-bgj imgq:100,h2pri alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trans-id tx968229160c304dab996c3-00630dadb6 accept-ranges bytes last-modified Mon, 20 Jun 2022 08:42:04 GMT server cloudflare etag 99fb8266d0137e4f60cc798a92b9d79c vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1655714523.97182 cache-control max-age=432000 content-length 13422 cf-ray 74aa0f892f729186-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT expires Thu, 15 Sep 2022 01:19:53 GMT
GET H3	200	34f0277c6da99cc33879941925d05bc4f7b077eb.png cdn.bncloudfl.com/bn/34f/027/7c6/ Frame 01FE	9 KB 9 KB	36ms 36ms	Image image/webp	2606:4700:10::ac43:27d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/34f/027/7c6/34f0277c6da99cc33879941925d05bc4f7b077eb.png Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:27d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73b63e4c8c476b3ba84f25f330128a59e713085587e7d1fee41df6dd0eaec027 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-openstack-request-id txbc800ce768e34947ba25d-0062dc35d1 cf-cache-status HIT age 123085 cf-polished origFmt=png, origSize=23103 content-disposition inline; filename="34f0277c6da99cc33879941925d05bc4f7b077eb.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trans-id txbc800ce768e34947ba25d-0062dc35d1 accept-ranges bytes expires Thu, 15 Sep 2022 05:00:59 GMT last-modified Mon, 20 Jun 2022 08:31:02 GMT server cloudflare etag 3d7b391b7363cdaaedf02eca308167ed vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1655713861.27445 cache-control max-age=432000 access-control-allow-credentials true content-length 8848 cf-ray 74aa0f892f769186-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT cf-bgj imgq:100,h2pri
GET H3	200	b65e93de1ab038efa47371be0ae85c5cb777672f.png cdn.bncloudfl.com/bn/b65/e93/de1/ Frame F855	11 KB 12 KB	44ms 43ms	Image image/webp	2606:4700:10::ac43:27d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bncloudfl.com/bn/b65/e93/de1/b65e93de1ab038efa47371be0ae85c5cb777672f.png Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:27d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8a76bcbd5fce67d79f07a43bf8dbfb660fc7637aac17aecdf8f7f2fa2da5c4f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-openstack-request-id tx9eaaa70d216f43a8a50e6-0063165911 cf-cache-status HIT age 132464 cf-polished origFmt=png, origSize=24543 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp content-disposition inline; filename="b65e93de1ab038efa47371be0ae85c5cb777672f.webp" cf-bgj imgq:100,h2pri alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-trans-id tx9eaaa70d216f43a8a50e6-0063165911 accept-ranges bytes last-modified Mon, 05 Sep 2022 19:45:00 GMT server cloudflare etag 707deddcb7ea3f2715594d0c76654901 vary Accept access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1662407099.94706 cache-control max-age=432000 content-length 11398 cf-ray 74aa0f892f799186-FRA access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT expires Thu, 15 Sep 2022 02:24:40 GMT
GET H2	200	chicken.gif bfxytxdpnk.com/ Frame 529F	43 B 851 B	16ms 16ms	Image image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bfxytxdpnk.com/chicken.gif?z=1931702&pb=49a5ebbb071a86ded0b431680efd25491663175543&psp=v3zapFXQBqatyr7yekfv_qt60xisAdQg4EGmZK2prpkqH9ZMssl0hgaqh7y1E7yR98Vcq-HvKeoq9ONC4RkvlHuYgFGvGRt174PYYmlutk9rlAPT0ishefO5gjz6348y6GZocpwxt8GpzYqxaHDPOangzoEG63Qbj-vgtgty4NaQfNKon5jDgnmws0GTqzPCrWG7ZY26LreUz9dNtibmvJiwfrgsUoJJ0NFGS2mirg-65HpZOswQNnGfFE_cbKLnsAJuLXFWYJprrgvzdYzBgn6mvT1AarrLy-Gppi4TwY6PSdfIjWf7WsL_3O3vR2GJXxrTSpD6OhakQumpsQ3tFeK6_2j7vpDk9nwxN2DQ_tznZZetqh-lMhXl-aMzwxFnmFI6SJ1dYIdRu13SEx3UrBS1Rmj3yBsLlMbN6nUHvBWPhbYPxh-0hUuLFwdLN86qUbYGhGCndM9gQtFeE9-P7ljUzZSDCgUIR8L3rqC1H5b2l11zfBKjp8bVWyfBm90hot4_snucq-WXq2cse82fnpfmv4YaC6Jn5RZlBJpmFOAjxziEz6obHboaHhsybIU429AFZj95LOfQMt1lBz02NkemhvdPNgk_GWLd9b0bnLYbPpV7NcMNPgsoEhz3zN1IYJfCmIiiGx-nM7psnBDkqa0BCSntSoiWMVzsFuUxnAB--68Xaxzl4Kq2-fMkZcUhn-Ou76C9_J2OSu7E&abvar=0&os=0 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-route-id stats.impression accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
GET H2	200	41925 Show response 588d37a62f.465c3b7fb1.com/04f576923a47255303d68d5fd55b5b42/	850 B 1017 B	13ms 6ms	XHR application/json	45.133.44.24 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://588d37a62f.465c3b7fb1.com/04f576923a47255303d68d5fd55b5b42/41925?version_name=a Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash 071cb06d224e1c3076e8a7fd8f352b0dc2d2e9c5a2ca9964e2edabc4abc1688a Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT server nginx/1.18.0 content-type application/json access-control-allow-origin * expires Wed, 14 Sep 2022 15:17:24 GMT cache-control max-age=300 content-length 850 x-proxy-cache HIT
GET H2	200	wp-banners.js Show response js.wpadmngr.com/npc/sdk/	0 238 B	43ms 9ms	Script application/javascript	45.133.44.25 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://js.wpadmngr.com/npc/sdk/wp-banners.js Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT last-modified Fri, 20 Aug 2021 15:14:31 GMT server nginx/1.18.0 etag "611fc6d7-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Wed, 14 Sep 2022 15:17:24 GMT cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
GET H2	200	41195 Show response 588d37a62f.465c3b7fb1.com/04f576923a47255303d68d5fd55b5b42/	1 KB 2 KB	12ms 7ms	XHR application/json	45.133.44.24 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://588d37a62f.465c3b7fb1.com/04f576923a47255303d68d5fd55b5b42/41195?version_name=a Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash ea822882055a4cbdbcff58b54239a2f5ae135bc3115f23c61032a2fb63c85b53 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT server nginx/1.18.0 content-type application/json access-control-allow-origin * expires Wed, 14 Sep 2022 15:17:24 GMT cache-control max-age=300 content-length 1398 x-proxy-cache HIT
GET H2	200	chicken.gif bfxytxdpnk.com/ Frame 632A	43 B 1 KB	18ms 16ms	Image image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bfxytxdpnk.com/chicken.gif?z=1931768&pb=6ef8be9e46a868f68ea019dd5be9c07f1663175544&psp=jzCvvod4GGO0a-YheAm4lSakGqzutSfzxTQj_NU_6nVWnif4Z-zZjs1qzwiSUbgfjJdHfv3-yqOlkpF5L8MTp_wWNTsV7HqhSEfLqotoj0MGD_WF-_HW2U-OBhfBONu0HJWQp26oHtK70HnemUAwVrVetOJBLrYoKXHmmUud7hGUWiXppBUdx3tJtqIPeoW6Hn1bViGC7htkY1dGDVBGy_dEBCUvAIdDkFUcVianL7EF6Z6k5DpYQSzGG8FbnV4YovEx6iKiWhyBtugf2VpEWHZ1euB2g57QhD0uxrHMZTK-mIahEnuY8-tjTNr0kAuW76OWqWISWnOxj1GI5_u5_DV80honNIOghKD8zD6ztvje5uRqzj03xQb4sTqh3892Bt7s85P1K00N6vWJAUupYqn-iTo4EsdrwzFcVp3JnqVQDrbiKF98WnGI3HGtFMppfOzcN-tpDbPDnM3nR3EQ6P4AvG4qbgZ_N1sh6szZ8IZJCmxhLnHk2qu-svwuHA5Hhi1D2hlNBBTd6gaBFYEeChIEtcQwATm2TQs6EG2sJQ6H0ftSJ0APMR-bwD4jVjEABbdmyB9TYLyZpITs4SIi38AkFgx09LSN-kqe8ulFaF3vbku_BULQ9n55-1ERbIqp5nJR5LKFZgVKydwcZhMhphUTa6nEow==&abvar=0&os=0 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-route-id stats.impression accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
GET H2	200	yu68suy3okrf.html Show response sbspeed.com/e/ Frame 3005	26 KB 11 KB	251ms 210ms	Document text/html	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/wp-content/themes/muvipro/js/ajax-player.js?ver=2.1.7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ea7758092da7584f1c6e87fbf2ae666787d94811c71954653ae19c10f993ca1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://157.230.41.236/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 74aa0f8a6ea29974-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 14 Sep 2022 15:12:24 GMT last-modified Mon, 12 Sep 2022 16:58:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VHB1EuA6iflcwxEiakiAsIIYTHBz15sgl1iAJjSMHjPRs7AjCwgQyBCwHpWeKbTqXadf7HE0YsVQ7cqrViaBu50I0o5%2FcDrs6N60t97QQbgYjm9koNK5AA2%2FzRz1eyHfxP1uw1lw%2FODPA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	chicken.gif bfxytxdpnk.com/ Frame 3D44	43 B 879 B	16ms 15ms	Image image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bfxytxdpnk.com/chicken.gif?z=1931703&pb=49a5ebbb071a86ded0b431680efd25491663175543&psp=5Qj6C0fKNv3vyk4gg_5x4L79zhZOk15-Ut_NHrGs2ApZ7DdDV5bP8xZl9pBM6JmH10I5xd_Lcu-ooSXNrzeuLR8RNR1xDZ2-BxGSSeTwCXdLFOS6z8DwGNrC4JX4GYsbhlZER_GlsfarQBDxwCEtMj-cC5F1lJqd5X1j6BCDID9sGFEcmMW17DpSqS3YxLHW_ojJ5k_ZyoHHrTonKtIsHYpDWkLzyk82fHzsn9yuN1tFt5HC04i4yMVOxu7lGtyf21DU_O0kosqObiyJ8G-Hop7oUNypmIWLrMhW13L83Oruk6WuT4ihH52kpfAJjsbAz1BS7ESU7dXFwxHdrDHrdXqoFShPxNfzsiLpRbQX9O1a5LlVPlspiob0Y3auIOYdFH2nosvW4-H5wHniQN7einHt2JfOne1P74k0YGdhPqEUNiruJKgiIHDge6HW9rd441dD4_4WFHTw7DuLek8pX-parilYdjDJ2G8N3nNVBfXltRfYG2n24z4-HMNT8GFXFqdRZALjPWSEqUojpxjh4O6v2Cb90lCHdrZ4BtpBHOsOW1I8dIwAAIVaUlkJIKPP2TxIpmTBodiuJhvV5veglTnZq5BqeVqxtu2mI1aMPexlBTTgfSz8q33wQKSBHFq567tP_YMY7Ph44ZkDWAgUtnBb1QnoCwdAlb7VI-K8yIxY9GlPMKL1Nk5ujq6hzf9hskSt64Pq2PEvosqk&abvar=0&os=0 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-route-id stats.impression accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
GET H2	200	chicken.gif bfxytxdpnk.com/ Frame 7824	43 B 905 B	16ms 15ms	Image image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bfxytxdpnk.com/chicken.gif?z=1909508&pb=49a5ebbb071a86ded0b431680efd25491663175543&psp=XtgU00qKMj1x-3sRqNaIwVc-eOjhnyGjvdx9lvcbYrkq8crZJqqjwK-nJ1HSRJDQurqej9T_oQVAGBKMnnFXgPGrEYGrqe4foXrv7f7Y734DKGWr-4sFnvgVZsgqdt_Dkgisbfzm4J_zFrVh0a25afwmAjC5w2_Ps0O2jJlK-DfOX4YphB4gxkzEtz4-ENjeVRoYC1mSpm7zb3bHUfsrE-cgH8WwCBuWiEy3P0dfQNWRMKQ60E5TKVvjiFageqMT2400uFn-yIIrCeuIAUz98U68eIB4WCLJ_pDThXdRqevA0CRalP1TWNhnR1TBKxde5PtKH0XEbn3H8jdY9XPJrGykQp4REfzbYZK0-jI-PsaGU_vzQoPrbrOI9ArQwl2NI0EGh-LD__G1LxhjkuUWeiAmlz44J0ztpC4ZXFcVb0UCYRD616S1vOoviGd6nf5P7HlFflZdFDC-SmvZw-A7JnzsikCIoL5CLjM8YBvjEjuG4rm2FS-Io9pQULwmElm9V_cUWzXRR3m3RondoM4xKx2IHPCd8mMViswxIuVMFk7S3EF4QkyyjErTXh7TCfnvtPgGP0xAseRfsyNCEubDFElAX2vphZc3u05A-_oCqaJkjYB6o07BrwH92tm_ANbBfhI=&abvar=0&os=0 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-route-id stats.impression accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
GET H2	200	chicken.gif bfxytxdpnk.com/ Frame 976A	43 B 1 KB	16ms 16ms	Image image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bfxytxdpnk.com/chicken.gif?z=1931641&pb=6ef8be9e46a868f68ea019dd5be9c07f1663175544&psp=27yj_pFZGvGrYDBAOIt-_FJabbeJD3idkfCZqzyTxBUjSZ-WgpgE1LOFNrHii9swvGUyeghBdheJel576mPByTYoiyVOGxp-slLHeRghMYmU0Xp2EaHXz5cyZBikRoGS9St-mN-UXQjw_lu_UvncIJgqBzO3EyaM7rDcFk8jdn81pLWd1Yb8VRFrkdppoKCgrWYoh7xdhvxLD5XFVjQDAEdSr3ywlsG0v8Mvba2-vDt_6ckMC29imCjcTmvvqxSB7KhCjJqqSC59M9I7Lhd53LV7Mjy9te8HYLEDUPCYllCSn6qDwZ3NjxwDrhCC3frogS61Koiv1qYZVO73mkH8MlEtRohZQA02szGzd4vU-2R0v9VIzobo28azLVdonzqTg_JjgzVzoZx9Dc_begchyhSaW8xxSBh95xeaLe4pGQOlvbpG8OEA9vjXG_bkGN_55pH-GrR6Xlyi2pAFbjqEeck6Lm_7eES4kIy4fpMWwb-x7PAtJYRR34mZBogTISeHxK-Iu9EBcAZR_H-OGPROKk2L_jOVhYHhBaVHRK0uPCuVVkWOJXz8ymxAx7OdpC8fC1-xqbpFZ1zRMb7teKpZIRwOTADV7wQSYpzQRgl8Fc12XfGxUc5IfFWh1-mt7k0AKJSKdGR7adWFFTDLDDPc6-vEoHnxzzjWtlzuFDDX4nd42JY6&abvar=0&os=0 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-route-id stats.impression accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
GET H2	200	chicken.gif bfxytxdpnk.com/ Frame 01FE	43 B 1 KB	16ms 15ms	Image image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bfxytxdpnk.com/chicken.gif?z=1931643&pb=6ef8be9e46a868f68ea019dd5be9c07f1663175544&psp=G1rmwaoIa-_2ks3h6RTo7umOnOSwim-29Jc91FqS1l_kBH1e-Pfbtv7ZsnXsiKqdGeQb74MnGSH6Iw75k2o0agzs2pP_xl9p_IlSr7Cm3LZKCIopSDv5_pUUUMCMpiXU4yY-Ot222axk4kzFkYlu7PXCIF6EQnEZJdujcHiKZwuNg0zfmHuqGrn2ot9jZ2Ty-uExQHsXT9E-47ijyd-TJzDp1WGN9QkYIdJ8vQabhAOwEUQQgib_B72sM1AKCxpUqRAL8Y9j0Km4Yspmp85J4p6xBHm5G510YPGJpGTgBAHlAdBWrARZXequNVBaDnFXumXfIXENnqJUjEcd8Ao571JZNp3ZMglzl9ZAtyXi12y8r13p8_M4daycSfVSYmFu3Cdq89iDKFsfH3UXoNLk6-ltG_cbiIZ7BFHikLhriVYOfaVzY7URLBXiyXau9jUFvFPiJAJIGQQh6M3Oe2bOOIigg5mifhuUr6S1S8SSAW4RsK_CnYzg8IZHrdc8_oYdDlOEVc7IkBC1cmgSFwKpijHL6ojAOKVUgjLCN8xK-ucx7E59qBPNR9WjUWDc0472DM-hjRYo8X5osmjMssADMm67yiUUcmswovPE1tu6jBytkbT2KWTZ_TYZuSEQ9DKvwrN2debOfgZpbhgXfJOn13cRT9O3Lg==&abvar=27&os=0 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-route-id stats.impression accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
GET H2	200	chicken.gif bfxytxdpnk.com/ Frame 3EA5	43 B 879 B	16ms 16ms	Image image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bfxytxdpnk.com/chicken.gif?z=1931704&pb=49a5ebbb071a86ded0b431680efd25491663175543&psp=VbcnmscTcuFQ5bHWUwJvuqmD8D_PvPIlcyKCg20DwAOoVNXmyksNjY6J0aywp8wwDKM0Lggx2MLWoCMw02abY7oVuCjJACa08ROvUK4U-sDurPV-7YtaLJYrsX2LNAQ4iekluzcb5iepTELgvr7XTZNf3Lg54H1BlqGbBx05HoTN53wJy8khsdLxkHPnZEs8TurfEqflj5TSl4lKoRLjAHeEtQ8YsoQ_fe8W8EaYKGZ3JlTK6vx3ADfQ0s0WWhHC8tZb72joTXVLvkX7xWVpMxK2f4x9iggnsDbODkV4mt0OsqXZK082H4rfbVyAyBS5jSaVbZk5fLi6oMdP5FhaYIbuw5qE6dLSccxvb8boPP_dY7jZQXg1NQMpa6aiY4dWplZ-95lq_VkBNIvb6NxZvCq7PUWwhr8KS0RN8rxn6_4t2aFhvWlhPx9DB9Vk1ov79LrKU0GRhnQU61qzBoGHz0HsdHCgvFoscAqMoOulJJ2IcS3s5JlFyRukESYiP3sWNE8eNvffUyv0fo1bmFqXaZuRuPnXxqMl2I85cCNM-9jkObULRMF7-AZt4WR5Wl4wGY4RcriL2stC44QqwnCKBQdiylKVnR89hF24MPI-mduOFxp5qj21yGs-ELhkjbPW_rlVvY4qgHKVo-8Fme-sz7GAwjonKEZQr_C1KjhqXlEBkVAXh5YscEQd_XA0N72tQP_J-KqeUxNWw5rj&abvar=0&os=0 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-route-id stats.impression accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
GET H2	200	chicken.gif bfxytxdpnk.com/ Frame F855	43 B 1 KB	15ms 15ms	Image image/gif	62.122.171.6 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bfxytxdpnk.com/chicken.gif?z=1931642&pb=6ef8be9e46a868f68ea019dd5be9c07f1663175544&psp=QskvKB-liumG4V2QTRNovqcDw1yfoGkdLSN0xC6p_xAWGdF4dJ651dpzybAAOu6cgh6OakGFj9Wh7qxs6jlTTuA8CRcBDHC6_DnrNmKPJrhQ9waz7ovVnb9nPkslfRJYOXuLK0TC_BUGQiwRYe7LNyMtI38Al5fO_sE0fWNA4k0m-Eth6sczgPdLuaC2z4lpjH08rMMzgZb-pYSfes9KQJrEB2C12b6rKhzMdf6oMJPGr956hQGnfXsfUe3cpCIV6baqA1-S6LdLTxvhbO4iEhckKRM4LvGKWZJ9I8ca4V0-B4-87bdQEXvKXuu4FQYyByYaRHkqobIXj-ze8J-sOID2COns3CFywNULk1n0j9Il_GYc8gIzbcl4gknmlhlPC_hmywWkEUpvUlO2bjwp79Fb5ndNKS5hKBAsBRGtJBUDUTPC7XZJ5_F5cvLim-z-WfOa4c70H2hYz7rkAfPmn7x7rV38a99VdOOQbqIHIltXGfsk8yh2Gwgxoq_cPoRDJRBLfQOAlVxm2U5EX3tK1IVe07QI9k2gCKUp2sD-4QBPHW3RnbI9Bbv41C_0oZW8gHhcGkpulI2piYKCb3d8aet837spe4ijI04pLYAd0Cdi70AH57KHZn327ViqhnLPJJfeNLXeVU1XkR-3Vdd89z3q9Cib&abvar=24&os=0 Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL), Reverse DNS 62.122.171.6.serverel.net Software nginx / Resource Hash 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT x-route-id stats.impression accept-ch sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data timing-allow-origin * content-length 43 server nginx content-type image/gif
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	142ms 11ms	Preflight	157.90.84.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=41925 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.244.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://157.230.41.236 Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin http://157.230.41.236 Connection keep-alive Date Wed, 14 Sep 2022 15:12:24 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	27 B 401 B	95ms 72ms	XHR application/json	157.90.84.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=41925 Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.244.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash 0e421aa2a77e8d64608c157d06669d31b71924ea195265c523c88f2a4db2e799 Request headers Referer http://157.230.41.236/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Wed, 14 Sep 2022 15:12:24 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin http://157.230.41.236 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 27
GET H2	200	track Show response be48b25c25.24f6bf5f7e.com/in/	0 207 B	102ms 19ms	XHR text/plain	45.133.44.24 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://be48b25c25.24f6bf5f7e.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzAwMjMxOTA1MTI5MTg3NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjguMSIsInRhZ19pZCI6NDE5MjUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjI0LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJCdWxhJTJDKDIwMjIpJTJDJUUyJTgwJTkzJTJDS1VSQUtVUkEyMSUyMCJ9 Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Wed, 14 Sep 2022 15:12:24 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	9d5bbbc253aa51c1d78f1e7651e22039.js Show response 588d37a62f.465c3b7fb1.com/	262 KB 70 KB	20ms 6ms	Script application/javascript	45.133.44.24 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://588d37a62f.465c3b7fb1.com/9d5bbbc253aa51c1d78f1e7651e22039.js Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash 3c129eacd4c0c6b70c44162b270c20210d9e452787afa059cf36188b8287bb3e Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding gzip last-modified Mon, 12 Sep 2022 14:09:08 GMT server nginx/1.18.0 etag W/"631f3d84-4185c" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Wed, 14 Sep 2022 15:17:24 GMT cache-control max-age=300 x-proxy-cache HIT
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/ Frame	0 0	107ms 11ms	Preflight	157.90.84.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=41195 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.244.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://157.230.41.236 Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin http://157.230.41.236 Connection keep-alive Date Wed, 14 Sep 2022 15:12:24 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	27 B 400 B	94ms 70ms	XHR application/json	157.90.84.244 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=41195 Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.244 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.244.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash 0e421aa2a77e8d64608c157d06669d31b71924ea195265c523c88f2a4db2e799 Request headers Referer http://157.230.41.236/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Wed, 14 Sep 2022 15:12:24 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin http://157.230.41.236 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 27
GET H2	200	track Show response be48b25c25.24f6bf5f7e.com/in/	0 206 B	79ms 31ms	XHR text/plain	45.133.44.24 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://be48b25c25.24f6bf5f7e.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNzAwMjMxOTA1MTI5MTg3NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjguMSIsInRhZ19pZCI6NDExOTUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjI4LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJCdWxhJTJDKDIwMjIpJTJDJUUyJTgwJTkzJTJDS1VSQUtVUkEyMSUyMCJ9 Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Wed, 14 Sep 2022 15:12:24 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	build.m.js Show response js.cabnnr.com/banner-admanager/	45 KB 15 KB	28ms 8ms	Script application/javascript	45.133.44.25 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://js.cabnnr.com/banner-admanager/build.m.js Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/d1f657e37007bb8588aa70e1a2ad7f74.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.18.0 / Resource Hash 072972bfca957718b8a4f40087dc3a9eba842938a1a166696e845bd9779d0698 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding gzip last-modified Tue, 13 Sep 2022 14:00:41 GMT server nginx/1.18.0 etag W/"63208d09-b395" content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Wed, 14 Sep 2022 15:17:24 GMT cache-control max-age=300 x-proxy-cache HIT
GET H2	200	dip Show response nereserv.com/in/	0 201 B	49ms 13ms	XHR text/plain	168.119.25.22 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://nereserv.com/in/dip?site=native-push&wl=1&event_id=e230f27a-a552-4337-b387-fcf79cae306c&subid=1774807143&sid=387230069&spot_id=27695&created_at=2022-09-14&timezone=0&ver=7.3.0&is_native=1 Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/9d5bbbc253aa51c1d78f1e7651e22039.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.22.25.119.168.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Wed, 14 Sep 2022 15:12:24 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
POST H2	200	multy Show response ba8ebf97e3.24f6bf5f7e.com/in/	8 KB 8 KB	1035ms 1035ms	XHR application/json	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ba8ebf97e3.24f6bf5f7e.com/in/multy Requested by Host: 588d37a62f.465c3b7fb1.com URL: https://588d37a62f.465c3b7fb1.com/9d5bbbc253aa51c1d78f1e7651e22039.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 3b7bf72d4512a50d21795f8a978c8c3cb7eeace0a87e008338cdd2537ba0c534 Request headers Referer http://157.230.41.236/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers pragma no-cache date Wed, 14 Sep 2022 15:12:25 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * content-type application/json access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 7922
OPTIONS H2	204	multy ba8ebf97e3.24f6bf5f7e.com/in/ Frame	0 0	74ms 10ms	Preflight	2a01:4f8:e0:19cb::1 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ba8ebf97e3.24f6bf5f7e.com/in/multy Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:e0:19cb::1 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin http://157.230.41.236 Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate date Wed, 14 Sep 2022 15:12:24 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	/ Show response a82bd1cbd4.24f6bf5f7e.com/health/	0 201 B	174ms 9ms	Script text/plain	2a01:4f8:c0:2f03::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a82bd1cbd4.24f6bf5f7e.com/health/ Requested by Host: js.cabnnr.com URL: https://js.cabnnr.com/banner-admanager/build.m.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:2f03::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Wed, 14 Sep 2022 15:12:25 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	bootstrap.min.css cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/css/ Frame 3005	158 KB 18 KB	34ms 14ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/css/bootstrap.min.css Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1895773 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17712 timing-allow-origin * last-modified Tue, 19 Jan 2021 17:26:57 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "60071661-27681" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KVHml6UVzxNyJrXU8ya1QG3FtkJ1WnBQoDLXNQD6%2BhlYM%2F3q4s90CUYCfFNKsBfrBKY5jnAT9UH5JoOa5yEmdUjGR12cLmYcFRnWv6GMKGyqlkOvqicLxsSxfTJieCLj%2F5%2BtzRyBjKZxe0zkNeSOtjN"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 74aa0f8bea326939-FRA expires Mon, 04 Sep 2023 15:12:24 GMT
GET H3	200	app.v1.5.css sbspeed.com/css/ Frame 3005	8 KB 2 KB	53ms 32ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/css/app.v1.5.css Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5672bd435645e07b60e8054c2d099efc74fc4d25cb23fe9d2533ed1dd977f902 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 564553 cf-polished origSize=11587 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sat, 23 Oct 2021 03:04:46 GMT server cloudflare etag W/"61737bce-2d43" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rm27oP7ZjE%2BAfOMvlTswdXkAnXRdU232FYbbjYks9GS4jhB8Q3uoIKUcqUtJAgqeKoT6WZIIEnA5x6Ru3fXBv6SvsuMYciOhjLqkhII58LqFp8GTGvfse1qwKgYutE2qTgx50%2BKqIq6L%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * expires Thu, 15 Sep 2022 02:23:11 GMT cache-control max-age=604800 cf-ray 74aa0f8befe69a33-FRA cf-bgj minify
GET H3	200	jquery.min.js Show response sbspeed.com/js/jquery/ Frame 3005	67 KB 25 KB	43ms 22ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/js/jquery/jquery.min.js Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 067e6ec7853d5f761bed817d279a6d98802b6a81c17afa1a66d99862874b1aad Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 564553 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 21 Jul 2022 15:03:10 GMT server cloudflare etag W/"62d96aae-10ce2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMkG0PK%2BKAaPXK7O2pOxo16MhH4bixg9pTEFN5t1ETkbUw6EtWECI2UDvj3YCTzvRYjSLhLzpEACW5au6xSiZ2W0ssIRWEt0Pvp50tPvTlScX5lb0%2Fo%2Fj7Q3ZDK2BQEbDreo3xe6l2wbGA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 cf-ray 74aa0f8befe29a33-FRA expires Thu, 15 Sep 2022 02:23:11 GMT
GET H3	200	jquery.min.js Show response sbspeed.com/js/ Frame 3005	87 KB 32 KB	24ms 24ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/js/jquery.min.js Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 564555 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 05 May 2020 04:02:38 GMT server cloudflare etag W/"5eb0e55e-15d84" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2Bw%2BHJPMyFePBW34d7dbwGjfIiwbclK1Yad5S9UcAdgOU7UdDaPVzxYeiQv3LD%2BgrTdbij4uwr%2Bgijgq1uBSAmtyloK3KW7e5kEDQnIEhgTwUWdkBXKAYttRhBVoeiT1pekOM66YUrSGYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 cf-ray 74aa0f8c08239a33-FRA expires Thu, 15 Sep 2022 02:23:09 GMT
GET H3	200	bootstrap.bundle.min.js Show response cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/ Frame 3005	82 KB 19 KB	31ms 18ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.6.0/js/bootstrap.bundle.min.js Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1806578 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 19173 timing-allow-origin * last-modified Tue, 19 Jan 2021 17:26:57 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "60071661-1499a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H55NxS85OF%2B2CT%2FK5v1Ha6%2BzqYgJfIkFU5FHMTVVs1zCOwkdy3sqw6%2FNOkY27vTP8OS7BP13vRCLzFwXu5y6zO9upxrmas1xCQGUkOaVvIeS0fUq3MdwReoTSw8%2B9eB5wYagK3B3dwYB3G3Emw2mysVM"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 74aa0f8c198c91ed-FRA expires Mon, 04 Sep 2023 15:12:24 GMT
GET H3	200	axios.min.js Show response cdnjs.cloudflare.com/ajax/libs/axios/0.22.0/ Frame 3005	17 KB 6 KB	37ms 25ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/axios/0.22.0/axios.min.js Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7225309c419aac816716ce68150e60a73a34067c7989132faf9d7498d17e2ba2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 16637874 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5467 timing-allow-origin * last-modified Fri, 01 Oct 2021 06:37:50 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "6156acbe-155b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V89wpLFqDT2KYVpKbbOsSCHR%2FIgZudpSDXRziyzYYg%2FtAbI%2BmIhP%2BLirUoeUiXrJ1%2B4NnGil91iiITCNAFSPk2ncaEewmqMHjBhnvqbRtaVFbo%2BF%2B4YV8Wwn5sWhwp81pD9D13hL52s9wGx1qA11YcKZ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 74aa0f8c198991ed-FRA expires Mon, 04 Sep 2023 15:12:24 GMT
GET H3	200	jwplayer.8.9.5.js Show response sbspeed.com/player8/ Frame 3005	106 KB 35 KB	63ms 62ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/player8/jwplayer.8.9.5.js Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 962922eb317b81e75e3fc2ab50bf36cb5830dddd9922f27d96f6540cb1d106dd Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 564553 cf-polished origSize=108633 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 22 Oct 2021 21:22:58 GMT server cloudflare etag W/"61732bb2-1a859" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGOLQXF72djqPTZx1MYIk5ShtPa4tdq3S%2B%2BeOT7zqDsL7B6wk7zgu%2FWkewgMpw78OB9jioiSHhac7WzmSU4wk4nMzQ3PkpnN90n%2FwzqfaKTFytYsOyM%2BrfkYQ3wa6Pq%2BnmTicmlJLg3h1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Thu, 15 Sep 2022 02:23:11 GMT cache-control max-age=604800 cf-ray 74aa0f8c08269a33-FRA cf-bgj minify
GET H3	200	vast.js Show response sbspeed.com/ Frame 3005	12 B 551 B	64ms 63ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/vast.js Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 263fe0c714f502d87952754b01be6fcc48080af8618c1883c99dbf4d6e6272ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4272 cf-polished origSize=14 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12 x-xss-protection 1; mode=block last-modified Fri, 22 Oct 2021 10:58:00 GMT server cloudflare etag "e-5ceeee26ebe00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NER18eZg77l5AGgbyU8A9kIYr7lgLaV2ounbTEmERGR11HiUr7VFqRR1oAFv6HrHEuDZhdfS5TwKCNY9K99OVkqWfSEduLk2tH67kuSD2DyNeTN2fCJbcImk1WE2Q9LV39Y%2FGqpdU4bzvA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=14400 accept-ranges bytes cf-ray 74aa0f8c082a9a33-FRA cf-bgj minify
GET H3	200	app.min.3.js Show response sbspeed.com/js/ Frame 3005	332 KB 123 KB	55ms 54ms	Script application/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/js/app.min.3.js?v=2 Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07d75569436f297b8c8b53b7253998513a564ef085f9d9af5d5d2f69af255e43 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 139582 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 12 Sep 2022 16:54:24 GMT server cloudflare etag W/"631f6440-52e2b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBjltBUqYNzU2yqunzvi3xVJYdQxpwGQFLE%2FXQt1Cnubk4Cu3CTa%2F7dxmBsqAaUINHiEdU1jKJSSoyvoHS6xBKEstFC9GoC0%2ByU%2FiFS4Cb%2Fr9kyw%2FBJGaHRYT4S6K%2FpzU1nH248cVh801w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=604800 cf-ray 74aa0f8c082d9a33-FRA expires Tue, 20 Sep 2022 00:26:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 3005	109 KB 43 KB	264ms 44ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-166622646-1 Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7f55905ac1b39a6847845153051c4d395841c3faec299377b5f4d7f2304a1da2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43190 x-xss-protection 0 expires Wed, 14 Sep 2022 15:12:25 GMT
GET		/ a82bd1cbd4.24f6bf5f7e.com/get/ Frame 5F51	0 0
GET H2	200	/ Show response a82bd1cbd4.24f6bf5f7e.com/get/ Frame 18C0	2 KB 1 KB	30ms 29ms	Document text/html	2a01:4f8:c0:2f03::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://a82bd1cbd4.24f6bf5f7e.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImEiLCJpZCI6MTk0Niwic3BhY2VpZCI6MTk0NiwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJ1bGElMkMoMjAyMiklMkMlRTIlODAlOTMlMkNLVVJBS1VSQTIxJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTkyMzY3MDc2MiIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjY4NjIzLCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjozMDEsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6Mn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjYwMH19XSwic2l0ZSI6eyJpZCI6IjY4NjIzIiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwOi8vMTU3LjIzMC40MS4yMzYvYnVsYS0yMDIyLyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YjUxYjJkMTIxMDE4OGE0M2MyMTI4OWQwMWMwMDEzMiJ9LCJleHQiOnsiZHQiOjE2NjMxNjgzNDEyMTB9fQ== Requested by Host: js.cabnnr.com URL: https://js.cabnnr.com/banner-admanager/build.m.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a01:4f8:c0:2f03::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash f888ff3d3d1f80b081774f314fe84a9c60fa31c5adb0abaede12e626dad6e1cc Request headers Referer http://157.230.41.236/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-headers Content-Type access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html date Wed, 14 Sep 2022 15:12:25 GMT pragma no-cache server nginx/1.18.0 vary Origin
GET H2	200	tag.js Show response mc.yandex.ru/metrika/ Frame 3005	205 KB 71 KB	176ms 51ms	Script application/javascript	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash d09935c94b4577fff4e1de0daf084674937f708d4fcfcf689d131d5d9b5a7852 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding br last-modified Wed, 14 Sep 2022 08:56:32 GMT etag "63216d10-118f0" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 71920 expires Wed, 14 Sep 2022 16:12:25 GMT
GET H3	200	6f7a366275434c35614c36477c7c79753638737579336f6b72667c7c4b6c72425872394c413252737c7c73747265616d7362 Show response sbspeed.com/sources48/ Frame 3005	938 B 926 B	192ms 191ms	XHR application/json	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/sources48/6f7a366275434c35614c36477c7c79753638737579336f6b72667c7c4b6c72425872394c413252737c7c73747265616d7362 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/axios/0.22.0/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2edaf793cf2b8829b529bea5575a5d2d24c372dc083130f60c55722d46d33bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 watchsb sbstream Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pg%2BRQKBTv32z8kzmFHVZMPXUDOrFK%2Bep9ApsnTHp3oGe4ZJh%2BnHLkdq5lPtWc%2FWt4hn7VPk2LESigxSwCI5Y1FthjiBCkEpRhR9kao4%2FWW39r%2B1PCpmuWwIfusQXCZEGvMWs%2F2VXjFejtQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json cf-ray 74aa0f8d2abd9a33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block
GET H2	200	300x600_a.html Show response cdn.tubecorp.com/caban/ Frame 657F Redirect Chain https://rtbrennab.com/banner/in/show/?mid=134244926&pid=0&site=68623&sc=DE&usage_type=DCH&subid=1923670762&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=1... https://btds.zog.link/in/912/?sid=68623&source=1923670762&idzone=0&w=300&h=600&mo=&ve=&site_id=68623&utm1=&utm2=&utm3=&utm4=&ad_tags=Bula%2C(2022)%2C%E2%80%93%2CKURAKURA21%20&spot_id=68623&p=http%3... https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),%E2%80%93,KURAKURA21	2 KB 1 KB	82ms 20ms	Document text/html	45.133.44.25 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),%E2%80%93,KURAKURA21 Requested by Host: a82bd1cbd4.24f6bf5f7e.com URL: https://a82bd1cbd4.24f6bf5f7e.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImEiLCJpZCI6MTk0Niwic3BhY2VpZCI6MTk0NiwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJ1bGElMkMoMjAyMiklMkMlRTIlODAlOTMlMkNLVVJBS1VSQTIxJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTkyMzY3MDc2MiIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjY4NjIzLCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjozMDEsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6Mn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjYwMH19XSwic2l0ZSI6eyJpZCI6IjY4NjIzIiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwOi8vMTU3LjIzMC40MS4yMzYvYnVsYS0yMDIyLyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YjUxYjJkMTIxMDE4OGE0M2MyMTI4OWQwMWMwMDEzMiJ9LCJleHQiOnsiZHQiOjE2NjMxNjgzNDEyMTB9fQ== Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 127f9cb86173cbb76a6daf122cc40bf9eb8dd10587e70b5b9846a4c644b2c0bf Request headers Referer https://a82bd1cbd4.24f6bf5f7e.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control max-age=3600 content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 14 Sep 2022 15:12:25 GMT etag W/"6d1-5d586a65beaff" expires Wed, 14 Sep 2022 16:12:25 GMT last-modified Fri, 14 Jan 2022 08:32:56 GMT server nginx/1.20.1 x-proxy-cache MISS x-request-id 10cc90d70d6d594fa7179a6b93b4dc31 Redirect headers cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Wed, 14 Sep 2022 15:12:24 GMT location https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),–,KURAKURA21 pragma no-cache server nginx/1.20.1 vary *
GET H2	200	vast.js Show response ssl.p.jwpcdn.com/player/plugins/vast/v/8.6.2/ Frame 3005	97 KB 29 KB	46ms 11ms	Script text/plain	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/plugins/vast/v/8.6.2/vast.js Requested by Host: sbspeed.com URL: https://sbspeed.com/player8/jwplayer.8.9.5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash aefc93f4bf98a3a7723ed305b8b4908d96f397ffe181df18f5ecefc2678818a7 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding gzip age 15255304 x-cache HIT content-length 29852 via 1.1 varnish x-served-by cache-hhn4035-HHN last-modified Mon, 22 Jul 2019 14:32:16 GMT server AmazonS3 x-timer S1663168345.396934,VS0,VE0 etag "55abdca282a2f0a96bcde67204eb6a40" vary Accept-Encoding content-type text/plain access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 50818
GET H2	200	jwpsrv.js Show response ssl.p.jwpcdn.com/player/v/8.9.5/ Frame 3005	58 KB 17 KB	52ms 17ms	Script application/javascript	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.9.5/jwpsrv.js Requested by Host: sbspeed.com URL: https://sbspeed.com/player8/jwplayer.8.9.5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 917650b0b99dcfa1360b8ace75ab13d3278e88506985af114193d3611febaac5 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT via 1.1 varnish age 1068 x-cache HIT content-encoding gzip content-length 17400 x-served-by cache-hhn4035-HHN last-modified Wed, 25 Nov 2020 15:46:32 GMT server AmazonS3 x-timer S1663168345.397432,VS0,VE0 etag "dc6ac994f6a929ba177587504ee3c159" vary Accept-Encoding content-type application/javascript access-control-allow-origin * accept-ranges bytes x-cache-hits 55
GET H2	200	jwplayer.core.controls.js Show response ssl.p.jwpcdn.com/player/v/8.9.5/ Frame 3005	272 KB 66 KB	45ms 12ms	Script application/javascript	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.9.5/jwplayer.core.controls.js Requested by Host: sbspeed.com URL: https://sbspeed.com/player8/jwplayer.8.9.5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a3db025e4faa2e904c5b99522f90205bbc5d9f0d43a42916eec2e6d2ffa8b06e Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding gzip age 2466994 x-cache HIT content-length 67405 via 1.1 varnish x-served-by cache-hhn4035-HHN last-modified Fri, 26 Jul 2019 21:30:49 GMT server AmazonS3 x-timer S1663168345.397402,VS0,VE0 etag "1a9869122184328930c8b5dcb9124cc0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 78225
GET H3	200	jquery-1.4.3.min.js Show response sbspeed.com/assets/jquery/ Frame 3005	5 KB 2 KB	169ms 168ms	Script text/javascript	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/assets/jquery/jquery-1.4.3.min.js?v=2&type=mainstream Requested by Host: sbspeed.com URL: https://sbspeed.com/js/app.min.3.js?v=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9abef9d2f68280f6b74bd43a762b28298c9304d376824f16e4a8e6cc38379688 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED last-modified Wed, 14 Sep 2022 15:12:23 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4Obuj1LMjapdJl5awArUW9uFw97bHyQA2pnnRqaCKilkimdHd7SrCvXb%2Fc1Y8Fq%2F6qmks4vd4gNTW7U8z8pnFk7h6rNT6ghMaGTd9IxgfvUFA50XOhpXmfMvjGFml2WjSahMsuE7eLe3A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control max-age=14400 cf-ray 74aa0f8e8e299a33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block expires Tue, 13 Sep 2022 15:12:25 GMT
GET H2	200	/ widgets.amung.us/draw/ Frame 3005 Redirect Chain https://whos.amung.us/swidget/streamsbm https://widgets.amung.us/draw/?w=small&n=22900&c=ffc20e000000&p=left	363 B 472 B	29ms 16ms	Image image/png	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/draw/?w=small&n=22900&c=ffc20e000000&p=left Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H2 Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f25d2555d45726a2738416e0cc85e0ea25e773f6df64abce4f4a1cd0731fd7a6 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT cf-cache-status HIT last-modified Tue, 23 Aug 2022 03:02:25 GMT server cloudflare age 1944600 vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=2678400 content-disposition filename=wau-widget.png cf-ray 74aa0f8fce2a6967-FRA expires Wed, 24 Aug 2022 03:02:25 GMT Redirect headers location https://widgets.amung.us/draw/?w=small&n=22900&c=ffc20e000000&p=left date Wed, 14 Sep 2022 15:12:25 GMT cache-control max-age=295 cf-cache-status DYNAMIC server cloudflare cf-ray 74aa0f8edcc46967-FRA content-type text/html; charset=UTF-8
GET H2	200	/ widgets.amung.us/draw/ Frame 3005 Redirect Chain https://whos.amung.us/swidget/streamsbx https://widgets.amung.us/draw/?w=small&n=75400&c=ffc20e000000&p=left	367 B 533 B	28ms 15ms	Image image/png	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/draw/?w=small&n=75400&c=ffc20e000000&p=left Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H2 Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b91c40a9d50794342a5f0a6778a129190b7b7f3ed4a54a5fdd2112aafd4b237 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT cf-cache-status HIT last-modified Sat, 10 Sep 2022 14:57:26 GMT server cloudflare age 346499 vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=2678400 content-disposition filename=wau-widget.png cf-ray 74aa0f8fce286967-FRA expires Sun, 11 Sep 2022 14:57:26 GMT Redirect headers location https://widgets.amung.us/draw/?w=small&n=75400&c=ffc20e000000&p=left date Wed, 14 Sep 2022 15:12:25 GMT cache-control max-age=295 cf-cache-status DYNAMIC server cloudflare cf-ray 74aa0f8edcc86967-FRA content-type text/html; charset=UTF-8
GET H2	200	provider.hlsjs.js Show response ssl.p.jwpcdn.com/player/v/8.9.5/ Frame 3005	307 KB 86 KB	40ms 12ms	Script application/javascript	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Requested by Host: sbspeed.com URL: https://sbspeed.com/player8/jwplayer.8.9.5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 35373276dcac97c7c7a39cc6d56e71d86e586cd305f59834d5c2b2a0741e4d72 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding gzip age 27788058 x-cache HIT content-length 87639 via 1.1 varnish x-served-by cache-hhn4035-HHN last-modified Fri, 26 Jul 2019 21:30:52 GMT server AmazonS3 x-timer S1663168345.397393,VS0,VE0 etag "c1b935a682ff8774bd95d07321409839" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 78779
GET H3	200	js Show response www.googletagmanager.com/gtag/ Frame 3005	207 KB 73 KB	127ms 48ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LKBMYHCW0K&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-166622646-1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0bfa2bdd738582edfbfa0c6b756c587243f09a98b6733768fcc09199b4516c3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 74630 x-xss-protection 0 expires Wed, 14 Sep 2022 15:12:25 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 3005	49 KB 20 KB	118ms 36ms	Script text/javascript	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-166622646-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 6987 date Wed, 14 Sep 2022 13:15:58 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 14 Sep 2022 15:15:58 GMT
GET H2	200	1 Show response mc.yandex.com/watch/64815175/ Frame 3005 Redirect Chain https://mc.yandex.com/watch/64815175?wmode=7&page-url=https%3A%2F%2Fsbspeed.com%2Fe%2Fyu68suy3okrf.html%3Fposter%3Dhttp%3A%2F%2F157.230.41.236%2Fwp-content%2Fuploads%2F2022%2F09%2FQ71kmkvWYF6Zclq1I... https://mc.yandex.com/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsbspeed.com%2Fe%2Fyu68suy3okrf.html%3Fposter%3Dhttp%3A%2F%2F157.230.41.236%2Fwp-content%2Fuploads%2F2022%2F09%2FQ71kmkvWYF6Zclq...	439 B 521 B	51ms 50ms	XHR application/json	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsbspeed.com%2Fe%2Fyu68suy3okrf.html%3Fposter%3Dhttp%3A%2F%2F157.230.41.236%2Fwp-content%2Fuploads%2F2022%2F09%2FQ71kmkvWYF6Zclq1Ie5R7nm75m.jpg&page-ref=http%3A%2F%2F157.230.41.236%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1141030544838%3Ahid%3A90666593%3Az%3A0%3Ai%3A20220914151221%3Aet%3A1663168342%3Ac%3A1%3Arn%3A21446880%3Arqn%3A1%3Au%3A1663168342750134865%3Aw%3A790x444%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1663168340845%3Ads%3A14%2C26%2C210%2C44%2C0%2C0%2C%2C165%2C0%2C%2C%2C%2C461%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663168342%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29 Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash ba326637dc2258212190c35179887868e257a8471270944b1e15a350fcb7f621 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers pragma no-cache date Wed, 14 Sep 2022 15:12:25 GMT x-content-type-options nosniff last-modified Wed, 14-Sep-2022 15:12:25 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://sbspeed.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 439 x-xss-protection 1; mode=block expires Wed, 14-Sep-2022 15:12:25 GMT Redirect headers pragma no-cache date Wed, 14 Sep 2022 15:12:25 GMT last-modified Wed, 14-Sep-2022 15:12:25 GMT location /watch/64815175/1?wmode=7&page-url=https%3A%2F%2Fsbspeed.com%2Fe%2Fyu68suy3okrf.html%3Fposter%3Dhttp%3A%2F%2F157.230.41.236%2Fwp-content%2Fuploads%2F2022%2F09%2FQ71kmkvWYF6Zclq1Ie5R7nm75m.jpg&page-ref=http%3A%2F%2F157.230.41.236%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9uxrt4ak4xk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1141030544838%3Ahid%3A90666593%3Az%3A0%3Ai%3A20220914151221%3Aet%3A1663168342%3Ac%3A1%3Arn%3A21446880%3Arqn%3A1%3Au%3A1663168342750134865%3Aw%3A790x444%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1663168340845%3Ads%3A14%2C26%2C210%2C44%2C0%2C0%2C%2C165%2C0%2C%2C%2C%2C461%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1663168342%3At%3A&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29 strict-transport-security max-age=31536000 access-control-allow-origin https://sbspeed.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Wed, 14-Sep-2022 15:12:25 GMT
GET H2	200	advert.gif mc.yandex.com/metrika/ Frame 3005	43 B 112 B	61ms 53ms	Image image/gif	2a02:6b8::1:119 GLOBAL_DC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT last-modified Wed, 14 Sep 2022 08:56:32 GMT etag "63216d10-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Wed, 14 Sep 2022 16:12:25 GMT
GET DATA	200 OK	truncated / Frame 3005	253 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ac948c688f91a59a668b92b5762922afc5e9f8f143c8cf65c5e510ae1ceaef92 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/svg+xml;charset=UTF-8
GET H2	400	GCCG.json Show response entitlements.jwplayer.com/ Frame 3005	71 B 227 B	51ms 7ms	XHR application/json	152.199.22.243 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://entitlements.jwplayer.com/GCCG.json Requested by Host: sbspeed.com URL: https://sbspeed.com/player8/jwplayer.8.9.5.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.22.243 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frd/E31E) / Resource Hash f28df38bea81995fd78f9077bff2dfc9d60ee13b8c414bc426c61c0e1b0bee86 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT last-modified Wed, 14 Sep 2022 10:12:14 GMT server ECAcc (frd/E31E) age 18011 x-cache 400-HIT content-type application/json access-control-allow-origin * cache-control max-age=1800, s-maxage=7440 accept-ranges bytes content-length 71
GET H3	200	logo.png sbspeed.com/streamSB_images/ Frame 3005	3 KB 3 KB	24ms 23ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://sbspeed.com/streamSB_images/logo.png Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e99d7e9b8e38754caf45ffa67940a03306b3cca016a7dffaba71d2ccdfcd7f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7018 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2565 x-xss-protection 1; mode=block last-modified Fri, 19 Feb 2021 18:46:45 GMT server cloudflare etag "a05-5bbb4dfb14f40" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUrUl6nK5MP8HJyb0SWojOP3H8rns7hfmfXDMc8%2Bhvh2BWofuEAK5wx0q3ShWXcSAH6JEGiYtSyyCSZUedTbNJtMzygSmuV6EjZoaW%2F7%2FRvYaOS6G2whog21TMTUxdql1RSnrceYsi6Fig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 74aa0f8f4f9f9a33-FRA
GET H3	200	dl Show response sbspeed.com/ Frame 3005	10 KB 11 KB	162ms 161ms	XHR text/vtt	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/dl?op=get_slides&length=6248&url=https://akamai-images-content.com/yu68suy3okrf0000.jpg Requested by Host: sbspeed.com URL: https://sbspeed.com/player8/jwplayer.8.9.5.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c558b744d96bf5cd62d82bcb74fae639f05649e8a8d8a850ad729e43528b8e11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbtx240SK%2B56tU9AUCKYMV0RTTqcjOLjKr0H3q6Neg%2FqwNzx2mLGbLzU7VyBRmxQW3p5lbjK05MWNQudNhSf4Na6dHXlMFB0Hwf%2F5s7H50TPNpCHnb%2FN%2B7TThP%2FnEnwUPTDApWFefd9MPw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/vtt cf-ray 74aa0f8f5fe09a33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block
GET H3	200	dl Show response sbspeed.com/ Frame 3005	4 B 444 B	177ms 177ms	XHR text/html	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://sbspeed.com/dl?op=view&file_code=yu68suy3okrf&hash=35734842-0-0-1663168345-7a0a1e1d3f29d27943f1bb19605c8e6b&embed=1&adb=0&ref_url=http://157.230.41.236/ Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/axios/0.22.0/axios.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9ca10b9f6d8a7429bce882427e656ff55e93e7738cf72d258df76b3c42c8b81 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EY7SWcWy79XYAor7SIT%2BQjRb7mlW7JdohyTeEPZmE9UpecfuhGxxsBzXnyiv7sLHLITOA2AtYTbdQceMghwlDtgRx8wdEyfAghg%2BYsuOX4Q3SMCUD02AF%2Bn5%2FMDScsRAU1LRJ%2F1CsmatXw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cf-ray 74aa0f8f6ff89a33-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block
GET H2	200	provider.cast.js Show response ssl.p.jwpcdn.com/player/v/8.9.5/ Frame 3005	23 KB 8 KB	6ms 6ms	Script application/javascript	2a04:4e42:400::626 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.cast.js Requested by Host: sbspeed.com URL: https://sbspeed.com/player8/jwplayer.8.9.5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash cdaa867ff832e7fbbf250e9e7760531e9dc7703bd40dd5098a93285c5b12a681 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding gzip age 25976385 x-cache HIT content-length 8296 via 1.1 varnish x-served-by cache-hhn4035-HHN last-modified Fri, 26 Jul 2019 21:30:51 GMT server AmazonS3 x-timer S1663168346.508752,VS0,VE0 etag "855779eadc2ba9edeae10689583698e7" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, immutable accept-ranges bytes x-cache-hits 45579
GET H/1.1	200 OK	master.m3u8 Show response delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_,l,n,.urlset/ Frame 3005	1 KB 794 B	58ms 14ms	XHR application/vnd.apple.mpegurl	213.152.184.145 GLOBALLAYER
General Check archive.org Show headers Download Go to Full URL https://delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_,l,n,.urlset/master.m3u8?t=feGXgwi9YVeg_uke5cCRRdI9O6MKVPdNhZJqNp0ETpk&s=1663168345&e=10800&f=35734842&srv=sto187&client=0.0.0.78 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.152.184.145 , Netherlands, ASN49453 (GLOBALLAYER, NL), Reverse DNS Software nginx / Resource Hash ae1126c2a1f94020d908c1467342761ad16ef9e41f8c7e9d2b859eae52f0adfe Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Content-Encoding gzip Last-Modified Wed, 14 Sep 2022 15:12:25 GMT Server nginx X-Cache-Status HIT Transfer-Encoding chunked Content-Type application/vnd.apple.mpegurl Access-Control-Allow-Origin * Cache-Control max-age=8640000, public, no-transform Connection keep-alive Expires Fri, 23 Dec 2022 01:10:59 GMT
GET H2	404	Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg 157.230.41.236/wp-content/uploads/2022/09/ Frame 3005	0 0	732ms 361ms	Image text/html	157.230.41.236 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 157.230.41.236 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers
GET H2	200	00394b71264946e5bf58746cefe5435f.html Show response tsyndicate.com/iframes2/ Frame CBC6	6 KB 3 KB	83ms 46ms	Document text/html	136.243.81.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1923670762&categories=Bula,(2022),%E2%80%93,KURAKURA21 Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.81.150 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.81.243.136.clients.your-server.de Software nginx / Resource Hash 7c7b7fc843c58212f5bdcff72a052b26ae54d36b04b4c1e0e929dacc72d769b9 Request headers Referer https://cdn.tubecorp.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Wed, 14 Sep 2022 15:12:25 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 54f6ce905b36e414 x-robots-tag none noindex, nofollow
GET H2	200	ecaaabf53036409d9c39b44bec79a69d.html Show response tsyndicate.com/iframes2/ Frame 6581	6 KB 3 KB	83ms 46ms	Document text/html	136.243.81.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1923670762&categories=Bula,(2022),%E2%80%93,KURAKURA21 Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.81.150 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.81.243.136.clients.your-server.de Software nginx / Resource Hash 8cd7793fe93c106e4842561ecac8d406438c8bd66ec277ec467519f07d806ea8 Request headers Referer https://cdn.tubecorp.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Wed, 14 Sep 2022 15:12:25 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id ed927e2fc81a5bed x-robots-tag none noindex, nofollow
GET H2	200	00394b71264946e5bf58746cefe5435f.html Show response tsyndicate.com/iframes2/ Frame 3695	6 KB 3 KB	82ms 47ms	Document text/html	136.243.81.150 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1923670762&categories=Bula,(2022),%E2%80%93,KURAKURA21 Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.81.150 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.150.81.243.136.clients.your-server.de Software nginx / Resource Hash b88f17fa93a558a67305c707b50ddbed25004bda57671caf62fe0e4c9a4778c5 Request headers Referer https://cdn.tubecorp.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, no-transform, must-revalidate no-transform content-encoding gzip content-type text/html; charset=utf-8 date Wed, 14 Sep 2022 15:12:25 GMT expires 0 link <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script pragma no-cache report-to { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } server nginx vary Accept-Encoding * x-api-version 2 x-request-id 8a1610898790e40d x-robots-tag none noindex, nofollow
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 3005	4 KB 3 KB	152ms 67ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1 Requested by Host: sbspeed.com URL: https://sbspeed.com/player8/jwplayer.8.9.5.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 14 Sep 2022 15:12:25 GMT
GET H/1.1	200 OK	index-v1-a1.m3u8 Show response delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_l/ Frame 3005	128 KB 3 KB	15ms 14ms	XHR application/vnd.apple.mpegurl	213.152.184.145 GLOBALLAYER
General Check archive.org Show headers Download Go to Full URL https://delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_l/index-v1-a1.m3u8?t=feGXgwi9YVeg_uke5cCRRdI9O6MKVPdNhZJqNp0ETpk&s=1663168345&e=10800&f=35734842&srv=sto187&client=0.0.0.78 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.152.184.145 , Netherlands, ASN49453 (GLOBALLAYER, NL), Reverse DNS Software nginx / Resource Hash d48fe2779616289a25ca2c8908fd030bc076e5b1af61e482fa86d674e59ce6b3 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Content-Encoding gzip Last-Modified Wed, 14 Sep 2022 15:12:25 GMT Server nginx X-Cache-Status HIT Transfer-Encoding chunked Content-Type application/vnd.apple.mpegurl Access-Control-Allow-Origin * Cache-Control max-age=8640000, public, no-transform Connection keep-alive Expires Fri, 23 Dec 2022 01:10:59 GMT
GET H/1.1	200 OK	seg-1-v1-a1.ts Show response delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_l/ Frame 3005	397 KB 397 KB	28ms 28ms	XHR video/mp2t	213.152.184.145 GLOBALLAYER
General Check archive.org Show headers Download Go to Full URL https://delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_l/seg-1-v1-a1.ts?t=feGXgwi9YVeg_uke5cCRRdI9O6MKVPdNhZJqNp0ETpk&s=1663168345&e=10800&f=35734842&srv=sto187&client=0.0.0.78 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.152.184.145 , Netherlands, ASN49453 (GLOBALLAYER, NL), Reverse DNS Software nginx / Resource Hash 34a0a3b2662e9cced0f51256d01eea8086a1506a8bf71e0907f8153d89508abc Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Sun, 19 Nov 2000 08:52:00 GMT Server nginx ETag "5f693e80-633b8" X-Cache-Status HIT Content-Type video/MP2T Access-Control-Allow-Origin * Cache-Control max-age=8640000, public, no-transform Connection keep-alive Accept-Ranges bytes Content-Length 406456 Expires Fri, 23 Dec 2022 01:11:00 GMT
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame CBC6	8 KB 3 KB	130ms 19ms	Script application/javascript	8.249.61.242 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.249.61.242 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 7553acd7d60bb34b871df81991e5cc5bdbe0c9fd03b8111ff793cc8f23e63547 Request headers accept-language de-DE,de;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding gzip last-modified Tue, 22 Feb 2022 13:07:15 GMT server nginx age 16434082 etag W/"6214e003-1eb1" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2808
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 6581	8 KB 3 KB	123ms 19ms	Script application/javascript	8.249.61.242 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.249.61.242 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 7553acd7d60bb34b871df81991e5cc5bdbe0c9fd03b8111ff793cc8f23e63547 Request headers accept-language de-DE,de;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding gzip last-modified Tue, 22 Feb 2022 13:07:15 GMT server nginx age 16434082 etag W/"6214e003-1eb1" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2808
GET H2	200	b.b.js Show response lcdn.tsyndicate.com/sdk/v1/ Frame 3695	8 KB 3 KB	117ms 20ms	Script application/javascript	8.249.61.242 LEVEL3
General Check archive.org Show headers Download Go to Full URL https://lcdn.tsyndicate.com/sdk/v1/b.b.js Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/caban/300x600_a.html?source=1923670762&ad_tags=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.249.61.242 , United States, ASN3356 (LEVEL3, US), Reverse DNS Software nginx / Resource Hash 7553acd7d60bb34b871df81991e5cc5bdbe0c9fd03b8111ff793cc8f23e63547 Request headers accept-language de-DE,de;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT content-encoding gzip last-modified Tue, 22 Feb 2022 13:07:15 GMT server nginx age 16434082 etag W/"6214e003-1eb1" vary Accept-Encoding content-type application/javascript accept-ranges bytes x-robots-tag noindex, nofollow content-length 2808
GET BLOB	200 OK	e1a8bf18-43fd-4ff2-85e5-9914e4f71972 https://sbspeed.com/ Frame 3005	66 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://sbspeed.com/e1a8bf18-43fd-4ff2-85e5-9914e4f71972 Requested by Host: sbspeed.com URL: https://sbspeed.com/e/yu68suy3okrf.html?poster=http://157.230.41.236/wp-content/uploads/2022/09/Q71kmkvWYF6Zclq1Ie5R7nm75m.jpg Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 0650272a2cfb2751300ae0612286f03aac9c9bdcca8a574ebb5e52bfaf746243 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Length 68010 Content-Type text/javascript
GET H/1.1	200 OK	index-v1-a1.m3u8 Show response delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_n/ Frame 3005	128 KB 3 KB	15ms 14ms	XHR application/vnd.apple.mpegurl	213.152.184.145 GLOBALLAYER
General Check archive.org Show headers Download Go to Full URL https://delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_n/index-v1-a1.m3u8?t=feGXgwi9YVeg_uke5cCRRdI9O6MKVPdNhZJqNp0ETpk&s=1663168345&e=10800&f=35734842&srv=sto187&client=0.0.0.78 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.152.184.145 , Netherlands, ASN49453 (GLOBALLAYER, NL), Reverse DNS Software nginx / Resource Hash e04da2c903425b1dc77243743d3e0eae54859bb2402ab4a4a5b429b728ccb2b2 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Content-Encoding gzip Last-Modified Wed, 14 Sep 2022 15:12:25 GMT Server nginx X-Cache-Status HIT Transfer-Encoding chunked Content-Type application/vnd.apple.mpegurl Access-Control-Allow-Origin * Cache-Control max-age=8640000, public, no-transform Connection keep-alive Expires Fri, 23 Dec 2022 01:35:46 GMT
GET H/1.1	200 OK	seg-1-v1-a1.ts Show response delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_n/ Frame 3005	758 KB 759 KB	16ms 16ms	XHR video/mp2t	213.152.184.145 GLOBALLAYER
General Check archive.org Show headers Download Go to Full URL https://delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_n/seg-1-v1-a1.ts?t=feGXgwi9YVeg_uke5cCRRdI9O6MKVPdNhZJqNp0ETpk&s=1663168345&e=10800&f=35734842&srv=sto187&client=0.0.0.78 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.152.184.145 , Netherlands, ASN49453 (GLOBALLAYER, NL), Reverse DNS Software nginx / Resource Hash ce8f425c43656ae446bc985a95917556297d22b433448c72f6b03b28e099e250 Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Sun, 19 Nov 2000 08:52:00 GMT Server nginx ETag "5f693e80-bd8f8" X-Cache-Status HIT Content-Type video/MP2T Access-Control-Allow-Origin * Cache-Control max-age=8640000, public, no-transform Connection keep-alive Accept-Ranges bytes Content-Length 776440 Expires Fri, 23 Dec 2022 01:35:47 GMT
GET H2	200	10005363 Show response a.adtng.com/get/ Frame 51AF	21 KB 9 KB	68ms 17ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=sa2c0ArUrzNWTtEtWt1kbAA3pXyM9UQDrfOb9ygvK-VIpjy94cB-XR-dm7Hk60wMDHx-h9QI2deRPx9-DmVMsbpWm0dLPlUMNFC33EVJNOJ809UGJcN1_6c_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1923670762&categories=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash 193904e7b0d36a087ce0d8ca26ce884e229d8c0bc66633f511d9ab3b1e7d2828 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Wed, 14 Sep 2022 15:12:25 GMT server openresty x-request-id 6321EF59-42FE72AB01BB10D78-27A4CD25
GET H2	200	10010242 Show response a.adtng.com/get/ Frame BD5E	4 KB 2 KB	66ms 16ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10010242?time=1592492288727&atc=417096&apb=kKsW6neL63eYncad6DKDjdlumQSbSEnigigajgeucqcLSDcHLxlSSshqBGBdpk0ilXsYg3qkB3NC9_wwT9QQJmlRofa2nxQmzBHG1IaHauo_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1923670762&categories=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash ca902dd7f817e9f558003161b324c6375886ed3719812edc8203f0f956dd1453 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Wed, 14 Sep 2022 15:12:25 GMT server openresty x-request-id 6321EF59-42FE72AB01BB10D78-27A4CD26
GET H2	200	10005363 Show response a.adtng.com/get/ Frame D25F	21 KB 9 KB	67ms 18ms	Document text/html	66.254.114.171 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=t_ZMXkFd1JX_9gHVrmVuAAoA0vmtFnEHff04ubOP4QCADX5HcZbdyEaQHVub6Bde80dvzfsIDGhHbCzvNCy5-Mjp1FyyVuRnM-wUc5jkpfoXtlCg3vOd2HM_gUIDRUi Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1923670762&categories=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 66.254.114.171 , United States, ASN29789 (REFLECTED, US), Reverse DNS reflectededge.reflected.net Software openresty / Resource Hash ac7d0d589356d485930cca4027bfb499d625f63c9e3845a02ac4d492ed87ae82 Request headers Referer https://tsyndicate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET content-encoding gzip content-type text/html date Wed, 14 Sep 2022 15:12:25 GMT server openresty x-request-id 6321EF59-42FE72AB01BB10D78-27A4CD28
GET H/1.1	200 OK	seg-2-v1-a1.ts Show response delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_n/ Frame 3005	462 KB 462 KB	15ms 14ms	XHR video/mp2t	213.152.184.145 GLOBALLAYER
General Check archive.org Show headers Download Go to Full URL https://delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_n/seg-2-v1-a1.ts?t=feGXgwi9YVeg_uke5cCRRdI9O6MKVPdNhZJqNp0ETpk&s=1663168345&e=10800&f=35734842&srv=sto187&client=0.0.0.78 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.152.184.145 , Netherlands, ASN49453 (GLOBALLAYER, NL), Reverse DNS Software nginx / Resource Hash 39525e3c3d05e3411fbb60b669c22794560d790321205466cdc0c9c59394fc8c Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Sun, 19 Nov 2000 08:52:00 GMT Server nginx ETag "5f693e80-73638" X-Cache-Status HIT Content-Type video/MP2T Access-Control-Allow-Origin * Cache-Control max-age=8640000, public, no-transform Connection keep-alive Accept-Ranges bytes Content-Length 472632 Expires Fri, 23 Dec 2022 01:35:48 GMT
GET H/1.1	200 OK	seg-3-v1-a1.ts Show response delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_n/ Frame 3005	744 KB 744 KB	14ms 14ms	XHR video/mp2t	213.152.184.145 GLOBALLAYER
General Check archive.org Show headers Download Go to Full URL https://delivery390.akamai-cdn-content.com/hls2/01/07128/g8i2lj3eij5b_n/seg-3-v1-a1.ts?t=feGXgwi9YVeg_uke5cCRRdI9O6MKVPdNhZJqNp0ETpk&s=1663168345&e=10800&f=35734842&srv=sto187&client=0.0.0.78 Requested by Host: ssl.p.jwpcdn.com URL: https://ssl.p.jwpcdn.com/player/v/8.9.5/provider.hlsjs.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.152.184.145 , Netherlands, ASN49453 (GLOBALLAYER, NL), Reverse DNS Software nginx / Resource Hash 73269db2a6354d9c52f6d01a74204ea7139193e297bef201f142d412a66b78dd Request headers accept-language de-DE,de;q=0.9 Referer https://sbspeed.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Sun, 19 Nov 2000 08:52:00 GMT Server nginx ETag "5f693e80-b9e38" X-Cache-Status HIT Content-Type video/MP2T Access-Control-Allow-Origin * Cache-Control max-age=8640000, public, no-transform Connection keep-alive Accept-Ranges bytes Content-Length 761400 Expires Fri, 23 Dec 2022 01:35:49 GMT
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame BD5E	5 KB 5 KB	103ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=417096&apb=kKsW6neL63eYncad6DKDjdlumQSbSEnigigajgeucqcLSDcHLxlSSshqBGBdpk0ilXsYg3qkB3NC9_wwT9QQJmlRofa2nxQmzBHG1IaHauo_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language de-DE,de;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1663168345.dop230.am5.t,1663168345.cds227.am5.shn,1663168345.cds227.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10606686 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H/1.1	200 OK	976628_banner.gif hw-cdn2.adtng.com/a7/creatives/21/120/802514/976628/ Frame BD5E	277 KB 277 KB	106ms 17ms	Image image/gif	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/21/120/802514/976628/976628_banner.gif Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=417096&apb=kKsW6neL63eYncad6DKDjdlumQSbSEnigigajgeucqcLSDcHLxlSSshqBGBdpk0ilXsYg3qkB3NC9_wwT9QQJmlRofa2nxQmzBHG1IaHauo_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash d07a8b7f130f2323cac40d769e9787e4392a40945efae58ad2999642543663ce Request headers accept-language de-DE,de;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Wed, 25 Nov 2020 19:23:22 GMT ETag "1606332202" X-HW 1663168345.dop210.am5.t,1663168345.cds232.am5.shn,1663168345.dop210.am5.t,1663168345.cds235.am5.c Content-Type image/gif Access-Control-Allow-Origin * Cache-Control max-age=10628114 Connection Keep-Alive Accept-Ranges bytes Content-Length 283356
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame BD5E	16 KB 17 KB	18ms 17ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10010242?time=1592492288727&atc=417096&apb=kKsW6neL63eYncad6DKDjdlumQSbSEnigigajgeucqcLSDcHLxlSSshqBGBdpk0ilXsYg3qkB3NC9_wwT9QQJmlRofa2nxQmzBHG1IaHauo_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language de-DE,de;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1663168345.dop133.am5.t,1663168345.cds301.am5.shn,1663168345.dop133.am5.t,1663168345.cds277.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10434140 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	vortex-simple-1.0.0.js Show response ht-cdn2.adtng.com/delivery/vortex/ Frame 51AF	5 KB 5 KB	648ms 15ms	Script application/javascript	67.22.50.19 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=sa2c0ArUrzNWTtEtWt1kbAA3pXyM9UQDrfOb9ygvK-VIpjy94cB-XR-dm7Hk60wMDHx-h9QI2deRPx9-DmVMsbpWm0dLPlUMNFC33EVJNOJ809UGJcN1_6c_gUIDRUi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.22.50.19 , Netherlands, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language de-DE,de;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:26 GMT last-modified Fri, 02 Nov 2018 14:17:11 GMT etag "246e3e2f0-13a3-579af30f2a7c0" vary Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=10760514 x-cdn-diag mil1-25002-2-18057-h-0-0---;25001-15-905----0-0-1 accept-ranges bytes content-length 5027 expires Sun, 10 Apr 2022 23:31:34 GMT
GET H/1.1	200 OK	1027236_logo.png hw-cdn2.adtng.com/a7/creatives/24/124/814208/1027236/ Frame 51AF	3 KB 4 KB	98ms 18ms	Image image/png	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://hw-cdn2.adtng.com/a7/creatives/24/124/814208/1027236/1027236_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=sa2c0ArUrzNWTtEtWt1kbAA3pXyM9UQDrfOb9ygvK-VIpjy94cB-XR-dm7Hk60wMDHx-h9QI2deRPx9-DmVMsbpWm0dLPlUMNFC33EVJNOJ809UGJcN1_6c_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 530eeb89457746b4902702ebce75ce75a441f7812a48109aa585204c80cdef03 Request headers accept-language de-DE,de;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Wed, 23 Mar 2022 20:06:23 GMT ETag "1648065983" X-HW 1663168345.dop133.am5.t,1663168345.cds301.am5.shn,1663168345.dop133.am5.t,1663168345.cds126.am5.c Content-Type image/png Access-Control-Allow-Origin * Cache-Control max-age=10785914 Connection Keep-Alive Accept-Ranges bytes Content-Length 3236
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame 51AF	16 KB 17 KB	15ms 14ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=sa2c0ArUrzNWTtEtWt1kbAA3pXyM9UQDrfOb9ygvK-VIpjy94cB-XR-dm7Hk60wMDHx-h9QI2deRPx9-DmVMsbpWm0dLPlUMNFC33EVJNOJ809UGJcN1_6c_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language de-DE,de;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1663168345.dop001.am5.t,1663168345.cds210.am5.shn,1663168345.dop001.am5.t,1663168345.cds288.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10580146 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H/1.1	200 OK	vortex-simple-1.0.0.js Show response hw-cdn2.adtng.com/delivery/vortex/ Frame D25F	5 KB 5 KB	96ms 16ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/vortex/vortex-simple-1.0.0.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=t_ZMXkFd1JX_9gHVrmVuAAoA0vmtFnEHff04ubOP4QCADX5HcZbdyEaQHVub6Bde80dvzfsIDGhHbCzvNCy5-Mjp1FyyVuRnM-wUc5jkpfoXtlCg3vOd2HM_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c Request headers accept-language de-DE,de;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Fri, 02 Nov 2018 14:17:11 GMT ETag "1541168231" X-HW 1663168345.dop001.am5.t,1663168345.cds210.am5.shn,1663168345.dop001.am5.t,1663168345.cds288.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10798129 Connection Keep-Alive Accept-Ranges bytes Content-Length 5027
GET H2	200	1040423_logo.png ht-cdn2.adtng.com/a7/creatives/1/49/814954/1040423/ Frame D25F	3 KB 4 KB	648ms 15ms	Image image/png	67.22.50.19 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://ht-cdn2.adtng.com/a7/creatives/1/49/814954/1040423/1040423_logo.png Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=t_ZMXkFd1JX_9gHVrmVuAAoA0vmtFnEHff04ubOP4QCADX5HcZbdyEaQHVub6Bde80dvzfsIDGhHbCzvNCy5-Mjp1FyyVuRnM-wUc5jkpfoXtlCg3vOd2HM_gUIDRUi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.22.50.19 , Netherlands, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash ba89161f62c517bdd776996943f3e26ed2b92d749178f1c24da07c8db904e27c Request headers accept-language de-DE,de;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:26 GMT last-modified Tue, 23 Aug 2022 14:16:23 GMT etag "d12-5e6e935817bc0" access-control-allow-methods GET,HEAD,OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=10588427 x-cdn-diag mil1-25001-2-65294-h-0-0---;25001-15-905----0-0-0 accept-ranges bytes content-length 3346 expires Tue, 27 Dec 2022 04:20:10 GMT
GET H/1.1	200 OK	IntersectionObserver.js Show response hw-cdn2.adtng.com/delivery/intersection_observer/ Frame D25F	16 KB 17 KB	19ms 18ms	Script application/javascript	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=t_ZMXkFd1JX_9gHVrmVuAAoA0vmtFnEHff04ubOP4QCADX5HcZbdyEaQHVub6Bde80dvzfsIDGhHbCzvNCy5-Mjp1FyyVuRnM-wUc5jkpfoXtlCg3vOd2HM_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash 6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356 Request headers accept-language de-DE,de;q=0.9 Referer https://a.adtng.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Date Wed, 14 Sep 2022 15:12:25 GMT Last-Modified Tue, 05 Apr 2022 20:54:54 GMT ETag "1649192094" X-HW 1663168345.dop230.am5.t,1663168345.cds227.am5.shn,1663168345.cds227.am5.c Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=10694741 Connection Keep-Alive Accept-Ranges bytes Content-Length 16885
GET H2	200	IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp static.bookmsg.com/creatives/IN/ Redirect Chain https://ba8ebf97e3.24f6bf5f7e.com/in/show/?mid=308098527&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1774807143&sid=387230069&cid=2766&price=0.0003453207105398178&is_cpm=0&cpm=0&ecpm=0.... https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp	790 B 947 B	22ms 13ms	Image image/webp	88.198.200.20 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Server 88.198.200.20 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-200-20.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT last-modified Tue, 24 Nov 2020 14:20:43 GMT server nginx/1.18.0 etag "5fbd16bb-316" content-type image/webp cache-control public, max-age=315360000 accept-ranges bytes content-length 790 Redirect headers pragma no-cache date Wed, 14 Sep 2022 15:12:25 GMT server nginx/1.18.0 access-control-allow-origin * vary Origin access-control-allow-methods * location https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp static.bookmsg.com/creatives/IN/	790 B 948 B	53ms 12ms	Image image/webp	88.198.200.20 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.198.200.20 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-200-20.clients.your-server.de Software nginx/1.18.0 / Resource Hash e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18 Request headers accept-language de-DE,de;q=0.9 Referer http://157.230.41.236/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:25 GMT last-modified Tue, 24 Nov 2020 14:20:43 GMT server nginx/1.18.0 etag "5fbd16bb-316" content-type image/webp cache-control public, max-age=315360000 accept-ranges bytes content-length 790
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame B842	110 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 27ac1de9dfd243ae33e3e332eab4b3beea2a0840a1c9623173bb2a52b0963d58 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/png
GET H2	200	1758ae77fcdf3f74b8e7cd397123ec88.jpeg cdn.adx1.com/ Frame B842	79 KB 80 KB	66ms 13ms	Image image/jpeg	149.11.201.98 COGENT-174
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adx1.com/1758ae77fcdf3f74b8e7cd397123ec88.jpeg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 149.11.201.98 , United States, ASN174 (COGENT-174, US), Reverse DNS Software openresty/1.15.8.3 / Resource Hash 5b6f524d8097dc3279c8c479b579b9d45bfb393bc204258f28080502e9a27afc Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:26 GMT last-modified Tue, 06 Sep 2022 13:25:24 GMT server openresty/1.15.8.3 etag "63174a44-13cfc" content-type image/jpeg cache-control max-age=1209600 accept-ranges bytes content-length 81148 expires Mon, 26 Sep 2022 01:01:24 GMT
GET DATA	200 OK	truncated / Frame B842	483 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	42.jpg cdn.adx1.com/richads-icon-pack/gambling/ Frame B842 Redirect Chain https://ba8ebf97e3.24f6bf5f7e.com/in/show/?mid=308098527&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1774807143&sid=387230069&cid=13261&price=0.00792&is_cpm=0&cpm=0&ecpm=0.0135769820864... https://eu.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1663168344946-7-3674-1170808-afe5317f-43a8-a2a1-a2d1-9d8d3e66418f&img=https%3A%2F%2Fcdn.adx1.com%2Frichads-icon-pack%2Fgamblin... https://cdn.adx1.com/richads-icon-pack/gambling/42.jpg	67 KB 67 KB	16ms 16ms	Image image/jpeg	149.11.201.98 COGENT-174
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.adx1.com/richads-icon-pack/gambling/42.jpg Requested by Host: 157.230.41.236 URL: http://157.230.41.236/bula-2022/ Protocol H2 Server 149.11.201.98 , United States, ASN174 (COGENT-174, US), Reverse DNS Software openresty/1.15.8.3 / Resource Hash c728073fc2a3cd88bf64e2814ac377f75baf8bf7af65f4e89799d7b3a4a45077 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:26 GMT last-modified Tue, 14 Jun 2022 12:28:24 GMT server openresty/1.15.8.3 etag "62a87ee8-10ae3" content-type image/jpeg cache-control max-age=1209600 accept-ranges bytes content-length 68323 expires Wed, 21 Sep 2022 15:32:37 GMT Redirect headers location https://cdn.adx1.com/richads-icon-pack/gambling/42.jpg date Wed, 14 Sep 2022 15:12:26 GMT server openresty/1.15.8.3 content-length 0
GET H2	206	1040423_video.mp4 ht-cdn2.adtng.com/a7/creatives/1/49/814954/1040423/ Frame D25F	534 KB 535 KB	543ms 16ms	Media video/mp4	67.22.50.19 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://ht-cdn2.adtng.com/a7/creatives/1/49/814954/1040423/1040423_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=t_ZMXkFd1JX_9gHVrmVuAAoA0vmtFnEHff04ubOP4QCADX5HcZbdyEaQHVub6Bde80dvzfsIDGhHbCzvNCy5-Mjp1FyyVuRnM-wUc5jkpfoXtlCg3vOd2HM_gUIDRUi Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.22.50.19 , Netherlands, ASN29789 (REFLECTED, US), Reverse DNS Software / Resource Hash f78e8e104a8e2859fbeb55f99605f37496b6a268712451ece07f71a98bbe15e1 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Range bytes=0- Response headers date Wed, 14 Sep 2022 15:12:26 GMT last-modified Tue, 23 Aug 2022 14:51:14 GMT access-control-allow-origin * etag "8566a-5e6e9b2239c80" access-control-allow-methods GET,HEAD,OPTIONS content-type video/mp4 Content-Range bytes 0-546409/546410 cache-control max-age=10588427 x-cdn-diag mil1-25001-3-65342-h-0-0---;25001-15-905----0-0-0 Content-Length 546410 expires Tue, 27 Dec 2022 04:20:10 GMT
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 6581	24 B 123 B	71ms 11ms	Script text/plain	136.243.80.153 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XIsCEGxw0aMcS0sPFxTAsaM2CEaZHDhhkyLGXQuCGjDIwbNW6UsSHi4Rwxacgo1LFFRIwcMmaQvGlDhoguD8PUGZORRhgxMsLEsJGD5dKTNWas1HrjRosbWMfMwDGmxsswN3pCJGNnIdemD-HUEUNRRo4bUeHAoXg0xwyfcCbqmHHDRgzGFUWMaTNYB8gbMFpGJWNmoQzAIsS4ceO5cU4bMB62cYNRx2elOfKubh0DZAwcD-vEyIiGDh04c3S8eBHGhUE6rF2MedPmxZkydF7EgAFjukwZP-ikaVOmR0OkNJDKwOHxM5c61DeGoTOmx-XMNs6ntxEGjpgeYuw4UXOFTJg5VxBRRRh6IAHDGFFAUUQcX0BBkBx65EBHEm7EIURTduBBBR5qjBHDGUYscYYcNdwhBxY4LEFFDWfUkEcaOOihRRNRtCAEE1-kkUMMRkQhBhZvDEFHEG-0YIQSWLRwBRRWRAEHHkIU4YQNQmjxxBFnjFfGE2MUcQMOX5xRRRJESFFFGnLB0QZFD72hJpsikMFcRmOQ4YYLdOxVxnJywKHcnA-Nsd5CW8wQA1QiwCEHVTrA4AJ1kYnRWaOPwuCQZGp-oSijjlIHg2OHiSCHHZUd9dCeb1LqKU6g1VEHmjoYJakYYsQwhg0tjAGDGGWc5FINLWBFUwtsjSFGDmIYZAatOciVRmVG4VCDCzI85kJD025Fg1xy5AjtbdNWO8O1NWRrw7a5hZFRE2_okQYbbITxwrQwgIDCFWm4Iecdc4DgBBUgTPfoDiDg68a5BONxbgogBCEYG2VcUYYYS6QRXVg3uKCUvUsgQUUTTLAAAhtprFEGCEfsucYbDA-BhhzMlSGdpY-6UMNR2cIgAwhThGFGGHKkMS9jGvMUKKMiEFGEXG90OwbSSsvFBtRLP3SQHV_IUQYbFOV0cw040ECd1WVgLYYcC-EWZ9lftPEGGZ7hUJvVMMP5xlA05AUzHnksdKnWkw7kG3DCvVDnnXnyyqefyzUn1xyjZgQzHes13UIdblg8UsZkeOiU1Ugf9EXnMXwuAh1rMmSDDYbagMMMNFyKulOqs77V67HXYNhmWZcxBxxfDFp767hfynYYEMtBx1CF0oDoVYqt_XMdbEyU19QLpSZZazD0oUBA&s=5e13fd2b4bf8f9f79331adb2beedc1a3b3092fd204fda678890d45f217304b621663168345&w=t&r=1&d=255&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/ecaaabf53036409d9c39b44bec79a69d.html?subid=1923670762&categories=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.80.153 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.153.80.243.136.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language de-DE,de;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:26 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H/1.1	206 Partial Content	1027236_video.mp4 hw-cdn2.adtng.com/a7/creatives/24/124/814208/1027236/ Frame 51AF	489 KB 489 KB	15ms 14ms	Media video/mp4	209.197.3.25 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://hw-cdn2.adtng.com/a7/creatives/24/124/814208/1027236/1027236_video.mp4 Requested by Host: a.adtng.com URL: https://a.adtng.com/get/10005363?time=1592491455431&atc=423524&apb=sa2c0ArUrzNWTtEtWt1kbAA3pXyM9UQDrfOb9ygvK-VIpjy94cB-XR-dm7Hk60wMDHx-h9QI2deRPx9-DmVMsbpWm0dLPlUMNFC33EVJNOJ809UGJcN1_6c_gUIDRUi Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 209.197.3.25 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS vip0x019.map2.ssl.hwcdn.net Software / Resource Hash ead5ac046fc34503734d1ddd54437d44b78671a5ea6268dd994fbf99052f4271 Request headers Referer https://a.adtng.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Range bytes=0- Response headers Date Wed, 14 Sep 2022 15:12:26 GMT Last-Modified Wed, 23 Mar 2022 20:08:52 GMT Access-Control-Allow-Origin * ETag "1648066132" X-HW 1663168345.dop210.am5.t,1663168345.cds232.am5.shn,1663168345.dop210.am5.t,1663168346.cds235.am5.c Content-Type video/mp4 Content-Range bytes 0-500418/500419 Cache-Control max-age=10582343 Connection Keep-Alive Accept-Ranges bytes Content-Length 500419
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame CBC6	24 B 122 B	12ms 11ms	Script text/plain	136.243.80.153 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUmZFjxg0zZWC0ICOGDI4WNEzaaIEjDAwyLcKYGROGhhgYNmzgkFFDxMM5YtKQUahji4gYOWTMsHEDxg0bMkR0eRimzpiMB23AoIEDRowWN2iUoYHSjI2vOWyUgUkjhhkyN8Z4nTFjjA2fEMnYWWgjrYyHcOqIoSgjxw2qcOBQRNrxJ5yJOjye9fhXxJg2inXQUFpDBg2qZMxQfCjGjZuFMm4k9Vy5jRuMOlIvzQHYNewYbWPgeFgnRkY0dOjAmaPjxYswLgzSee1izJs2L86UofMiBozrNZbO-EEnTZsyPRompZEDd40aNGbE4FLnugwbYeiM6bF5Rmca7N3DhyOmR5gsQsyBUxprkEHGFUG0wYQNajRBBRb2hRHFF2MkIYMWbzSxRg51OAHFDFEM4YQccFQhhRVrFEFGDnJAIYYeUxhxBBJKXMGEFUfQUQMbIcJQBhJUGMFGFloIMQUOdMhhhBBL1JDEGnHg0EQUauShBxpGBMGEGzYMkQYbbBgBhRNjOMFGGVc8cYYawhkxhhs4fHFGFUkQIUUVaeAFRxuoPfTGnn2KQMZzGY1Bhhsu0CFYGc6R2ByhD9EE2RbqTSUCHHJcFRsMpImmAwwuYPeQHHZkhhRvdeSpgwiGhRGDDGbMcJJahaGUAw45tCDGTLmmZ4ZMb3lUEhl4pZHZUTjU4IIMMczgQkPKxmADDXjJ8YWxGemmLLPOQvvstHjVEUZGTbyhx5dshPGCsjCAgMIVabgx6B1zgOAEFSBYF-oOIMDLJQ384jFtCiAEkdiZV5QhxhJpUJfdDS4s5e4SQDbBBAsgsEFgGSAcwegabxA8BBpyPFdGdTCw60INSEULgwwgTCFTGHKksa5HEd8VqaYiEFEEXm9YOwbPPuPFBtE_P3SQHV_IUQYbFNVwA8s14EDDdaOecZoOhn0maBlMiyHHQrt9zXQbbxAbGw64KV3yaCK8QZTXmL6BRx4LOSSC054OFNxwxb1gKKKKisFo0HA8Ch1ec5CaUcl0xBd0C3W40XALNjhLxhiv4rU5VmV8sXnnFvHJUE7q6TQDDXrT0UZUp2cuLQ6rn9dYXk2XMQccX8RHEeqz106VGJB9_WsdbEwE2NELcWoZbDD0oUBA&s=1edc8be00f374c583a60f8f346ce2486caccd48b851ba3190f2ee536c247cfc21663168345&w=t&r=1&d=783&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1923670762&categories=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.80.153 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.153.80.243.136.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language de-DE,de;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:26 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8
GET H2	200	p.js Show response pxl.tsyndicate.com/api/v1/p/ Frame 3695	24 B 122 B	12ms 11ms	Script text/plain	136.243.80.153 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyHeCFOGDI0YN1rUEJNjRgsaOGTgaCFGxg0YJ0fe6AiDRpkxNXCIeDhHTBoyCnVsEREjh4wZNl7esCFDRJeHYeqMyUjDho0xN3DYoNEijJkZZU7GsBEWx8waJ8vAiEEDRg0aM3PA2AmRjJ2FNnIwfQinjhiKMnLcgAoHDsWiJXnCmahjxtIYjmU8HNPGsA4aR2vIoAGVjBmKD8W4cbPQpdHNkkW0cYNRh0ukOfiubs02RgwcD-vEyIiGDh04c3S8eBHGhUE6rF2MedPmxZkydF7EgEG9BtIZP-ikaVOmR0OjNHKwrfF2RgwudajLsBGGzpgemGdopoFePXs4YnoMiZLGzhAaa9hQRxJXDKFGHWWUUUURdgjhFRtmYNFEGjmIwYYRSDihxxloYIEDDE9AEUUcaASRxBBn2FCFSHHoEYYacojxBBUcGbEGHVLAgEcdaDCBhR44PCFHFXQEAQUNUSCRhG1QvPFEFjA0McYRZ9QhBxQ1sNFGDHPUgUcQcETBxhFGrGcDDkRIQcMcX5xRRRJpVpEGXXC0UdpDb9R5pwhkMJfRGGS44QIdft30hhxwKOfnZO0ttIV5T4kAhxxTuQZDaJ_pAIML1T0khx2WFZVbHXPqIMINNIgxw6oesRTDVyfNAGhXYYDVAgxb4SCGGDeYoWqFdKVhGVE41OCCDJC50JCxY9FAlxxfCJvRbcYiO4Oy5Cm7FV11hJFRE2_okQYbbITxgrEwgIDCFWm40ecdc4DgBBUgTMfpDiCw68ZW-OKxVQoggAkHG2VcUYYYS6QRnXU3uICUuksgQUUTTLAAAhtprFEGCEfctMYbAA-BhhzMlSGdW5y6UENRzMIgAwhTeBWGHGmc65jDNtA1RqUiEFEEXYd-sXNGPtPFBs9FP3SQHV_IUQYbFNVww8o5tXWpCHKcQZoOgnHGZxlMiyHHQrh9zXQbb5BRGg5sKU0yaCK8EZTXk76BRx4LOYR1GZkO5Btwwr0AqKCEimEoooo2R9ccn2ZEMh3tHdpCHW4o3IJLLpAxRgxNKc3zQV9ozjlddNjJkFXmnTkDDXqX3tTpNqSOw-rkJVZX02XMAccXjcIuO-1QicHY12ZExcZEfB290NVjtAZDHwoEBA%3D%3D&s=770e8893b46af5393686b6f99883e351e2c57d77dc9b152917790ac33eeab6fb1663168345&w=t&r=1&d=803&priv=false Requested by Host: tsyndicate.com URL: https://tsyndicate.com/iframes2/00394b71264946e5bf58746cefe5435f.html?subid=1923670762&categories=Bula,(2022),%E2%80%93,KURAKURA21 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.80.153 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.153.80.243.136.clients.your-server.de Software nginx / Resource Hash 897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a Request headers accept-language de-DE,de;q=0.9 Referer https://tsyndicate.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36 Response headers date Wed, 14 Sep 2022 15:12:26 GMT server nginx x-robots-tag noindex, nofollow content-length 24 content-type text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

a82bd1cbd4.24f6bf5f7e.com

URL

https://a82bd1cbd4.24f6bf5f7e.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MCwiZXh0Ijp7InRhZ19hYiI6ImEiLCJpZCI6MTk0Niwic3BhY2VpZCI6MTk0NiwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJ1bGElMkMoMjAyMiklMkMlRTIlODAlOTMlMkNLVVJBS1VSQTIxJTIwIiwibGFiZWxzIjoiIiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTkyMzY3MDc2MiIsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjY4NjIzLCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjozMDEsInN0cmF0YWdlbSI6bnVsbCwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6Mn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjYwMH19XSwic2l0ZSI6eyJpZCI6IjY4NjIzIiwiY2F0IjpbIklBQjI1Il0sInBhZ2UiOiJodHRwOi8vMTU3LjIzMC40MS4yMzYvYnVsYS0yMDIyLyJ9LCJkZXZpY2UiOnsidyI6MTYwMCwiaCI6MTIwMH0sInVzZXIiOnsiaWQiOiI0YjUxYjJkMTIxMDE4OGE0M2MyMTI4OWQwMWMwMDEzMiJ9LCJleHQiOnsiZHQiOjE2NjMxNjgzNDEyMTB9fQ==