xn--margas-gardinentrume-rzb.de Open in urlscan Pro Puny
margas-gardinenträume.de IDN
2a01:238:20a:202:1067:: Public Scan

Go To Rescan
Add Verdict Report

URL:
http://xn--margas-gardinentrume-rzb.de/
Submission: On June 03 via api (June 3rd 2022, 7:43:36 am UTC) from DE — Scanned from DE

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 11 domains to perform 36 HTTP transactions. The main IP is 2a01:238:20a:202:1067::, located in Germany and belongs to STRATO STRATO AG, DE. The main domain is xn--margas-gardinentrume-rzb.de.

This is the only time xn--margas-gardinentrume-rzb.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a01:238:20a:... 2a01:238:20a:202:1067::	6724 (STRATO ST...) (STRATO STRATO AG)
1	81.169.145.150 81.169.145.150	6724 (STRATO ST...) (STRATO STRATO AG)
4	99.83.154.118 99.83.154.118	16509 (AMAZON-02) (AMAZON-02)
2 2	103.224.182.246 103.224.182.246	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
4	13.248.148.254 13.248.148.254	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
9	2600:9000:206... 2600:9000:206f:4a00:1f:4100:9540:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	185.53.178.30 185.53.178.30	61969 (TEAMINTER...) (TEAMINTERNET-AS)
36	9

1 2a01:238:20a:202:1067:: (Germany)

ASN6724 (STRATO STRATO AG, DE)

xn--margas-gardinentrume-rzb.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.169.145.150 (Soehrewald, Germany)

ASN6724 (STRATO STRATO AG, DE)
PTR: w96.rzone.de

www.webmailer.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.83.154.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: a51062ecadbb5a26e.awsglobalaccelerator.com

stxstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.224.182.246 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-246.above.com

bali-planet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.148.254 (United States)

ASN16509 (AMAZON-02, US)
PTR: aba1c1ff9d2ec5376.awsglobalaccelerator.com

ww38.bali-planet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:206f:4a00:1f:4100:9540:21 (United States)

ASN16509 (AMAZON-02, US)

d1lxhc4jvstzrp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.53.178.30 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)

c.parkingcrew.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cloudfront.net d1lxhc4jvstzrp.cloudfront.net	32 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2	212 KB
6	bali-planet.com 2 redirects bali-planet.com ww38.bali-planet.com	8 KB
4	googleusercontent.com afs.googleusercontent.com — Cisco Umbrella Rank: 12038	2 KB
4	stxstats.com stxstats.com	8 KB
1	parkingcrew.net c.parkingcrew.net — Cisco Umbrella Rank: 83335	1005 B
1	webmailer.de www.webmailer.de	57 KB
1	xn--margas-gardinentrume-rzb.de xn--margas-gardinentrume-rzb.de	5 KB
0	visions7.net Failed visions7.net Failed
0	zxstats.com Failed zxstats.com Failed
0	seastats.com Failed seastats.com Failed
36	11

	Domain	Requested by
9	d1lxhc4jvstzrp.cloudfront.net	stxstats.com d1lxhc4jvstzrp.cloudfront.net ww38.bali-planet.com
7	www.google.com	stxstats.com www.google.com xn--margas-gardinentrume-rzb.de ww38.bali-planet.com
4	afs.googleusercontent.com	www.google.com
4	ww38.bali-planet.com	xn--margas-gardinentrume-rzb.de d1lxhc4jvstzrp.cloudfront.net ww38.bali-planet.com
4	stxstats.com	xn--margas-gardinentrume-rzb.de d1lxhc4jvstzrp.cloudfront.net stxstats.com
2	bali-planet.com	2 redirects
1	c.parkingcrew.net	ww38.bali-planet.com
1	www.webmailer.de	xn--margas-gardinentrume-rzb.de
1	xn--margas-gardinentrume-rzb.de
0	visions7.net Failed	xn--margas-gardinentrume-rzb.de
0	zxstats.com Failed	xn--margas-gardinentrume-rzb.de
0	seastats.com Failed	xn--margas-gardinentrume-rzb.de
36	12

This site contains no links.

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://xn--margas-gardinentrume-rzb.de/
Frame ID: CFBF6190DD2CABE716D3532D90CBD8D6
Requests: 2 HTTP requests in this frame

Frame: http://seastats.com/
Frame ID: 87DE297AE5EB226E51157B886F143C1D
Requests: 1 HTTP requests in this frame

Frame: http://stxstats.com/
Frame ID: 8E135BA712F4B17791118B0E938F7C80
Requests: 11 HTTP requests in this frame

Frame: http://zxstats.com/
Frame ID: 242F47D5F9BF631CF6A7E985436800C3
Requests: 1 HTTP requests in this frame

Frame: http://ww38.bali-planet.com/
Frame ID: D6ECF99C1B70E20E6A092163DB26F3A4
Requests: 10 HTTP requests in this frame

Frame: http://visions7.net/1
Frame ID: BF2AD3EBA9379D6D79342404FBA906A8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=1420240428&pcsa=false&channel=000001%2Cbucket002&client=dp-mb-teaminternet01_3ph&r=m&sc_status=0&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956&format=r5%7Cs&nocache=2771654242213051&num=0&output=afd_ads&domain_name=stxstats.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1654242213053&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=544&frm=2&uio=--&cont=tc&jsid=caf&jsv=14100&rurl=http%3A%2F%2Fstxstats.com%2F&referer=http%3A%2F%2Fxn--margas-gardinentrume-rzb.de%2F
Frame ID: A880352618191C2B7D931B9C3A7CDD14
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=1420240428&pcsa=false&channel=000001%2Cbucket002&client=dp-mb-teaminternet01_3ph&r=m&sc_status=0&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2631830028814560&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300953%2C17300956&format=r1%7Cs&nocache=6831654242215700&num=0&output=afd_ads&domain_name=ww38.bali-planet.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1654242215700&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=454&frm=2&uio=--&cont=tc&jsid=caf&jsv=14100&rurl=http%3A%2F%2Fww38.bali-planet.com%2F&referer=http%3A%2F%2Fxn--margas-gardinentrume-rzb.de%2F
Frame ID: 7FACA9722F8EDAAAF6AD161578845744
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

STRATO

Page Statistics

36
Requests

28 %
HTTPS

44 %
IPv6

11
Domains

12
Subdomains

9
IPs

4
Countries

325 kB
Transfer

693 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://bali-planet.com/ HTTP 302
https://bali-planet.com/ HTTP 302
http://ww38.bali-planet.com/

Request Chain 5

http://visions7.net/ HTTP 302
http://visions7.net/1

36 HTTP transactions
-2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
xn--margas-gardinentrume-rzb.de/ 5 KB
5 KB 171ms
46ms Document
text/html 2a01:238:20a:202:1067::
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to

Full URL: http://xn--margas-gardinentrume-rzb.de/
Protocol: HTTP/1.1
Server: 2a01:238:20a:202:1067:: , Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS
Software: Apache/2.4.53 (Unix) /
Resource Hash: 3b5483cdf7dceaecd6e68631b51eac8ba31df65da51572f399c50f04a2578837

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 4638
Content-Type: text/html
Date: Fri, 03 Jun 2022 07:43:32 GMT
ETag: "121e-49bea3a2505c0"
Keep-Alive: timeout=3, max=100
Last-Modified: Thu, 10 Feb 2011 09:30:07 GMT
Server: Apache/2.4.53 (Unix)

GET
H/1.1 200
OK setup.jpg
www.webmailer.de/setup/setup5/ 57 KB
57 KB 111ms
45ms Image
image/jpeg 81.169.145.150
STRATO STRATO AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.webmailer.de/setup/setup5/setup.jpg
Requested by: Host: xn--margas-gardinentrume-rzb.de
URL: http://xn--margas-gardinentrume-rzb.de/
Protocol: HTTP/1.1
Server: 81.169.145.150 Soehrewald, Germany, ASN6724 (STRATO STRATO AG, DE),
Reverse DNS: w96.rzone.de
Software: Apache/2.4.53 (Unix) /
Resource Hash: 70f12d4b4f5ca1d0dc0da44a4e6d9bd22962c64144718f1f92f29afa8ff68bf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://xn--margas-gardinentrume-rzb.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:43:32 GMT
Last-Modified: Fri, 01 Jul 2011 16:12:18 GMT
Server: Apache/2.4.53 (Unix)
ETag: "e48c-4a7044816bc80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 58508

GET /
seastats.com/ Frame 87DE 0
0

GET
H/1.1 200
OK / Show response
stxstats.com/ Frame 8E13 11 KB
6 KB 180ms
89ms Document
text/html 99.83.154.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://stxstats.com/
Requested by: Host: xn--margas-gardinentrume-rzb.de
URL: http://xn--margas-gardinentrume-rzb.de/
Protocol: HTTP/1.1
Server: 99.83.154.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a51062ecadbb5a26e.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 7ca6be23992f213c86a784204fcb637c15b7192d61360c4b178eceeaf3b085c1

Request headers

Referer: http://xn--margas-gardinentrume-rzb.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime: 30
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 07:43:32 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_KUSsfD5fm7qcJ6ss8r/u1IwW38v0WIW0Sysosl4LyijSb/3Po2FRgxohtbMJrVJUyB1DAtG27Sezk4zu8DpT/A==
X-Buckets: bucket002
X-Language: german
X-Template: tpl_Regnitz_twoclick

GET /
zxstats.com/ Frame 242F 0
0

GET
H/1.1

200
OK

/ Show response
ww38.bali-planet.com/ Frame D6EC
Redirect Chain

http://bali-planet.com/
https://bali-planet.com/
http://ww38.bali-planet.com/

11 KB
6 KB

493ms
161ms

Document
text/html

13.248.148.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.bali-planet.com/
Requested by: Host: xn--margas-gardinentrume-rzb.de
URL: http://xn--margas-gardinentrume-rzb.de/
Protocol: HTTP/1.1
Server: 13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 5cd904e61f2f2372592a704205f25cf709af889ee4eff3f1d5fb3b6c5f4aa185

Request headers

Referer: http://xn--margas-gardinentrume-rzb.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-CH: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime: 30
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 07:43:35 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_NZsedH7pMN64FZMrvAb6wVcsU7VvC39/nryyAZNM18oKUEIQO1FKxsYonn/8cJrDapZTlAj+9P1rCNdRlPJ/5w==
X-Buckets: bucket002
X-Language: german
X-Template: tpl_Regnitz_twoclick

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Jun 2022 07:43:34 GMT
Location: http://ww38.bali-planet.com/
Server: Apache/2.4.38 (Debian)

GET

1
visions7.net/ Frame BF2A
Redirect Chain

http://visions7.net/
http://visions7.net/1

0
0

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ Frame 8E13 141 KB
52 KB 84ms
47ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: stxstats.com
URL: http://stxstats.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57a7f535b2a4929846c96b60b06f26dff761de442e8c25c3764ec54926a7d73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://stxstats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:43:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "3020488930839449218"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Fri, 03 Jun 2022 07:43:32 GMT

GET
H/1.1 200
OK style.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame 8E13 829 B
827 B 85ms
37ms Stylesheet
text/css 2600:9000:206f:4a00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
Requested by: Host: stxstats.com
URL: http://stxstats.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:4a00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://stxstats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 23:19:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Server: nginx
Age: 30263
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: NfWAKEnXdJLOY-YwxZTcot2heWwdvRmDYGUNCl77u5Mg3-VyxAmknA==

GET
H/1.1 200
OK style.css
d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/ Frame 8E13 1 KB
1023 B 86ms
38ms Stylesheet
text/css 2600:9000:206f:4a00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/style.css
Requested by: Host: stxstats.com
URL: http://stxstats.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:4a00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 73c8b1941a2a223b487245530177d98cab9ac48b1ce903a48b29c76c96c1fda4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://stxstats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 02:15:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 11:24:01 GMT
Server: nginx
Age: 19668
ETag: W/"6218bc51-4ec"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: Gd_Kc5VRSxA_hzu8pw4rKDM3D1xS3WXB3HqRiHqbEGKbzDcF2x-2Mw==

GET
H2 200 namecheap1.svg
d1lxhc4jvstzrp.cloudfront.net/themes/registrar/images/ Frame 8E13 6 KB
6 KB 121ms
38ms Image
image/svg+xml 2600:9000:206f:4a00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1lxhc4jvstzrp.cloudfront.net/themes/registrar/images/namecheap1.svg
Requested by: Host: stxstats.com
URL: http://stxstats.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4a00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b2a876745aa41319eab335a8b1dfa10c1afd8413f421314e6eea36f14779701

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://stxstats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 02:21:16 GMT
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
last-modified: Fri, 30 Apr 2021 08:33:04 GMT
server: nginx
age: 19336
etag: "608bc0c0-1749"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5961
x-amz-cf-id: g5kXugjf__uDW_fxJpGJfEjBvNdMNR6PPoR0jvbB-6rVPBEDPjURhw==

GET
H/1.1 200
OK js3caf.js Show response
d1lxhc4jvstzrp.cloudfront.net/scripts/ Frame 8E13 7 KB
7 KB 37ms
37ms Script
application/javascript 2600:9000:206f:4a00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
Requested by: Host: stxstats.com
URL: http://stxstats.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:4a00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://stxstats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 00:50:03 GMT
Via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
Server: nginx
Age: 24809
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 7000
X-Amz-Cf-Id: HnibbPnjdt819cg646o9t83OPQR-F7UTeX-VBgOvzT6_RdQve0698Q==

GET
H/1.1 200
OK track.php Show response
stxstats.com/ Frame 8E13 0
608 B 71ms
70ms XHR
text/html 99.83.154.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://stxstats.com/track.php?domain=stxstats.com&toggle=browserjs&uid=MTY1NDI0MjIxMi42OTYyOmEzZjNiNjI0ZjIxYmYxZTQ2YzFlMmVkN2M5YTJkZmQzODYzZWJmZDY2NjY5M2IzZTlmNDM0Y2FiYzE3M2RiMWY6NjI5OWJiYTRhOWY2OQ%3D%3D
Requested by: Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
Protocol: HTTP/1.1
Server: 99.83.154.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a51062ecadbb5a26e.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://stxstats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:43:33 GMT
Content-Encoding: gzip
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: browserjs
Vary: Accept-Encoding
Accept-CH-Lifetime: 30
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx

POST
H/1.1 201
Created ls.php Show response
stxstats.com/ Frame 8E13 0
903 B 65ms
65ms XHR
text/javascript 99.83.154.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://stxstats.com/ls.php
Requested by: Host: stxstats.com
URL: http://stxstats.com/
Protocol: HTTP/1.1
Server: 99.83.154.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a51062ecadbb5a26e.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://stxstats.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 03 Jun 2022 07:43:33 GMT
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, OPTIONS
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_IWrvMrloD4ZYnYMBbWYkFinHs4AIYV6bi3YYovtcMBqeKkYWh4KXTRfcJsy05NFql5O3fUvILmXMRet6fdNFOw==
Access-Control-Allow-Origin: http://stxstats.com
X-Log-Success: 6299bba5e7d6c85814052544
Charset: utf-8
Accept-CH-Lifetime: 30
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Server: nginx

GET
H/1.1 200
OK bottom.png
d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/img/ Frame 8E13 3 KB
4 KB 38ms
38ms Image
image/png 2600:9000:206f:4a00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/img/bottom.png
Requested by: Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/style.css
Protocol: HTTP/1.1
Server: 2600:9000:206f:4a00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ee13da8e8d4bd49a7fdd595de382a3c7dbfef6f8555aeca5292c8c80da75f355

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 03:56:52 GMT
Via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
Last-Modified: Fri, 25 Feb 2022 11:24:01 GMT
Server: nginx
Age: 13601
ETag: "6218bc51-d1f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 3359
X-Amz-Cf-Id: LSJfZyTI3YmHlmLtlGt-rZaD4BLOZMD9Lt3UNzXah8VPfBKtfApKIQ==

GET
H2 200 ads Show response
www.google.com/afs/ Frame A880 6 KB
2 KB 201ms
119ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads?adtest=off&psid=1420240428&pcsa=false&channel=000001%2Cbucket002&client=dp-mb-teaminternet01_3ph&r=m&sc_status=0&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956&format=r5%7Cs&nocache=2771654242213051&num=0&output=afd_ads&domain_name=stxstats.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1654242213053&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=544&frm=2&uio=--&cont=tc&jsid=caf&jsv=14100&rurl=http%3A%2F%2Fstxstats.com%2F&referer=http%3A%2F%2Fxn--margas-gardinentrume-rzb.de%2F

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

a40599e1e8d3be0f3e1b8e557689a93abfff279ceabc90ec4ad67615d431df7a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://stxstats.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-Viewport-Width Sec-CH-Viewport-Height Sec-CH-DPR
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2082
content-type: text/html; charset=UTF-8
date: Fri, 03 Jun 2022 07:43:33 GMT
expires: Fri, 03 Jun 2022 07:43:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: gws
x-xss-protection: 0

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ Frame A880 141 KB
52 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?pac=0

Requested by

Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=1420240428&pcsa=false&channel=000001%2Cbucket002&client=dp-mb-teaminternet01_3ph&r=m&sc_status=0&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2744431292869648&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300953%2C17300956&format=r5%7Cs&nocache=2771654242213051&num=0&output=afd_ads&domain_name=stxstats.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1654242213053&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=544&frm=2&uio=--&cont=tc&jsid=caf&jsv=14100&rurl=http%3A%2F%2Fstxstats.com%2F&referer=http%3A%2F%2Fxn--margas-gardinentrume-rzb.de%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb7ba3cb65806041f46a164bf52c98220f19233044054d5109d97fa683f573a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:43:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "17030200233866326750"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 03 Jun 2022 07:43:33 GMT

GET
H2 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame A880 391 B
386 B 121ms
38ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

920a378947204498c122722933b3a4b67788a2b6fade8bd0d47cf830eeee0563

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
age: 69242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
date: Thu, 02 Jun 2022 12:29:31 GMT
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Fri, 03 Jun 2022 11:29:31 GMT

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame A880 200 B
793 B 120ms
37ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
age: 18417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
date: Fri, 03 Jun 2022 02:36:36 GMT
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Sat, 04 Jun 2022 01:36:36 GMT

GET
H/1.1 200
OK track.php Show response
stxstats.com/ Frame 8E13 0
610 B 66ms
66ms XHR
text/html 99.83.154.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://stxstats.com/track.php?domain=stxstats.com&caf=1&toggle=answercheck&answer=yes&uid=MTY1NDI0MjIxMi42OTYyOmEzZjNiNjI0ZjIxYmYxZTQ2YzFlMmVkN2M5YTJkZmQzODYzZWJmZDY2NjY5M2IzZTlmNDM0Y2FiYzE3M2RiMWY6NjI5OWJiYTRhOWY2OQ%3D%3D
Requested by: Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
Protocol: HTTP/1.1
Server: 99.83.154.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a51062ecadbb5a26e.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://stxstats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:43:33 GMT
Content-Encoding: gzip
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: answercheck
Vary: Accept-Encoding
Accept-CH-Lifetime: 30
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx

GET
H3 204 gen_204
www.google.com/afs/ Frame 8E13 0
15 B 56ms
55ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-mb-teaminternet01_3ph&output=uds_ads_only&zx=zg8kh8ar6884&aqid=pbuZYp2sDdHF3wObg7jgDA&psid=1420240428&pbt=bs&adbx=16&adby=158&adbh=1&adbw=0&adbn=master-1&eawp=partner-dp-mb-teaminternet01_3ph&errv=14100604014572796159&csala=31%7C220%7C106%7C143&lle=0&llm=1000&ifv=0&usr=1

Requested by

Host: xn--margas-gardinentrume-rzb.de
URL: http://xn--margas-gardinentrume-rzb.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://stxstats.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:43:35 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ Frame D6EC 141 KB
52 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: ww38.bali-planet.com
URL: http://ww38.bali-planet.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e98d1565f83297e310b27b4ece231931f4cdf7f258809e20ce208e1e9deacdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.bali-planet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:43:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
ETag: "5774002890898847575"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Fri, 03 Jun 2022 07:43:35 GMT

GET
H/1.1 200
OK style.css
d1lxhc4jvstzrp.cloudfront.net/themes/assets/ Frame D6EC 829 B
827 B 37ms
37ms Stylesheet
text/css 2600:9000:206f:4a00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d1lxhc4jvstzrp.cloudfront.net/themes/assets/style.css
Requested by: Host: ww38.bali-planet.com
URL: http://ww38.bali-planet.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:4a00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.bali-planet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Thu, 02 Jun 2022 23:19:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Server: nginx
Age: 30266
ETag: W/"5ebab1f0-33d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: U2w7zMy13vpg7mnIwj0KiqkoZ6yXse33sbMWT-s8cWVGrkvjW1rlEA==

GET
H/1.1 200
OK style.css
d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/ Frame D6EC 1 KB
1023 B 38ms
37ms Stylesheet
text/css 2600:9000:206f:4a00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/style.css
Requested by: Host: ww38.bali-planet.com
URL: http://ww38.bali-planet.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:4a00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 73c8b1941a2a223b487245530177d98cab9ac48b1ce903a48b29c76c96c1fda4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.bali-planet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 02:15:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 11:24:01 GMT
Server: nginx
Age: 19671
ETag: W/"6218bc51-4ec"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: okZNmQiIkAE237dIfm1Krko5_Wk36QgYMPL1gu6W2dh2s7U-CwZjAQ==

GET
H/1.1 200
OK sale_form.js Show response
c.parkingcrew.net/scripts/ Frame D6EC 761 B
1005 B 142ms
89ms Script
application/javascript 185.53.178.30
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://c.parkingcrew.net/scripts/sale_form.js
Requested by: Host: ww38.bali-planet.com
URL: http://ww38.bali-planet.com/
Protocol: HTTP/1.1
Server: 185.53.178.30 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.bali-planet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:43:35 GMT
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
Server: nginx
ETag: "5ebab1f0-2f9"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 761

GET
H/1.1 200
OK js3caf.js Show response
d1lxhc4jvstzrp.cloudfront.net/scripts/ Frame D6EC 7 KB
7 KB 74ms
37ms Script
application/javascript 2600:9000:206f:4a00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
Requested by: Host: ww38.bali-planet.com
URL: http://ww38.bali-planet.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:4a00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.bali-planet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 00:50:03 GMT
Via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Jan 2021 10:54:01 GMT
Server: nginx
Age: 24812
ETag: "600022c9-1b58"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 7000
X-Amz-Cf-Id: 93cp18GTDfXoHDH8r7N5jjlDPVj17fYsKkQz6ESCsgX8nRCm6Oijlg==

GET
H/1.1 200
OK track.php Show response
ww38.bali-planet.com/ Frame D6EC 0
608 B 148ms
147ms XHR
text/html 13.248.148.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.bali-planet.com/track.php?domain=bali-planet.com&toggle=browserjs&uid=MTY1NDI0MjIxNS4zMjY1OjFlNWViMjBkZjk3NzA1MWZlZGIwOTcxM2Y5YmM2OWZiMzY2NjVjYzc4YmEwNWZiZjY5OWY2MTVjOTMzNWU0N2M6NjI5OWJiYTc0ZmI2MA%3D%3D
Requested by: Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
Protocol: HTTP/1.1
Server: 13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.bali-planet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:43:35 GMT
Content-Encoding: gzip
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: browserjs
Vary: Accept-Encoding
Accept-CH-Lifetime: 30
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx

POST
H/1.1 201
Created ls.php Show response
ww38.bali-planet.com/ Frame D6EC 0
911 B 146ms
146ms XHR
text/javascript 13.248.148.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.bali-planet.com/ls.php
Requested by: Host: ww38.bali-planet.com
URL: http://ww38.bali-planet.com/
Protocol: HTTP/1.1
Server: 13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://ww38.bali-planet.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 03 Jun 2022 07:43:35 GMT
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, OPTIONS
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_RjDSWwoorhUbwx44IUmz+PbO88FQURrYQlJsIkK6QWF3ENe/HwPnfeZTXedVIP95l3l0Ffl4YMIuyzgAAxj6SQ==
Access-Control-Allow-Origin: http://ww38.bali-planet.com
X-Log-Success: 6299bba78cecf2229e4a90c6
Charset: utf-8
Accept-CH-Lifetime: 30
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Server: nginx

GET
H/1.1 200
OK bottom.png
d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/img/ Frame D6EC 3 KB
4 KB 37ms
36ms Image
image/png 2600:9000:206f:4a00:1f:4100:9540:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/img/bottom.png
Requested by: Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/style.css
Protocol: HTTP/1.1
Server: 2600:9000:206f:4a00:1f:4100:9540:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ee13da8e8d4bd49a7fdd595de382a3c7dbfef6f8555aeca5292c8c80da75f355

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://d1lxhc4jvstzrp.cloudfront.net/themes/regnitz_0f823431/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 03:56:52 GMT
Via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
Last-Modified: Fri, 25 Feb 2022 11:24:01 GMT
Server: nginx
Age: 13603
ETag: "6218bc51-d1f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 3359
X-Amz-Cf-Id: 1QITdEBuNUsBg-GNfa6X7LPUdCcJVdleqXT3G-dRL9I83FbwHXj0gA==

GET
H3 200 ads Show response
www.google.com/afs/ Frame 7FAC 6 KB
2 KB 138ms
138ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads?adtest=off&psid=1420240428&pcsa=false&channel=000001%2Cbucket002&client=dp-mb-teaminternet01_3ph&r=m&sc_status=0&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2631830028814560&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300953%2C17300956&format=r1%7Cs&nocache=6831654242215700&num=0&output=afd_ads&domain_name=ww38.bali-planet.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1654242215700&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=454&frm=2&uio=--&cont=tc&jsid=caf&jsv=14100&rurl=http%3A%2F%2Fww38.bali-planet.com%2F&referer=http%3A%2F%2Fxn--margas-gardinentrume-rzb.de%2F

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

0e8b8ef1f5e4f33fde697327ea1db791f90be0b6286b7657e9b9e28fbc5b1fcc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://ww38.bali-planet.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-Viewport-Width Sec-CH-Viewport-Height Sec-CH-DPR
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2000
content-type: text/html; charset=UTF-8
date: Fri, 03 Jun 2022 07:43:35 GMT
expires: Fri, 03 Jun 2022 07:43:35 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: gws
x-xss-protection: 0

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ Frame 7FAC 141 KB
51 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?pac=0

Requested by

Host: www.google.com
URL: https://www.google.com/afs/ads?adtest=off&psid=1420240428&pcsa=false&channel=000001%2Cbucket002&client=dp-mb-teaminternet01_3ph&r=m&sc_status=0&hl=de&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2631830028814560&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300953%2C17300956&format=r1%7Cs&nocache=6831654242215700&num=0&output=afd_ads&domain_name=ww38.bali-planet.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1654242215700&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=454&frm=2&uio=--&cont=tc&jsid=caf&jsv=14100&rurl=http%3A%2F%2Fww38.bali-planet.com%2F&referer=http%3A%2F%2Fxn--margas-gardinentrume-rzb.de%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb7ba3cb65806041f46a164bf52c98220f19233044054d5109d97fa683f573a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 03 Jun 2022 07:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "17030200233866326750"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Fri, 03 Jun 2022 07:43:35 GMT

GET
H3 200 search.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 7FAC 391 B
297 B 117ms
40ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?pac=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

920a378947204498c122722933b3a4b67788a2b6fade8bd0d47cf830eeee0563

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
age: 69245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
date: Thu, 02 Jun 2022 12:29:31 GMT
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Fri, 03 Jun 2022 11:29:31 GMT

GET
H3 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame 7FAC 200 B
199 B 115ms
39ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?pac=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
age: 18420
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
date: Fri, 03 Jun 2022 02:36:36 GMT
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
expires: Sat, 04 Jun 2022 01:36:36 GMT

GET
H/1.1 200
OK track.php Show response
ww38.bali-planet.com/ Frame D6EC 0
610 B 152ms
152ms XHR
text/html 13.248.148.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww38.bali-planet.com/track.php?domain=bali-planet.com&caf=1&toggle=answercheck&answer=yes&uid=MTY1NDI0MjIxNS4zMjY1OjFlNWViMjBkZjk3NzA1MWZlZGIwOTcxM2Y5YmM2OWZiMzY2NjVjYzc4YmEwNWZiZjY5OWY2MTVjOTMzNWU0N2M6NjI5OWJiYTc0ZmI2MA%3D%3D
Requested by: Host: d1lxhc4jvstzrp.cloudfront.net
URL: http://d1lxhc4jvstzrp.cloudfront.net/scripts/js3caf.js
Protocol: HTTP/1.1
Server: 13.248.148.254 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aba1c1ff9d2ec5376.awsglobalaccelerator.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww38.bali-planet.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 07:43:36 GMT
Content-Encoding: gzip
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track: answercheck
Vary: Accept-Encoding
Accept-CH-Lifetime: 30
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: seastats.com
URL: http://seastats.com/

Domain: zxstats.com
URL: http://zxstats.com/

Domain: visions7.net
URL: http://visions7.net/1

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://stxstats.com/(Line 147) Message: Unsafe attempt to initiate navigation for frame with URL 'http://xn--margas-gardinentrume-rzb.de/' from frame with URL 'http://stxstats.com/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
javascript	error	URL: http://ww38.bali-planet.com/(Line 135) Message: Unsafe attempt to initiate navigation for frame with URL 'http://xn--margas-gardinentrume-rzb.de/' from frame with URL 'http://ww38.bali-planet.com/'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
bali-planet.com
c.parkingcrew.net
d1lxhc4jvstzrp.cloudfront.net
seastats.com
stxstats.com
visions7.net
ww38.bali-planet.com
www.google.com
www.webmailer.de
xn--margas-gardinentrume-rzb.de
zxstats.com
seastats.com
visions7.net
zxstats.com
103.224.182.246
13.248.148.254
185.53.178.30
2600:9000:206f:4a00:1f:4100:9540:21
2a00:1450:4001:809::2004
2a00:1450:4001:813::2001
2a01:238:20a:202:1067::
81.169.145.150
99.83.154.118
0e8b8ef1f5e4f33fde697327ea1db791f90be0b6286b7657e9b9e28fbc5b1fcc
3b5483cdf7dceaecd6e68631b51eac8ba31df65da51572f399c50f04a2578837
3e98d1565f83297e310b27b4ece231931f4cdf7f258809e20ce208e1e9deacdc
57a7f535b2a4929846c96b60b06f26dff761de442e8c25c3764ec54926a7d73d
5cd904e61f2f2372592a704205f25cf709af889ee4eff3f1d5fb3b6c5f4aa185
70f12d4b4f5ca1d0dc0da44a4e6d9bd22962c64144718f1f92f29afa8ff68bf5
73c8b1941a2a223b487245530177d98cab9ac48b1ce903a48b29c76c96c1fda4
7ca6be23992f213c86a784204fcb637c15b7192d61360c4b178eceeaf3b085c1
809fb4619d2a2f1a85dbda8cc69a7f1659215212d708a098d62150eee57070c1
920a378947204498c122722933b3a4b67788a2b6fade8bd0d47cf830eeee0563
93a1109ada0cd55dedeaf7e9c4251a7f91ac3c3e1ab85e25e37b6cd4e47d504b
9b2a876745aa41319eab335a8b1dfa10c1afd8413f421314e6eea36f14779701
a40599e1e8d3be0f3e1b8e557689a93abfff279ceabc90ec4ad67615d431df7a
ba5b7354353b0eec1637564dae072fee662a5b9862f6bf7ed5e60a5a76f2ef44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7ba3cb65806041f46a164bf52c98220f19233044054d5109d97fa683f573a7
ee13da8e8d4bd49a7fdd595de382a3c7dbfef6f8555aeca5292c8c80da75f355
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3

xn--margas-gardinentrume-rzb.de Open in urlscan Pro Puny margas-gardinenträume.de IDN 2a01:238:20a:202:1067:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

36 Requests

28 %HTTPS

44 %IPv6

11 Domains

12 Subdomains

9 IPs

4 Countries

325 kBTransfer

693 kBSize

0 Cookies

0 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xn--margas-gardinentrume-rzb.de Open in urlscan Pro Puny
margas-gardinenträume.de IDN
2a01:238:20a:202:1067:: Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

28 %
HTTPS

44 %
IPv6

11
Domains

12
Subdomains

9
IPs

4
Countries

325 kB
Transfer

693 kB
Size

0
Cookies

36 HTTP transactions
-2 data transactions