urlscan.io logo urlscan.io
SecurityTrails logo

adp13a.com Open in urlscan Pro
172.64.173.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mediacpm.pl/v.php?user=13428
Effective URL: http://adp13a.com/redirect?sid=79411
Submission Tags: falconsandbox
Submission: On September 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 11 countries across 85 domains to perform 377 HTTP transactions. The main IP is 172.64.173.27, located in and belongs to . The main domain is adp13a.com.
This is the only time adp13a.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 104.21.234.95 13335 (CLOUDFLAR...)
18 45.15.27.99 47583 (AS-HOSTINGER)
4 4 104.20.138.65 13335 (CLOUDFLAR...)
13 172.64.175.21 13335 (CLOUDFLAR...)
9 88.198.195.3 24940 (HETZNER-AS)
3 216.58.207.211 15169 (GOOGLE)
1 1 104.21.63.195 13335 (CLOUDFLAR...)
1 54.164.83.247 14618 (AMAZON-AES)
1 104.21.73.22 13335 (CLOUDFLAR...)
1 48 104.26.11.230 13335 (CLOUDFLAR...)
4 85.114.134.182 24961 (MYLOC-AS ...)
2 104.21.17.99 13335 (CLOUDFLAR...)
8 142.250.74.97 15169 (GOOGLE)
3 46.105.201.240 16276 (OVH)
13 104.21.72.157 13335 (CLOUDFLAR...)
29 213.239.209.209 24940 (HETZNER-AS)
4 104.26.14.247 13335 (CLOUDFLAR...)
4 99.86.116.26 16509 (AMAZON-02)
3 151.139.128.11 20446 (HIGHWINDS3)
1 151.101.193.26 54113 (FASTLY)
2 185.173.160.142 49981 (WORLDSTREAM)
7 216.58.207.195 15169 (GOOGLE)
1 104.16.95.65 13335 (CLOUDFLAR...)
2 142.250.74.72 15169 (GOOGLE)
2 192.99.8.28 16276 (OVH)
1 3.221.87.95 14618 (AMAZON-AES)
4 216.58.207.206 15169 (GOOGLE)
2 158.69.139.226 16276 (OVH)
4 142.250.74.41 15169 (GOOGLE)
8 216.58.211.2 15169 (GOOGLE)
1 195.47.247.16 51468 (ONECOM)
1 103.9.156.119 63730 (VNSO-AS-V...)
2 151.101.112.217 54113 (FASTLY)
2 142.250.74.110 15169 (GOOGLE)
16 142.250.74.78 15169 (GOOGLE)
2 142.250.74.35 15169 (GOOGLE)
1 8 87.250.251.119 208722 (YNDX)
11 23.227.137.50 55081 (24SHELLS)
3 51.161.15.93 16276 (OVH)
2 99.86.116.52 16509 (AMAZON-02)
2 54.76.25.53 16509 (AMAZON-02)
1 104.16.88.26 13335 (CLOUDFLAR...)
6 151.101.114.109 54113 (FASTLY)
2 104.20.81.199 13335 (CLOUDFLAR...)
7 208.100.17.186 32748 (STEADFAST)
2 34.120.202.204 15169 (GOOGLE)
2 99.86.116.25 16509 (AMAZON-02)
1 151.101.0.217 54113 (FASTLY)
1 142.250.74.98 15169 (GOOGLE)
2 142.250.74.130 15169 (GOOGLE)
1 142.250.74.66 15169 (GOOGLE)
1 213.174.135.1 39572 (ADVANCEDH...)
1 208.100.17.185 32748 (STEADFAST)
3 142.250.74.68 15169 (GOOGLE)
2 138.197.56.196 14061 (DIGITALOC...)
3 16 34.253.111.115 16509 (AMAZON-02)
1 5 72.246.100.56 16625 (AKAMAI-AS)
5 5 51.210.112.63 16276 (OVH)
2 3 76.223.111.131 16509 (AMAZON-02)
3 172.64.100.29 13335 (CLOUDFLAR...)
1 104.21.85.254 13335 (CLOUDFLAR...)
1 192.119.9.82 55081 (24SHELLS)
2 99.86.116.18 16509 (AMAZON-02)
1 69.16.175.42 20446 (HIGHWINDS3)
1 151.101.113.229 54113 (FASTLY)
3 99.86.116.102 16509 (AMAZON-02)
2 3 34.197.192.192 14618 (AMAZON-AES)
1 3 216.58.207.226 15169 (GOOGLE)
1 35.201.103.0 15169 (GOOGLE)
1 104.21.78.98 13335 (CLOUDFLAR...)
12 104.21.16.104 13335 (CLOUDFLAR...)
1 185.64.190.78 62713 (AS-PUBMATIC)
4 4 141.95.34.104 16276 (OVH)
2 2 46.228.164.13 56396 (AMOBEE)
2 2 35.227.248.159 15169 (GOOGLE)
1 104.16.91.60 13335 (CLOUDFLAR...)
2 2 34.223.168.126 16509 (AMAZON-02)
1 51.144.7.192 8075 (MICROSOFT...)
1 34.255.250.31 16509 (AMAZON-02)
1 54.74.18.91 16509 (AMAZON-02)
1 1 64.58.232.176 13649 (ASN-VINS)
1 64.58.232.180 13649 (ASN-VINS)
1 2 156.154.202.36 19907 (NEUSTAR-AS6)
1 52.208.138.90 16509 (AMAZON-02)
2 2 52.215.191.146 16509 (AMAZON-02)
1 63.251.232.170 29791 (VOXEL-DOT...)
1 1 185.29.134.244 30419 (MEDIAMATH...)
2 2 66.155.71.150 13768 (COGECO-PEER1)
2 2 3.125.99.7 16509 (AMAZON-02)
2 2 151.101.114.49 54113 (FASTLY)
2 2 185.33.221.13 29990 (ASN-APPNEX)
2 142.250.74.129 15169 (GOOGLE)
2 3 104.18.96.60 13335 (CLOUDFLAR...)
1 94.23.2.199 16276 (OVH)
1 104.18.23.174 13335 (CLOUDFLAR...)
2 172.64.173.27 ()
2 75.2.13.80 ()
377 84
12    104.21.234.95 (None, )

ASN13335 (CLOUDFLARENET, US)
mediacpm.pl
aimarketing.mediacpm.pl
18    45.15.27.99 (Germany)

ASN47583 (AS-HOSTINGER, CY)
display.jalewaads.com
4    104.20.138.65 (None, )

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
13    172.64.175.21 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bitcoin-ad.com
9    88.198.195.3 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: www129.your-server.de
tradingcoins.bar
3    216.58.207.211 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn11s04-in-f19.1e100.net
www.relationshipadvice.info
1    104.21.63.195 (None, )

ASN13335 (CLOUDFLARENET, US)
rotf.lol
1    54.164.83.247 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-83-247.compute-1.amazonaws.com
www.mycrazysextoys.com
1    104.21.73.22 (None, )

ASN13335 (CLOUDFLARENET, US)
adsluna.com
48    104.26.11.230 (United States)

ASN13335 (CLOUDFLARENET, US)
cryptotabbrowser.com
4    85.114.134.182 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: h104.hubuhost.com
g.cash-ads.com
2    104.21.17.99 (None, )

ASN13335 (CLOUDFLARENET, US)
trafficplan.pl
8    142.250.74.97 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f1.1e100.net
themes.googleusercontent.com
lh3.googleusercontent.com
3    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
13    104.21.72.157 (None, )

ASN13335 (CLOUDFLARENET, US)
news-btc.info
29    213.239.209.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 213-239-209-209.clients.your-server.de
acceptable.a-ads.com
ad.a-ads.com
click.a-ads.com
static.a-ads.com
4    104.26.14.247 (United States)

ASN13335 (CLOUDFLARENET, US)
a-ads.com
4    99.86.116.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-26.lhr61.r.cloudfront.net
bc.game
3    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
cdn.popcash.net
cdn.shareaholic.net
m9m6e2w5.stackpathcdn.com
1    151.101.193.26 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    185.173.160.142 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-173-160-142.hosted-by-worldstream.net
tr.cryptobrowser.site
7    216.58.207.195 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn11s04-in-f3.1e100.net
www.gstatic.com
1    104.16.95.65 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    142.250.74.72 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s23-in-f8.1e100.net
www.googletagmanager.com
2    192.99.8.28 (Toronto, Canada)

ASN16276 (OVH, FR)
PTR: ns523448.ip-192-99-8.net
s4.histats.com
1    3.221.87.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-87-95.compute-1.amazonaws.com
dcba.popcash.net
4    216.58.207.206 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn11s04-in-f14.1e100.net
www.youtube.com
www.youtube-nocookie.com
2    158.69.139.226 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip226.ip-158-69-139.net
e.dtscout.com
4    142.250.74.41 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f9.1e100.net
www.blogger.com
resources.blogblog.com
8    216.58.211.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: muc03s13-in-f2.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    195.47.247.16 (Denmark)

ASN51468 (ONECOM, DK)
PTR: usercontent.one
usercontent.one
1    103.9.156.119 (Viet Nam)

ASN63730 (VNSO-AS-VN VNSO TECHNOLOGY COMPANY, VN)
ai-marketing.com.vn
2    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
2    142.250.74.110 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f14.1e100.net
www.google-analytics.com
16    142.250.74.78 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s23-in-f14.1e100.net
www.youtube-nocookie.com
2    142.250.74.35 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s22-in-f3.1e100.net
fonts.gstatic.com
8    87.250.251.119 (Russian Federation)

ASN208722 (YNDX, FI)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
11    23.227.137.50 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adlane.info
3    51.161.15.93 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns570927.ip-51-161-15.net
t.dtscout.com
2    99.86.116.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-52.lhr61.r.cloudfront.net
get.s-onetag.com
2    54.76.25.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-25-53.eu-west-1.compute.amazonaws.com
pd.sharethis.com
1    104.16.88.26 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
6    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
f.vimeocdn.com
2    104.20.81.199 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.adf.ly
adf.ly
7    208.100.17.186 (United States)

ASN32748 (STEADFAST, US)
PTR: ip186.208-100-17.static.steadfastdns.net
ic.tynt.com
2    34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
2    99.86.116.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-25.lhr61.r.cloudfront.net
onetag-geo.s-onetag.com
1    151.101.0.217 (United States)

ASN54113 (FASTLY, US)
vimeo.com
1    142.250.74.98 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f2.1e100.net
partner.googleadservices.com
2    142.250.74.130 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f2.1e100.net
adservice.google.de
adservice.google.com
1    142.250.74.66 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s23-in-f2.1e100.net
www.googletagservices.com
1    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
static.adlane.info
1    208.100.17.185 (United States)

ASN32748 (STEADFAST, US)
PTR: ip185.208-100-17.static.steadfastdns.net
de.tynt.com
3    142.250.74.68 (United States)

ASN15169 (GOOGLE, US)
PTR: arn09s23-in-f4.1e100.net
www.google.com
2    138.197.56.196 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
t.dtscdn.com
16    34.253.111.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
5    72.246.100.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-100-56.deploy.static.akamaitechnologies.com
tags.bluekai.com
5    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh
pixel.onaudience.com
3    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
3    172.64.100.29 (United States)

ASN13335 (CLOUDFLARENET, US)
sx1.josulaph.cyou
1    104.21.85.254 (None, )

ASN13335 (CLOUDFLARENET, US)
cngcpy.com
1    192.119.9.82 (Piscataway, United States)

ASN55081 (24SHELLS, US)
666192.xmlfeed.feed-xml.com
2    99.86.116.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-18.lhr61.r.cloudfront.net
onetag-geo-grouping.s-onetag.com
1    69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net
code.jquery.com
1    151.101.113.229 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    99.86.116.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-116-102.lhr61.r.cloudfront.net
tags.crwdcntrl.net
3    34.197.192.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com
ps.eyeota.net
3    216.58.207.226 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn09s19-in-f2.1e100.net
cm.g.doubleclick.net
1    35.201.103.0 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 0.103.201.35.bc.googleusercontent.com
www.greatdexchange.com
1    104.21.78.98 (None, )

ASN13335 (CLOUDFLARENET, US)
a.dtssrv.com
12    104.21.16.104 (None, )

ASN13335 (CLOUDFLARENET, US)
dashboard.jalewaads.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    141.95.34.104 (France)

ASN16276 (OVH, FR)
PTR: p33.id5-sync.com
id5-sync.com
2    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    104.16.91.60 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
2    34.223.168.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-168-126.us-west-2.compute.amazonaws.com
dpm.demdex.net
1    51.144.7.192 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.cintnetworks.com
1    34.255.250.31 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-250-31.eu-west-1.compute.amazonaws.com
sync.sharethis.com
1    54.74.18.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-18-91.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    64.58.232.176 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
2    156.154.202.36 (United States)

ASN19907 (NEUSTAR-AS6, US)
aa.agkn.com
1    52.208.138.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
ml314.com
2    52.215.191.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-191-146.eu-west-1.compute.amazonaws.com
sync.tidaltv.com
1    63.251.232.170 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: ams-mon-1.sys.adgear.com
cm.adgrx.com
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    3.125.99.7 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-99-7.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    142.250.74.129 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f1.1e100.net
tpc.googlesyndication.com
3    104.18.96.60 (None, )

ASN13335 (CLOUDFLARENET, US)
engine.spotscenered.info
1    94.23.2.199 (France)

ASN16276 (OVH, FR)
PTR: ns365170.ip-94-23-2.eu
cdn.tabici.com
1    104.18.23.174 (None, )

ASN13335 (CLOUDFLARENET, US)
digiadsply.com
2    172.64.173.27 (None, )

ASN- ()
adp13a.com
2    75.2.13.80 (None, )

ASN- ()
connect-metrics-collector.s-onetag.com
Apex Domain
Subdomains		 Transfer
48 cryptotabbrowser.com
cryptotabbrowser.com
414 KB
33 a-ads.com
acceptable.a-ads.com
ad.a-ads.com
a-ads.com
click.a-ads.com
static.a-ads.com
6 MB
30 jalewaads.com
display.jalewaads.com
dashboard.jalewaads.com
600 KB
19 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
25 KB
18 youtube-nocookie.com
www.youtube-nocookie.com
1 MB
13 news-btc.info
news-btc.info
92 KB
13 bitcoin-ad.com
www.bitcoin-ad.com
136 KB
12 adlane.info
s.adlane.info
static.adlane.info
116 KB
12 mediacpm.pl
mediacpm.pl
aimarketing.mediacpm.pl
48 KB
9 tynt.com
cdn.tynt.com
ic.tynt.com
de.tynt.com
6 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
86 KB
9 tradingcoins.bar
tradingcoins.bar
66 KB
8 vimeocdn.com
i.vimeocdn.com
f.vimeocdn.com
fresnel.vimeocdn.com
230 KB
8 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
onetag-geo-grouping.s-onetag.com
connect-metrics-collector.s-onetag.com
23 KB
8 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
175 KB
8 googleusercontent.com
themes.googleusercontent.com
lh3.googleusercontent.com
27 KB
7 yandex.com
mc.yandex.com
2 KB
5 onaudience.com
pixel.onaudience.com
2 KB
5 bluekai.com
tags.bluekai.com
2 KB
5 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
6 KB
5 dtscout.com
e.dtscout.com
t.dtscout.com
19 KB
5 histats.com
s10.histats.com
s4.histats.com
15 KB
4 id5-sync.com
id5-sync.com
6 KB
4 google.com
adservice.google.com
www.google.com
28 KB
4 bc.game
bc.game
4 cash-ads.com
g.cash-ads.com
40 KB
4 tinyurl.com
tinyurl.com
278 B
3 spotscenered.info
engine.spotscenered.info
11 KB
3 eyeota.net
ps.eyeota.net
2 KB
3 josulaph.cyou
sx1.josulaph.cyou
4 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 sharethis.com
pd.sharethis.com
sync.sharethis.com
343 B
3 vimeo.com
player.vimeo.com
vimeo.com
16 KB
3 blogger.com
www.blogger.com
63 KB
3 relationshipadvice.info
www.relationshipadvice.info
39 KB
2 adp13a.com
adp13a.com
23 KB
2 adnxs.com
secure.adnxs.com
2 KB
2 everesttech.net
sync-tm.everesttech.net
615 B
2 w55c.net
pm.w55c.net
2 KB
2 sitescout.com
pixel-sync.sitescout.com
941 B
2 tidaltv.com
sync.tidaltv.com
686 B
2 agkn.com
aa.agkn.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 tapad.com
pixel.tapad.com
915 B
2 turn.com
d.turn.com
855 B
2 dtscdn.com
t.dtscdn.com
812 B
2 adf.ly
cdn.adf.ly
adf.ly
6 KB
2 google-analytics.com
www.google-analytics.com
39 KB
2 youtube.com
www.youtube.com
45 KB
2 googletagmanager.com
www.googletagmanager.com
80 KB
2 cryptobrowser.site
tr.cryptobrowser.site
16 KB
2 popcash.net
cdn.popcash.net
dcba.popcash.net
36 KB
2 trafficplan.pl
trafficplan.pl
144 KB
1 digiadsply.com
digiadsply.com
87 KB
1 tabici.com
cdn.tabici.com
1 mathtag.com
sync.mathtag.com
615 B
1 adgrx.com
cm.adgrx.com
408 B
1 ml314.com
ml314.com
422 B
1 mookie1.com
ib.mookie1.com
992 B
1 ib-ibi.com
global.ib-ibi.com
513 B
1 krxd.net
beacon.krxd.net
337 B
1 cintnetworks.com
c.cintnetworks.com
328 B
1 truoptik.com
dmp.truoptik.com
1 pubmatic.com
image6.pubmatic.com
166 B
1 dtssrv.com
a.dtssrv.com
569 B
1 greatdexchange.com
www.greatdexchange.com
3 KB
1 jsdelivr.net
cdn.jsdelivr.net
13 KB
1 jquery.com
code.jquery.com
30 KB
1 feed-xml.com
666192.xmlfeed.feed-xml.com
251 B
1 cngcpy.com
cngcpy.com
512 B
1 googletagservices.com
www.googletagservices.com
27 KB
1 google.de
adservice.google.de
853 B
1 googleadservices.com
partner.googleadservices.com
659 B
1 blogblog.com
resources.blogblog.com
47 KB
1 stackpathcdn.com
m9m6e2w5.stackpathcdn.com
41 KB
1 yandex.ru
mc.yandex.ru
72 KB
1 shareaholic.net
cdn.shareaholic.net
4 KB
1 ai-marketing.com.vn
ai-marketing.com.vn
72 KB
1 usercontent.one
usercontent.one
28 KB
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
1 polyfill.io
polyfill.io
567 B
1 adsluna.com
adsluna.com
852 B
1 mycrazysextoys.com
www.mycrazysextoys.com
260 B
1 rotf.lol
rotf.lol
645 B
0 mfk-network.com Failed
mfk-network.com Failed
377 85
Domain Requested by
48 cryptotabbrowser.com 1 redirects mediacpm.pl
cryptotabbrowser.com
static.cloudflareinsights.com
18 www.youtube-nocookie.com aimarketing.mediacpm.pl
www.youtube-nocookie.com
18 display.jalewaads.com mediacpm.pl
display.jalewaads.com
13 ad.a-ads.com mediacpm.pl
www.bitcoin-ad.com
tradingcoins.bar
news-btc.info
display.jalewaads.com
13 news-btc.info mediacpm.pl
news-btc.info
13 www.bitcoin-ad.com mediacpm.pl
www.bitcoin-ad.com
12 dashboard.jalewaads.com display.jalewaads.com
11 s.adlane.info tradingcoins.bar
news-btc.info
11 mediacpm.pl 1 redirects mediacpm.pl
10 static.a-ads.com ad.a-ads.com
9 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
9 tradingcoins.bar mediacpm.pl
tradingcoins.bar
7 bcp.crwdcntrl.net 2 redirects mediacpm.pl
tags.crwdcntrl.net
bcp.crwdcntrl.net
7 ic.tynt.com mediacpm.pl
7 mc.yandex.com 1 redirects www.bitcoin-ad.com
mc.yandex.ru
7 lh3.googleusercontent.com aimarketing.mediacpm.pl
www.relationshipadvice.info
7 www.gstatic.com cryptotabbrowser.com
www.relationshipadvice.info
www.youtube-nocookie.com
www.gstatic.com
6 pagead2.googlesyndication.com aimarketing.mediacpm.pl
pagead2.googlesyndication.com
mediacpm.pl
tpc.googlesyndication.com
5 pixel.onaudience.com 5 redirects
5 tags.bluekai.com 1 redirects mediacpm.pl
news-btc.info
bcp.crwdcntrl.net
4 id5-sync.com 4 redirects
4 f.vimeocdn.com player.vimeo.com
f.vimeocdn.com
4 click.a-ads.com mediacpm.pl
4 bc.game mediacpm.pl
4 a-ads.com mediacpm.pl
4 g.cash-ads.com mediacpm.pl
g.cash-ads.com
4 tinyurl.com 4 redirects mediacpm.pl
3 engine.spotscenered.info 2 redirects mediacpm.pl
3 cm.g.doubleclick.net 1 redirects bcp.crwdcntrl.net
3 ps.eyeota.net 2 redirects news-btc.info
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 sx1.josulaph.cyou mediacpm.pl
code.jquery.com
3 match.adsrvr.org 2 redirects bcp.crwdcntrl.net
3 www.google.com www.youtube-nocookie.com
tpc.googlesyndication.com
3 t.dtscout.com e.dtscout.com
3 www.blogger.com aimarketing.mediacpm.pl
www.relationshipadvice.info
3 s10.histats.com mediacpm.pl
s10.histats.com
news-btc.info
3 www.relationshipadvice.info mediacpm.pl
www.relationshipadvice.info
2 connect-metrics-collector.s-onetag.com get.s-onetag.com
2 adp13a.com mediacpm.pl
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 secure.adnxs.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pm.w55c.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 aa.agkn.com 1 redirects bcp.crwdcntrl.net
2 dpm.demdex.net 2 redirects
2 pixel.tapad.com 2 redirects
2 d.turn.com 2 redirects
2 onetag-geo-grouping.s-onetag.com get.s-onetag.com
2 t.dtscdn.com e.dtscout.com
2 onetag-geo.s-onetag.com get.s-onetag.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 i.vimeocdn.com player.vimeo.com
2 pd.sharethis.com e.dtscout.com
2 get.s-onetag.com e.dtscout.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com www.youtube-nocookie.com
2 www.google-analytics.com www.googletagmanager.com
2 player.vimeo.com aimarketing.mediacpm.pl
mediacpm.pl
2 e.dtscout.com s4.histats.com
2 www.youtube.com cryptotabbrowser.com
www.youtube.com
2 s4.histats.com s10.histats.com
2 www.googletagmanager.com cryptotabbrowser.com
www.bitcoin-ad.com
2 tr.cryptobrowser.site cryptotabbrowser.com
2 acceptable.a-ads.com mediacpm.pl
2 trafficplan.pl mediacpm.pl
aimarketing.mediacpm.pl
1 digiadsply.com engine.spotscenered.info
1 cdn.tabici.com mediacpm.pl
1 sync.mathtag.com 1 redirects
1 cm.adgrx.com bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 beacon.krxd.net bcp.crwdcntrl.net
1 sync.sharethis.com bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 dmp.truoptik.com bcp.crwdcntrl.net
1 image6.pubmatic.com bcp.crwdcntrl.net
1 a.dtssrv.com e.dtscout.com
1 www.greatdexchange.com sx1.josulaph.cyou
1 cdn.jsdelivr.net sx1.josulaph.cyou
1 code.jquery.com sx1.josulaph.cyou
1 666192.xmlfeed.feed-xml.com static.adlane.info
1 cngcpy.com mediacpm.pl
1 de.tynt.com cdn.tynt.com
1 adf.ly cdn.adf.ly
1 static.adlane.info news-btc.info
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 vimeo.com f.vimeocdn.com
1 resources.blogblog.com www.relationshipadvice.info
1 cdn.adf.ly www.relationshipadvice.info
1 cdn.tynt.com e.dtscout.com
1 m9m6e2w5.stackpathcdn.com cdn.shareaholic.net
1 mc.yandex.ru www.bitcoin-ad.com
1 cdn.shareaholic.net www.bitcoin-ad.com
1 ai-marketing.com.vn aimarketing.mediacpm.pl
1 usercontent.one aimarketing.mediacpm.pl
1 dcba.popcash.net cdn.popcash.net
1 static.cloudflareinsights.com cryptotabbrowser.com
1 polyfill.io cryptotabbrowser.com
1 cdn.popcash.net mediacpm.pl
1 aimarketing.mediacpm.pl mediacpm.pl
1 themes.googleusercontent.com mediacpm.pl
1 adsluna.com mediacpm.pl
1 www.mycrazysextoys.com mediacpm.pl
1 rotf.lol 1 redirects
0 mfk-network.com Failed mediacpm.pl
377 112

This site contains links to these domains. Also see Links.

Domain
www.mfk-cpm.com
www.histats.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
display.jalewaads.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
tradingcoins.bar
Encryption Everywhere DV TLS CA - G1		 2021-06-07 -
2022-06-07		 a year crt.sh
www.relationshipadvice.info
GTS CA 1D4		 2021-09-09 -
2021-12-08		 3 months crt.sh
mycrazysextoys.com
R3		 2021-07-30 -
2021-10-28		 3 months crt.sh
g.cash-ads.com
R3		 2021-07-16 -
2021-10-14		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
histats.com
R3		 2021-08-02 -
2021-10-31		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh
bc.game
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh
cdn.popcash.net
R3		 2021-07-18 -
2021-10-16		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
tr.cryptobrowser.site
R3		 2021-08-29 -
2021-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.popcash.net
AlphaSSL CA - SHA256 - G2		 2021-04-22 -
2022-05-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.dtscout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-03		 a year crt.sh
*.blogger.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
usercontent.one
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
ai-marketing.com.vn
R3		 2021-08-31 -
2021-11-29		 3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-21 -
2022-06-22		 a year crt.sh
cdn.shareaholic.net
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
s.adlane.info
ZeroSSL ECC Domain Secure Site CA		 2021-08-10 -
2021-11-08		 3 months crt.sh
*.stackpathcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-31 -
2022-05-31		 a year crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
sharethis.com
Amazon		 2021-07-20 -
2022-08-18		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-18 -
2022-06-19		 a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2021-08-22 -
2021-11-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
static.adlane.info
R3		 2021-08-08 -
2021-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
t.dtscdn.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-03 -
2021-11-15		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.cngcpy.com
R3		 2021-09-10 -
2021-12-09		 3 months crt.sh
666192.xmlfeed.feed-xml.com
ZeroSSL ECC Domain Secure Site CA		 2021-09-02 -
2021-12-01		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.eyeota.net
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
greatdexchange.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-18 -
2022-02-18		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.truoptik.com
Go Daddy Secure Certificate Authority - G2		 2020-10-19 -
2021-11-20		 a year crt.sh
*.cintnetworks.com
DigiCert SHA2 Secure Server CA		 2020-09-21 -
2021-10-23		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
ib.mookie1.com
DigiCert SHA2 High Assurance Server CA		 2019-10-07 -
2021-11-12		 2 years crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
spotscenered.info
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
cdn.tabici.com
R3		 2021-07-19 -
2021-10-17		 3 months crt.sh
*.digiadsply.com
R3		 2021-09-01 -
2021-11-30		 3 months crt.sh

This page contains 62 frames:

Frame: http://adp13a.com/redirect?cid=TXjtdFCtZJ&http_referer=&sid=79411&subid=&s3=&8a22d0dc6220510fb8d20fb443445df2=1&rr=1&id=&t=1631516892&hrf=7JVfsoFPLMFKqHVmd68N2s8ejndGrRyTqUSe%2Bf5uln3DfXBxznY%3D&iwx=1600&iwy=1200&owx=1600&owy=1200&isph=0&pbc=0&fp=null&hf=1&op=1&pd=24&tp=%3F&xd=%3F&yd=%3F&pl=3&mt=4&sw=1600&sh=1200&fw=1600&fh=1200&pw=0&ph=0&ow=1600x1200&iw=1600x1200&sd=24&ifr=0&coo=1&m=0&hr=7&ab=1&ua=%257B%2522ef%2522%253A%25224g%2522%252C%2522rtt%2522%253A0%252C%2522down%2522%253A9.2%252C%2522save%2522%253Afalse%257D&npl=Linux+x86_64&ncpu=%3F&nhc=4&gtz=0&nba=1&nbt=0&nve=Google+Inc.&vapp=Netscape&napv=5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&ss=1&ls=1&bl=en-US&sl=undefined&dr=Intel%2520Inc.%257CIntel%2520Iris%2520OpenGL%2520Engine%257CWebGL%25201.0%2520%28OpenGL%2520ES%25202.0%2520Chromium%29&is=1590925605&wc=object&msy=undefined&ddm=undefined&ps=20030107&st=0&sp=undefined&mob=0&ifp1=0&ifp2=0&wn=&nap=0&ind=1&opd=0&dab=0&nsb=1&chk1=0&chk2=1&chk3=0&chk4=0
Frame ID: 5031769EE736121A75D2986FABA3251C
Requests: 41 HTTP requests in this frame

Frame: https://mfk-network.com/ads/l4.php
Frame ID: DB53F31D7B13762C051D86BC5BE3E99B
Requests: 1 HTTP requests in this frame

Frame: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Frame ID: F4DD98C44E85125D54D6E518F0DE3890
Requests: 25 HTTP requests in this frame

Frame: https://tinyurl.com/pj44bp8v
Frame ID: D827E3EB9BB13FA635D79A3D5B12ADE2
Requests: 1 HTTP requests in this frame

Frame: https://tradingcoins.bar/
Frame ID: B3FB73FC7C6695AEEAA35C856808D848
Requests: 15 HTTP requests in this frame

Frame: https://www.relationshipadvice.info/
Frame ID: FE4D1FFC398A3776239EA34EB0320E34
Requests: 10 HTTP requests in this frame

Frame: https://tinyurl.com/yxecj4tx
Frame ID: 82A3813D065B914C08ECC12DA22834E5
Requests: 1 HTTP requests in this frame

Frame: https://tinyurl.com/fjcuh964
Frame ID: 72D6BF3A194CFA9CE12C4D7AB24A5D3C
Requests: 1 HTTP requests in this frame

Frame: https://tinyurl.com/2kz2d78s
Frame ID: 4A9A2D7873916818A62C5334F6443157
Requests: 1 HTTP requests in this frame

Frame: https://www.mycrazysextoys.com/
Frame ID: 2314875A20392F2ABD37855D6F42DF33
Requests: 1 HTTP requests in this frame

Frame: https://cdn.tabici.com/pop?wi=1934&subid=page
Frame ID: 85054D4DB332D86D532525CF508C50E6
Requests: 4 HTTP requests in this frame

Frame: https://engine.spotscenered.info/mediahosting.engine?MediaId=88229&AId=8399&CId=39377&PId=77547&SiteId=15562&ZoneId=60751&VolumeMetricId=902232d2-3452-4f98-a14d-b2d544ad5f0a&PassBackUrl=&res=&dcid=1_ctx_0943b44e-c97e-4dc3-92da-9680b829d758&cu=&kw=&mw=500&mh=500
Frame ID: 4EA7D46A2CF62782C5DEF6832A61F8E0
Requests: 7 HTTP requests in this frame

Frame: https://cngcpy.com/cuhdl?wh=DKOtcjBADSc_IqSwmLmXOHa4
Frame ID: 217A0AA5143AEF5E088BA069F44375ED
Requests: 2 HTTP requests in this frame

Frame: https://www.greatdexchange.com/jump/next.php?r=4132027&sub1=ckkgwe5gh0001mtw3vah9bh0s
Frame ID: 62C900AA779D02EAAD882142ADFE0307
Requests: 7 HTTP requests in this frame

Frame: https://adsluna.com/page2.html
Frame ID: 4D280356C8A9509132DC509BC632FC6D
Requests: 1 HTTP requests in this frame

Frame: https://cryptotabbrowser.com/de/16224264/
Frame ID: 62962AB5ADF26CACB7425BACC01C2F0F
Requests: 58 HTTP requests in this frame

Frame: https://aimarketing.mediacpm.pl/
Frame ID: 489E60B03F40BE04EEA3853622EFE07D
Requests: 20 HTTP requests in this frame

Frame: https://news-btc.info/
Frame ID: C28B8F07109ABA686867C693E583299C
Requests: 37 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1650865
Frame ID: B4EC4E3DC228629E334630C8316901CD
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1650865?size=970x250
Frame ID: D6A547CFC030B129AD58383B47E93849
Requests: 1 HTTP requests in this frame

Frame: https://a-ads.com/?partner=87296_1650865&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1650865
Frame ID: 005A06E697E79843BE0E088D454232CD
Requests: 1 HTTP requests in this frame

Frame: https://bc.game/?partner=104700_1650865&i=1bxqew2m&s=&c=
Frame ID: 4245F67E084AD46BAFDD85DB08CC3759
Requests: 1 HTTP requests in this frame

Frame: https://click.a-ads.com/1650865/99434/
Frame ID: 9C4C775B8669795980B59694DC9DA4E6
Requests: 1 HTTP requests in this frame

Frame: https://a-ads.com/?partner=87296_1634265&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1634265
Frame ID: 72E69A3812C80EC9EF33FFFD24694EDE
Requests: 1 HTTP requests in this frame

Frame: https://bc.game/?partner=104700_1634265&i=1bxqew2m&s=&c=
Frame ID: 58D97CDBB7352918836773C6017730C2
Requests: 1 HTTP requests in this frame

Frame: https://click.a-ads.com/1634265/99434/
Frame ID: A2D1D234B23469DCB4D6FEE810374ECC
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1634265?size=300x250
Frame ID: 4D44C67A527066942993562C6DC541CD
Requests: 2 HTTP requests in this frame

Frame: https://acceptable.a-ads.com/1650865
Frame ID: A0A5E95BDBA7F435FD4F016BB469D938
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1650865?size=970x250
Frame ID: 00AE536CFB87524D74F646091D3169AE
Requests: 1 HTTP requests in this frame

Frame: https://a-ads.com/?partner=87296_1650865&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1650865
Frame ID: B9D42A9CE1F63F52A091EEBAEABB53A2
Requests: 1 HTTP requests in this frame

Frame: https://bc.game/?partner=104700_1650865&i=1bxqew2m&s=&c=
Frame ID: 6152FF3F814DAC6B8EF62CE7B6A81301
Requests: 1 HTTP requests in this frame

Frame: https://click.a-ads.com/1650865/99434/
Frame ID: 9ECECA070EC2F0E18350B2E7FAD532AB
Requests: 1 HTTP requests in this frame

Frame: https://a-ads.com/?partner=87296_1634265&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1634265
Frame ID: 263AD34FEAF118E601150AB616B67E74
Requests: 1 HTTP requests in this frame

Frame: https://bc.game/?partner=104700_1634265&i=1bxqew2m&s=&c=
Frame ID: 562D47B9FABDC578D170157B43973595
Requests: 1 HTTP requests in this frame

Frame: https://click.a-ads.com/1634265/99434/
Frame ID: 0DFD7EF63B11C0EF02A3E58150DE1FC3
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1634265?size=300x250
Frame ID: 815288DBE0534A43A7202FA762248A4A
Requests: 2 HTTP requests in this frame

Frame: https://player.vimeo.com/video/435325274?app_id=122963
Frame ID: F12B57F200293D7C3C3C0E64470626C0
Requests: 11 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/FIPg15MTHu0
Frame ID: 1617F9D12B50CBA5991355A487A8C338
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
Frame ID: 9802A43362846F77CEFBDBBE96C70506
Requests: 14 HTTP requests in this frame

Frame: https://ad.a-ads.com/1625793?size=970x250
Frame ID: C594E8388FA14E96C7A7AABAF3EEACF3
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1660428?size=320x100
Frame ID: C2D58F88DE0A9364B5F27979F4632361
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 2E405DE147218AEF93935B72605F7099
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=6D00163151688187F2A01F0B9C019034
Frame ID: 4DEED95489E4F5C1885E8A30874EC92E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1222814713344722&output=html&adk=1812271804&adf=2751417949&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fmediacpm.pl%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631516881175&bpp=7&bdt=447&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&nras=1&correlator=1734776563917&frm=24&ife=1&pv=2&ga_vid=1991690738.1631516882&ga_sid=1631516882&ga_hid=521497295&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1179187112&scr_x=-12245933&scr_y=-12245933&eid=44747621%2C31062297&oid=3&pvsid=3922357469780431&pem=742&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.5j5cl8h8ipg1&fsb=1&dtd=415
Frame ID: 3D4C4035C56FB2E3D50D21ABADE6332B
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/_csp
Frame ID: 0B90C40226C1292530B2C5D10017C289
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1773985?size=728x90
Frame ID: 1984253132F42239E17335AB1A8FEEAA
Requests: 2 HTTP requests in this frame

Frame: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Frame ID: 51A19286FC1DD0D9053D409A37EE1BBC
Requests: 4 HTTP requests in this frame

Frame: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Frame ID: CF031766E7B4122DF5CF9D9E15FCCAB5
Requests: 4 HTTP requests in this frame

Frame: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Frame ID: 200D2DEEA16053038D3DBF148B630546
Requests: 4 HTTP requests in this frame

Frame: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Frame ID: 7092F8D374692BC213C05F8C692D6017
Requests: 4 HTTP requests in this frame

Frame: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Frame ID: F6C6CF22F22C7DB8D44D9C13CBB01F0A
Requests: 4 HTTP requests in this frame

Frame: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Frame ID: 4863AF864AE9EB4CC73FC91F65D17C25
Requests: 4 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: A6B133EB532D7A605524F0ED9182042A
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Frame ID: CFA5FE14AB2D62886D132B5D9F80B346
Requests: 24 HTTP requests in this frame

Frame: https://ad.a-ads.com/1772515?size=300x250
Frame ID: 48CEE1F2715FB9A7C72D6AFCC9C81323
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1772515?size=300x250
Frame ID: E2B033070E5759F0542A32131F14F0AE
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1772913?size=728x90
Frame ID: C6C0F69C080117D4A84780C6112AF3D3
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1772913?size=728x90
Frame ID: 63BE77260FA674C949D1BB622B49CF51
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1772515?size=300x250
Frame ID: 4FAFF118E74A900C3BBF8DF949EBDCDE
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1772913?size=728x90
Frame ID: B882C799722E77D80FF8BCF8C256E3EC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 06368DF1129DED4AB3ECC543233BA5A0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C96A8B13DCD80817948773F9E8332CB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MediaCPM

Page URL History Show full URLs

  1. http://mediacpm.pl/v.php?user=13428 HTTP 301
    https://mediacpm.pl/v.php?user=13428 Page URL
  2. http://adp13a.com/redirect?sid=79411 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /fingerprintjs@(\d)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • jquery[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

377
Requests

93 %
HTTPS

0 %
IPv6

85
Domains

112
Subdomains

84
IPs

11
Countries

10216 kB
Transfer

19937 kB
Size

164
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mediacpm.pl/v.php?user=13428 HTTP 301
    https://mediacpm.pl/v.php?user=13428 Page URL
  2. http://adp13a.com/redirect?sid=79411 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mediacpm.pl/v.php?user=13428 HTTP 301
  • https://mediacpm.pl/v.php?user=13428
Request Chain 8
  • https://tinyurl.com/2zvdzxte HTTP 301
  • https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Request Chain 10
  • https://tinyurl.com/y482mybh HTTP 301
  • https://tradingcoins.bar/home.php
Request Chain 11
  • https://tinyurl.com/xpfaya2 HTTP 301
  • https://www.relationshipadvice.info/
Request Chain 15
  • https://rotf.lol/bednjak3 HTTP 301
  • https://www.mycrazysextoys.com/
Request Chain 21
  • https://cryptotabbrowser.com/16224264 HTTP 302
  • https://cryptotabbrowser.com/de/16224264/
Request Chain 31
  • https://tinyurl.com/84sz79ub HTTP 301
  • https://news-btc.info/home.php
Request Chain 197
  • https://mc.yandex.com/watch/69147001?wmode=7&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&page-ref=https%3A%2F%2Fmediacpm.pl%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A1091078025616%3Ahid%3A54821127%3Az%3A0%3Ai%3A20210913070801%3Aet%3A1631516881%3Ac%3A1%3Arn%3A772075535%3Arqn%3A1%3Au%3A163151688117833305%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1631516879883%3Ads%3A15%2C163%2C152%2C1%2C531%2C0%2C%2C292%2C1%2C%2C%2C%2C1185%3Adsn%3A15%2C163%2C152%2C1%2C531%2C0%2C%2C323%2C0%2C%2C%2C%2C1186%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631516881%3At%3ABitcoinAd%20-%20Get%20free%20bitcoin%200.00005btc%20-%20Freebitcoin%20%7C%20BitcoinAd HTTP 302
  • https://mc.yandex.com/watch/69147001/1?wmode=7&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&page-ref=https%3A%2F%2Fmediacpm.pl%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A1091078025616%3Ahid%3A54821127%3Az%3A0%3Ai%3A20210913070801%3Aet%3A1631516881%3Ac%3A1%3Arn%3A772075535%3Arqn%3A1%3Au%3A163151688117833305%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1631516879883%3Ads%3A15%2C163%2C152%2C1%2C531%2C0%2C%2C292%2C1%2C%2C%2C%2C1185%3Adsn%3A15%2C163%2C152%2C1%2C531%2C0%2C%2C323%2C0%2C%2C%2C%2C1186%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631516881%3At%3ABitcoinAd%20-%20Get%20free%20bitcoin%200.00005btc%20-%20Freebitcoin%20%7C%20BitcoinAd
Request Chain 236
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=6D00163151688187F2A01F0B9C019034 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D00163151688187F2A01F0B9C019034
Request Chain 238
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D00163151688187F2A01F0B9C019034 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=3c2eb7e6-90ac-4b36-9cfe-bf980179142d&icm HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=50c6af68fb6a4536
Request Chain 269
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D00163151688187F2A01F0B9C019034 HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=aa5e9c3bf1100233 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=aa5e9c3bf1100233 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkFVbWZVdEFUZVJla3VDU09NVGx4X0xBRHdIMWJHZThzcXh1SFhHQjBoMGc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEOJUjZFrT7N5Ng56oWcNxGo&google_cver=1
Request Chain 313
  • https://id5-sync.com/s/19/9.gif?puid=6a76e1abf733ace646cf2f123e3811aa&gdpr=1 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=6a76e1abf733ace646cf2f123e3811aa&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=6075caa8183debe7f0324e21e2346e1d&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMO1XlVvtPBhlVwUyMjnNmSg2nZb-HSnCCP2rG93Q/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/7/3.gif?puid=3111422955303986384&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1XlVvtPBhlVwUyMjnNmSg2nZb-HSnCCP2rG93Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NmE3NmUxYWJmNzMzYWNlNjQ2Y2YyZjEyM2UzODExYWE&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1XlVvtPBhlVwUyMjnNmSg2nZb-HSnCCP2rG93Q
Request Chain 315
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=6a76e1abf733ace646cf2f123e3811aa&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=6a76e1abf733ace646cf2f123e3811aa&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=51467b15-d6d8-42c1-914a-b43759cecbae
Request Chain 317
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=6a76e1abf733ace646cf2f123e3811aa&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=6a76e1abf733ace646cf2f123e3811aa&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41255208547110937242980651892122625978
Request Chain 321
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=6a76e1abf733ace646cf2f123e3811aa HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=6a76e1abf733ace646cf2f123e3811aa
Request Chain 322
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048 HTTP 302
  • https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=205040403908006951083
Request Chain 324
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=b6eb9797-4ff3-4daf-aa06-c89a52027d41?gdpr=1&gdpr_consent=
Request Chain 326
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=ede9613e-f8d5-4b00-b82b-d75e9efb32c6
Request Chain 327
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=188298e0-bee5-4b99-b1d3-6cfa9127eea7-613ef8d5-5553
Request Chain 328
  • https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
  • https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=bFMjGKoe1MpG4t5
Request Chain 329
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YT741QABKAoLkwAR HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YT741QABKAoLkwAR&_test=YT741QABKAoLkwAR
Request Chain 333
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/6a76e1abf733ace646cf2f123e3811aa/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3111422955303986384
Request Chain 334
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=781661624%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D781661624%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/rand=781661624/tpid=7290806411776642473/tp=ANXS
Request Chain 353
  • https://engine.spotscenered.info/link.engine?z=60751&guid=c50b1c72-8f6d-4393-a8ac-fb565f497872&kw= HTTP 302
  • https://engine.spotscenered.info/Redirect.eng?MediaSegmentId=54836&dcid=1_ctx_0943b44e-c97e-4dc3-92da-9680b829d758&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=w6K4iOYx87V0LXuu9kjQHK5i1Fwj8D__R_l3rEX5mShj3cTB50NuGckUB8Ch7rjD9Jm1NEldgRjRy09GWwSIpIZPaLMhrTEuqI0xbZoJOke43-F4TQUlLcvMG2PqPf6SklrQ8gOP_ZJJ2lvG9EGSqDay5gBpCejG59OnRrc84EfBBREverXzGRPePJuenUj8hvjARfQu_mApMJg10cwxtBeWGqBU8f0HRc-t95juapoNpDyQHIoaTly6m1ZRtoaF5vIQBWvbsFK0GD8DBltOdjivBF34Cnrgnrz46XcTZPudWJpza8zE2CWHCeUE6RoT3aXSR1CegWa9QNga7Nh5yj1RK9IEEL7vXBjhENP7ZAxwNT6_Jtz_ltthYxEwko9dyUEndLs6oSNT0BCPs9R_tSR0kFeoSFdT4v-5CmvhguH3vUNsS32bB_sNxZ9S1F6T0AzBnCHQwFCcU2ZKWZ321fspUIm8cfsWIHh5uNN65wauM8vN7Zu__yo3lL5unEaWhISwjUMOIHXn2xaJh_FE0DDfQHDpihiRFBUSCfnVDapwwLMett10ymR5BezyYN39C44gjAgDhrxxBt2oMJMNBXWV755QOqItIReSwbNhRELYYFBr3thd9RIzl2hrT2U7o4V1N9uld9s1QStxRoEA1QrX3HJxM6zixWvOW6RItdEMxKnsKh7vgjdGcoJclz1XQzgL90KH5OdVj5LH6hPxFa8Eu18rhIEX5LsVOsjYfiP25OJnm906X_2Cv-4y-lhKPhCKkG7t1n30uwd-O3mahlsXHKkPz2VdYzzgzkb9wTsz7enHmVwEoiGkDghDFLhTQYQaW_EOfnb1cXc0oK6sNutu83AsGQeY06w-sezdUMUcWPhRqwR0okjZMozgHzopeEPJuOsLq4787Y_7yxtELqKAi1yxD_0lFh4fTH7yMSvgBsTIBqWTDjd4NwPDFSbyosj0i6Khfy-v4YjWDVZS7Z1bIkOc2DP-yPddh5hMDYs1&kw=&mw=500&mh=500 HTTP 302
  • https://engine.spotscenered.info/mediahosting.engine?MediaId=88229&AId=8399&CId=39377&PId=77547&SiteId=15562&ZoneId=60751&VolumeMetricId=902232d2-3452-4f98-a14d-b2d544ad5f0a&PassBackUrl=&res=&dcid=1_ctx_0943b44e-c97e-4dc3-92da-9680b829d758&cu=&kw=&mw=500&mh=500

377 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
v.php
mediacpm.pl/
Redirect Chain
  • http://mediacpm.pl/v.php?user=13428
  • https://mediacpm.pl/v.php?user=13428
32 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
b778afabbd05c267dfed62cee70a595dc9397dcb121e375f56b5343ad37f017d

Request headers

:method
GET
:authority
mediacpm.pl
:scheme
https
:path
/v.php?user=13428
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Sep 2021 07:07:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=; path=/; expires=Mon, 13-Sep-21 07:37:59 GMT; domain=.mediacpm.pl; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtzdRwyni8jgGw%2FRTMnucp3Wu8MlGx3fv%2BVvRObqgBJFnOAa%2FydAlRj6oeu52Afq8IXI9SYiS%2BRN8H73AEjqDU3WTAqh5IiKMLkqwWeCXyHsCltEvUQy9ByLPUaIdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab1de060497-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Mon, 13 Sep 2021 07:07:59 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 13 Sep 2021 08:07:59 GMT
Location
https://mediacpm.pl/v.php?user=13428
Set-Cookie
__cf_bm=FCEN0D_RGGTRNapv8clriLCD099aEi_4cPvKDQdE2cE-1631516879-0-AR69pwHoMGd/C5HUGJYXR5QGmL27VD+U/ReYv2gxUTtyfPudx/vodSmH16ReNkGwrOe/IbOthkYhaFd+tc0ph24=; path=/; expires=Mon, 13-Sep-21 07:37:59 GMT; domain=.mediacpm.pl; HttpOnly; SameSite=None
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfzUgrmLTlJxEDeNTh0Q3LKZ9%2FPZzmXb3urshhdiwYG2xU7pV79aYE8o3elwox2fWtBrXi%2BfCCgxO8jYAbBYhkjSCGl%2FN5X8UbkhD6sXa0KiYR9eIDMOrMd%2BCwRpdA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
68df8ab16e6240b1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style_ptp.css
mediacpm.pl/serve/ 		113 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mediacpm.pl/serve/style_ptp.css
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c83f3877325e989f9fe003438e17bda24d6e7b0280c96f35e25c9543b5250fd4

Request headers

:path
/serve/style_ptp.css
pragma
no-cache
cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
mediacpm.pl
referer
https://mediacpm.pl/v.php?user=13428
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:07:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4175
cf-polished
origSize=148065
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 11:55:37 GMT
server
cloudflare
etag
W/"5fc38c39-24261"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9MVPH67xX1nPTCe8kaDCGz1hm6DnrQkDd7K6VAiWr1PdbK%2BGNRm%2FJNh%2Fic4W%2B97v1gf9vq9iBUEyGnOxAbnScrK%2Fc8q5mxadoZttvQEoHqMAt11D6Z79ySyr2hAhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
68df8ab30f580497-CDG
cf-bgj
minify
ads_show.js
mediacpm.pl/serve/ 		234 B
509 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacpm.pl/serve/ads_show.js
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
597f331d06dd9fc93f45c4ba20b0e24af778d442e512b1a915abf6946fc8dab6

Request headers

:path
/serve/ads_show.js
pragma
no-cache
cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mediacpm.pl
referer
https://mediacpm.pl/v.php?user=13428
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:07:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4211
cf-polished
origSize=274
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 29 Nov 2020 11:55:33 GMT
server
cloudflare
etag
W/"5fc38c35-112"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Za6si7m1KMXgOAQI5gjy71vkxRfBP1uTwJofGcPFzPixYOROyNg27E4E49BgLBTnDXsTXyDsxkgX%2B6fg%2BnGgQ5B0%2BzdZeZBwHW3jK291xSwzV5Pf8e%2F9yz%2FY3RsEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
68df8ab30f5a0497-CDG
cf-bgj
minify
logo-dark.png
mediacpm.pl/panel/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacpm.pl/panel/logo-dark.png
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73ada3130e5eb7e05247e6b7b7085672097241f7bc81b5d531663f82c9203967

Request headers

:path
/panel/logo-dark.png
pragma
no-cache
cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mediacpm.pl
referer
https://mediacpm.pl/v.php?user=13428
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:07:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4365
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11250
last-modified
Sun, 29 Nov 2020 11:55:30 GMT
server
cloudflare
etag
"5fc38c32-2bf2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7VWzj46%2Bu2b7HY9sJaYiXJz4h8hlC6LrL1to0tIHAemXH%2Fc%2BOIhUteffpgdl7QhimEEOLpAN4TLSKYbsAUANOX40UKQ2%2BxwL1Uy6kgYogR%2FrsnFEYh8TjUfw0S5Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
68df8ab33c93ee58-CDG
email-decode.min.js
mediacpm.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mediacpm.pl/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
mediacpm.pl
referer
https://mediacpm.pl/v.php?user=13428
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
etag
W/"61375a60-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bzh67WUmQCJaU0tBvn5fDK1SP9AqYYMtmytrzWa7KY0QJx0DUf0GdVqLZ9OEEnnaPSQYY6f2ZEQqS8i9kMqwvJb2ZKxnHZGhRFfjRTy%2FVBJGwALIU45vGLn2TWebBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68df8ab32c8cee58-CDG
vary
Accept-Encoding
expires
Wed, 15 Sep 2021 07:07:59 GMT
ptp.php
mediacpm.pl/serve/ 		35 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediacpm.pl/serve/ptp.php?var1=13428&var2=&var3=daaeccaffedab&var4=1631517276
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

:path
/serve/ptp.php?var1=13428&var2=&var3=daaeccaffedab&var4=1631517276
pragma
no-cache
cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
mediacpm.pl
referer
https://mediacpm.pl/v.php?user=13428
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaU%2FATAyonISQl0g2tnRee93ANwPvf4dKhWqb5UzRPg5Rj9q9neGNaLXvjE3PhRurrX1VXXHwfqCUxw9T%2Bgp%2BpHnZ7JhlWHQ3lLIBdyPzHZ5ZTo895La5%2FN4bXdlpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
set-cookie
ptp=1631517276; expires=Wed, 15-Sep-2021 07:14:36 GMT; Max-Age=172800; path=/
cf-ray
68df8ab33c99ee58-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
l4.php
mfk-network.com/ads/ Frame DB53 		0
0
items.php
display.jalewaads.com/display/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/items.php?123&87&728&90&4&0&0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
84342812515333ea02bbcc817b5cdea1c54303b26e45b4183a742fbb410f11b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 07:08:03 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.11
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
upgrade-insecure-requests
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
14974
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
www.bitcoin-ad.com/ Frame F4DD
Redirect Chain
  • https://tinyurl.com/2zvdzxte
  • https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.20
Resource Hash
fc056fdaa0ca329785bc4cb547df0e00530fe88777a5faa6ab0973c4d1253d2a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.bitcoin-ad.com
:scheme
https
:path
/?utm_source=&utm_medium=&utm_content=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15724800; includeSubDomains
set-cookie
route=1631516881.647.42.322888; Expires=Wed, 15-Sep-21 07:08:00 GMT; Max-Age=172800; Path=/; Secure; HttpOnly XSRF-TOKEN=eyJpdiI6ImZEem9TZE8vWGo4cWRrN01QQlQyNlE9PSIsInZhbHVlIjoiL0laUE9GdnEzR1N0WncrSUpKQ0haeS8zc1NxRkplYVU0cWxUeEtoZWdpajZvYk1sNzJ0TlRPSmUwZ2hGcUVxSUhDbHJpK2hFWHFLMjYyVEc1REtzenQ2V1F4aUJzeEtmb1c2Y3RBR1pOc3dkMzB0Sm1GYjIvcjBycDM2MEJ4YUciLCJtYWMiOiIyNDk4YTYzZTkzMGYxMzNhZjY2ODA2ZDNiN2IyOTg0OGJmOGVlMGM2M2JlNzg5ZDRiODBiZDg0MzFkNDM1MWZiIn0%3D; expires=Mon, 13-Sep-2021 09:08:00 GMT; Max-Age=7200; path=/; domain=bitcoin-ad.com; samesite=lax laravel_session=eyJpdiI6IjJjUENrVjRGOUVyWitjdERmQ1JxZ0E9PSIsInZhbHVlIjoiVUx6VFVMa0p6KzQ5bUh5a3J6d2FoMlJwN2hERkpwNXJxNFFFeW9PSEorL1ZFZHd2N2JRc1FsVXgvMnNUdW1VaHZ2K09FT0QybWxBME1hc1hoNy82V1UzdXIrS0g2VGs0ZU1oYzByTzhubHRpNmcyNE9qNUorRDRRU3JsK2F3UUUiLCJtYWMiOiIzOWJjNjJjNzViMWMyMWUyOTlmNWJhY2Y0MTMzYjE0NTRjNWE2NzhmNzE4M2Y4NTYzY2Y2OGU5ZDNhNmY0ZTgwIn0%3D; expires=Mon, 13-Sep-2021 09:08:00 GMT; Max-Age=7200; path=/; domain=bitcoin-ad.com; httponly; samesite=lax
x-powered-by
PHP/7.4.20
cache-control
no-cache, private
x-xss-protection
1; mode=block
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fv1lX0QA9iCrexVyopkuEmMAr3XqL2iGtcQRc2A2cSR99%2FRfJvQWVpgyBZ7aDGKurRccVAaQfXfRIgNcYpU1KwsfXBllAs%2Bzo%2B9%2Btbyokn19u%2B4EWPgFHzpWkzTQxBX4pVu5W9A%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab7ccca4037-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.26
location
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy
unsafe-url
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68df8ab39a6a21c3-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pj44bp8v
tinyurl.com/ Frame D827 		0
0
home.php
tradingcoins.bar/ Frame B3FB
Redirect Chain
  • https://tinyurl.com/y482mybh
  • https://tradingcoins.bar/home.php
262 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tradingcoins.bar/home.php
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
88.198.195.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www129.your-server.de
Software
Apache /
Resource Hash
dcb6fde84aa7cace22128e8df350ada3e9e8192f50f57205cc1f4519935e6fbb

Request headers

:method
GET
:authority
tradingcoins.bar
:scheme
https
:path
/home.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
server
Apache
x-mod-pagespeed
1.13.35.2-0
vary
Accept-Encoding
content-encoding
br
cache-control
max-age=0, no-cache, s-maxage=10
content-length
119
content-type
text/html; charset=utf-8

Redirect headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.26
location
https://tradingcoins.bar/home.php
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy
unsafe-url
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68df8ab39a7021c3-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
www.relationshipadvice.info/ Frame FE4D
Redirect Chain
  • https://tinyurl.com/xpfaya2
  • https://www.relationshipadvice.info/
284 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.relationshipadvice.info/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.211 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f19.1e100.net
Software
GSE /
Resource Hash
5b28fd34a4d0cc2d8d163b86d14a38c796d1cfe95afaaf253343a5bc474fcfb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.relationshipadvice.info
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

content-type
text/html; charset=UTF-8
expires
Mon, 13 Sep 2021 07:08:00 GMT
date
Mon, 13 Sep 2021 07:08:00 GMT
cache-control
private, max-age=0
last-modified
Mon, 13 Sep 2021 06:39:48 GMT
etag
W/"4c5413e712e809da1cc120d6ff956f70f03a9e3c971fdf7bae9fbdc792ddcd37"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
35501
server
GSE

Redirect headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.26
location
https://www.relationshipadvice.info
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy
unsafe-url
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68df8ab39a7121c3-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
yxecj4tx
tinyurl.com/ Frame 82A3 		0
0
fjcuh964
tinyurl.com/ Frame 72D6 		0
0
2kz2d78s
tinyurl.com/ Frame 4A9A 		0
0
/
www.mycrazysextoys.com/ Frame 2314
Redirect Chain
  • https://rotf.lol/bednjak3
  • https://www.mycrazysextoys.com/
555 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mycrazysextoys.com/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.83.247 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-83-247.compute-1.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
31516d62ef17249b8a8b275a4eaab2fd9f21f573496da31371266038c4214144

Request headers

:method
GET
:authority
www.mycrazysextoys.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

server
nginx/1.20.1
date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html
content-encoding
gzip

Redirect headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.28
location
https://www.mycrazysextoys.com/
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy
unsafe-url
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2NInGM2ZG8g%2B3bBabddryM9UNc1%2FLiUnMXdlrlFWW1tnsCK2cD2G%2BO%2BhfsBICSNdqJPn2bEE0wUlQWAJgTYqf1D0Q2IANjXWSvSlE8rtSfWdVb%2FA5tZe5ImBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab40ac940b7-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
page.html
mediacpm.pl/ Frame 8505 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediacpm.pl/page.html
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d577f41095fadc22f4d3df64c84db9366992f2556f131621fa331427cb25b7

Request headers

:method
GET
:authority
mediacpm.pl
:scheme
https
:path
/page.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/v.php?user=13428
accept-encoding
gzip, deflate, br
cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html
last-modified
Wed, 01 Sep 2021 06:18:55 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWQC%2BwZ7Rz98Cc3xwW1hZuWUhPwbpdnJ89m53ShY%2BtuRq0jgpPuLh4%2FcWo9lXQKogMkAp2UqwCxpNJLcjfiyNAVPqyey3RwxaSaTx%2B0npwzPEu0gZ4ZuaC2uPn0mUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab36cfeee58-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
page2.html
mediacpm.pl/ Frame 4EA7 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mediacpm.pl/page2.html
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7012169c5d011e7a6ba2571b8715b41ed261ef85fa32fe4ff0b334bd1c4caecb

Request headers

:method
GET
:authority
mediacpm.pl
:scheme
https
:path
/page2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/v.php?user=13428
accept-encoding
gzip, deflate, br
cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html
last-modified
Wed, 01 Sep 2021 06:19:02 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTsrpw3cm7BNJ4iShMajHogCchQ2EI2yBWcaEnv5v8SXv23duO9tpTzlsl7Smjx%2Fo6lsjl%2BvBcDLadASNBtE0cqcvrRygFtZYuhlWhlOEPGQKXpHf9MPYiV57v7TXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab36d00ee58-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
page4.html
mediacpm.pl/ Frame 217A 		285 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mediacpm.pl/page4.html
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4663b5c7b2a94e780c8982d0e678ec0d5d0d32270c40579ed81393d6dd74fb5

Request headers

:method
GET
:authority
mediacpm.pl
:scheme
https
:path
/page4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/v.php?user=13428
accept-encoding
gzip, deflate, br
cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html
last-modified
Sun, 22 Aug 2021 10:30:33 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABQjD7jqj4J0Mpo6N%2BCZKmY30g%2FEn00egqiwM28Zk2s61V4gaU5HLmw14bsf%2F7BY9HNJigTItNYvTjPRKxDG%2BkHKZEQBafYWTn6oVoLJwTTDSCsyVYp5XZB3NHg5KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab36d01ee58-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
page5.html
mediacpm.pl/ Frame 62C9 		284 B
716 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mediacpm.pl/page5.html
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec0118b25ce823d082675143af3b5661bbdca0615e74caddb64677d6da72b8c6

Request headers

:method
GET
:authority
mediacpm.pl
:scheme
https
:path
/page5.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/v.php?user=13428
accept-encoding
gzip, deflate, br
cookie
__cf_bm=G9oq47cqXBvywTlfWju73dnwlyHiRxL69B9ARoYGFFU-1631516879-0-ARHyxGuyZV9goaF8pAjBnXem7bdAdaZHkfUS3FAKxGi6FSMHa6Z+29lDAey4Xk/5RyghozDag746Oj2WShx2bD0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html
last-modified
Wed, 25 Aug 2021 11:58:22 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LH10JWvhFGpSFJWLG69kIo6YaWyT53YiDVXd0Vt%2BBBwPtHHaXeH%2Fpjw4vzlPfrZBheMAJy%2Fkh3MFdaW9kHOpS7ZMcIwFhIKDu27IUjcjNNLkjripDXPccpc00BICZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab36d02ee58-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
page2.html
adsluna.com/ Frame 4D28 		81 B
852 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adsluna.com/page2.html
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.73.22 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a73c6e6b96ff3a9c1c878325e74fbf39cadab5e3b969be3c06c758ee53e432c

Request headers

:method
GET
:authority
adsluna.com
:scheme
https
:path
/page2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html
last-modified
Fri, 28 May 2021 12:18:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=vSVNnNFTWY2ieHSVi7cCz.858cxzlNDlx0PmokDtLpI-1631516880-0-AVNUAeSxbA37A0FVnQQ2dqXAw0dhVoA612gqL5tS3ff0rpIOlmRVxqukqKF95IrDuqbczWo6mRQ6Cg+XLfnoPos=; path=/; expires=Mon, 13-Sep-21 07:38:00 GMT; domain=.adsluna.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gA3LMTdcpse0It30KEn0Z3%2Fa%2BXYvuIv3bLYvV1cJHyq9MBRsXNeYKdsF8OAVixKwg4hEzFExw%2BFTcnfX%2FRPsv6NajJzfxjsvwi5rSqk2LwZbg3oWTvRneCGlPUpDSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab3de45edb3-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
cryptotabbrowser.com/de/16224264/ Frame 6296
Redirect Chain
  • https://cryptotabbrowser.com/16224264
  • https://cryptotabbrowser.com/de/16224264/
173 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/de/16224264/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa34b83fd19d4b67f0b46a3f634b022f3f9d90c81b5362867a577edee8e9617d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
cryptotabbrowser.com
:scheme
https
:path
/de/16224264/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=utf-8
cache-control
public, max-age=14400, s-maxage=3600
content-language
de
strict-transport-security
max-age=15768000
cf-cache-status
HIT
age
1907
last-modified
Mon, 13 Sep 2021 06:36:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BaWYGUJ6Ei0%2FJ6bHM9M6lWNCLb06MJga71tmpsBUZqnuYrzoGhY0V%2BR5eyfQKzQSie9bb1iS0AhP7wP3jb4bK22iEuiNPY7IpLV42VSPNJpspzLXz0BydVqM32Fpn1uRDEpv3S1"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68df8ab44fc553bb-LHR
content-encoding
br

Redirect headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=utf-8
cache-control
max-age=0, s-maxage=0, no-cache, no-store, must-revalidate
content-language
de
expires
Mon, 13 Sep 2021 07:08:00 GMT
location
/de/16224264/
set-cookie
_ct_sf=1; expires=Wed, 13 Oct 2021 07:08:00 GMT; Max-Age=2592000; Path=/
vary
Accept-Language, Cookie, Accept-Encoding
strict-transport-security
max-age=15768000
cf-cache-status
BYPASS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S87BqFYlRg3goHgAH8Li95SBSnXlr91YsrUeJBQRP9vbmBQOGYTjnAUCnnVlOCaRUVDY6AIWPH0SwtkH3KeD9S8OEPO0t7fJQ49HI7KeQq5EgwQuCaX3Jw6hQ3wQqR1AlVXDJIPs"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab3cf4d53bb-LHR
/
g.cash-ads.com/banner/ 		1 KB
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner/?code=%2B4sllsj4Z%2B%2Fh1LvvhFJunbu6QVlDBzzlS6o8seorIHU%3D
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
c96ac812fc81ed76e587b9eee9a1496a145035ee14b2663b1c77ade1d867f17d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mediacpm.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 13 Sep 2021 07:07:59 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
g.cash-ads.com/banner/ 		1 KB
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner/?code=IkQB7EwJX%2BPPGyEAGLq3zKPT5pf7soanjIqlFS5dJkA%3D
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
6b2fa831bbef342d64b25582f981c24dc9e6d77fc7b013ca635864b8dd40da73
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mediacpm.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 13 Sep 2021 07:07:59 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
g.cash-ads.com/banner/ 		1 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner/?code=WJJHkJnooS9lsyPdgGH6X2ofe7%2FcCUhxtpKHUQROTPA%3D
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
df9d314dd8e640438b66277f94235ee94129f1b3e08b4d641b8d5009fc4ebe8f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mediacpm.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 13 Sep 2021 07:07:59 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
items.php
display.jalewaads.com/display/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/items.php?135&87&300&250&4&0&0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
84342812515333ea02bbcc817b5cdea1c54303b26e45b4183a742fbb410f11b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 07:08:03 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.11
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
upgrade-insecure-requests
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
14974
expires
Mon, 26 Jul 1997 05:00:00 GMT
unnamed.png
trafficplan.pl/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafficplan.pl/images/unnamed.png
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.17.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1599aa265cd8d84b21db5660f33fb4d13b2c7a76fbeb7b457326d3d9df0ac65c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:07:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
406653
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15464
last-modified
Fri, 13 Aug 2021 06:48:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11o1gAaE8JUTJt9%2BlZyoev0%2BMHbodSKNy87qXfkPZ3p%2FVOHOYHCSQmSxYsX80aDdBkTffgx0ioLXVFZO5STWI1Tgnienk36%2F8v7OSbQ5AuOilp2FcRoq6O6jM1FwFfdwJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68df8ab3ee6539ab-CDG
expires
Wed, 15 Sep 2021 14:10:27 GMT
ODelI1aHBYDBqgeIAH2zlBM0YzuT7MdOe03otPbuUS0.woff
themes.googleusercontent.com/static/fonts/sourcesanspro/v7/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://themes.googleusercontent.com/static/fonts/sourcesanspro/v7/ODelI1aHBYDBqgeIAH2zlBM0YzuT7MdOe03otPbuUS0.woff
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/serve/style_ptp.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f1.1e100.net
Software
sffe /
Resource Hash
13ae7e5a59de6cef3c3cedeaa348b17157b3cbc2b1bc9607c6d84ced4d137269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mediacpm.pl/
Origin
https://mediacpm.pl
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 21:08:43 GMT
x-content-type-options
nosniff
age
35957
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27248
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 21:08:43 GMT
base.js
g.cash-ads.com/js/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/js/base.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=%2B4sllsj4Z%2B%2Fh1LvvhFJunbu6QVlDBzzlS6o8seorIHU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
h104.hubuhost.com
Software
nginx /
Resource Hash
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mediacpm.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
last-modified
Tue, 31 Aug 2021 15:27:16 GMT
server
nginx
etag
W/"612e4a54-16b34"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
aimarketing.mediacpm.pl/ Frame 489E 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aimarketing.mediacpm.pl/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.234.95 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
c4d471447f92711025507b88a1a5ea20db8d2aa73b1c7574c5375994ae46e076

Request headers

:method
GET
:authority
aimarketing.mediacpm.pl
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
cookie
__cf_bm=FopQ1PNdNVEdV2Hw2wkXCREe2Q9OOQ9.NCFE7dAd4hM-1631516880-0-AT6q+SosUeckv6Whj9e5Z0FQ+XlxEnT7NnuKzgb27iAd0k5QCAt3+u7yvFooD0+8AIcKnpjuMA6bIYSgoI4LUp4=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=ZcYTVEllF_a23nTLQgFoqIbl4fqu8Go_VCb67ljo5P8-1631516880-0-AUL+uyNsNLqK0/fFOwcObLl9S9dr+HhGZ3HC1N+7n6XEsvcKcsJb6aJWet/ITqYH5UB/0TxO20UZCYt6Y/Wd+OY=; path=/; expires=Mon, 13-Sep-21 07:38:00 GMT; domain=.mediacpm.pl; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNSpv4pGWwh1aGbIpKto%2FjobPjM%2FU7rLictdFDuBtjKGxv7GgbUHCxHhtM%2FcVwGk8wOUMVbgsqp3CECNU2feE4jOJbxKEov9w0HEQB9YNiGVS7JpkzsuX3cCAz9ihNuAxccpPZQBP%2BP70w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ab4c9b60497-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 06:59:41 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
164004589
home.php
news-btc.info/ Frame C28B
Redirect Chain
  • https://tinyurl.com/84sz79ub
  • https://news-btc.info/home.php
263 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/home.php
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0c6268bea879ab718cd35393b0ac9f2f9393b47a024d1deae2a0623c2c1b79a

Request headers

:method
GET
:authority
news-btc.info
:scheme
https
:path
/home.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-type
text/html; charset=utf-8
x-mod-pagespeed
1.13.35.2-0
vary
Accept-Encoding
cache-control
max-age=0, no-cache, s-maxage=10
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMbmLtFLGj37NcyOX23ZF6k%2FXS0gAlMv47OGy4QTwF%2BH4pvHcfuZMzhqApQc2LtiJzZTABrNk6jeHF7ktzbrwtr87Og9zGuPRXRbWLrl8aoi92Lt3M96FXgwyhrgXYE0"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8aba7ce808af-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.26
location
https://news-btc.info/home.php
cache-control
max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy
unsafe-url
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68df8ab4ac4f21c3-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
items.php
display.jalewaads.com/display/ Frame 4EA7 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/items.php?135&87&300&250&4&0&0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
84342812515333ea02bbcc817b5cdea1c54303b26e45b4183a742fbb410f11b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 07:08:03 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.11
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
upgrade-insecure-requests
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
14974
expires
Mon, 26 Jul 1997 05:00:00 GMT
items.php
display.jalewaads.com/display/ Frame 4EA7 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/items.php?123&87&728&90&4&0&0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
84342812515333ea02bbcc817b5cdea1c54303b26e45b4183a742fbb410f11b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 07:08:03 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.11
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
upgrade-insecure-requests
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
14974
expires
Mon, 26 Jul 1997 05:00:00 GMT
1650865
acceptable.a-ads.com/ Frame B4EC 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acceptable.a-ads.com/1650865
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
acceptable.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Length
0
Connection
keep-alive
1650865
ad.a-ads.com/ Frame D6A5 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1650865?size=970x250
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
b4d058a2392da692a81ecce2d5e0afd3be83e282bb1c3f8a76f7bb75e44ca6b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mediacpm.pl/
Content-Encoding
gzip
/
a-ads.com/ Frame 005A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a-ads.com/?partner=87296_1650865&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1650865
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
a-ads.com
:scheme
https
:path
/?partner=87296_1650865&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1650865
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H5xFq5FxRtY3wDrqbUYsJLlj%2BCY5qZcyN9zbjbUlhiq%2BzmFzzWJjd2vZJvw3o2SgjTww3cf86%2Fn6HSRCi%2Fms7dBbvF8n5ObGTyIRxi1W%2FnKuSyK9L268Cr4fDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68df8ab5bed5e620-LHR
/
bc.game/ Frame 4245 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bc.game/?partner=104700_1650865&i=1bxqew2m&s=&c=
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-26.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

:method
GET
:authority
bc.game
:scheme
https
:path
/?partner=104700_1650865&i=1bxqew2m&s=&c=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

content-type
text/html
server
nginx
last-modified
Fri, 03 Sep 2021 17:56:56 GMT
x-frame-options
sameorigin
content-encoding
gzip
date
Mon, 13 Sep 2021 07:08:00 GMT
cache-control
max-age=600
etag
W/"613261e8-1c8d"
vary
Accept-Encoding,Accept-Encoding
via
1.1 a10ef2362efd83570036459690ee6d43.cloudfront.net (CloudFront)
set-cookie
AWSALB=gw8KR69piUGBtnFEdJAUL+CP3iUkwR8hiKQAdxgt5kaImxyNVqgmtLgD1+rFW5ySlIa3FVOuEDwwhfLranz5r663H0SKYnL0BX3VjJbC/jEOQu8UmG7poaUDidVV; Expires=Fri, 10 Sep 2021 17:57:24 GMT; Path=/ AWSALBCORS=gw8KR69piUGBtnFEdJAUL+CP3iUkwR8hiKQAdxgt5kaImxyNVqgmtLgD1+rFW5ySlIa3FVOuEDwwhfLranz5r663H0SKYnL0BX3VjJbC/jEOQu8UmG7poaUDidVV; Expires=Fri, 10 Sep 2021 17:57:24 GMT; Path=/; SameSite=None; Secure
x-cache
Hit from cloudfront
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
YQavINHwFi9llKntZ-QcXyHYD0CMg6h-dsdwRt-nTTB7BSr71dSpgQ==
/
click.a-ads.com/1650865/99434/ Frame 9C4C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://click.a-ads.com/1650865/99434/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
click.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mediacpm.pl/
Content-Encoding
gzip
/
a-ads.com/ Frame 72E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a-ads.com/?partner=87296_1634265&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1634265
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
a-ads.com
:scheme
https
:path
/?partner=87296_1634265&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1634265
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhpWNTPagvNK%2FrJVzQek7q4L3%2B2G3tUJTbZ6dauAkf%2BMIzygjZiSV%2BdvNBXSXSW5gcGF8%2FqjX9nh9kpMVfHwrcT8mCIQRqKpAF4%2Fa9xzNYowriNH7jqJz7u6JA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68df8ab5bed6e620-LHR
/
bc.game/ Frame 58D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bc.game/?partner=104700_1634265&i=1bxqew2m&s=&c=
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-26.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

:method
GET
:authority
bc.game
:scheme
https
:path
/?partner=104700_1634265&i=1bxqew2m&s=&c=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

content-type
text/html
server
nginx
last-modified
Fri, 03 Sep 2021 17:56:56 GMT
x-frame-options
sameorigin
content-encoding
gzip
date
Mon, 13 Sep 2021 07:08:00 GMT
cache-control
max-age=600
etag
W/"613261e8-1c8d"
vary
Accept-Encoding,Accept-Encoding
via
1.1 a10ef2362efd83570036459690ee6d43.cloudfront.net (CloudFront)
set-cookie
AWSALB=36RUP/zWqo0Kak4zTe0WXvud3bcydBNrVxMI9B5r7G9gPDGkfV5qq/iFXYJjalpyP2IxPqM7Hg8b3O+G1mKjp5Nold+sdtiL96n06sXDe45hR0wNqB0jhR3Vbt8G; Expires=Fri, 10 Sep 2021 17:58:10 GMT; Path=/ AWSALBCORS=36RUP/zWqo0Kak4zTe0WXvud3bcydBNrVxMI9B5r7G9gPDGkfV5qq/iFXYJjalpyP2IxPqM7Hg8b3O+G1mKjp5Nold+sdtiL96n06sXDe45hR0wNqB0jhR3Vbt8G; Expires=Fri, 10 Sep 2021 17:58:10 GMT; Path=/; SameSite=None; Secure
x-cache
Hit from cloudfront
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
6pogdA46hTo4nY7nuKGBkIfMjFjyxS6tHCarVSyEWjhI86fS60iZHQ==
/
click.a-ads.com/1634265/99434/ Frame A2D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://click.a-ads.com/1634265/99434/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
click.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mediacpm.pl/
Content-Encoding
gzip
1634265
ad.a-ads.com/ Frame 4D44 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1634265?size=300x250
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
3f388d523e8376ab53f40039d261de1fe0b337e566ce2a6c5a22c767ee460774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mediacpm.pl/
Content-Encoding
gzip
show.js
cdn.popcash.net/ Frame 4EA7 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.popcash.net/show.js
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page2.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279a15eaae136a15f92085047a7eb7dc6b4f1ccdd22153f17b9f6e367d02eeaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qv18Ygw4mSTJDPdOQEv0agkuRx0mJ5GD07Wpwn25ahtW5kDtSTQsI%2FrUbEKUR0yz2FBOTNqVCbKaFycRN87VvoSIeCO4rmE64FQtZcRZFRWx9trzfiCGN%2B%2Fj2CBX"}],"group":"cf-nel","max_age":604800}
content-length
36489
last-modified
Thu, 26 Aug 2021 20:13:09 GMT
server
cloudflare
etag
W/"6127f5d5-1b187"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hw
1631516880.cds065.am5.hn,1631516880.cds233.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
cf-ray
68979a6c4aa94c85-AMS
animate.css
cryptotabbrowser.com/static/bl/styles/ Frame 6296 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/styles/animate.css
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4966cb23ef6dfde265440bd81a088c92d6b0a47a5be6e096e005dc8ab4efc671
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7186
cf-polished
origSize=23848
last-modified
Fri, 10 Sep 2021 14:51:16 GMT
server
cloudflare
etag
W/"613b70e4-5d28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bEq3HS9Gb9gVpoGJJ1ZCx4KOb%2BNPr0Cvq2JgFFAMWcoIeRDEFjeLDN%2F438s8VmfzHCe0uWg6PBBA0JhNDoMx7miA%2BTyYFTWxKRqvegDGf6uI33NNqx2jr8Ngni1eh3CkFSFAXm7"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
68df8ab538a653bb-LHR
cf-bgj
minify
style.css
cryptotabbrowser.com/static/bl/styles/ Frame 6296 		236 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
988ed4ae36747f2f5cc6d07c9414cc331be7da4309ae70a3d57a78407dc8b1a8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7154
cf-polished
origSize=293138
last-modified
Fri, 10 Sep 2021 14:51:16 GMT
server
cloudflare
etag
W/"613b70e4-47912"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KVOnBZZ9MuBBDIT2y2B80APG90M7emBcd7oFnV4kaSu648SZTKvxJfw4uQgSywCm4O5U7IjGVQTyR34I9MjpjZcT0JCIYxmiB6GMh%2BpdjXUvYXBGcmAzgTJPUJV0FbFMgGUfDBw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
68df8ab538a953bb-LHR
cf-bgj
minify
sharing.css
cryptotabbrowser.com/static/django-cryptotab-sharing/cryptotab_sharing/styles/ Frame 6296 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/django-cryptotab-sharing/cryptotab_sharing/styles/sharing.css?t=1544180176
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13c1e98de57589930024cd422a0888bf701841df65766c148b8bc3085b50a84
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7184
cf-polished
origSize=13030
last-modified
Fri, 10 Sep 2021 14:51:16 GMT
server
cloudflare
etag
W/"613b70e4-32e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FnuxQk0y7kO%2B2mKF1LKM2hStCzspzRK0vLSHpVzLl%2B5b2RWzQ3cd0xp%2FG94ycU7QI07DvYbdBXs5uovw8yy9dDGqOltKtyRWQi6BjuoRBVm%2BTJsRKQ8Apd6%2BcKqWWDzrMAUFtNz"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
68df8ab538ac53bb-LHR
cf-bgj
minify
polyfill.min.js
polyfill.io/v3/ Frame 6296 		101 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=Element.prototype.closest%2CObject.assign%2CNumber.isNaN%2CString.prototype.includes%2CPromise%2Cfetch%2ClocalStorage%2CURL
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.26 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
3982691
detected-user-agent
Chrome/92.0.4515
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
89
referrer-policy
origin-when-cross-origin
last-modified
Wed, 28 Jul 2021 17:17:37 GMT
date
Mon, 13 Sep 2021 07:08:00 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/92.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
cttr.js
tr.cryptobrowser.site/js/ Frame 6296 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.cryptobrowser.site/js/cttr.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.173.160.142 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-173-160-142.hosted-by-worldstream.net
Software
nginx /
Resource Hash
ad82748c4b8df804abe12f35698e508ca0148acd7fc0ab07b5238da368c5147d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 09:29:25 GMT
server
nginx
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
access-control-allow-credentials
true
strict-transport-security
max-age=15768000
lazyload.js
cryptotabbrowser.com/static/bl/scripts/vendor/ Frame 6296 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/vendor/lazyload.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085269f30c091f6369961a7421156547365e3b13e3a70b329d1ad600d6963113
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8
cf-polished
origSize=6060
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
W/"613b70e6-17ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdvmNptIxEzGCnX1Lv4T6oqpcW5lALt1ExgpRe4ZdccHQ%2FjOFptY2sbuNhJy5HlfFXK%2Fd3cQXY61BruUFAPFGfxaxI55Td2VjYsHZ0w7RBJA6bctsf8mSEnY5Hqi%2BFUiMZelazWc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
68df8ab538ad53bb-LHR
cf-bgj
minify
ct-farm-promo.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/ct-farm-promo.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32284426dd1a0f77a7877448bc7fdc84843939c30d155b4c62d5fe0cd14c68a5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6617
cf-polished
origFmt=png, origSize=4964
content-disposition
inline; filename="ct-farm-promo.webp"
content-length
4426
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-1364"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmjswrsEe1depVnz2VRCDMCsAP5l3xoqUqZpyZtfIZbLE75khtERKabQFHTkEOfsYMQlRn5zChPdsbUyIJKiFAaWvwl0NGVDUwh9of6rek4An4a9xBAtDvTQtNYX8hTHsIbDcCp0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6aa0653bb-LHR
cf-bgj
imgq:100,h2pri
de.png
cryptotabbrowser.com/static/bl//images/lang/ Frame 6296 		142 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl//images/lang/de.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b4624dac711b00f5f541390699b1d953ffd5d6f1944a23c5c5627832bce59d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2506
cf-polished
origFmt=png, origSize=205
content-disposition
inline; filename="de.webp"
content-length
142
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvPuCgcbyZGgwZ0WJCsXnd6fA%2FcxDGDXEXq65savUTfIYlo1KJCz2eLNyotqSJXsH%2BSif%2BKmQzWDwkpOV%2BctJ6zfYIHoC5IyiQApRoOXqHpPrihZH1fprth7unfCjYRO7Rq52gR1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba1553bb-LHR
cf-bgj
imgq:100,h2pri
en.png
cryptotabbrowser.com/static/bl/images/lang/ Frame 6296 		320 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/lang/en.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7ea706f69f9ae9de66274d847149b537915f4a842130be13af08ec0a91e4609
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5203
cf-polished
origFmt=png, origSize=412
content-disposition
inline; filename="en.webp"
content-length
320
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-19c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsuezEMD5qntEceuYPX9KUQ0Hh6Vvx8NB9AkiXDn88oIDaXFA9M8zxjJ3xTvB909onrFbUAQYSvtyosIWo31pqSAZHGDi4sIy7A%2FALv3VXT5mhRkZSn%2BY6WnuJRCLRxGeAKSCKE%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba1653bb-LHR
cf-bgj
imgq:100,h2pri
fr.png
cryptotabbrowser.com/static/bl/images/lang/ Frame 6296 		168 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/lang/fr.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d8daeaba9b5a1f9ae1a8a9068da0a5cce4464a49c89117a1617bd8da4f47eb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6617
cf-polished
origFmt=png, origSize=236
content-disposition
inline; filename="fr.webp"
content-length
168
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVktlxTsVe1ScBC651ybt2i5B4jVXczqd6bXLaQpsXF0u7yd44QFSmVMs5uDTTD0iKVPa0yNbP1AhuouK49uYkCcCZ36XEfBcSWMbswz7T6rkB%2B%2BibR8GC54sOjZZ%2BsF0SQWHFOn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba1853bb-LHR
cf-bgj
imgq:100,h2pri
es.png
cryptotabbrowser.com/static/bl/images/lang/ Frame 6296 		160 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/lang/es.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
305e7dd2cc4dc389f851cc9b22ebe3b15167a4f8d8166b7002bd0cc63db6ce8f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6617
cf-polished
origFmt=png, origSize=254
content-disposition
inline; filename="es.webp"
content-length
160
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2F%2FdEfC6jK0biOdE84441frFMOMecqvw8IIhZlz9yGDaESfoY6Dg9TI%2FEYdy1iFmEj7VoFsmlxFhdve11a7r6SYwhAhPjshacsjg1KOFu2ndIH5P8spHN2aosPlQx8jDRJiZ6tJT"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba1953bb-LHR
cf-bgj
imgq:100,h2pri
it.png
cryptotabbrowser.com/static/bl/images/lang/ Frame 6296 		170 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/lang/it.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb74591fdccf58f4c86347f0d604394585cb7037016a053947d0665cf54cd86b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6617
cf-polished
origFmt=png, origSize=237
content-disposition
inline; filename="it.webp"
content-length
170
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evxWemwBcxQYvZOR6asR1MJey1X5TpbCYfIx5f9irEtfs7dWwTs%2FYw6aNph6vcIh9RUsVq5qOAyNxx4teoyCd6k5f8jOBtlOKFcokf5iOpVuwmRIrANsRDizX%2B0YDKv1M1Hrqwac"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba1a53bb-LHR
cf-bgj
imgq:100,h2pri
ru.png
cryptotabbrowser.com/static/bl/images/lang/ Frame 6296 		166 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/lang/ru.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ed0d06751f3d219974a3113a383b5ac140296b7a2e8efc14ae18f7741082eec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6613
cf-polished
origFmt=png, origSize=230
content-disposition
inline; filename="ru.webp"
content-length
166
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4FcZyLQB2pWLS6EaE7TgUEupZ7Xyq3043ag9F0shdry%2FcWv%2BA6eLcDeK%2BfB91XnKcAD4Ys5OWvm6NYqt0sC88UPqu9Hakp%2FRiSpT5EsLyt5%2FMgrq5PsaQwdW5uJqrNx5ps%2FpYQ0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba1b53bb-LHR
cf-bgj
imgq:100,h2pri
pt.png
cryptotabbrowser.com/static/bl/images/lang/ Frame 6296 		226 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/lang/pt.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6619e59f923305ba4081bdb14814afe98b8563b540447a0d65561455d4c19ef1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6617
cf-polished
origFmt=png, origSize=286
content-disposition
inline; filename="pt.webp"
content-length
226
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-11e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHAP%2F9kTXhojBvonmtR6OsWkZa3muRp051W8DjfnwVewMsl%2FeqK%2Beez2fzmiKKYD3pf70JayWibn7opc8huFJdN5wi4gkxSAbYUHjbKjHHLw7HNQcErOqbvv5on8qQ%2BLBi9b5bQ1"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba1c53bb-LHR
cf-bgj
imgq:100,h2pri
product-new.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/product-new.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f71be43410464b552463b9fc74aa5aadc89ca5655756333de499bff49206e9b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6613
cf-polished
origFmt=png, origSize=35662
content-disposition
inline; filename="product-new.webp"
content-length
32684
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-8b4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QueFiiWKTMHXRrBWsYq3tTEJidkxRMSWhbMKgKEEOEV1eCAAVJjo1LlXwcB2ylF8somEK%2BPJiCmvys%2FDSAXg01Zzrd7TJS6F3RfUdnwsPQcGP8geqV29G%2FFT60lyHkUfkf%2FIUBz%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba1d53bb-LHR
cf-bgj
imgq:100,h2pri
items.php
display.jalewaads.com/display/ Frame 8505 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/items.php?135&87&300&250&4&0&0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
84342812515333ea02bbcc817b5cdea1c54303b26e45b4183a742fbb410f11b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 07:08:03 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.11
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
upgrade-insecure-requests
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
14974
expires
Mon, 26 Jul 1997 05:00:00 GMT
items.php
display.jalewaads.com/display/ Frame 8505 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/items.php?123&87&728&90&4&0&0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
84342812515333ea02bbcc817b5cdea1c54303b26e45b4183a742fbb410f11b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 07:08:03 GMT
server
LiteSpeed
x-powered-by
PHP/7.4.11
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
upgrade-insecure-requests
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
14974
expires
Mon, 26 Jul 1997 05:00:00 GMT
1650865
acceptable.a-ads.com/ Frame A0A5 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acceptable.a-ads.com/1650865
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
acceptable.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Length
0
Connection
keep-alive
1650865
ad.a-ads.com/ Frame 00AE 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1650865?size=970x250
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
d4ea45c56f1f6fcb94369655fa8a84275ee89271c3dde5e7cb5396d559bd509e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mediacpm.pl/
Content-Encoding
gzip
/
a-ads.com/ Frame B9D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a-ads.com/?partner=87296_1650865&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1650865
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
a-ads.com
:scheme
https
:path
/?partner=87296_1650865&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1650865
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcRwCmYNDsXkD8Ds1RJJXEssnBiZX%2F1K2oSmLhISgTW9B%2BT2i22DwG3Cbwz%2FbMeKj%2FzvVa1F9Zki8n3jwJ83Y8zaBhWHgSnBzJPqmRAVhozZa05O18QQGENbAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68df8ab5bed7e620-LHR
/
bc.game/ Frame 6152 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bc.game/?partner=104700_1650865&i=1bxqew2m&s=&c=
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-26.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

:method
GET
:authority
bc.game
:scheme
https
:path
/?partner=104700_1650865&i=1bxqew2m&s=&c=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

content-type
text/html
server
nginx
last-modified
Fri, 03 Sep 2021 17:56:56 GMT
x-frame-options
sameorigin
content-encoding
gzip
date
Mon, 13 Sep 2021 07:08:00 GMT
cache-control
max-age=600
etag
W/"613261e8-1c8d"
vary
Accept-Encoding,Accept-Encoding
via
1.1 a10ef2362efd83570036459690ee6d43.cloudfront.net (CloudFront)
set-cookie
AWSALB=gw8KR69piUGBtnFEdJAUL+CP3iUkwR8hiKQAdxgt5kaImxyNVqgmtLgD1+rFW5ySlIa3FVOuEDwwhfLranz5r663H0SKYnL0BX3VjJbC/jEOQu8UmG7poaUDidVV; Expires=Fri, 10 Sep 2021 17:57:24 GMT; Path=/ AWSALBCORS=gw8KR69piUGBtnFEdJAUL+CP3iUkwR8hiKQAdxgt5kaImxyNVqgmtLgD1+rFW5ySlIa3FVOuEDwwhfLranz5r663H0SKYnL0BX3VjJbC/jEOQu8UmG7poaUDidVV; Expires=Fri, 10 Sep 2021 17:57:24 GMT; Path=/; SameSite=None; Secure
x-cache
Hit from cloudfront
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
9Hl7QPvD_4cMNHkJI6n4Q7ZM9dwoTX8AikWUGJ5GeP1EpdCf4g1DKA==
/
click.a-ads.com/1650865/99434/ Frame 9ECE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://click.a-ads.com/1650865/99434/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
click.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mediacpm.pl/
Content-Encoding
gzip
/
a-ads.com/ Frame 263A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a-ads.com/?partner=87296_1634265&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1634265
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.14.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
a-ads.com
:scheme
https
:path
/?partner=87296_1634265&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1634265
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FT9nUntZabI5Az5gLKAzjvihQdwNrC9KHvt9OK3pvtD4W1sC0ZP1Op%2BJTururlSlxetcoVyTNgWJy4SsK8S%2BRT8QUXZAPaN2hx38zX7W8mcO9dsj8Kg1BJ1U0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
68df8ab5bed8e620-LHR
/
bc.game/ Frame 562D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bc.game/?partner=104700_1634265&i=1bxqew2m&s=&c=
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-26.lhr61.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

:method
GET
:authority
bc.game
:scheme
https
:path
/?partner=104700_1634265&i=1bxqew2m&s=&c=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

content-type
text/html
server
nginx
last-modified
Fri, 03 Sep 2021 17:56:56 GMT
x-frame-options
sameorigin
content-encoding
gzip
date
Mon, 13 Sep 2021 07:08:00 GMT
cache-control
max-age=600
etag
W/"613261e8-1c8d"
vary
Accept-Encoding,Accept-Encoding
via
1.1 a10ef2362efd83570036459690ee6d43.cloudfront.net (CloudFront)
set-cookie
AWSALB=36RUP/zWqo0Kak4zTe0WXvud3bcydBNrVxMI9B5r7G9gPDGkfV5qq/iFXYJjalpyP2IxPqM7Hg8b3O+G1mKjp5Nold+sdtiL96n06sXDe45hR0wNqB0jhR3Vbt8G; Expires=Fri, 10 Sep 2021 17:58:10 GMT; Path=/ AWSALBCORS=36RUP/zWqo0Kak4zTe0WXvud3bcydBNrVxMI9B5r7G9gPDGkfV5qq/iFXYJjalpyP2IxPqM7Hg8b3O+G1mKjp5Nold+sdtiL96n06sXDe45hR0wNqB0jhR3Vbt8G; Expires=Fri, 10 Sep 2021 17:58:10 GMT; Path=/; SameSite=None; Secure
x-cache
Hit from cloudfront
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
QXPMXYRLnFmdX7zkDRvTaYTsy-Wl_OxIwpoKKvh7ZnXGiv118Rj-Vw==
/
click.a-ads.com/1634265/99434/ Frame 0DFD 		0
128 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.a-ads.com/1634265/99434/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
click.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Length
0
Connection
keep-alive
1634265
ad.a-ads.com/ Frame 8152 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1634265?size=300x250
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
3f388d523e8376ab53f40039d261de1fe0b337e566ce2a6c5a22c767ee460774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:00 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://mediacpm.pl/
Content-Encoding
gzip
logo.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/logo.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f56e85da8c5cc11bda6826f875f1fb01e453a7a6427b4a3d06cedaba4d215af
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6807
cf-polished
origFmt=png, origSize=2458
content-disposition
inline; filename="logo.webp"
content-length
2070
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-99a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmhUyhf6g3PeHyWmvrWdCqheWxo4yW1kxADssK0lQYffCtULzwafKTNIG27drK9dTMnxCV8T2l2MeCS6XvveCQxVLAWWnVhihr9zT9sLg9qoq59uQgK1WQkbPrPMH3j0ciw0y%2FAR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba1e53bb-LHR
cf-bgj
imgq:100,h2pri
download-arrow.svg
cryptotabbrowser.com/static/bl/images/ Frame 6296 		1002 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/download-arrow.svg
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9b844b33eee13abadf0061aef7dea25c8b5d0a8e1ce8799a2a1e1545c933b72
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
6613
etag
W/"613b70e6-3ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gb0D8Ja5INGQxN%2F28YooKnvFzypqCNvu65FMxH3llXYH1cbEAYPuvZ5ijTKxQ%2FhecfNpE7hKxN%2B7sUhKooVELon9slQXZP%2B19lWcgiRpUsX96p2F2qTt9j0mfi%2FpUtNquDHuFvbS"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab6ba1f53bb-LHR
orange-arrow-up.svg
cryptotabbrowser.com/static/bl/images/ Frame 6296 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/orange-arrow-up.svg
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b05136db23da5e7626847e5ddb07b830ee43d3910e27e9776b92990a789582
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
7003
etag
W/"613b70e6-6be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTTMiD0nydVLwef12QfR6r8%2BH08I0Bmt%2B2rIf5TdAqKyQCHbh6IfzpVOa1JR23ne9pg3vfI5Ze4FoQktDlf0X9D4FJFERshtW6N%2BYsVwGHdBw3zEmnBdfZBS64cpCmE2iB1LmX38"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab6ba2053bb-LHR
logo-footer.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/logo-footer.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e224c53efa192c124b80d96b2d732fbb3771f8cb7643a64308942115f3a5728c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6807
cf-polished
origFmt=png, origSize=1691
content-disposition
inline; filename="logo-footer.webp"
content-length
1454
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-69b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ICXwP1uKRHGu4LPtuqRyqTbyMGKR0bZr2kdubMUZSOGDCIacY8Umk%2FApP6%2BFh0LXAPzqGZ9KG73cZTrb4tAYHLhEPornjHAUAXPQym58kMElYg0MX1GiZBrwcqIu1R%2FKWt6HE3MP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba2153bb-LHR
cf-bgj
imgq:100,h2pri
email-decode.min.js
cryptotabbrowser.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 6296 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
etag
W/"61375a60-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaB7ZchjVNUFXwuzwXbRtCc3xPMJUJEnsNm%2FV8PVr9NDT5q%2FprxYGUpfM7yv0dwKp9Kb7qFRM63gqSnlp5qZWkO9QYum5CkIIdjq0RkSdHvo6QvFCGbdDAmgpEy60ePf0NK7ykHk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68df8ab588fb53bb-LHR
vary
Accept-Encoding
expires
Wed, 15 Sep 2021 07:08:00 GMT
lottie.js
cryptotabbrowser.com/static/bl/scripts/vendor/ Frame 6296 		259 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/vendor/lottie.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e54ef72a1911e980a348e078be8ce3f187136b64f1b30b7d39c8e8bb910a26
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24
cf-polished
origSize=265357
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
W/"613b70e6-40c8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stlqpESAvgVISzP3PUoo%2FaJtk7c8U8pimPKLwigWkd2ecvp8X5jpZiWQyeQ0kY0yAZT%2FXnQ%2B0uUcUt%2BXOqAP57uxl2jw2dyptPcBLHutbzDu3Ld4zf%2Fl3r8Hm%2FudSrBvtTQ0zlOT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
68df8ab5b92853bb-LHR
cf-bgj
minify
animations.js
cryptotabbrowser.com/static/bl/scripts/animations/ Frame 6296 		697 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/animations/animations.js?v=1
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bcb2b137cef71af95b45a6f40b3ac7e508d164e4782a131691fe1bbd271a7e2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7154
cf-polished
origSize=714880
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
W/"613b70e6-ae880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9MqcG7K%2BQXWNM2EKKQqqqMMZwHVBWxLqmWG4%2BdZb07UYnv0x32W%2BTEEutxitJhVR9FYnnVFrrwp%2BrFhv3rGaKb63%2FrthnGnpiXIUfooYHLLWKi91NrW7ZBIgQ1jUkxEF%2FrTOg7c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
68df8ab689f153bb-LHR
cf-bgj
minify
wow.min.js
cryptotabbrowser.com/static/bl/scripts/ Frame 6296 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/wow.min.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
17
etag
W/"613b70e6-20df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTZEQ8wWEF4jPSSn8nQpGMINUfXNWkbaSKIDXMp%2F286yg4tBp1B5qZPFZRJU1okLg%2BoHxC2LYEy8%2BAgE79LaefvJP%2BklIlm4bzFlwPpFBtvZYiwwpdBUjmY3y3ggVYB7GjHjpZ5P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab699f653bb-LHR
smooth-scroll.min.js
cryptotabbrowser.com/static/bl/scripts/ Frame 6296 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/smooth-scroll.min.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30cb74ff6d46df3d19838113d642371c2f67a48b43a30922b510d5af41610b10
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
17
etag
W/"613b70e6-11cc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tVLUE4uMX5jd5%2FRjh%2FQffe9T1cxcD1aF0KdVROc%2Bq5eIF1ngrJhLZUB4R1a%2FyH2ibzbkCaLqD2vBFz8wS1YpKB1Rfa3sz9lJhJlOTEGpR7FT2ZThDa5OO8tQWPKrrbA0TPteBJl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab699f853bb-LHR
countUp.min.js
cryptotabbrowser.com/static/bl/scripts/ Frame 6296 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/countUp.min.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
59
etag
W/"613b70e6-ee7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FTukP4jwObDQTG4ad%2Bk1qg80v2LRFg66xDbAGWJzidyzGUrY%2BCnW%2B2eKfO5XKRVvWv%2FHTu9hDU%2FYo7n2qYzMABRkcmbA%2BwJw2ufyUTh5XKVsCRmt%2BMQHAnxXUVJ0QERiiXaRK%2FT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab699fb53bb-LHR
range-slider.min.js
cryptotabbrowser.com/static/bl/scripts/ Frame 6296 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/range-slider.min.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e1af3423ce1d04e1f0897ee70fa5e1b4306a0fa8b5af61877ac4b17d9e7eb6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
59
etag
W/"613b70e6-40c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rfwXMmdp0OV2sWFAsXnSrODFpl51h7psDSH7tZJRITlAegQWoMfSJikvX56HtmUecXNvyeX7FG8Q7%2FFWff0R8mlUvxG27mtqhScyqUJwAj3GnZ2PS%2B2W9OKnCpN%2BSs1h%2FUknUu18"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab699fc53bb-LHR
navbar.js
cryptotabbrowser.com/static/bl/scripts/components/ Frame 6296 		2 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/components/navbar.js?v=1
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8de531e0c8c89678745ec98b7a8748cee307694e0098e032ea1e0d47826fead3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7154
cf-polished
origSize=2282
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
W/"613b70e6-8ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYT1Xfi8D%2B%2BSeyBJovZshpWHTq1fS2waB6sRVd%2BT2EWzU5pTd4Ixwj0yiBshkG3w3EbPSUmnUZT5HJZiwfsDtdBz2iBbdIeDfBJsTN7xQlplrVFYgubv%2FBletM7JbelD4eH5cI8g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
68df8ab699ff53bb-LHR
cf-bgj
minify
tiny-slider.min.js
cryptotabbrowser.com/static/bl/scripts/ Frame 6296 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/tiny-slider.min.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77704840fae3c26e156f8a43a8b9851a0737205568a6d00075de579ad327e019
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
7186
etag
W/"613b70e6-7bf9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLU8Eaqg%2BE6U8pnp%2BywI2cYI2CjU7zh6GeQ24k8NGtHJ1hAUU0%2Br22CSFEX7Gwt3Xy5m9fCAUry2ywTKoXdmhUBrwf0FZ1n7yNlw6nJGy%2FnlfKrZD5ysQaME%2Bo89shXfQ2HueZV0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab69a0153bb-LHR
rotator.js
cryptotabbrowser.com/static/bl/scripts/components/ Frame 6296 		2 KB
897 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/components/rotator.js?v=1
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a06f9a8602e353caef718985cb92dbea7188ba55070d542a4817e33ff41ede
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7154
cf-polished
origSize=1939
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
W/"613b70e6-793"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFjjNqn3xKh4x00TuITTMd%2BSYX3pRNeqr%2BQKGW0Kyk489MfUbbtLbqrgfDAwMq3fFW1hI14ihVLiOZmkIG%2FS7X7GF8edCl6hyxXH0QlbWO%2F5nfh%2FOYY7FrfYb4X283QQy0j5GP9D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
68df8ab69a0253bb-LHR
cf-bgj
minify
index_v2.js
cryptotabbrowser.com/static/bl/scripts/ Frame 6296 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/static/bl/scripts/index_v2.js?t=1627563021
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e88497c9c1790bf661e70d60a6aa07fad64f331172c61753f1cce0c7a04e3c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/de/16224264/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7154
cf-polished
origSize=11738
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
W/"613b70e6-2dda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rorrka%2FfdUOgl58sXWIf1Vy%2BNQ0JgpTRzlYJ7I9%2F8zkvqA4Ep1wRPb8uyrpEXJA80Ljlme0grmW4lirLNgO1jrltBhx0KhmG431AGvcGignhOZpVKLDXHo2z920c3yjhZO4gJTYq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
68df8ab6aa0553bb-LHR
cf-bgj
minify
firebase-app.js
www.gstatic.com/firebasejs/8.7.1/ Frame 6296 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.7.1/firebase-app.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
e376b4d5b71d75bf9e226e642dda173dec49b7c47d74a4ed38f0f7309152950e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 03:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6965
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 20:23:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 03:17:10 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.7.1/ Frame 6296 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.7.1/firebase-messaging.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
540b5be2b05010cda2423355e9068d0114d2fb7cca71fdf18e15f3c92c07db16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 10:08:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10868
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 20:23:21 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 10 Sep 2022 10:08:26 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 6296 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
last-modified
Thu, 26 Aug 2021 22:03:28 GMT
server
cloudflare
etag
W/2021.8.2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
68df8ab7bdfefadf-DUS
gtm.js
www.googletagmanager.com/ Frame 6296 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KCSQC38
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
4b70532866c82754d014a36f60ff5da196dfb5ea9b435e101251c97d5f765cf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39941
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Sep 2021 07:08:00 GMT
0.php
s4.histats.com/stats/ 		382 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4336751&@f16&@g1&@h1&@i1&@j1631516880250&@k0&@l1&@mMediaCPM&@n0&@o1000&@q0&@r0&@s521&@ten-US&@u1600&@b1:-49526582&@b3:1631516880&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
5cf5a451fa81f45d9dc9c072f357f43677d5a584c8fff498b4a8d7d8577b5935

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:00 GMT
Connection
close
Content-Length
382
Content-Type
text/html;charset=UTF-8
cc_521.js
s10.histats.com/counters/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_521.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
e2e45e62ed03a23a91e8ece2ea0508a82c19d873fb3d99c13fb3f5565dc19afd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:01:10 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-568468215"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
5224
x-request-id
125830854
znWaa3gu
dcba.popcash.net/ Frame 4EA7 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dcba.popcash.net/znWaa3gu
Requested by
Host: cdn.popcash.net
URL: https://cdn.popcash.net/show.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.87.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-87-95.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 13 Sep 2021 07:08:00 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
/
tr.cryptobrowser.site/api/v2/an/s/16224264/1631516880406/ Frame 6296 		75 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.cryptobrowser.site/api/v2/an/s/16224264/1631516880406/
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.173.160.142 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-173-160-142.hosted-by-worldstream.net
Software
nginx /
Resource Hash
b029f360f627fecc151c9aa1a4f2cc1f3629ccd2f8fa4dfff382a401e415bfc3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://cryptotabbrowser.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
server
nginx
vary
Origin, Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://cryptotabbrowser.com
access-control-allow-credentials
true
strict-transport-security
max-age=15768000
content-length
92
fb-small.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		180 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/fb-small.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fc2aceb73705d3af2edde0c44cf0971a3c85e2846e83b3db7a8fbf9de457563
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6889
cf-polished
origFmt=png, origSize=246
content-disposition
inline; filename="fb-small.webp"
content-length
180
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FLdGm5LLbrrr89%2Fm9%2Fp7XB9JuGGVpgfynVUsn94KQRAErFbHcwsjJxYOkD12x6SuptqSKzDn7Z%2Bix1Nnxf3AQ4P49Iu8ktb5cNk4ks%2BUy6rRWUSfzfRJElme0%2Bxcw0TQT6mUgm%2F0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba2253bb-LHR
cf-bgj
imgq:100,h2pri
sprite.png
cryptotabbrowser.com/static/bl/images/sprites/ Frame 6296 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/sprites/sprite.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2809da1dcd6feadcaa9839e11eeed0e3398ed03996eaf3b0d1e775bb9be2d26f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6813
cf-polished
origFmt=png, origSize=4584
content-disposition
inline; filename="sprite.webp"
content-length
3848
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-11e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6ycQJ6t60XjAhCl6yM0xdBLkOoprcYkRvW4UpA6d92GO7v2mxZw2Pk0DnsJnFWj%2FXD0xhN6SBk1bsJZ5EuX9iz5v1xfqfyPfEqeeEXH%2FbWiXLIgGu4thk2Jg1I5tcBJMFW08WtB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ba2453bb-LHR
cf-bgj
imgq:100,h2pri
video-icon.svg
cryptotabbrowser.com/static/bl/images/ Frame 6296 		395 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/video-icon.svg
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ae994aa9611e8319e3ae009747d9a205e7e074e5358e333894c7f80b7b4da45
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
6978
etag
W/"613b70e6-18b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SZHSyYYEs75UKcz7ES6RsKJY6cd2P63DLTjQZqcG2UjBB5rb3W3mNI59d2AytWacCVQFdMNYnSbGV4Y%2BTtIs9HMl8f7W2gp%2ByP0m%2BtI4cl7b5Pp8Jw7Mr6NvIc3D4STZUbOkxqh"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab6ba2653bb-LHR
icon-youtube.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		502 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/icon-youtube.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d359364a4920990f0409fb7cedabd7fa1e9c6528b9c117e4e23fcb5afe2ef8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6715
cf-polished
origFmt=png, origSize=606
content-disposition
inline; filename="icon-youtube.webp"
content-length
502
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-25e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FHOlHsb3JRFaiygVW3zBQlqZlxK6XzjmNaZXNB%2FtaueZoGBBYZT%2Fdbvoid61%2BlvsDnpdnWbqfKlFF%2Brs6%2FLCgOSkLSFc%2FoBELLJjATLAH1XCxKYQocGfu6zo0eyvl0kAQPrSxXjm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ca3853bb-LHR
cf-bgj
imgq:100,h2pri
icon-fb.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		322 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/icon-fb.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
484d2fe1db9c40ab67ee9bf4a151732956f616fde9c879c8b7c562edc9544491
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6715
cf-polished
origFmt=png, origSize=439
content-disposition
inline; filename="icon-fb.webp"
content-length
322
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-1b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FDYCTBwW0lXpMfuxggv1uQ7NHnhsLpBZUHe%2FxS4KLEvRqZnFApKQZ%2BheGifp9eQT5E3vO6Mz0XQzCQYZGJKFq5s9tq07ijaOXlhem7WAZVfF%2FelMKkfI%2BNEsiMYOmRPKvNlxBex"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ca3953bb-LHR
cf-bgj
imgq:100,h2pri
icon-twitter.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		428 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/icon-twitter.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf274e9e27aa02da6ab16c8d6ff1d89ceb222b7e862c6d24a7eeba828810846e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6714
cf-polished
origFmt=png, origSize=548
content-disposition
inline; filename="icon-twitter.webp"
content-length
428
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-224"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASb4PpuSHWNxppbS4lG1RF7xI7eEq8fY%2B%2FvgfvYI1ppcf%2B%2FQZZSn5q0ExoNaKCvOL8Wzy1Nud%2FcOn9PpaRdE%2Ft3yZr0chSAEhv3HrPJO4kvBhpQRmn6qe1sMOm8sXl0rPghK7uXn"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ca3a53bb-LHR
cf-bgj
imgq:100,h2pri
icon-journal.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		878 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/icon-journal.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc336068336a59ac6965a0f714d112c4ce94b52057b941124af0636dfad65c0e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6714
cf-polished
origFmt=png, origSize=1028
content-disposition
inline; filename="icon-journal.webp"
content-length
878
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-404"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUozsZmjY1Y7A%2B4aiYDq0MX48zHlQlkxRU%2B2afubO%2BkIkT1cuS7lI3NHenT%2Biaz1q1st5CPCEAC4I4fh7qI0hcq2ilgQojpmHcFuX560P5jfXc3MFsh%2BBto3D3PBACxP3GU%2BOrXt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab6ca3b53bb-LHR
cf-bgj
imgq:100,h2pri
features-icon.svg
cryptotabbrowser.com/static/bl/images/ Frame 6296 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/features-icon.svg
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07deb066fa883daffe7d0a7b3ee5cbb65bc1c1abe6ec69fc63192149498a2dee
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
6337
etag
W/"613b70e6-1ca2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BI64fUXfElWqcfJvLVyxEWKh7t%2BOFixe72GIKwyNejg2UTuDWFHn1FyXdANkTJkOP8So9TLD0ks4BxAmRXoiKaf%2BrS4ArpBNgfBGUch43rcDyvJhCdpiOlEE%2BTIvVsmzzL9LEN9"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab6da3d53bb-LHR
checkmark.svg
cryptotabbrowser.com/static/bl/images/ Frame 6296 		1 KB
823 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/checkmark.svg
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52aa3af6b42f8e24b284596e6a28751a908066bcc1f4d2767252682be8ff87b4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
6975
etag
W/"613b70e6-445"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqhxWJAZef68Tg4Bgibzr0tMtTtTgZvMe3%2FQ22nXHNzcOm37T72OPAjyZKmkwl6F%2Fx7GcFqN1Cu0MuK0%2FMz%2FookU4cCMHwu0rKMTF3Bdg59oS6AAkWhV5VkI%2BPcRYttOqyX62hUa"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab6da4053bb-LHR
coin.svg
cryptotabbrowser.com/static/bl/images/ Frame 6296 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/coin.svg
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943751cc42f9fa3f4fd41328ec1202bdb369e0c3c385e26b254284483c4ad149
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
6975
etag
W/"613b70e6-52c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teaZNk6hrrInjW1PXk87%2FmGdV5EuwUWynMN7y52fybA%2FgMq5fmiC1%2FCVQzsWvBtJyd%2FF0lCxsh4%2FIKoXjc6NS3HU%2BErznZC5b6KNEoAQoNM8I4PRvOuOnNQchZ2TVhulpE2XOHkv"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab6da4553bb-LHR
300x250
static.a-ads.com/a-ads-banners/118229/ Frame 4D44 		682 KB
683 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/118229/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1634265?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:00 GMT
Last-Modified
Sun, 26 Apr 2020 07:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
F8EB9PKF3RCR5NJG
ETag
"ce8c5673a039ad9769d3265284d8f5f4"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
698412
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
UQkZBCfcjGWdsi6lCz_51AvW3yIHMTsf
x-amz-id-2
U3fzKDTiQsJAoh8SaIQ0Kv0GzSNQnUseZd4VFXlj4ukyOw4MgVpRsYzsJcqzXazTIfE+i1EC7tk=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b76f0550732cdf48b5ae9a40f73e70b3855909ff1a1ae362eb5d28b04952da7e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
get-it-on-google-play.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/get-it-on-google-play.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0708aabb36f4cb66b4bef3ab9cd194cb1a257cdee3213e652147cf4035022421
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6714
cf-polished
origFmt=png, origSize=1496
content-disposition
inline; filename="get-it-on-google-play.webp"
content-length
1284
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-5d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSNDlf7sXzbHE%2FU53n7N1RG2R4p6SOFl9hZRRM63hn2BzqnpU3UzzKUV06rSSmATqyjd9cfDPWSZKA6jHC8FtQb4N4hH5fgx8AeKeMH8DrNacxXd5Kx7YlqGNCu7MYWX4zXzkP7V"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab74aa153bb-LHR
cf-bgj
imgq:100,h2pri
app-store-btn.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/app-store-btn.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7650775bf4e77cfcca2dfa5fdf6ef03bb30036424839a986f6a7b4fe4bbc3e78
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6489
cf-polished
origFmt=png, origSize=1344
content-disposition
inline; filename="app-store-btn.webp"
content-length
1132
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7UNaw94D5FXXId4EX4ooANt5xsSk8DbUEAkYeAdgdn%2BHDklb1mv6sNPmzVvnD6%2FVgHuB6a19LYMgAw3gD6Y2EzyqHlfdxRbyxYJSlso5Nwq36eD3AQ%2BXGcHNqRp8sLgnytE7Uhh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab74aa253bb-LHR
cf-bgj
imgq:100,h2pri
mobile-screens-new.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/mobile-screens-new.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
814c75a8279e7a7db7e42fd516710b10fdfbdf3089acbec7411fb968a99d638f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6553
cf-polished
origFmt=png, origSize=142141
content-disposition
inline; filename="mobile-screens-new.webp"
content-length
85348
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-22b3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iA5omxhtBPAe%2F9QzKxlcIqzorM75vawPgBP9OU82ZbfC3H8%2FaGRTckoKIcUEKHERJv4dVQ0VEdrtmRKlKz0UDc7jov1fORd7Eb3RSzsT%2F%2BbqJVM1%2F%2BMXhxWFqDyUjJMELiJKOwLE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab74aa353bb-LHR
cf-bgj
imgq:100,h2pri
affiliate_cover_mobile.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/affiliate_cover_mobile.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c361d31e923c45db375c6b0ab21cf0c590abc89eb3243022dd67b47797c46556
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5809
cf-polished
origFmt=png, origSize=21743
content-disposition
inline; filename="affiliate_cover_mobile.webp"
content-length
18998
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-54ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SB0j4Vg358Z%2F1iNDef2nrMr9qG4YpoE2BgR%2BxfDTWfw7lKbt26QtVO4lJuiqYzq2z8rPUJQQwWqCdxAIr4JYAXOLgjHJX1%2B1nk%2BWuLM1qzRkx1UezMbht%2BxS9rPZcUQhokJkzk81"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab74aa453bb-LHR
cf-bgj
imgq:100,h2pri
300x250
static.a-ads.com/a-ads-banners/118229/ Frame 8152 		682 KB
683 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/118229/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1634265?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:00 GMT
Last-Modified
Sun, 26 Apr 2020 07:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
F8EB9PKF3RCR5NJG
ETag
"ce8c5673a039ad9769d3265284d8f5f4"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
698412
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
UQkZBCfcjGWdsi6lCz_51AvW3yIHMTsf
x-amz-id-2
U3fzKDTiQsJAoh8SaIQ0Kv0GzSNQnUseZd4VFXlj4ukyOw4MgVpRsYzsJcqzXazTIfE+i1EC7tk=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
scroll2top.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		116 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/scroll2top.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffdeb931791f6ca7631e5b0d8ee8ac776f71b510d0ba77e30e1b8b009001b85c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6813
cf-polished
origFmt=png, origSize=222
content-disposition
inline; filename="scroll2top.webp"
content-length
116
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpUf3V%2FsJiXRF6Nsvw9SP5Lq%2Bq5Ba9JaItXJpTE7oaog%2BNOjJrM0%2BRQY8aKWynUkNWMTzdgnrT3jikfbv1eRmmFJQQEyV9s%2BN4BpnVIFY%2Fbl%2FxFpOnD6rJGjrZUt61uWzDAuUWDM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab75ab453bb-LHR
cf-bgj
imgq:100,h2pri
browser-icon_chrome.png
cryptotabbrowser.com/static/bl/images/ Frame 6296 		950 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/browser-icon_chrome.png
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d1bc8ea5eedb2f62d2ef10cc7b07b952336d97c582f62433d70120858ae459c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6201
cf-polished
origFmt=png, origSize=1101
content-disposition
inline; filename="browser-icon_chrome.webp"
content-length
950
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
etag
"613b70e6-44d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbaoaosOPcQQO348KaHhKvOXajc61yICNAf3X%2FvX4IuIxyNMuYMlKYB5Qavy3Pqlq5rlmQaybFNEJhHk%2BI3calunOrtT6d1aj831JJVQRXpoe7z8PHXMyszAVmmUxE9LdC6zTlMB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
68df8ab87bf653bb-LHR
cf-bgj
imgq:100,h2pri
iframe_api
www.youtube.com/ Frame 6296 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/scripts/index_v2.js?t=1627563021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.206 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f14.1e100.net
Software
ESF /
Resource Hash
1368d75ee5fe253d7d899d4674aa73d81a0d4b5339435e4dd2fe3268256f0d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
expires
Mon, 13 Sep 2021 07:08:00 GMT
icon-windows.svg
cryptotabbrowser.com/static/bl/images/ Frame 6296 		1 KB
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cryptotabbrowser.com/static/bl/images/icon-windows.svg
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f39ee47c81ceb4f65b3ef2ef48d16b50e6184adc5d48e7f8c257468f1e120e1c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/static/bl/styles/style.css?t=1611738295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Sep 2021 14:51:18 GMT
server
cloudflare
age
6310
etag
W/"613b70e6-4b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYKXDFFiOSQGfEKBwuTzMhboJwrNUPo94cKeeV%2BAYVnq89Q0fR8MPC3Y4EC7RHupPU4eWbW5vjE7iSSrMMEJI4%2B1xAv737tgencuwrTQ0q6iXPcF5EK9aa4pb0C6jWT4zgVnkNWa"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15768000
cf-ray
68df8ab90c7a53bb-LHR
/
e.dtscout.com/e/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4336751&@f16&@g1&@h1&@i1&@j1631516880250&@k0&@l1&@mMediaCPM&@n0&@o1000&@q0&@r0&@s521&@ten-US&@u1600&@b1:-49526582&@b3:1631516880&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-158-69-139.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fe148cbdf6f6f75b0042f4c7ebee98d63cd38e4c046c12801466d1a86469f818

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:01 GMT
X-T
0.724
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl1
Expires
Mon, 13 Sep 2021 07:08:00 GMT
204402360-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ Frame 489E 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/204402360-widget_css_bundle.css
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f9.1e100.net
Software
sffe /
Resource Hash
eac64365f691073d4103638d8087cf35fd9e91fb0f5b2f7a219ea2bc39f782b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 05:27:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 01:51:04 GMT
server
sffe
age
6020
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6824
x-xss-protection
0
expires
Tue, 13 Sep 2022 05:27:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 489E 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
cafe /
Resource Hash
919a34024fb3cdd165a351cbc087d5698a39525a803f9ce96b149883c29b1773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49445
x-xss-protection
0
server
cafe
etag
6681020038580806422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 13 Sep 2021 07:08:00 GMT
logop.png
lh3.googleusercontent.com/-roKewrwWKys/YG1APyA0PNI/AAAAAAAAJOY/DUGx8KaokWs7j7YEItOufIqyOUnnqzfGgCLcBGAsYHQ/s0/ Frame 489E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-roKewrwWKys/YG1APyA0PNI/AAAAAAAAJOY/DUGx8KaokWs7j7YEItOufIqyOUnnqzfGgCLcBGAsYHQ/s0/logop.png
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
icon1.png
lh3.googleusercontent.com/-Rlb9TchvQFM/YG0_KmH6-vI/AAAAAAAAJOI/6xKUTCKiyiUj3IPurX8vnQAw7yb2FSu_gCLcBGAsYHQ/s0/ Frame 489E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-Rlb9TchvQFM/YG0_KmH6-vI/AAAAAAAAJOI/6xKUTCKiyiUj3IPurX8vnQAw7yb2FSu_gCLcBGAsYHQ/s0/icon1.png
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
icon23.png
lh3.googleusercontent.com/-rY6Ib-CGmJY/YG0_KvNbqfI/AAAAAAAAJOM/tTwD6C8wXwkARqxuTWZPblHM2grj0MXJACLcBGAsYHQ/s0/ Frame 489E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-rY6Ib-CGmJY/YG0_KvNbqfI/AAAAAAAAJOM/tTwD6C8wXwkARqxuTWZPblHM2grj0MXJACLcBGAsYHQ/s0/icon23.png
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
anh1.png
lh3.googleusercontent.com/-GXVjoiCQk7c/YG0-2zqbw-I/AAAAAAAAJN0/LHoGmaMXljExaJgtsTdiWxt_LVdmVJV8QCLcBGAsYHQ/s0/ Frame 489E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-GXVjoiCQk7c/YG0-2zqbw-I/AAAAAAAAJN0/LHoGmaMXljExaJgtsTdiWxt_LVdmVJV8QCLcBGAsYHQ/s0/anh1.png
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
anh2.png
lh3.googleusercontent.com/-ou4mDiB--5A/YG0-2_9wtyI/AAAAAAAAJN4/gRn-60U515s2P1AxwFtcAwMODjDJjIgwQCLcBGAsYHQ/s0/ Frame 489E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-ou4mDiB--5A/YG0-2_9wtyI/AAAAAAAAJN4/gRn-60U515s2P1AxwFtcAwMODjDJjIgwQCLcBGAsYHQ/s0/anh2.png
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
anh3.png
lh3.googleusercontent.com/-UeKyxDBrSNo/YG0-28pz8tI/AAAAAAAAJNw/SguTI6yWztcHhVB2BUJCtxz-XAJhHUe5ACLcBGAsYHQ/s0/ Frame 489E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/-UeKyxDBrSNo/YG0-28pz8tI/AAAAAAAAJNw/SguTI6yWztcHhVB2BUJCtxz-XAJhHUe5ACLcBGAsYHQ/s0/anh3.png
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
inb-login.jpg
usercontent.one/wp/www.onlybestclicks.com/wp-content/uploads/2021/04/ Frame 489E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usercontent.one/wp/www.onlybestclicks.com/wp-content/uploads/2021/04/inb-login.jpg
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.47.247.16 , Denmark, ASN51468 (ONECOM, DK),
Reverse DNS
usercontent.one
Software
Apache /
Resource Hash
52f9d4474b57f290761a0a855c365812e98bf770bbe44cd7d6df96a72a5c8b51
Security Headers
Name Value
Strict-Transport-Security max-age=15778800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:03:00 GMT
via
1.1 varnish (Varnish/6.6), 1.1 varnish (Varnish/6.6)
last-modified
Tue, 13 Apr 2021 17:50:54 GMT
server
Apache
age
300
etag
"7082-5bfde45932c61"
strict-transport-security
max-age=15778800
content-type
image/jpeg
access-control-allow-origin
*
x-varnish
669845234 680462531, 878478230
accept-ranges
bytes
content-length
28802
dang-ky-tai-khoan-inb-network.jpg
ai-marketing.com.vn/wp-content/uploads/2021/04/ Frame 489E 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ai-marketing.com.vn/wp-content/uploads/2021/04/dang-ky-tai-khoan-inb-network.jpg
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.9.156.119 , Viet Nam, ASN63730 (VNSO-AS-VN VNSO TECHNOLOGY COMPANY, VN),
Reverse DNS
Software
Apache /
Resource Hash
083190c4f1d80f18209ed4433ed3dba0c87f3a7cb4513e6813df7fa1db1144b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:06 GMT
last-modified
Thu, 22 Apr 2021 01:58:30 GMT
server
Apache
etag
"11d30-5c08604121d80"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
73008
expires
Wed, 13 Oct 2021 07:08:06 GMT
konto.png
trafficplan.pl/ Frame 489E 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trafficplan.pl/konto.png
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d64228463d1a0c1276a2f6e8118a7a34b3b6871b9ec362000d589894c94cde

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
142430
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
130130
last-modified
Fri, 13 Aug 2021 06:48:20 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjx6IqKTxADg4hHwPd5QIPog%2FMrGfOtkHZVNLAiIvvlQY1KNtswSYkftAJDNvmiYg2IEsszJ%2Bx4h71EzAlXWxkZLG43Lj2UiGq117WsKCafnwuUs8CVHPNsOY2ZD4FPXJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68df8ab978343ffb-CDG
expires
Sat, 18 Sep 2021 15:34:10 GMT
435325274
player.vimeo.com/video/ Frame F12B 		16 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/435325274?app_id=122963
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e0d0b201399b2e698eb95459e993aad4a38d350392454f9238fb871c8dc4dbb4
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aimarketing.mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/

Response headers

Connection
keep-alive
Content-Length
11578
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Mon, 13 Sep 2021 07:16:56 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-b-2
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Mon, 13 Sep 2021 07:08:01 GMT
Age
0
X-Served-By
cache-hhn4070-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1631516881.881408,VS0,VE212
Vary
Accept-Encoding
X-Player-Backend
p
FIPg15MTHu0
www.youtube-nocookie.com/embed/ Frame 1617 		54 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/FIPg15MTHu0
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.206 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f14.1e100.net
Software
ESF /
Resource Hash
b3e04b81ef69615f4c1cde4ef37bd867fa8556237183b0339b766af54e13b1e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube-nocookie.com
:scheme
https
:path
/embed/FIPg15MTHu0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aimarketing.mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 13 Sep 2021 07:08:00 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+343; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
MdhY3J_GNW4
www.youtube-nocookie.com/embed/ Frame 9802 		54 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.206 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f14.1e100.net
Software
ESF /
Resource Hash
f9ea3a4daa69c5ae6797d3ff9766922bd40472c5289102b566450625158f36ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube-nocookie.com
:scheme
https
:path
/embed/MdhY3J_GNW4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aimarketing.mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 13 Sep 2021 07:08:00 GMT
strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+931; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube-nocookie.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
shareaholic.js
cdn.shareaholic.net/assets/pub/ Frame F4DD 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
78e61005e2e726664f75289aa628502a8d5b778028d7a20f5801fbb54a5ecd7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 18:18:01 GMT
server
nginx
x-amz-request-id
RXHW0RCWS9ZQ6VKP
etag
"341b7832bceb58d328132074d4a59cdf"
x-hw
1631516880.cds065.am5.hn,1631516880.cds263.am5.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1200, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
3707
x-amz-id-2
/pntCx7IrUUm3JxQpjF4eUwR772Hm6KK3sjGm+9BsWeyUEd+1g/Bb2DsA2ZcnmXf9whhdveYRqk=
analytics.js
www.google-analytics.com/ Frame 6296 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCSQC38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6463
date
Mon, 13 Sep 2021 05:20:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 13 Sep 2021 07:20:17 GMT
C-k9TIksGvum59BrD1AXgu0_5iM.js
www.bitcoin-ad.com/cdn-cgi/apps/head/ Frame F4DD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/cdn-cgi/apps/head/C-k9TIksGvum59BrD1AXgu0_5iM.js
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe56e1283d0c66df2e226021d45c2d338b70c727dc25cd7457e469340f721193

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11382479
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
E5NMZS8086RZG0EM
x-amz-id-2
KDvlEdCcW9uUiUlHOw/CwHEFZRPSqY/yySA6soolf++qxjCYmiXfGvJ2mY+DGEH+2QxcDh7l2sg=
last-modified
Tue, 04 May 2021 13:19:16 GMT
server
cloudflare
etag
W/"28a23988e5eefde96267586353be8dc7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIuUvW2ooeELmfumOgtAg74JQaEbxKuUWR4EVrn98xwJXdfhSEbqn7Wm%2F8Gv0ufZAbxp5YJH4Xc0s5GvwwCtogiHDLwaoP1QW6Y8x1UDCRIzJX9zd5o60Kae2XppeBsIUjRRU2c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
l8Ky1UP8WYGBOIEXKWzOuYUSOvqW77Fq
cf-ray
68df8ab99af83329-CDG
bootstrap.css
www.bitcoin-ad.com/css/ Frame F4DD 		134 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/css/bootstrap.css
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1cf4db10fdb8c31fe5818b78725615feb38fa12e6ede86ea901e277d7f83bb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"5f849dcc-217c8"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3021762
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 12 Oct 2020 18:17:48 GMT
server
cloudflare
date
Mon, 13 Sep 2021 07:08:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWOf0ZV5GiGsCedQj9BjT1IHvZDRcAJ4LhOG%2Bf1Wwv0oXrOG3gMDARDmzkG9vISMYyWl6xXC1dNE0k8bAMb8DTvwaHdqrbQCkX8Umhjw6hnysMXJgT0o6Bk5fn1yX2rvNVzEHvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
68df8ab99af93329-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
normalize.css
www.bitcoin-ad.com/css/ Frame F4DD 		31 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/css/normalize.css
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9381d39e680065bae76712b562f4c755b3f2fc51343e079a2a8cb91c1617ba52
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"5634defa-7b3f"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3023000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Sat, 31 Oct 2015 15:32:10 GMT
server
cloudflare
date
Mon, 13 Sep 2021 07:08:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FLuLis5o9s9cYF%2F7SOveC27MYz816B51IB3cm2gEPmDkVawg%2Bf0COh8VbUbMXcsvmXb1ajSIbP5IDJHMgqhC9iu2Vf2tFx1cPttkAyxP5NzVmeVQ%2Bezko7n7AK9VPKKllWurKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
68df8ab99af03329-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-awesome.css
www.bitcoin-ad.com/css/ Frame F4DD 		32 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/css/font-awesome.css
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"55bce4d2-7e3e"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3023000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Sat, 01 Aug 2015 15:25:06 GMT
server
cloudflare
date
Mon, 13 Sep 2021 07:08:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZRtS%2FnvZCOTwWqhLicn963vYilGIsNhFSrhS7YuZfZ%2FzB4EU3nOi3ArVHfZ%2Frl433H%2FEpEL1dvDjgIkC%2FksetHOnUuvwOyZl5G3ViZKO2gnzcyiw%2BqmGVO%2BqHEYZHs%2BvDEYx68%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
68df8ab99ae93329-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.css
www.bitcoin-ad.com/css/ Frame F4DD 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/css/main.css
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4378b3e7bcf530a0a8d366c0017e5bc85a08147d0f89b3fd72d7b9297cd9e97f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2909877
cf-polished
origSize=6462
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Mon, 09 Aug 2021 14:05:18 GMT
server
cloudflare
etag
W/"6111361e-193e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBYxo4jJViljdQQyGUJUY3DwTdL4WLTX1tVi4rIltPDLbCL3kIuFu2Xf8fvYOre%2BVtBae%2F6H38QppPQSvIK%2F6sEa7689%2FZMGh4IBJgOHqZnqJcAO6Xb8G1l5hphFcs1v4gyGxRw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
68df8ab99af33329-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
site.css
www.bitcoin-ad.com/css/ Frame F4DD 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/css/site.css
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
007ed6ed7109ab63ddc0c8d00203e485a8fd7e4d06af35ec9d4f1dc3e8c818a0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"60e7dad0-4cb"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3023000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Fri, 09 Jul 2021 05:12:48 GMT
server
cloudflare
date
Mon, 13 Sep 2021 07:08:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN3JOcbz2YrXsXS4fvG9R02Cyf8v%2BRZT6o6Y%2BoDejgGHaqPbJTsKiBFnUXcPC1Ca28IRqCFy4Anzz1pWizKALNBQh%2Bjb4vuc2shhLwNtO4bxZ%2Bquxmx3iQb0mesyAbUKFoC%2FExk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=315360000, no-transform
cf-ray
68df8ab99af53329-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
www.bitcoin-ad.com/ Frame F4DD 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitcoin-ad.com/logo.png
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3b6d4df4e5c113797c3c10522eea8b78ac7451586915073259f6e0c63db334
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3023001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11332
pragma
public
last-modified
Mon, 07 Dec 2020 13:03:45 GMT
server
cloudflare
etag
"5fce2831-2c44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WQ6GhK%2Fxqq8fhP0Mx0FDOdMxklXdP%2BrCml9v2dq956IZT%2FSy6ThhCNWed5BZBslBx%2B5lFfIkA2uDuP9MUJNMOk1b65t6Z47s64WNvwZp1kDZ0VH25OzuqrRyDcjwz9yIOkiGGP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
68df8aba3bbd3329-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
biswap.png
www.bitcoin-ad.com/ Frame F4DD 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bitcoin-ad.com/biswap.png
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a192e1ed253d730c89e744d59e4b39f25f6dab5bc963e2129a5cf39e8f5a15f2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
263918
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15562
pragma
public
last-modified
Tue, 17 Aug 2021 07:06:34 GMT
server
cloudflare
etag
"611b5ffa-3cca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrCdsL2foaHcJ%2BwnnPngAN4rewSbTYFXbbQ0r%2BiehiV3wF2hDKQthiY9xN2woTIjcl909iPKbZ81oCDBWMPViCs%2FQAML01MC3GzFtY%2B7XauVp4%2F%2FnW4zckvXKoyN0R5R0fli4Zs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, no-transform
accept-ranges
bytes
cf-ray
68df8aba3bbe3329-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
www.bitcoin-ad.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame F4DD 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
etag
W/"61375a60-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAvQFxCtVNNLQAWRwzS95e4UFqbFooXkdQYGbzIjHgURJhRQcg2QRlxrEDPuq4A8FzrfOScLSOZxH4a4KFGV8iJR1D18SPEwujtAWtzEVmiLdRiTxAz%2FH8nEn%2Fzsj5ABFlhWuBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68df8aba3bac3329-CDG
vary
Accept-Encoding
expires
Wed, 15 Sep 2021 07:08:00 GMT
jquery.min.js
www.bitcoin-ad.com/plugins/jquery/ Frame F4DD 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/plugins/jquery/jquery.min.js
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"5fc35e57-15d84"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3023000
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Sun, 29 Nov 2020 08:39:51 GMT
server
cloudflare
date
Mon, 13 Sep 2021 07:08:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbKDpwPruWJB3%2BE7rCX%2FkYN5OSVnsjtaTqwZSaaCk5hjVNKQL0gHFjXjFwQjGMcdJEuaZRNJRVq1M6RLSVnmo%2Bo6UeNT9GexwGgq9kxmME%2B%2BMMFJz9u7isHr4bpyQPOu25X79nA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000, no-transform
cf-ray
68df8aba3bae3329-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.bundle.min.js
www.bitcoin-ad.com/plugins/bootstrap/js/ Frame F4DD 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/plugins/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
etag
W/"5fc35e56-148b8"
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3023001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
last-modified
Sun, 29 Nov 2020 08:39:50 GMT
server
cloudflare
date
Mon, 13 Sep 2021 07:08:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jb0kt%2FalXZBMgfLCGvahBzUA8vkxYRt9bbDsQtDvFahyTpQa69pvXaEKeBPWYZBgmtd1JQ6U7TkxcFfy%2BiSEiIYp0Yu9p20ueKTJxAA7OjNmQt%2B849hhoayDtX1g%2BwLP4pITD%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000, no-transform
cf-ray
68df8aba3bbb3329-CDG
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ Frame F4DD 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-180099124-1
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
15e3af36c0b3a9a1acba9c736a47776722e065004fd0697a1f08b0005afc9f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41241
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Sep 2021 07:08:01 GMT
/
tradingcoins.bar/ Frame B3FB 		62 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tradingcoins.bar/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
88.198.195.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www129.your-server.de
Software
Apache /
Resource Hash
83115a9457b2f1c2ec643c52232d2f5c47023bf4ec359a7a83e6cc2fedb127ef

Request headers

:method
GET
:authority
tradingcoins.bar
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tradingcoins.bar/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
server
Apache
vary
Accept-Encoding,Cookie
cache-control
max-age=3, must-revalidate max-age=0, no-cache
x-mod-pagespeed
1.13.35.2-0
content-encoding
br
content-length
9644
content-type
text/html; charset=UTF-8
A.style.min.css,qver=5.8.1.pagespeed.cf.oh3cmA1ZSA.css
tradingcoins.bar/wp-includes/css/dist/block-library/ Frame B3FB 		78 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tradingcoins.bar/wp-includes/css/dist/block-library/A.style.min.css,qver=5.8.1.pagespeed.cf.oh3cmA1ZSA.css
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
88.198.195.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www129.your-server.de
Software
Apache /
Resource Hash
501ba1afa440dad02c2a931cddf6c9348174332b25fafd900264a92a11b8e152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
x-original-content-length
80574
server
Apache
etag
W/"0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
last-modified
Mon, 13 Sep 2021 07:06:28 GMT
accept-ranges
bytes
content-length
10377
expires
Tue, 13 Sep 2022 07:06:28 GMT
widget-areas.min.css,qver=3.0.4.pagespeed.ce.qcVwyJFJds.css
tradingcoins.bar/wp-content/themes/generatepress/assets/css/components/ Frame B3FB 		3 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tradingcoins.bar/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css,qver=3.0.4.pagespeed.ce.qcVwyJFJds.css
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
88.198.195.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www129.your-server.de
Software
Apache /
Resource Hash
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
x-original-content-length
3358
server
Apache
etag
W/"0-br"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
last-modified
Fri, 10 Sep 2021 07:05:17 GMT
accept-ranges
bytes
content-length
632
expires
Tue, 13 Sep 2022 07:08:00 GMT
main.min.css,qver=3.0.4.pagespeed.ce.ONTORDmy6M.css
tradingcoins.bar/wp-content/themes/generatepress/assets/css/ Frame B3FB 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tradingcoins.bar/wp-content/themes/generatepress/assets/css/main.min.css,qver=3.0.4.pagespeed.ce.ONTORDmy6M.css
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
88.198.195.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www129.your-server.de
Software
Apache /
Resource Hash
a76f2fb2a72b720fe656187edcf8ec071d72c251f398d4ac832eca23bd0e0bc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
x-original-content-length
19294
server
Apache
etag
W/"0-br"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
last-modified
Fri, 10 Sep 2021 07:05:17 GMT
accept-ranges
bytes
content-length
4378
expires
Tue, 13 Sep 2022 07:08:00 GMT
jquery.min.js,qver=3.6.0.pagespeed.ce.At1dBK3UdZ.js
tradingcoins.bar/wp-includes/js/jquery/ Frame B3FB 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tradingcoins.bar/wp-includes/js/jquery/jquery.min.js,qver=3.6.0.pagespeed.ce.At1dBK3UdZ.js
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
88.198.195.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www129.your-server.de
Software
Apache /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
x-original-content-length
89521
server
Apache
etag
W/"0-br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
last-modified
Tue, 20 Jul 2021 22:24:28 GMT
accept-ranges
bytes
content-length
30310
expires
Tue, 13 Sep 2022 07:08:00 GMT
jquery-migrate.min.js,qver=3.3.2.pagespeed.ce.ebSVa37EeO.js
tradingcoins.bar/wp-includes/js/jquery/ Frame B3FB 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tradingcoins.bar/wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.ce.ebSVa37EeO.js
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
88.198.195.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www129.your-server.de
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
br
x-original-content-length
11224
server
Apache
etag
W/"0-br"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges
bytes
content-length
3998
expires
Tue, 13 Sep 2022 07:08:00 GMT
wp-content,_themes,_generatepress,_assets,_js,_main.min.js,qver==3.0.4+wp-includes,_js,_wp-embed.min.js,qver==5.8.1.pagespeed.jc.eLmDsLq3Be.js
tradingcoins.bar/ Frame B3FB 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tradingcoins.bar/wp-content,_themes,_generatepress,_assets,_js,_main.min.js,qver==3.0.4+wp-includes,_js,_wp-embed.min.js,qver==5.8.1.pagespeed.jc.eLmDsLq3Be.js
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
88.198.195.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www129.your-server.de
Software
Apache /
Resource Hash
255c9d8c86e9ff143d05233330db8bfb6a04196b5e2600561e10ddba4678466d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:00 GMT
content-encoding
gzip
x-original-content-length
8746
server
Apache
etag
W/"0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
last-modified
Mon, 13 Sep 2021 07:06:28 GMT
accept-ranges
bytes
content-length
2465
expires
Tue, 13 Sep 2022 07:06:28 GMT
wp-emoji-release.min.js
tradingcoins.bar/wp-includes/js/ Frame B3FB 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tradingcoins.bar/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
88.198.195.3 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
www129.your-server.de
Software
Apache /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-original-content-length
18181
server
Apache
etag
W/"PSA-EWyGxW-NsL"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache
last-modified
Tue, 20 Jul 2021 22:24:28 GMT
accept-ranges
bytes
content-length
4853
expires
Mon, 13 Sep 2021 07:12:43 GMT
www-widgetapi.js
www.youtube.com/s/player/1cc7c82c/www-widgetapi.vflset/ Frame 6296 		135 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/1cc7c82c/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.206 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f14.1e100.net
Software
sffe /
Resource Hash
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cryptotabbrowser.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 02:20:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
17247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44724
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 13 Sep 2022 02:20:34 GMT
cSfPX_qD5djvwBead1KgF5gXqCw.js
www.bitcoin-ad.com/cdn-cgi/apps/body/ Frame F4DD 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bitcoin-ad.com/cdn-cgi/apps/body/cSfPX_qD5djvwBead1KgF5gXqCw.js
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/cdn-cgi/apps/head/C-k9TIksGvum59BrD1AXgu0_5iM.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.175.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62d28870303ab4db7b864138bcafd63b3351675b69bdfb520e874dc307fb9e0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4838106
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
THW6VRBSJ13MEJQA
x-amz-id-2
Bivc2QASx7lIPirJq21ksPz0JUqMSgy4vXK0qFQU0bujAahjWy6hpe+kHL7xx6COQN6AGCpr5Ag=
last-modified
Tue, 04 May 2021 13:19:16 GMT
server
cloudflare
etag
W/"76f2b07701175a83683cf39eb2c24261"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxIWZES9jKUOP1vwOCc62tYlx2h2sq14D6%2BXA4848OYELylJDakrx1H4WggpZf7b35h6VsqeVyG9PIWFAjdVxyagXnBefOY28uHHdQpLLFHAU%2Bmobc3HLyTa66dIjXPGjdBozW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
7UzSdjoXbQJyBnuFeefRS4I1nkGKfLTW
cf-ray
68df8aba3bbf3329-CDG
1625793
ad.a-ads.com/ Frame C594 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1625793?size=970x250
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
200077eba2d5dbf25783bf878e03b8da44fd2684ba9591cf7ba629f40b46ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.bitcoin-ad.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:01 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.bitcoin-ad.com/
Content-Encoding
gzip
www-player-webp.css
www.youtube-nocookie.com/s/player/1cc7c82c/ Frame 1617 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/www-player-webp.css
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/FIPg15MTHu0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
46717c032f82e2316c694c6cb20d63d109954cc77e1aeee251dd5b1591915716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/FIPg15MTHu0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:11:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
312975
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46331
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:11:46 GMT
www-embed-player.js
www.youtube-nocookie.com/s/player/1cc7c82c/www-embed-player.vflset/ Frame 1617 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/FIPg15MTHu0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
73489d9071ef40a1fdce399ee4faee08addd584314f4eb9a82d2f65d2af541a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/FIPg15MTHu0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
313081
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67231
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:10:00 GMT
base.js
www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 1617 		2 MB
504 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/FIPg15MTHu0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
55b39bdfbc1845ff7f8dec7f508ceaced7115c594b4454fcbd17d5ff4cfd32bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/FIPg15MTHu0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 17:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
307302
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
515566
x-xss-protection
0
expires
Fri, 09 Sep 2022 17:46:19 GMT
fetch-polyfill.js
www.youtube-nocookie.com/s/player/1cc7c82c/fetch-polyfill.vflset/ Frame 1617 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/FIPg15MTHu0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/FIPg15MTHu0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
313081
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:10:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1617 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/FIPg15MTHu0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 05:40:39 GMT
x-content-type-options
nosniff
age
5242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 05:40:39 GMT
1660428
ad.a-ads.com/ Frame C2D5 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1660428?size=320x100
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
7445e8309a2743c26ba9acca938beed86cb780a887cc578f81ba7633deedeb57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://tradingcoins.bar/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:01 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://tradingcoins.bar/
Content-Encoding
gzip
tag.js
mc.yandex.ru/metrika/ Frame F4DD 		224 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
last-modified
Fri, 10 Sep 2021 15:33:58 GMT
etag
"61372b26-11d31"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73009
expires
Mon, 13 Sep 2021 08:08:01 GMT
www-player-webp.css
www.youtube-nocookie.com/s/player/1cc7c82c/ Frame 9802 		329 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/www-player-webp.css
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
46717c032f82e2316c694c6cb20d63d109954cc77e1aeee251dd5b1591915716
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:11:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
312975
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46331
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:11:46 GMT
www-embed-player.js
www.youtube-nocookie.com/s/player/1cc7c82c/www-embed-player.vflset/ Frame 9802 		201 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
73489d9071ef40a1fdce399ee4faee08addd584314f4eb9a82d2f65d2af541a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
313081
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67231
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:10:00 GMT
base.js
www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 9802 		2 MB
504 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
55b39bdfbc1845ff7f8dec7f508ceaced7115c594b4454fcbd17d5ff4cfd32bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 17:46:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
307302
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
515566
x-xss-protection
0
expires
Fri, 09 Sep 2022 17:46:19 GMT
fetch-polyfill.js
www.youtube-nocookie.com/s/player/1cc7c82c/fetch-polyfill.vflset/ Frame 9802 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
313081
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Fri, 09 Sep 2022 16:10:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9802 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 05:40:39 GMT
x-content-type-options
nosniff
age
5242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 05:40:39 GMT
/
s.adlane.info/ Frame B3FB 		97 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?floor=0&content_page_url=https%3A%2F%2Ftradingcoins.bar%2F&width=728&height=90&cb=1631516881048&aid=639589
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tradingcoins.bar
Date
Mon, 13 Sep 2021 07:08:00 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
/
s.adlane.info/ Frame B3FB 		97 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?floor=0&content_page_url=https%3A%2F%2Ftradingcoins.bar%2F&width=320&height=100&cb=1631516881048&aid=639591
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tradingcoins.bar
Date
Mon, 13 Sep 2021 07:08:00 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
/
s.adlane.info/ Frame B3FB 		97 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?floor=0&content_page_url=https%3A%2F%2Ftradingcoins.bar%2F&width=200&height=200&cb=1631516881060&aid=639585
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tradingcoins.bar
Date
Mon, 13 Sep 2021 07:08:00 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
/
s.adlane.info/ Frame B3FB 		97 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?floor=0&content_page_url=https%3A%2F%2Ftradingcoins.bar%2F&width=300&height=250&cb=1631516881060&aid=639586
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tradingcoins.bar
Date
Mon, 13 Sep 2021 07:08:00 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
/
s.adlane.info/ Frame B3FB 		97 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?floor=0&content_page_url=https%3A%2F%2Ftradingcoins.bar%2F&width=300&height=250&cb=1631516881060&aid=639587
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tradingcoins.bar
Date
Mon, 13 Sep 2021 07:08:00 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
/
s.adlane.info/ Frame B3FB 		97 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?floor=0&content_page_url=https%3A%2F%2Ftradingcoins.bar%2F&width=300&height=250&cb=1631516881078&aid=639588
Requested by
Host: tradingcoins.bar
URL: https://tradingcoins.bar/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tradingcoins.bar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tradingcoins.bar
Date
Mon, 13 Sep 2021 07:08:00 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
main.js
m9m6e2w5.stackpathcdn.com/v2/5e24642d/ Frame F4DD 		147 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m9m6e2w5.stackpathcdn.com/v2/5e24642d/main.js
Requested by
Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
25d96cc434b01b3b592f29f2fd5c6bf2e678c0e84530936e5b4c3d3f55576f25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 18:17:56 GMT
server
nginx
x-amz-request-id
RXHRYG964VF84XGQ
etag
"bc6d3f004460c8651a42da76aafa3288"
x-hw
1631516881.cds006.am5.hn,1631516881.cds121.am5.c
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, public
x-hello-human
Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges
bytes
content-length
41952
x-amz-id-2
BTjBf3VSImsvG6HpHRnC9QOXfA0gWPOl3k+hWFfy4l6VEVdLhHIiAM0ODLbme8mi2QYi1Y9RJPA=
truncated
/ Frame F4DD 		854 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ Frame FE4D 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: www.relationshipadvice.info
URL: https://www.relationshipadvice.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.relationshipadvice.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 19:28:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3475
x-xss-protection
0
expires
Mon, 13 Sep 2021 07:08:01 GMT
_csp
player.vimeo.com/ Frame F12B 		0
906 B 		Other
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/_csp
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/video/435325274?app_id=122963
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/csp-report

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com; report-uri /_csp
Via
1.1 varnish
X-Content-Type-Options
nosniff
X-Cache
MISS
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Host
player-v693-p8smc
Connection
keep-alive
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4070-HHN
X-Vimeo-DC
ge
X-Player-Backend
p
Server
nginx
X-Timer
S1631516881.156208,VS0,VE114
Date
Mon, 13 Sep 2021 07:08:01 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=UTF-8
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges
bytes
X-Cache-Hits
0
sprite_v1_6.css.svg
www.relationshipadvice.info/responsive/ Frame FE4D 		7 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.relationshipadvice.info/responsive/sprite_v1_6.css.svg
Requested by
Host: www.relationshipadvice.info
URL: https://www.relationshipadvice.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.211 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f19.1e100.net
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.relationshipadvice.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 12 Sep 2021 08:49:17 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2244
x-xss-protection
0
expires
Mon, 20 Sep 2021 07:08:01 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ Frame 489E 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1222814713344722&plah=aimarketing.mediacpm.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
cafe /
Resource Hash
3439f40df7ad4714cdd5695d237ce23f6d17b56cf1600a7c8fe4c6616b5353e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95416
x-xss-protection
0
server
cafe
etag
8941794579414213630
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 13 Sep 2021 07:08:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 2E40 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aimarketing.mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 12 Sep 2021 17:04:16 GMT
expires
Sun, 26 Sep 2021 17:04:16 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
50625
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
320x100
static.a-ads.com/a-ads-banners/117467/ Frame C2D5 		646 KB
647 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117467/320x100?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1660428?size=320x100
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
94d4e838dd16caead3b96d01fb499f03f4ee6ea1d8ca2a0b33132febad4151ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:01 GMT
Last-Modified
Fri, 17 Apr 2020 16:24:57 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
SS8JN4JHFDR6610C
ETag
"dc11f31b9085f75c457e9ac9c902db02"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
661536
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
MJZXg4hga_2uMJtUemG.W3G2Dfv3GFml
x-amz-id-2
Oolldu/6moSsU/LzqcO21wcWcGxN61kgi3Zbf03eyAbIJtwlT1yMHutCsQ5NKKwJVg1IBwiY9UA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
JCqgJtNU_e5V4G-xDSFiR55dwlPviGHcL1NU0QM0nWlLXPmcSfc0KNgbJYzF8v8Q4DD-wz7xWmSFvdvIW0_NNZHpKyr6o6RLYRy1RHjbNNSBwBKn=w32-h32-p-k-no-nu
lh3.googleusercontent.com/proxy/ Frame FE4D 		80 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/JCqgJtNU_e5V4G-xDSFiR55dwlPviGHcL1NU0QM0nWlLXPmcSfc0KNgbJYzF8v8Q4DD-wz7xWmSFvdvIW0_NNZHpKyr6o6RLYRy1RHjbNNSBwBKn=w32-h32-p-k-no-nu
Requested by
Host: www.relationshipadvice.info
URL: https://www.relationshipadvice.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f1.1e100.net
Software
fife /
Resource Hash
3128026abb74a5f03f49d98d581a843545bd02efcc594ebe8741c30551f9dab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.relationshipadvice.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:14:12 GMT
x-content-type-options
nosniff
server
fife
age
10429
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80
x-xss-protection
0
expires
Tue, 14 Sep 2021 04:14:12 GMT
/
t.dtscout.com/idg/ Frame 4DEE 		1 KB
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=6D00163151688187F2A01F0B9C019034
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570927.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d10e141019db4e8919e5bbcbc07dd6d2d16705aea6f43e53122c0d97ed5a1bee

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Cookie
m=1; b=1; st=1; oa=1; df=1631516881; l=6D00163151688187F2A01F0B9C019034
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Mon, 13 Sep 2021 07:08:00 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-52.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
45323
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d1a8cc0bb52400f43698b4c3cd691acd.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sun, 12 Sep 2021 18:32:39 GMT
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
c5kQcVfpQBLYKDeSmAxL-icltydehGUbkvra2W7kwEVm-rOGoDL08A==
dtscout
pd.sharethis.com/pd/ 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 13 Sep 2021 07:08:01 GMT
afwu.js
cdn.tynt.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&j=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:37 GMT
server
cloudflare
age
122526
etag
W/"612951fd-288b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
68df8abc4ea2215d-DUS
expires
Thu, 16 Sep 2021 07:08:01 GMT
/
t.dtscout.com/pv/ 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=mediacpm.pl&_ss=1ehvsn4oxn&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4kys&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570927.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2eded2f73ee8300f26f93a0b1965e541aa07206e3345e57f7a208426fc840382

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:01 GMT
X-T
0.275
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Mon, 13 Sep 2021 07:08:00 GMT
919248683.jpg
i.vimeocdn.com/video/ Frame F12B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/919248683.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/435325274?app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0929bd49017bdbe79f832bfde8588a9068e34ed4bc838c5339934bb0acb6dcdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
941663
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1569
viewmaster-server
viewmaster-us-east1-r1jf
x-served-by
cache-dfw18672-DFW, cache-hhn4074-HHN
x-timer
S1631516881.308254,VS0,VE0
etag
307cf8e5b203f26df59986f5ac5201ae
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1485
player.de-DE.js
f.vimeocdn.com/p/3.40.0/js/ Frame F12B 		652 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.40.0/js/player.de-DE.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/435325274?app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d069b57221d407cce7111787799552c6dc186bdb108050b560328733f2519ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
via
1.1 varnish, 1.1 varnish
age
369988
x-guploader-uploadid
ADPycdvI6Q41pM-HkVHPlKZJNX1MSvBoKodMR9x3N04tiRyCqZxlryeLYlJzF3CGyBu2SYaY0iRvMJpQGX5dc7Op7AewhfSe6g
x-cache
MISS, HIT
content-encoding
br
content-length
156890
x-served-by
cache-bwi5123-BWI, cache-hhn4072-HHN
last-modified
Thu, 02 Sep 2021 18:30:31 GMT
server
UploadServer
x-timer
S1631516881.318590,VS0,VE0
etag
"4c738f779e8042c7be34f54fc6ea307c"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 2783
player.css
f.vimeocdn.com/p/3.40.0/css/ Frame F12B 		167 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.40.0/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/435325274?app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8bd8fd000352ffd93afce21b9264517cd30bc972c5ff8043ea655ac4fccc5d5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
via
1.1 varnish, 1.1 varnish
age
903862
x-guploader-uploadid
ADPycdvn0_sDP46sJcMTJhmXXjoy99T6ebFdEC8Hp0MCpac3HHDnMcw4J_bA4DiQVxpjh80spXsHN1gh9trs4bBoBo_2CF9XVA
x-cache
MISS, HIT
content-encoding
br
content-length
18059
x-served-by
cache-bwi5136-BWI, cache-hhn4072-HHN
last-modified
Thu, 02 Sep 2021 18:30:32 GMT
server
UploadServer
x-timer
S1631516881.318572,VS0,VE0
etag
"5469d4aa95a3dcc9ff01a7effc404bae"
vary
Accept-Encoding,x-http-method-override
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 372331
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame F12B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/435325274?app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
age
3976845
x-cache
HIT, HIT
content-length
1238
x-served-by
cache-bwi5172-BWI, cache-hhn4072-HHN
last-modified
Thu, 29 Jul 2021 05:38:40 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1631516881.318653,VS0,VE0
etag
"a68-5c83c83e57800-gzip"
vary
Accept-Encoding,x-http-method-override
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
expires
Sun, 27 Jul 2031 06:27:16 GMT
x-vimeo-dc
ge
x-bapp-server
assets-v949-4qvwc
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 336981
rum
cryptotabbrowser.com/cdn-cgi/ Frame 6296 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cryptotabbrowser.com/cdn-cgi/rum?
Requested by
Host: cryptotabbrowser.com
URL: https://cryptotabbrowser.com/de/16224264/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://cryptotabbrowser.com/de/16224264/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://cryptotabbrowser.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
68df8abbefc953bb-LHR
vary
Origin
/
news-btc.info/ Frame C28B 		58 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddf6b2c57c9e35c90dd384d73684cf9440fd906debc6183eb0dafdcfdf4c620e

Request headers

:method
GET
:authority
news-btc.info
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://news-btc.info/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,Cookie
cache-control
max-age=3, must-revalidate max-age=0, no-cache, s-maxage=10
x-mod-pagespeed
1.13.35.2-0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTnToLO5dWnDWDjGl00S66V4bNSJW0BhWKqLKwfKRtOLyUisTD2nRBJRUffgvsx3JopzIVOS841fGSX3ctpgk2y6zUwUUhHwr9p8ibe4GKoAqU1pY07PBbjp3nlpDkLN"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8abc38703b2b-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
analytics.js
www.google-analytics.com/ Frame F4DD 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180099124-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6464
date
Mon, 13 Sep 2021 05:20:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 13 Sep 2021 07:20:17 GMT
display.js
cdn.adf.ly/js/ Frame FE4D 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adf.ly/js/display.js
Requested by
Host: www.relationshipadvice.info
URL: https://www.relationshipadvice.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.81.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.relationshipadvice.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5775
last-modified
Thu, 29 Jul 2021 14:08:58 GMT
server
cloudflare
etag
"3e81-6102b67a-1a029ed62bba2563;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
68df8abd3ac5fad4-DUS
expires
Mon, 20 Sep 2021 07:08:01 GMT
2276472856-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ Frame FE4D 		138 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/2276472856-indie_compiled.js
Requested by
Host: www.relationshipadvice.info
URL: https://www.relationshipadvice.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f9.1e100.net
Software
sffe /
Resource Hash
c334c496e0dca99d37eaabf0e3a251080618ac108eb3b782a43071c6ab7fca3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.relationshipadvice.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 08:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Sep 2021 08:49:56 GMT
server
sffe
age
598147
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48045
x-xss-protection
0
expires
Mon, 13 Sep 2021 08:58:54 GMT
cookienotice.js
www.relationshipadvice.info/js/ Frame FE4D 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.relationshipadvice.info/js/cookienotice.js
Requested by
Host: www.relationshipadvice.info
URL: https://www.relationshipadvice.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.211 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f19.1e100.net
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.relationshipadvice.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 12 Sep 2021 18:50:20 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Mon, 20 Sep 2021 07:08:01 GMT
745028019-widgets.js
www.blogger.com/static/v1/widgets/ Frame FE4D 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/745028019-widgets.js
Requested by
Host: www.relationshipadvice.info
URL: https://www.relationshipadvice.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f9.1e100.net
Software
sffe /
Resource Hash
7998fdc70409b584aaf012c1ce11ec0365cffd6881f112d926afda280180f6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.relationshipadvice.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:06:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 01:51:04 GMT
server
sffe
age
121
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55002
x-xss-protection
0
expires
Tue, 13 Sep 2022 07:06:00 GMT
1
mc.yandex.com/watch/69147001/ Frame F4DD
Redirect Chain
  • https://mc.yandex.com/watch/69147001?wmode=7&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&page-ref=https%3A%2F%2Fmediacpm.pl%2F&charset=utf-8&browse...
  • https://mc.yandex.com/watch/69147001/1?wmode=7&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&page-ref=https%3A%2F%2Fmediacpm.pl%2F&charset=utf-8&brow...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/69147001/1?wmode=7&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&page-ref=https%3A%2F%2Fmediacpm.pl%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A1091078025616%3Ahid%3A54821127%3Az%3A0%3Ai%3A20210913070801%3Aet%3A1631516881%3Ac%3A1%3Arn%3A772075535%3Arqn%3A1%3Au%3A163151688117833305%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1631516879883%3Ads%3A15%2C163%2C152%2C1%2C531%2C0%2C%2C292%2C1%2C%2C%2C%2C1185%3Adsn%3A15%2C163%2C152%2C1%2C531%2C0%2C%2C323%2C0%2C%2C%2C%2C1186%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631516881%3At%3ABitcoinAd%20-%20Get%20free%20bitcoin%200.00005btc%20-%20Freebitcoin%20%7C%20BitcoinAd
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
195be65a93adbd9ec192508ffecf4950dac9676534a8084afc2e8c7ae247d21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 13-Sep-2021 07:08:01 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bitcoin-ad.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Mon, 13-Sep-2021 07:08:01 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:01 GMT
last-modified
Mon, 13-Sep-2021 07:08:01 GMT
location
/watch/69147001/1?wmode=7&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&page-ref=https%3A%2F%2Fmediacpm.pl%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A1091078025616%3Ahid%3A54821127%3Az%3A0%3Ai%3A20210913070801%3Aet%3A1631516881%3Ac%3A1%3Arn%3A772075535%3Arqn%3A1%3Au%3A163151688117833305%3Aw%3A0x0%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1631516879883%3Ads%3A15%2C163%2C152%2C1%2C531%2C0%2C%2C292%2C1%2C%2C%2C%2C1185%3Adsn%3A15%2C163%2C152%2C1%2C531%2C0%2C%2C323%2C0%2C%2C%2C%2C1186%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631516881%3At%3ABitcoinAd%20-%20Get%20free%20bitcoin%200.00005btc%20-%20Freebitcoin%20%7C%20BitcoinAd
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.bitcoin-ad.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 13-Sep-2021 07:08:01 GMT
advert.gif
mc.yandex.com/metrika/ Frame F4DD 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/?utm_source=&utm_medium=&utm_content=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.bitcoin-ad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
last-modified
Fri, 10 Sep 2021 15:33:58 GMT
etag
"61372b26-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 13 Sep 2021 08:08:01 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631516881407&dn=AFWU&iso=0&t=MediaCPM
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
player-test-impression
fresnel.vimeocdn.com/add/ Frame F12B 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.40.0/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 13 Sep 2021 07:08:01 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
919248683
i.vimeocdn.com/video/ Frame F12B 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/919248683
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/435325274?app_id=122963
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4c23e2ad12be1e72417e5a5eb5cddd1d5d28b4afdbdb1107dc7470ae458ea59b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
2159109
x-viewmaster-lossless-format
false
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
36715
viewmaster-server
viewmaster-us-central1-tppc
x-served-by
cache-dfw18662-DFW, cache-hhn4074-HHN
x-timer
S1631516881.464624,VS0,VE1
etag
fb1cb2236eef78f1f2dea534ed612805
vary
Accept
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
player-stats
fresnel.vimeocdn.com/add/ Frame F12B 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=5fcd30135dcbe32302559b76625ca1b1edf4e2ae1631516880
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.40.0/js/player.de-DE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 13 Sep 2021 07:08:01 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
/
onetag-geo.s-onetag.com/ 		555 B
959 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-25.lhr61.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
via
1.1 31b9a80773cc362c841cdf3c93e7e137.cloudfront.net (CloudFront), 1.1 024e0eb7c8dbc0f1008d8bc14f1acebf.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2, LHR61-C1
x-amzn-requestid
4cd4fc80-5426-453a-9108-8da7e730dcd9
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
FlvQyG3wCYcFsTA=
content-length
555
x-amz-cf-id
SoFnf37iqDiny1qnrp8bD-VcCVgrrc8YdLYBlFhqbjfM2NR5T0sZVA==
vuid
vimeo.com/ablincoln/ Frame F12B 		0
790 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=5fcd30135dcbe32302559b76625ca1b1edf4e2ae1631516880
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5123-BWI, cache-hhn4023-HHN
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1631516882.546269,VS0,VE130
X-Frame-Options
sameorigin
Date
Mon, 13 Sep 2021 07:08:01 GMT
Vary
User-Agent
Expires
Sun, 12 Sep 2021 19:08:01 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v14633-6trpl
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
cookie.js
partner.googleadservices.com/gampad/ Frame 489E 		201 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=aimarketing.mediacpm.pl&callback=_gfp_s_&client=ca-pub-1222814713344722
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1222814713344722&plah=aimarketing.mediacpm.pl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ba07ef2168673db7fa877c989c3f1650a332d6dee29abd12671a761c82ac05e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 489E 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=aimarketing.mediacpm.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1222814713344722&plah=aimarketing.mediacpm.pl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 489E 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=aimarketing.mediacpm.pl
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1222814713344722&plah=aimarketing.mediacpm.pl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3D4C 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1222814713344722&output=html&adk=1812271804&adf=2751417949&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fmediacpm.pl%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631516881175&bpp=7&bdt=447&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&nras=1&correlator=1734776563917&frm=24&ife=1&pv=2&ga_vid=1991690738.1631516882&ga_sid=1631516882&ga_hid=521497295&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1179187112&scr_x=-12245933&scr_y=-12245933&eid=44747621%2C31062297&oid=3&pvsid=3922357469780431&pem=742&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.5j5cl8h8ipg1&fsb=1&dtd=415
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1222814713344722&plah=aimarketing.mediacpm.pl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1222814713344722&output=html&adk=1812271804&adf=2751417949&plat=1%3A147968%2C2%3A147968%2C8%3A147968%2C9%3A147968%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A16896%2C27%3A16896%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fmediacpm.pl%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631516881175&bpp=7&bdt=447&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&nras=1&correlator=1734776563917&frm=24&ife=1&pv=2&ga_vid=1991690738.1631516882&ga_sid=1631516882&ga_hid=521497295&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=1179187112&scr_x=-12245933&scr_y=-12245933&eid=44747621%2C31062297&oid=3&pvsid=3922357469780431&pem=742&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.5j5cl8h8ipg1&fsb=1&dtd=415
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aimarketing.mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 13 Sep 2021 07:08:01 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 13-Sep-2021 07:23:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 13 Sep 2021 07:08:01 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame 489E 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1222814713344722&plah=aimarketing.mediacpm.pl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f2.1e100.net
Software
sffe /
Resource Hash
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273431406706"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
expires
Mon, 13 Sep 2021 07:08:01 GMT
sentry.js
f.vimeocdn.com/p/3.40.0/js/module/ Frame F12B 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.40.0/js/module/sentry.js
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.40.0/js/player.de-DE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
31b2f942258a4215e74331641c99e36b0797ba0f90eeca8b6d3424c4e19a4a48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
via
1.1 varnish, 1.1 varnish
age
372024
x-guploader-uploadid
ADPycdvxkhfAqvhXMN_HqmiSPAGaJBst2uSMGU9p4QZU7rZtemw0CBoHPiPsb8aZKvT7bmFfc7xFcNSf3zbcDIAZRuM
x-cache
MISS, HIT
content-encoding
br
content-length
18699
x-served-by
cache-bwi5125-BWI, cache-hhn4072-HHN
last-modified
Thu, 02 Sep 2021 18:30:32 GMT
server
UploadServer
x-timer
S1631516882.633536,VS0,VE0
etag
"9ae167d4c2c35140701890485b5f9cc5"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 44716
main.min.css,qver=3.6.9.pagespeed.ce.HnllHirUL_.css
news-btc.info/wp-content/themes/astra/assets/css/minified/ Frame C28B 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-content/themes/astra/assets/css/minified/main.min.css,qver=3.6.9.pagespeed.ce.HnllHirUL_.css
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a2d41d6f97271a49672b50d97709de6d97c6c6babb7ccc2eb16003692c93c73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
42271
age
931921
cf-polished
origSize=42271
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 02 Sep 2021 11:31:14 GMT
server
cloudflare
etag
W/"0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfIwBqIjy80f8mrF5dsOlCZea%2BCP0I8qazPnZdljuMbdI7XK1B310%2B7qZ43tokdbEm4p8WUM0m2oIDlYGTl6JMeX6YYdtaYAcmOn%2BvqCyQ7L4NFc%2FOuogYOj62h8Cpcr"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
68df8abe5b153b2b-CDG
expires
Fri, 02 Sep 2022 12:16:00 GMT
A.astra-theme-dynamic-css-home.css,qver=1631516396.pagespeed.cf.tYaW7iu1br.css
news-btc.info/wp-content/uploads/astra/ Frame C28B 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-content/uploads/astra/A.astra-theme-dynamic-css-home.css,qver=1631516396.pagespeed.cf.tYaW7iu1br.css
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01205a82e63f3bfd8aa9dd8390a1fc7dcc91e9ad05ad2a8c0ae1d5788829c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
33586
age
483
cf-polished
origSize=32716
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 13 Sep 2021 06:59:56 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mryJhRryQCSnzI7NV9JNjXIFiA%2B0c7cU9oVDVdV%2FeKDWkRM%2Bs66OIxyPafssBZeQTaE2bnGLrjjVL4jE29f0zgkgXpSm574B5APdvmZapIJdBmkn58k863CDCiiCE9BX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
68df8abe5b163b2b-CDG
expires
Tue, 13 Sep 2022 06:59:56 GMT
style.min.css
news-btc.info/wp-includes/css/dist/block-library/ Frame C28B 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 19 Jul 2021 00:56:57 GMT
server
cloudflare
age
763
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZgI2%2BH77mhbFh%2BtMc3GZ%2FoLod4QQ0T8KmjtZoOPjFjM3HcUe1EDiwk%2FphLQh11fX07WYfxmb3ojqkLpr5hV%2BP%2FiQt0omMLuOysa0zxdvm7Fb5ry%2FEba0jTmChPZDHN4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68df8abe5b173b2b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
astra-addon-6130b745df7df4-84814461.css,qver=3.5.8.pagespeed.ce.IWhjXTEeAR.css
news-btc.info/wp-content/uploads/astra-addon/ Frame C28B 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-content/uploads/astra-addon/astra-addon-6130b745df7df4-84814461.css,qver=3.5.8.pagespeed.ce.IWhjXTEeAR.css
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b4ed54d4df0583a1d004eefa246ef679290315b01c11edea482e06b58291aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
15366
age
931920
cf-polished
origSize=15366
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 02 Sep 2021 11:36:37 GMT
server
cloudflare
etag
W/"0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qak4JRuZiN01WmsjXXQ23NzSqVBCUwmAkFeAYBzStsTb1AwO6o0D3m6y6uB6BvV48FKPpsRX6IBs46heNobI1whKewacEyz5g0P%2FrDYQBcp4kEa7p4NJfTTaqQ1gkH%2Bs"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
68df8abe5b183b2b-CDG
expires
Fri, 02 Sep 2022 12:16:01 GMT
A.astra-addon-dynamic-css-home.css,qver=1631516396.pagespeed.cf.z4J_SelQX2.css
news-btc.info/wp-content/uploads/astra-addon/ Frame C28B 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-content/uploads/astra-addon/A.astra-addon-dynamic-css-home.css,qver=1631516396.pagespeed.cf.z4J_SelQX2.css
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d680885a5d08bb72ad1e88d007cfcd27ce0b79e3d917cbacaf6aa20b508aed0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
2913
age
483
cf-polished
origSize=2877
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Mon, 13 Sep 2021 06:59:56 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOFzXvBD%2B6jRNeESkfBvEC38yW85%2F%2F%2FZAU%2FBSZAo72r6JE6RrR9oNBAixEU8vFM3gITN07LU5ypjGVNvS1v6rSpsqjrHi84SwwYXxc5ZjSokHpziU9nSPc2EJJVG68hq"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
68df8abe5b1b3b2b-CDG
expires
Tue, 13 Sep 2022 06:59:56 GMT
jquery.min.js,qver=3.6.0.pagespeed.ce.At1dBK3UdZ.js
news-btc.info/wp-includes/js/jquery/ Frame C28B 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-includes/js/jquery/jquery.min.js,qver=3.6.0.pagespeed.ce.At1dBK3UdZ.js
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d910ce193acd5e673d7a94ce23371b223bb0eea8bcb4d1705bf7770ca15e38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
89521
age
931920
cf-polished
origSize=89521
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
cloudflare
etag
W/"0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPAZUUWqLs1USiqrAMVSU2%2Brje9F%2FhhibOrfb2BXh2FBpLLPumLBG904KFYQJodMSdCTiyaF9fIDJCMvn53wFj8N4AfJ%2FmAY76saUTepPSwwmoorQPU2g%2Bt3QewpMgjG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
68df8abe5b1e3b2b-CDG
expires
Fri, 02 Sep 2022 12:16:01 GMT
jquery-migrate.min.js,qver=3.3.2.pagespeed.ce.ebSVa37EeO.js
news-btc.info/wp-includes/js/jquery/ Frame C28B 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-includes/js/jquery/jquery-migrate.min.js,qver=3.3.2.pagespeed.ce.ebSVa37EeO.js
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7936229441aa3c84bbd8f9978b2c27e35e6c2da2f34b078d8546f1818eba7c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
11224
age
931920
cf-polished
origSize=11224
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
etag
W/"0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wchJIIXYnOPAEFhEu2%2BddQN7ZgmWDUkAswbI5hmH9%2BibS664o7QA8Ni6fE543sv2px6okU8pJVgO5OkFv0BvRtak6CpqwtiQgp%2BIVeAWOtnmQmMWGY3IIgaUl%2FaPaKhU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
68df8abe5b1f3b2b-CDG
expires
Fri, 02 Sep 2022 12:16:01 GMT
frontend.min.js
news-btc.info/wp-content/themes/astra/assets/js/minified/ Frame C28B 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.6.9
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f8b51d5d6b7b6bfb14c70557e860ebe136a025bc9f35683542f855441a0fa43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Sep 2021 11:31:14 GMT
server
cloudflare
age
380
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X490LIrWMVB8Fbc%2B32CkwUb60kuDP8uTEC4rde9BvBHjHlRep%2Bs5Zk6vaQK57%2FQaJKDcpTEePJh99Zq8E61uEf35cpb%2BVPil0f8k%2BnnE2OjAh6OwfzuWm2HIColGOu%2F8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68df8abe5b203b2b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
frontend-pro.min.js,qver=3.6.9.pagespeed.ce.95JAZjqXZl.js
news-btc.info/wp-content/themes/astra/assets/js/minified/ Frame C28B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-content/themes/astra/assets/js/minified/frontend-pro.min.js,qver=3.6.9.pagespeed.ce.95JAZjqXZl.js
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe57667b71762bb90bd4e679374aec63f7732f896e8109bb351084e07773253

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
3184
age
799256
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 02 Sep 2021 11:31:14 GMT
server
cloudflare
etag
W/"0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njyHqTZ9%2BhCP7Biiy7d1g%2FdTTmU5HvV2ht%2Fzz8JpxCrFbaluBVWRHJN2mTF91fstWu6g3vqVs8piFW8i35LJED4IM2sZtHs75AVtllq47vPuRGWRAUnVocIu8tu9X9Oz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
68df8abe5b213b2b-CDG
expires
Sun, 04 Sep 2022 01:07:05 GMT
wp-content,_uploads,_astra-addon,_astra-addon-6130b745dfe081-32359698.js,qver==3.5.8+wp-includes,_js,_wp-embed.min.js,qver==5.8.1.pagespeed.jc.O5n070MyTl.js
news-btc.info/ Frame C28B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-content,_uploads,_astra-addon,_astra-addon-6130b745dfe081-32359698.js,qver==3.5.8+wp-includes,_js,_wp-embed.min.js,qver==5.8.1.pagespeed.jc.O5n070MyTl.js
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697afb3838e114389244d448f188d9c3ecbcac43561af068e2b8d9e8ad05f621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
x-original-content-length
4405
age
329799
cf-polished
origSize=4613
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 09 Sep 2021 11:31:01 GMT
server
cloudflare
etag
W/"0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QylrnVSS74bU04s0%2BHNVEQ9tsxrDlbTuhApZAOeqntBtiL7KQh5EoLi2QxQ75pMIWLSogej9DeNVfcsmEVh3uK3H2B16dwxoQzAK1kMjLCtubHjRcD3vJ6Db7s4wUmmC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
68df8abe5b223b2b-CDG
expires
Fri, 09 Sep 2022 11:31:01 GMT
spot_11685.js
static.adlane.info/adlane/7782bed6f6045d59bcf33df59b72fcff/ Frame C28B 		188 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adlane.info/adlane/7782bed6f6045d59bcf33df59b72fcff/spot_11685.js
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9d84281739b46009a840a499d15b091b8a59fdb1c3fb653ff1c15c7125edaa74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:02 GMT
content-encoding
gzip
last-modified
Thu, 02 Sep 2021 12:37:32 GMT
server
nginx/1.18.0
etag
W/"6130c58c-2ef6f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 15 Sep 2021 07:08:02 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
js15_as.js
s10.histats.com/ Frame C28B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 06:59:41 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
164004589
wp-emoji-release.min.js
news-btc.info/wp-includes/js/ Frame C28B 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-btc.info/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.72.157 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
cloudflare
age
4487
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5EPaKLXYPuOidLW56rilZddMULn8eJ70j3ZMWg64LabhrnSwaFbKCOIrC0FFtxPvHO1nqPL5VcVqPXqydzl76l%2F2e%2FwKxL4af4k1qqiThOoMvsXMQqEAOwbE6P7oxnd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68df8ac0be823b2b-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
funcript1631516881668.php
adf.ly/ Frame FE4D 		0
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adf.ly/funcript1631516881668.php?pub=25557179&v=CM4u0INTTOEv1ULWjbEv1JOHSaBDTBYSWKZvhtc2mYklvdNETIMl3tLWjaMs2BICiLwMi1dEWVQIitOEjKIg1YNzTMUu3cMzTMc158LCCdJp2tIkjYolydLVCZJsjBaHycIB6BdSHKJ01YZDSewgiscDGNF204IWjaoXxBLyCOJwo4YCXMNxoAICjVoOiBOyDcV3m9YG2ZZullY2zVBomANCGMYu3UYzTLIhyxNGjbIp5pN3zbMN3JNiDOciyQZnTbAlxdOWTYVykVY2jcM1iJfyQe==
Requested by
Host: cdn.adf.ly
URL: https://cdn.adf.ly/js/display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.81.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.27
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.relationshipadvice.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.3.27
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
x-turbo-charged-by
LiteSpeed
cf-ray
68df8abe9c5dfad4-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
blogger_logo_round_35.png
www.blogger.com/img/ Frame FE4D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: www.relationshipadvice.info
URL: https://www.relationshipadvice.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.41 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s22-in-f9.1e100.net
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.relationshipadvice.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 11:52:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 10 Sep 2021 15:52:04 GMT
server
sffe
age
155703
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2531
x-xss-protection
0
expires
Sat, 18 Sep 2021 11:52:58 GMT
v2
de.tynt.com/deb/ 		4 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.185 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip185.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:01 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Tue, 14 Sep 2021 07:08:02 GMT
_csp
player.vimeo.com/ Frame 0B90 		0
0
remote.js
www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 9802 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
526ecaf8fbd157b776733e40cd4e3af19fb4185e081f72d27284026138cc30e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 17:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
307301
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29899
x-xss-protection
0
expires
Fri, 09 Sep 2022 17:46:20 GMT
yw_eCSGMjhPjDv0AeozivP1osuGalgpkOu_Nl1-Qc2c.js
www.google.com/js/th/ Frame 9802 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/yw_eCSGMjhPjDv0AeozivP1osuGalgpkOu_Nl1-Qc2c.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f4.1e100.net
Software
sffe /
Resource Hash
cb0fde09218c8e13e30efd007a8ce2bcfd68b2e19a960a643aefcd975f907367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 08:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
513552
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13377
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 13:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 08:28:50 GMT
embed.js
www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 9802 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
21bf415bff7452c3ca9d2fd6b7afa9156844757a7802193acfb5a6c0d2621a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 17:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
307302
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7358
x-xss-protection
0
expires
Fri, 09 Sep 2022 17:46:20 GMT
remote.js
www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 1617 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
526ecaf8fbd157b776733e40cd4e3af19fb4185e081f72d27284026138cc30e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/FIPg15MTHu0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 17:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
307302
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29899
x-xss-protection
0
expires
Fri, 09 Sep 2022 17:46:20 GMT
ln3bzIXSwcU7QJMNjzHo-Fsoul4bXO9Kxu970gD9WpU.js
www.google.com/js/th/ Frame 1617 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/ln3bzIXSwcU7QJMNjzHo-Fsoul4bXO9Kxu970gD9WpU.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f4.1e100.net
Software
sffe /
Resource Hash
967ddbcc85d2c1c53b40930d8f31e8f85b28ba5e1b5cef4ac6ef7bd200fd5a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 05:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
439237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13278
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:30:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 05:07:25 GMT
embed.js
www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/ Frame 1617 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
sffe /
Resource Hash
21bf415bff7452c3ca9d2fd6b7afa9156844757a7802193acfb5a6c0d2621a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/FIPg15MTHu0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 17:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 00:22:16 GMT
server
sffe
age
307302
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7358
x-xss-protection
0
expires
Fri, 09 Sep 2022 17:46:20 GMT
1773985
ad.a-ads.com/ Frame 1984 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1773985?size=728x90
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
793f74260ee2e569cd18a2d804a4683a35489aebc7c3a9eda3fbed602e7547dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://news-btc.info/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:02 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://news-btc.info/
Content-Encoding
gzip
/
t.dtscdn.com/widget/ 		0
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=6D00163151688187F2A01F0B9C019034&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:23 GMT
X-T
1.43
x-server
web4.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Mon, 13 Sep 2021 07:08:22 GMT
tpid=6D00163151688187F2A01F0B9C019034
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=6D00163151688187F2A01F0B9C019034
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D00163151688187F2A01F0B9C019034
49 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D00163151688187F2A01F0B9C019034
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.0.255
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:02 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=6D00163151688187F2A01F0B9C019034
cache-control
no-cache
x-server
10.45.20.234
content-length
0
expires
0
27675
tags.bluekai.com/site/ 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27675?id=6D00163151688187F2A01F0B9C019034&ret=html&phint=__bk_t%3DMediaCPM&phint=__bk_l%3Dhttps%3A%2F%2Fmediacpm.pl%2Fv.php%3Fuser%3D13428&r=54798896
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.246.100.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-100-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:02 GMT
X-N
S
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
3629
Content-Type
image/gif
33141
tags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D00163151688187F2A01F0B9C019034
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=3c2eb7e6-90ac-4b36-9cfe-bf980179142d&icm
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=50c6af68fb6a4536
62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/33141?&id=50c6af68fb6a4536
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.246.100.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-100-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:03 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=50c6af68fb6a4536
content-length
0
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631516881407&dn=AFWU&iso=0&t=MediaCPM
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:02 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
s.adlane.info/ Frame C28B 		97 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?content_page_url=https%3A%2F%2Fnews-btc.info%2F&width=320&height=50&cb=1631516882081&aid=666204
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://news-btc.info
Date
Mon, 13 Sep 2021 07:08:03 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
/
s.adlane.info/ Frame C28B 		97 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?content_page_url=https%3A%2F%2Fnews-btc.info%2F&width=320&height=100&cb=1631516882081&aid=666206
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://news-btc.info
Date
Mon, 13 Sep 2021 07:08:03 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
/
s.adlane.info/ Frame C28B 		97 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?content_page_url=https%3A%2F%2Fnews-btc.info%2F&width=200&height=200&cb=1631516882081&aid=666195
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://news-btc.info
Date
Mon, 13 Sep 2021 07:08:03 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
/
s.adlane.info/ Frame C28B 		97 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?content_page_url=https%3A%2F%2Fnews-btc.info%2F&width=250&height=250&cb=1631516882082&aid=666200
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://news-btc.info
Date
Mon, 13 Sep 2021 07:08:02 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
/
s.adlane.info/ Frame C28B 		97 B
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adlane.info/?content_page_url=https%3A%2F%2Fnews-btc.info%2F&width=300&height=250&cb=1631516882082&aid=666202
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.50 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://news-btc.info
Date
Mon, 13 Sep 2021 07:08:03 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
97
Content-Type
application/javascript; charset=UTF-8
ckkgwe5gh0001mtw3vah9bh0s
sx1.josulaph.cyou/ Frame 62C9 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sx1.josulaph.cyou/ckkgwe5gh0001mtw3vah9bh0s
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.100.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
932e0727ba57162cc6a3a2538c10696ef9b70b6948ef8d05d0ccf593bba5ffd9

Request headers

:method
GET
:authority
sx1.josulaph.cyou
:scheme
https
:path
/ckkgwe5gh0001mtw3vah9bh0s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:02 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36AtRXnxqJqBFTvnRk13kzunW35lpsBKo6YOP1qDo5ve70G8C20Ppy0bsNDvABPMmtf%2BOE1A%2Bq%2Fv0D9mbbPZIhBFQ67psY0hM77f%2FDVxynZM4b1lHgjcsJ7I2pFtGhnzxkoWcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ac209eb401f-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cuhdl
cngcpy.com/ Frame 217A 		0
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cngcpy.com/cuhdl?wh=DKOtcjBADSc_IqSwmLmXOHa4
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.85.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
cngcpy.com
:scheme
https
:path
/cuhdl?wh=DKOtcjBADSc_IqSwmLmXOHa4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

date
Mon, 13 Sep 2021 07:08:02 GMT
content-length
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgrJdUqehcSzGoaVE4NT8xnYcT0JB3RsjG4cPuHW9HO50ZwA8ST3JxUjhA4PFaIM1YPNJ6sju%2BQZcXjFCoRp1XvvHmKutYzp5duQU1hyIMJV6kztJAsZOlBBw21k"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68df8ac20f3e4001-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9802 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Mon, 13 Sep 2021 07:08:02 GMT
/
666192.xmlfeed.feed-xml.com/ Frame C28B 		0
251 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://666192.xmlfeed.feed-xml.com/?lang=en-US&domain=news-btc.info
Requested by
Host: static.adlane.info
URL: https://static.adlane.info/adlane/7782bed6f6045d59bcf33df59b72fcff/spot_11685.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.119.9.82 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://news-btc.info
Date
Mon, 13 Sep 2021 07:08:02 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Type
application/json; charset=UTF-8
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1617 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:02 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Mon, 13 Sep 2021 07:08:02 GMT
728x90
static.a-ads.com/a-ads-banners/104028/ Frame 1984 		674 KB
675 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/104028/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1773985?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:02 GMT
Last-Modified
Sun, 29 Dec 2019 17:09:03 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
AV9B4G079K4A0XMK
ETag
"74ffa6390dd104c5c534c4f2f266f4d3"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
690629
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
3TC98TKnrka7oOabxFNTsHEKH4LZcc9h
x-amz-id-2
vcZuwvgpp+8WDnLnwXAwsQeBPkHeCl+4IvRpTTTfC0r9dYwawv0oyjNbcz6qbMFxCpM5HGS+KRY=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
0.php
s4.histats.com/stats/ Frame C28B 		381 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4581947&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBITCOIN%20NEWS%20-%20Make%20Money%20-%20Bitcoin%2C%20Trading%20Coins%2C%20Make%20Money%20Online.&@n0&@ohttps%3A%2F%2Fnews-btc.info%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-155210344&@b3:1631516883&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnews-btc.info%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.28 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns523448.ip-192-99-8.net
Software
/
Resource Hash
d7c31539215ccbd19344b1dbb96d913a6865122160471cd2dabf3fccb275fbb3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:03 GMT
Connection
close
Content-Length
381
Content-Type
text/html;charset=UTF-8
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
833 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-18.lhr61.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:47:02 GMT
content-encoding
gzip
server
restify
age
8460
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://mediacpm.pl
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
-nebmYn_C9L8z3RoA1TemtDwD76OTB3frhxtJUP5u5ahmE0LVTZ6PQ==
via
1.1 750c4cd5855cda8293959637bece163c.cloudfront.net (CloudFront)
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631516881407&dn=AFWU&iso=0&t=MediaCPM
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:02 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
generate_204
www.youtube-nocookie.com/ Frame 9802 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube-nocookie.com/generate_204?zLMGMQ
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/92/ Frame 9802 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/92/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15330
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 15:08:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 13 Sep 2021 17:11:17 GMT
generate_204
www.youtube-nocookie.com/ Frame 1617 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube-nocookie.com/generate_204?phw8ZA
Requested by
Host: aimarketing.mediacpm.pl
URL: https://aimarketing.mediacpm.pl/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/FIPg15MTHu0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
jquery-3.6.0.min.js
code.jquery.com/ Frame 62C9 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: sx1.josulaph.cyou
URL: https://sx1.josulaph.cyou/ckkgwe5gh0001mtw3vah9bh0s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://sx1.josulaph.cyou/
Origin
https://sx1.josulaph.cyou
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
gzip
last-modified
Tue, 02 Mar 2021 17:27:20 GMT
server
nginx
etag
W/"603e7578-15d9d"
vary
Accept-Encoding
x-hw
1631516883.dop128.am5.t,1631516883.cds266.am5.hn,1631516883.cds007.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
cast_sender.js
www.gstatic.com/eureka/clank/92/ Frame 1617 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/92/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.195 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s04-in-f3.1e100.net
Software
sffe /
Resource Hash
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15330
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 15:08:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Mon, 13 Sep 2021 17:11:17 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631516881407&dn=AFWU&iso=0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
fp.min.js
cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/ Frame 62C9 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fingerprintjs/fingerprintjs@3/dist/fp.min.js
Requested by
Host: sx1.josulaph.cyou
URL: https://sx1.josulaph.cyou/ckkgwe5gh0001mtw3vah9bh0s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.229 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sx1.josulaph.cyou/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
13263
x-jsd-version
3.3.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
12950
etag
W/"7bda-6e3Kg5ngt2AnGXK7N79XP7Iku90"
x-served-by
cache-fra19130-FRA, cache-hhn4058-HHN
x-jsd-version-type
version
date
Mon, 13 Sep 2021 07:08:03 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
check4.php
sx1.josulaph.cyou/ Frame 62C9 		1 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sx1.josulaph.cyou/check4.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.100.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept
*/*
Referer
https://sx1.josulaph.cyou/ckkgwe5gh0001mtw3vah9bh0s
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTdSF%2FebtuUr1SYklBWzOeH1j75uZaGpq7ipiiNCXsyq0jsZHbmx1gIkwHOIF6gXyuI%2FyuophiSOBX7aW3eId7Hy%2Bqo8%2BDEkQjhlsqVgVIk8ttr2zPM%2F0jZe4a9k2s%2BGDzWeuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
68df8aca18693bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
e.dtscout.com/e/ Frame C28B 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnews-btc.info%2F&j=https%3A%2F%2Fnews-btc.info%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4581947&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mBITCOIN%20NEWS%20-%20Make%20Money%20-%20Bitcoin%2C%20Trading%20Coins%2C%20Make%20Money%20Online.&@n0&@ohttps%3A%2F%2Fnews-btc.info%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-155210344&@b3:1631516883&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnews-btc.info%2F&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.226 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip226.ip-158-69-139.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
aec654e35e955d62a4f0e92ae99b698d84d299d17179caf0d7bd46be4c609b3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:03 GMT
X-T
0.654
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl1
Expires
Mon, 13 Sep 2021 07:08:02 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631516881407&dn=AFWU&iso=0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631516881407&dn=AFWU&iso=0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame 9802 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/MdhY3J_GNW4
X-YouTube-Client-Version
1.20210908.1.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtvUGFjS2tWdEVqWSjQ8fuJBg%3D%3D
X-YouTube-Ad-Signals
dt=1631516881479&flash=0&frm=2&u_tz&u_his=3&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 13 Sep 2021 07:08:03 GMT
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame 1617 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/1cc7c82c/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/FIPg15MTHu0
X-YouTube-Client-Version
1.20210908.1.0
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgs2X09sNUZLRnJNQSjQ8fuJBg%3D%3D
X-YouTube-Ad-Signals
dt=1631516881477&flash=0&frm=2&u_tz&u_his=3&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 13 Sep 2021 07:08:03 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631516881407&dn=AFWU&iso=0
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/v.php?user=13428
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ Frame C28B 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnews-btc.info%2F&j=https%3A%2F%2Fnews-btc.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-102.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 08:42:50 GMT
content-encoding
gzip
etag
W/"f321a7442b8087eba0d1817aa7dbb5f7"
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
age
80714
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 591fc133cda27edbedf7edb3f0231464.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
8grPdP1GNwWaItmZ7r00fGvjDcOiu3JKdHvoH6-REpFdVC6dkSfpLA==
match
ps.eyeota.net/ Frame C28B
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=6D00163151688187F2A01F0B9C019034
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=aa5e9c3bf1100233
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=aa5e9c3bf1100233
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkFVbWZVdEFUZVJla3VDU09NVGx4X0xBRHdIMWJHZThzcXh1SFhHQjBoMGc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEOJUjZFrT7N5Ng56oWcNxGo&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEOJUjZFrT7N5Ng56oWcNxGo&google_cver=1
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:04 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEOJUjZFrT7N5Ng56oWcNxGo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.dtscdn.com/widget/ Frame C28B 		0
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=6D00163151688187F2A01F0B9C019034&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fnews-btc.info%2F&r=https%3A%2F%2Fnews-btc.info%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnews-btc.info%2F&j=https%3A%2F%2Fnews-btc.info%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:07:07 GMT
X-T
1.14
x-server
web3.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Mon, 13 Sep 2021 07:07:06 GMT
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame C28B 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnews-btc.info%2F&j=https%3A%2F%2Fnews-btc.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-52.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
45325
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 d1a8cc0bb52400f43698b4c3cd691acd.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sun, 12 Sep 2021 18:32:39 GMT
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
ce9vuqLHYy-xOPmPfYgWnvBPYdY10oOSaFiPzHjt1dpM-5d_ZoSnMA==
dtscout
pd.sharethis.com/pd/ Frame C28B 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnews-btc.info%2F&j=https%3A%2F%2Fnews-btc.info%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.25.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-25-53.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 13 Sep 2021 07:08:03 GMT
/
t.dtscout.com/pv/ Frame C28B 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=news-btc.info&_ss=2bjki9lf8g&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=61ae&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnews-btc.info%2F&j=https%3A%2F%2Fnews-btc.info%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.161.15.93 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns570927.ip-51-161-15.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fde48cf135998859ebee11df2185c746ab3fe43e9e2c5e18e450f2dac358874f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:04 GMT
X-T
0.191
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Mon, 13 Sep 2021 07:08:03 GMT
27675
tags.bluekai.com/site/ Frame C28B 		62 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27675?id=6D00163151688187F2A01F0B9C019034&ret=html&phint=__bk_t%3DBITCOIN%20NEWS%20-%20Make%20Money%20-%20Bitcoin%2C%20Trading%20Coins%2C%20Make%20Money%20Online.&phint=__bk_l%3Dhttps%3A%2F%2Fnews-btc.info%2F&r=83000549
Requested by
Host: news-btc.info
URL: https://news-btc.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.246.100.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-100-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:04 GMT
X-N
S
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
4eb4
Content-Type
image/gif
/
onetag-geo.s-onetag.com/ Frame C28B 		555 B
960 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-25.lhr61.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:03 GMT
via
1.1 716fd417a527ecd4f9d6cef2c9258583.cloudfront.net (CloudFront), 1.1 024e0eb7c8dbc0f1008d8bc14f1acebf.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C1, LHR61-C1
x-amzn-requestid
7b7c37c0-352b-425c-93d6-7c2a00cfb041
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
FlvRJEzfCYcF77A=
content-length
555
x-amz-cf-id
0Lcnc2kBGlef1nPgCOPjCGbVAP5WsL5eHRJLP79QZLthlNlQg4PzBA==
69147001
mc.yandex.com/webvisor/ Frame F4DD 		43 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/69147001?wmode=0&wv-part=1&wv-hit=54821127&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&rn=418083220&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631516884%3Aw%3A0x0%3Av%3A631%3Az%3A0%3Ai%3A20210913070803%3Au%3A163151688117833305%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631516884
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bitcoin-ad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:03 GMT
last-modified
Mon, 13-Sep-2021 07:08:03 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.bitcoin-ad.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Sep-2021 07:08:03 GMT
69147001
mc.yandex.com/webvisor/ Frame F4DD 		43 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/69147001?wmode=0&wv-part=1&wv-hit=54821127&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&rn=1052434018&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1631516884%3Aw%3A0x0%3Av%3A631%3Az%3A0%3Ai%3A20210913070803%3Au%3A163151688117833305%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631516884
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bitcoin-ad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:03 GMT
last-modified
Mon, 13-Sep-2021 07:08:03 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.bitcoin-ad.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Sep-2021 07:08:03 GMT
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ Frame C28B 		1 KB
836 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-18.lhr61.r.cloudfront.net
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 13:33:42 GMT
content-encoding
gzip
server
restify
age
63262
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://news-btc.info
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
d_2xiCbHWOY0bdxBptDvm7KWCKfQu5gTkMToiY1SlSFQX6VISGU2cQ==
via
1.1 750c4cd5855cda8293959637bece163c.cloudfront.net (CloudFront)
index.php
display.jalewaads.com/display/ Frame 51A1 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/items.php?135&87&300&250&4&0&0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
7dd9ffdbb2c792348e6bdad92b509ed85a88b07f89e97632cce148b7b1e78083
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
display.jalewaads.com
:scheme
https
:path
/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

x-powered-by
PHP/7.4.11
content-type
text/html; charset=UTF-8
content-length
2720
content-encoding
br
vary
Accept-Encoding
date
Mon, 13 Sep 2021 07:08:04 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
index.php
display.jalewaads.com/display/ Frame CF03 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/items.php?123&87&728&90&4&0&0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
221679fa13b2aa0610233ec6bdb134312d0cc7b6ed452d861a758da831c915e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
display.jalewaads.com
:scheme
https
:path
/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

x-powered-by
PHP/7.4.11
content-type
text/html; charset=UTF-8
content-length
2714
content-encoding
br
vary
Accept-Encoding
date
Mon, 13 Sep 2021 07:08:04 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
ajax_marked.php
sx1.josulaph.cyou/ Frame 62C9 		114 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sx1.josulaph.cyou/ajax_marked.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.100.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e2634227c5906eeb2407f03baca83b584545a730421f902e914da937f6b6aef

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://sx1.josulaph.cyou/ckkgwe5gh0001mtw3vah9bh0s
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 13 Sep 2021 07:08:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhTKRUSnaNX7Nl4WAk8NGhGuQhXvqTL6wn2Pk%2BcZcra7NLVXT%2F%2BJnrJOBGFj92uPdzpwy4G0BbWrR%2FLO1jNZHzqWJP2JrikNcJ1CxFYGtduPM6nQ%2BXhr0Ex8QgviX1BQTWfKRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
68df8ad0fdad3bda-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
next.php
www.greatdexchange.com/jump/ Frame 62C9 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.greatdexchange.com/jump/next.php?r=4132027&sub1=ckkgwe5gh0001mtw3vah9bh0s
Requested by
Host: sx1.josulaph.cyou
URL: https://sx1.josulaph.cyou/ckkgwe5gh0001mtw3vah9bh0s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.103.0 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
0.103.201.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
3442ae37457e81e92f7a992de4faed603d2befc415bd19f2d78c964469f81930

Request headers

:method
GET
:authority
www.greatdexchange.com
:scheme
https
:path
/jump/next.php?r=4132027&sub1=ckkgwe5gh0001mtw3vah9bh0s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sx1.josulaph.cyou/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sx1.josulaph.cyou/

Response headers

server
openresty
date
Mon, 13 Sep 2021 07:08:04 GMT
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-encoding
gzip
via
1.1 google
alt-svc
clear
index.php
display.jalewaads.com/display/ Frame 200D 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/items.php?123&87&728&90&4&0&0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
221679fa13b2aa0610233ec6bdb134312d0cc7b6ed452d861a758da831c915e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
display.jalewaads.com
:scheme
https
:path
/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

x-powered-by
PHP/7.4.11
content-type
text/html; charset=UTF-8
content-length
2714
content-encoding
br
vary
Accept-Encoding
date
Mon, 13 Sep 2021 07:08:04 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
index.php
display.jalewaads.com/display/ Frame 7092 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/items.php?135&87&300&250&4&0&0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
7dd9ffdbb2c792348e6bdad92b509ed85a88b07f89e97632cce148b7b1e78083
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
display.jalewaads.com
:scheme
https
:path
/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

x-powered-by
PHP/7.4.11
content-type
text/html; charset=UTF-8
content-length
2720
content-encoding
br
vary
Accept-Encoding
date
Mon, 13 Sep 2021 07:08:04 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ Frame C28B 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-102.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://news-btc.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Sep 2021 17:13:40 GMT
content-encoding
gzip
age
50065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 7176d7cdb1755c0cca0750416f1054ad.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
TGDuxZrEL6x9l5v2Srm6b1klG-Nd15oUA2xjbp5t7vEb17d1F4uccQ==
data
bcp.crwdcntrl.net/6/ Frame C28B 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
161351615ac31efe9ba038b2aa64c07faa624f70ae641477fa6622083f8ca0f1

Request headers

Referer
https://news-btc.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:04 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://news-btc.info
cache-control
no-cache
x-server
10.45.14.92
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
306
expires
0
index.php
display.jalewaads.com/display/ Frame F6C6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/items.php?123&87&728&90&4&0&0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
221679fa13b2aa0610233ec6bdb134312d0cc7b6ed452d861a758da831c915e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
display.jalewaads.com
:scheme
https
:path
/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

x-powered-by
PHP/7.4.11
content-type
text/html; charset=UTF-8
content-length
2714
content-encoding
br
vary
Accept-Encoding
date
Mon, 13 Sep 2021 07:08:04 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
index.php
display.jalewaads.com/display/ Frame 4863 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/items.php?135&87&300&250&4&0&0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.11
Resource Hash
7dd9ffdbb2c792348e6bdad92b509ed85a88b07f89e97632cce148b7b1e78083
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
display.jalewaads.com
:scheme
https
:path
/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

x-powered-by
PHP/7.4.11
content-type
text/html; charset=UTF-8
content-length
2720
content-encoding
br
vary
Accept-Encoding
date
Mon, 13 Sep 2021 07:08:04 GMT
server
LiteSpeed
content-security-policy
upgrade-insecure-requests
a
a.dtssrv.com/ Frame C28B 		0
569 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/a?i=6D00163151688187F2A01F0B9C019034&k=lotpano&v=38d7fa0f2d651bf5341cf9bb7a2d16d53938ec3cb8485056bed713f2a109ad63
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fnews-btc.info%2F&j=https%3A%2F%2Fnews-btc.info%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.78.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://news-btc.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhgUp7cAjBg9IQEdfVXAuh8xKIPIdcpC23MsMVjUWyPpr7jo3hBd4j1INNhpzx66Ax0rtU7Mp%2BAM7cUyOg%2F3kjHh87%2BzSp1ZYp3oEp%2B4Lsy%2BfyDvWKf39Y3KQREjTm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
68df8ad2bbcdee0f-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame A6B1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.116.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-116-102.lhr61.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method
GET
:authority
tags.crwdcntrl.net
:scheme
https
:path
/lt/shared/2/lt.iframe.html?c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://news-btc.info/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=6a76e1abf733ace646cf2f123e3811aa; _cc_cc="ACZ4XmNQMEs0N0s1TExKMzc2TkxONTMxS04zSjM0Mk41tjA0TExkAIJEux9X%2Fv3%2F%2F58fxAEDvp57i3UYP8oy%2FGdkZNjw5JwojH180xQWGPvjZ0sY89niOXDh5X8K4aqPHmKGsXfvuywAY39ouA9nH0bSOv2EOkzJuyUIE9dseMoNE%2B%2BcfFILxgYAt5lK2A%3D%3D"; _cc_aud="ABR4XmNgYGBItPtxBUhBADMDA9cMMHNRK4hkfFgPJAFvhAWZ"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://news-btc.info/

Response headers

content-type
text/html
date
Sun, 12 Sep 2021 12:30:29 GMT
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
x-amz-server-side-encryption
AES256
cache-control
max-age: 86400
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 591fc133cda27edbedf7edb3f0231464.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR61-C1
x-amz-cf-id
3Ac8Vm3PZhwUBQwCc1eqo2NlF0PCx84KjflFKnm1lJwk09Ju7_xqSw==
age
67056
jquery.min.js
display.jalewaads.com/display/js/ Frame 4863 		243 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/js/jquery.min.js
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 01:21:33 GMT
server
LiteSpeed
etag
"3cd47-613ea79d-608d329e34cf3a3c;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
70853
expires
Mon, 20 Sep 2021 07:08:05 GMT
data.png
dashboard.jalewaads.com/images/ Frame 4863 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/images/data.png
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
931
last-modified
Tue, 08 Jun 2021 10:05:38 GMT
server
cloudflare
etag
"60bf40f2-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7h71PLG83Xo2mzb4Dz2f8ghONw%2BK%2Fvh6zQNJMsMEV2sOZumJCaffDLOgsMd7X1lgdlLBLPzPPbFsU2G53XJcBQKECeXytoO%2BPr2C36yGB9YbayD2rpkjFlkJ%2FEBQv2J3KOLRqCuT62rn9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad46bb33a9f-CDG
expires
Fri, 17 Sep 2021 21:12:13 GMT
10-icon-1624059581.jpg
dashboard.jalewaads.com/upload/credit/ Frame 4863 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/upload/credit/10-icon-1624059581.jpg
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46528896adb21ccf3fb71d5105426db63aead7f3e3a7731e6a284a74a02e8be4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195751
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11743
last-modified
Fri, 18 Jun 2021 23:39:41 GMT
server
cloudflare
etag
"60cd2ebd-2ddf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWuKCYmTgi%2FC7B44SrsyZBZPjdy17WKU3SYGM8EYkpS%2F4fJxP7TVG6g7%2BfaQG06CO2cyFQqvBYyIj7Q%2Bst4E4tXRG%2BQsfe%2Fkz%2Fta9OwCqKb2Qi4souB8zoqZrok8MAmAh%2B6woeh2G%2BVKEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad4dfd0ee1f-CDG
expires
Fri, 17 Sep 2021 21:12:14 GMT
jquery.min.js
display.jalewaads.com/display/js/ Frame 51A1 		243 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/js/jquery.min.js
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 01:21:33 GMT
server
LiteSpeed
etag
"3cd47-613ea79d-608d329e34cf3a3c;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
70853
expires
Mon, 20 Sep 2021 07:08:05 GMT
data.png
dashboard.jalewaads.com/images/ Frame 51A1 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/images/data.png
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
931
last-modified
Tue, 08 Jun 2021 10:05:38 GMT
server
cloudflare
etag
"60bf40f2-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyJtFRyV%2FGMdV09p0zUtBRtsmk0zqRL981NloZDyLR8QpJurs8GFUPykS7NItULiGYAcTbLBGrGHavJrmgUVl3xhUxwuv2j5t8fMABfMJqeL9PdzZV59ItELV6BVJd%2F5joem2ZcRzmV12A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad46bb43a9f-CDG
expires
Fri, 17 Sep 2021 21:12:13 GMT
10-icon-1624059581.jpg
dashboard.jalewaads.com/upload/credit/ Frame 51A1 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/upload/credit/10-icon-1624059581.jpg
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46528896adb21ccf3fb71d5105426db63aead7f3e3a7731e6a284a74a02e8be4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195751
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11743
last-modified
Fri, 18 Jun 2021 23:39:41 GMT
server
cloudflare
etag
"60cd2ebd-2ddf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxAeIWG0%2BlK7jvXbQl2vjJGGxhciotEAXBE6tV%2Brb1rrql6GSPgnScc1tvc63NUh0JjuL4eO4RyXSdh2BXAxHcE5CDJcx3UKCnQQixYqQPRcExcaiNBTe%2FNG83p6iPLhykxL9OYXxH%2BOfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad4dfcaee1f-CDG
expires
Fri, 17 Sep 2021 21:12:14 GMT
jquery.min.js
display.jalewaads.com/display/js/ Frame CF03 		243 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/js/jquery.min.js
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 01:21:33 GMT
server
LiteSpeed
etag
"3cd47-613ea79d-608d329e34cf3a3c;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
70853
expires
Mon, 20 Sep 2021 07:08:05 GMT
data.png
dashboard.jalewaads.com/images/ Frame CF03 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/images/data.png
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
931
last-modified
Tue, 08 Jun 2021 10:05:38 GMT
server
cloudflare
etag
"60bf40f2-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyC4gAN7LREjsVC8pn3uL6UiQfW0YrBncL00%2BEriqboiHReLcfwbgf7zJortw9N712ZjR9bsIfDnk%2BIknmW0J8aDrjm7kQyPX3IznNUawY2g1Oo%2BkYyzWqZgvFY8iMXAHpWLF8jWB244Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad46bb53a9f-CDG
expires
Fri, 17 Sep 2021 21:12:13 GMT
10-icon-1624059581.jpg
dashboard.jalewaads.com/upload/credit/ Frame CF03 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/upload/credit/10-icon-1624059581.jpg
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46528896adb21ccf3fb71d5105426db63aead7f3e3a7731e6a284a74a02e8be4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195751
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11743
last-modified
Fri, 18 Jun 2021 23:39:41 GMT
server
cloudflare
etag
"60cd2ebd-2ddf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2Fjri%2Ba4ItBV%2BYsKRejlDgxpTyXzbMaPxTJ11KPbiemcPm6om0arzBsqTfiTBhs8kQJgDjSBLjCz60pbkplBQ79G9bNyJYvpJkHMOXj0sDoY1iatKSOY0DebioQes2MkcTr5NubvopwZKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad4dfceee1f-CDG
expires
Fri, 17 Sep 2021 21:12:14 GMT
jquery.min.js
display.jalewaads.com/display/js/ Frame F6C6 		243 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/js/jquery.min.js
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 01:21:33 GMT
server
LiteSpeed
etag
"3cd47-613ea79d-608d329e34cf3a3c;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
70853
expires
Mon, 20 Sep 2021 07:08:05 GMT
data.png
dashboard.jalewaads.com/images/ Frame F6C6 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/images/data.png
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
931
last-modified
Tue, 08 Jun 2021 10:05:38 GMT
server
cloudflare
etag
"60bf40f2-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pqh%2BtghUCYSdWfC0nKCei5LJhJb0D%2F3%2FNyVV3wup2W1mvFBQragavuxcqbtBg%2FcO9J7ec0mm6ahXM2l1yorbQXTSbPqVK9QW6mFW5WhAMLOO7O7lLkEoznHqFQQRai3UqzKv1YUn0D3rPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad46bb73a9f-CDG
expires
Fri, 17 Sep 2021 21:12:13 GMT
10-icon-1624059581.jpg
dashboard.jalewaads.com/upload/credit/ Frame F6C6 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/upload/credit/10-icon-1624059581.jpg
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46528896adb21ccf3fb71d5105426db63aead7f3e3a7731e6a284a74a02e8be4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195751
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11743
last-modified
Fri, 18 Jun 2021 23:39:41 GMT
server
cloudflare
etag
"60cd2ebd-2ddf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTQVEdDOhwz6ZCJnNEjbXBqggHV9VctnH19HFuhTTB0R9y9jq7nMPGK1mzMG%2FeU1q0iNsWVJ8u4TQ9DbPXHh9Ut5r0PlBlFQZjJjY9yG%2FsNSzPYstILGfqA%2FrYSMa4knyOeh4MJZYvBhFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad4dfd4ee1f-CDG
expires
Fri, 17 Sep 2021 21:12:14 GMT
jquery.min.js
display.jalewaads.com/display/js/ Frame 7092 		243 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/js/jquery.min.js
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 01:21:33 GMT
server
LiteSpeed
etag
"3cd47-613ea79d-608d329e34cf3a3c;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
70853
expires
Mon, 20 Sep 2021 07:08:05 GMT
data.png
dashboard.jalewaads.com/images/ Frame 7092 		931 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/images/data.png
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
931
last-modified
Tue, 08 Jun 2021 10:05:38 GMT
server
cloudflare
etag
"60bf40f2-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jIb91Y0zedu%2B%2Fz1OageJz19r7st7B4BjvsnyijcaERpe3mFRxGR6USkA71MSVlSl2UmVNrQDGG6TK47yFFdMD5JyynmadJ21JvARcBWOBs8n1ROdzP2HF%2BUbM0h6NeBg50582fwC0KfFJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad46bb83a9f-CDG
expires
Fri, 17 Sep 2021 21:12:13 GMT
10-icon-1624059581.jpg
dashboard.jalewaads.com/upload/credit/ Frame 7092 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/upload/credit/10-icon-1624059581.jpg
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46528896adb21ccf3fb71d5105426db63aead7f3e3a7731e6a284a74a02e8be4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195751
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11743
last-modified
Fri, 18 Jun 2021 23:39:41 GMT
server
cloudflare
etag
"60cd2ebd-2ddf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLpA%2Fjtp3jy8VuhUSk6g%2FoucuuBmUTZzxJbts8NEdt%2BnMN6ZkOT1ShkiAd9LA3p1dtTcYZu84hI6Chv9H8xBic3mEYChy%2F7R3FotzpGbgJfkiQqG6Usbk%2BG478fEFl051PHHks0zHyDcnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad4dfc7ee1f-CDG
expires
Fri, 17 Sep 2021 21:12:14 GMT
jquery.min.js
display.jalewaads.com/display/js/ Frame 200D 		243 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://display.jalewaads.com/display/js/jquery.min.js
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.15.27.99 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
content-encoding
br
last-modified
Mon, 13 Sep 2021 01:21:33 GMT
server
LiteSpeed
etag
"3cd47-613ea79d-608d329e34cf3a3c;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
70853
expires
Mon, 20 Sep 2021 07:08:05 GMT
data.png
dashboard.jalewaads.com/images/ Frame 200D 		931 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/images/data.png
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
931
last-modified
Tue, 08 Jun 2021 10:05:38 GMT
server
cloudflare
etag
"60bf40f2-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gJIbVYUpQfL3p7fM9z0W5leN0Rcw7d%2BBS5ZqALzVS%2BWQphnQe9l8hJpEdhRqmv%2BQBSCGjTuHOWj5LP0h9FkFj%2FXWFkIdEGKqqFUnY7qkyqmqm37CxF6Qr0s4nKCIlu%2B9dnVKqrOWHRSLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad46bb93a9f-CDG
expires
Fri, 17 Sep 2021 21:12:13 GMT
10-icon-1624059581.jpg
dashboard.jalewaads.com/upload/credit/ Frame 200D 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dashboard.jalewaads.com/upload/credit/10-icon-1624059581.jpg
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.16.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46528896adb21ccf3fb71d5105426db63aead7f3e3a7731e6a284a74a02e8be4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2195751
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11743
last-modified
Fri, 18 Jun 2021 23:39:41 GMT
server
cloudflare
etag
"60cd2ebd-2ddf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QT98d8sBxpr7%2B6h342wSxa8h8TMm1NwPQ4bRGkgOIgNBMxaIgf8V5Cb2EwBNmqblAp4dLI%2FIFpb39uqDKbtLhZJDrARYIuxwbI444bqy7Cnw7x%2FMYV1vQCBDm7RS4UQUio4YyQhyxN6sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68df8ad4dfbfee1f-CDG
expires
Fri, 17 Sep 2021 21:12:14 GMT
pixels
bcp.crwdcntrl.net/ Frame CFA5 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
5e87d2b62ad984e7dc4a572378f053a8be0b98e71d54932532e07c40cf68a289

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tags.crwdcntrl.net/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=6a76e1abf733ace646cf2f123e3811aa; _cc_cc="ACZ4XmNQMEs0N0s1TExKMzc2TkxONTMxS04zSjM0Mk41tjA0TExkAIJEux9X%2Fv3%2F%2F58fxAEDvp57i3UYP8oy%2FGdkZNjw5JwojH180xQWGPvjZ0sY89niOXDh5X8K4aqPHmKGsXfvuywAY39ouA9nH0bSOv2EOkzJuyUIE9dseMoNE%2B%2BcfFILxgYAt5lK2A%3D%3D"; _cc_aud="ABR4XmNgYGBItPtxBUhBADMDA9cMMHNRK4hkfFgPJAFvhAWZ"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
content-type
text/html
content-length
3878
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.29.172
server
Jetty(9.4.38.v20210224)
1772515
ad.a-ads.com/ Frame 48CE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1772515?size=300x250
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
5003785298ca24466e12d6f3056d3f163ebcb104d6a3245f5e9ea7216377d8a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://display.jalewaads.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:05 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://display.jalewaads.com/
Content-Encoding
gzip
1772515
ad.a-ads.com/ Frame E2B0 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1772515?size=300x250
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
80ad0cb0bed455b29d573fef2b07a04814e1129a379141f7b970efdcd4eb9059
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://display.jalewaads.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:05 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://display.jalewaads.com/
Content-Encoding
gzip
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame CFA5 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D240%2Ftp%3DPUBM%2Ftpid%3D%23PM_USER_ID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame CFA5
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=6a76e1abf733ace646cf2f123e3811aa&gdpr=1
  • https://id5-sync.com/c/19/19/9/1.gif?puid=6a76e1abf733ace646cf2f123e3811aa&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=6075caa8183debe7f0324e21e2346e1d&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMO1XlVvtPBhlVwUyMjnNmSg2nZb-HSnCCP2rG93Q/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/7/3.gif?puid=3111422955303986384&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1XlVvtPBhlVwUyMjnNmSg2n...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NmE3NmUxYWJmNzMzYWNlNjQ2Y2YyZjEyM2UzODExYWE&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1XlVvtPBhlVwUyMjnNmSg2nZb-HSnCCP2rG93Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NmE3NmUxYWJmNzMzYWNlNjQ2Y2YyZjEyM2UzODExYWE&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1XlVvtPBhlVwUyMjnNmSg2nZb-HSnCCP2rG93Q
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:06 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NmE3NmUxYWJmNzMzYWNlNjQ2Y2YyZjEyM2UzODExYWE&google_redir={xENCODEDURL}&id5id=ID5-ZHMO1XlVvtPBhlVwUyMjnNmSg2nZb-HSnCCP2rG93Q
cache-control
no-cache
x-server
10.45.0.201
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame CFA5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=51467b15-d6d8-42c1-914a-b43759cecbae
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame CFA5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=6a76e1abf733ace646cf2f123e3811aa&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=6a76e1abf733ace646cf2f123e3811aa&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=51467b15-d6d8-42c1-914a-b43759cecbae
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=51467b15-d6d8-42c1-914a-b43759cecbae
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.108
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=51467b15-d6d8-42c1-914a-b43759cecbae
date
Mon, 13 Sep 2021 07:08:05 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame CFA5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.91.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
tpid=41255208547110937242980651892122625978
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame CFA5
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=6a76e1abf733ace646cf2f123e3811aa&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=6a76e1abf733ace646cf2f123e3811aa&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41255208547110937242980651892122625978
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41255208547110937242980651892122625978
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:06 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.92
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-usw2-2-v013-025de5382.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zzvGi9ZgSyQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=41255208547110937242980651892122625978
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame CFA5 		0
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.cintnetworks.com/identity?a=5461&id=Lotame:6a76e1abf733ace646cf2f123e3811aa
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:04 GMT
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity
true
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5
Content-Length
0
lotame
sync.sharethis.com/ Frame CFA5 		42 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=6a76e1abf733ace646cf2f123e3811aa&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.250.31 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-250-31.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
usermatch.gif
beacon.krxd.net/ Frame CFA5 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=6a76e1abf733ace646cf2f123e3811aa
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.18.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-74-18-91.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=65 t=1631516885
x-served-by
beacon-n002-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
image.sbxx
ib.mookie1.com/ Frame CFA5
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=6a76e1abf733ace646cf2f123e3811aa
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=6a76e1abf733ace646cf2f123e3811aa
120 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=6a76e1abf733ace646cf2f123e3811aa
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 07:08:06 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS16
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=6a76e1abf733ace646cf2f123e3811aa
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS09
Content-Type
text/html; charset=utf-8
Content-Length
217
tpid=205040403908006951083
bcp.crwdcntrl.net/5/c=368/tp=NEUS/ Frame CFA5
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048
  • https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=205040403908006951083
49 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=205040403908006951083
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:06 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.116
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 07:08:05 GMT
Server
AAWebServer
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Location
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=205040403908006951083
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Expires
0
utsync.ashx
ml314.com/ Frame CFA5 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=6a76e1abf733ace646cf2f123e3811aa&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 07:08:05 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Tue, 14 Sep 2021 03:08:05 GMT
tpid=b6eb9797-4ff3-4daf-aa06-c89a52027d41
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame CFA5
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=b6eb9797-4ff3-4daf-aa06-c89a52027d41?gdpr=1&gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=b6eb9797-4ff3-4daf-aa06-c89a52027d41?gdpr=1&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:06 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.4.45
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
Apache-Coyote/1.1
location
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=b6eb9797-4ff3-4daf-aa06-c89a52027d41?gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
bridge
cm.adgrx.com/ Frame CFA5 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 07:08:05 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-2
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
qmap
sync.crwdcntrl.net/ Frame CFA5
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=ede9613e-f8d5-4b00-b82b-d75e9efb32c6
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=ede9613e-f8d5-4b00-b82b-d75e9efb32c6
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.134
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=ede9613e-f8d5-4b00-b82b-d75e9efb32c6
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 13 Sep 2021 07:08:04 GMT
tpid=188298e0-bee5-4b99-b1d3-6cfa9127eea7-613ef8d5-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame CFA5
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=188298e0-bee5-4b99-b1d3-6cfa9127eea7-613ef8d5-5553
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=188298e0-bee5-4b99-b1d3-6cfa9127eea7-613ef8d5-5553
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.99
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=188298e0-bee5-4b99-b1d3-6cfa9127eea7-613ef8d5-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=bFMjGKoe1MpG4t5
sync.crwdcntrl.net/map/c=1818/tp=DTXU/ Frame CFA5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
  • https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=bFMjGKoe1MpG4t5
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=bFMjGKoe1MpG4t5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.246
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 07:08:05 GMT
Server
PingMatch/v2.0.30-675-ga433434#rel-ec2-master i-01c11bd40c0af9d54@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=bFMjGKoe1MpG4t5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=YT741QABKAoLkwAR&_test=YT741QABKAoLkwAR
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame CFA5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YT741QABKAoLkwAR
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YT741QABKAoLkwAR&_test=YT741QABKAoLkwAR
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YT741QABKAoLkwAR&_test=YT741QABKAoLkwAR
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.141
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631516886.896574,VS0,VE0
x-served-by
cache-hhn4083-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YT741QABKAoLkwAR&_test=YT741QABKAoLkwAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame CFA5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.207.226 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame CFA5 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=6075caa8183debe7f0324e21e2346e1d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.246.100.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-100-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
g.json
aa.agkn.com/adscores/ Frame CFA5 		103 B
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
156.154.202.36 , United States, ASN19907 (NEUSTAR-AS6, US),
Reverse DNS
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 07:08:05 GMT
Server
AAWebServer
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
application/json
Access-Control-Allow-Headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
Content-Length
103
Expires
0
tpid=3111422955303986384
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame CFA5
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/6a76e1abf733ace646cf2f123e3811aa/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3111422955303986384
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3111422955303986384
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.14.87
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3111422955303986384
pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=781661624/tpid=7290806411776642473/ Frame CFA5
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=781661624%2Ftpid%3D%24UID%2Ftp%3DANXS
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D781661624%252Ftpid%253D%2524UID%252Ftp%253DANXS
  • https://sync.crwdcntrl.net/map/c=281/rand=781661624/tpid=7290806411776642473/tp=ANXS
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/rand=781661624/tpid=7290806411776642473/tp=ANXS
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=136%2C135%2C116%2C106%2C104%2C94%2C92%2C81%2C80%2C78%2C65%2C61%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-111-115.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:05 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.27.133
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 07:08:05 GMT
X-Proxy-Origin
216.131.111.143; 216.131.111.143; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
68a147ad-01e3-4330-8bcb-493dcf5a3c74
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/rand=781661624/tpid=7290806411776642473/tp=ANXS
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1772913
ad.a-ads.com/ Frame C6C0 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1772913?size=728x90
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=876&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC92LnBocD91c2VyPTEzNDI4&page_title=MediaCPM&meta_description=Need%20some%20extra%20cash%3F%20Get%20Paid%20to%20Promote%20our%20website.%20MediaCPM%20offers%20you%20highest%20CPM%20in%20the%20industry%2C%20low%20payouts%20and%20live%20statistics%21%20You%20can%20also%20earn%20by%20referring%20others%20to%20MediaCPM
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
43235502435ccc0b352e0e9189abed6b6b39a8b2b0ff8627d6a3ab834e1c64bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://display.jalewaads.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:05 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://display.jalewaads.com/
Content-Encoding
gzip
300x250
static.a-ads.com/a-ads-banners/118229/ Frame 48CE 		682 KB
683 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/118229/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1772515?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Last-Modified
Sun, 26 Apr 2020 07:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
F8EB9PKF3RCR5NJG
ETag
"ce8c5673a039ad9769d3265284d8f5f4"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
698412
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
UQkZBCfcjGWdsi6lCz_51AvW3yIHMTsf
x-amz-id-2
U3fzKDTiQsJAoh8SaIQ0Kv0GzSNQnUseZd4VFXlj4ukyOw4MgVpRsYzsJcqzXazTIfE+i1EC7tk=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1772913
ad.a-ads.com/ Frame 63BE 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1772913?size=728x90
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlLmh0bWw=&page_title=&meta_description=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
d21fa7e50c17f60e8e08f3910892f0d673a77cd0d9be2d2387fd57fc1a010824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://display.jalewaads.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:05 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://display.jalewaads.com/
Content-Encoding
gzip
1772515
ad.a-ads.com/ Frame 4FAF 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1772515?size=300x250
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=135&pid=87&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
8edaa9777a4af94afe813104c64c5744e8d8a43c8c8b7a326d5daf9c99479602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://display.jalewaads.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:05 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://display.jalewaads.com/
Content-Encoding
gzip
1772913
ad.a-ads.com/ Frame B882 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1772913?size=728x90
Requested by
Host: display.jalewaads.com
URL: https://display.jalewaads.com/display/index.php?page=query/items/&aduid=123&pid=87&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=e25cd9c6a42780cd44783b2bc51d7289&time=1631516883&deliver=mediacpm.pl&search_keywords=&page_referrer=aHR0cHM6Ly9tZWRpYWNwbS5wbC9wYWdlMi5odG1s&page_title=&meta_description=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
cd5effa5741d9d26a830fb2d74340c1d3261271af626e2d506babb3f7a4373a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://display.jalewaads.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://display.jalewaads.com/

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Mon, 13 Sep 2021 07:08:05 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://display.jalewaads.com/
Content-Encoding
gzip
300x250
static.a-ads.com/a-ads-banners/117617/ Frame E2B0 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117617/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1772515?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
DEHT1S9VCAWDAG0Z
ETag
"5896f969c3c0d5de143c2f56c20489d9"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
191448
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
9rF0H2vdVY_HJMQUZBdQKii0bOEwqr9J
x-amz-id-2
6SQq1X1cI/KRfsudgqjsUmzRbOlvom4wtlFAcbSNyprSf7lcI0/KOZod5k1hDux7Wo7wRARKRM0=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame E2B0 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
728x90
static.a-ads.com/a-ads-banners/117619/ Frame C6C0 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117619/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1772913?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Last-Modified
Sun, 19 Apr 2020 16:08:09 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
S4Y68WSH3FBJR163
ETag
"8df22bfbf1b66e4d461cc595236e19c5"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
125388
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
0fATWmKYpJSZr5TJ6jtiSoqDotlI3uSs
x-amz-id-2
WXD1ZcaSayqgGuaN3E4VGqAxbkt7buAepXdijebK9jTK9YX8e/itS/75QDLmJes9MDRTkaFo1h4=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
728x90
static.a-ads.com/a-ads-banners/118231/ Frame 63BE 		683 KB
684 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/118231/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1772913?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Last-Modified
Sun, 26 Apr 2020 07:21:07 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
BRJ7JAZF9J6X0S6Z
ETag
"241238ff9e1a7f85dbec8aa10f72f723"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
699692
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
t6FJBbIGBKpJobE5rxtWIqCTMlD50_5h
x-amz-id-2
pCs/j+/m15HM0dWGV0DxygupxIqKCdhrFjlJ+qFDK1UyhzVMe1oRsdsI5FPjOBqbXVZylM5DhN8=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame C6C0 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
300x250
static.a-ads.com/a-ads-banners/103763/ Frame 4FAF 		686 KB
687 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/103763/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1772515?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Last-Modified
Fri, 27 Dec 2019 12:20:30 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
KABEHRQ1R0MYNC07
ETag
"28dd56aa4c3448923f2e06f6f90e1017"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
702864
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
KIPQ8aj2AKbgfuqCDbQF8bZCjZrg7.Bd
x-amz-id-2
BUlWn2Qn8F+JEofbxpdJP1G4TJJsc2I0qe6uWV52n6CyEAYuPVsqKdWGLpv5LHq/mUmureAZzLA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
728x90
static.a-ads.com/a-ads-banners/104028/ Frame B882 		674 KB
675 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/104028/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1772913?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.239.209.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
213-239-209-209.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 07:08:05 GMT
Last-Modified
Sun, 29 Dec 2019 17:09:03 GMT
Server
nginx/1.18.0 (Ubuntu)
x-amz-request-id
AV9B4G079K4A0XMK
ETag
"74ffa6390dd104c5c534c4f2f266f4d3"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
690629
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
3TC98TKnrka7oOabxFNTsHEKH4LZcc9h
x-amz-id-2
vcZuwvgpp+8WDnLnwXAwsQeBPkHeCl+4IvRpTTTfC0r9dYwawv0oyjNbcz6qbMFxCpM5HGS+KRY=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 489E 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1222814713344722&plah=aimarketing.mediacpm.pl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
cafe /
Resource Hash
1909f7a0987737a889c32edd451793c78d8f2ec88ac99dc024d3999ba97a0b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 07:08:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8444
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 489E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1222814713344722&plah=aimarketing.mediacpm.pl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 13 Sep 2021 07:08:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0636 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aimarketing.mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sat, 11 Sep 2021 09:03:37 GMT
expires
Sun, 11 Sep 2022 09:03:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
165870
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1C96 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s23-in-f4.1e100.net
Software
GSE /
Resource Hash
7e8d29607f969ca73328db10dc3495f210f83efdd0c13fe2ce22100b6f2fea52
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eXF0VIYgoru7FrbpERplDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aimarketing.mediacpm.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 13 Sep 2021 07:08:07 GMT
date
Mon, 13 Sep 2021 07:08:07 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-eXF0VIYgoru7FrbpERplDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=3922357469780431&rc=
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
pagead2.googlesyndication.com/bg/ Frame 0636 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
sffe /
Resource Hash
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 07:55:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
83551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 12 Sep 2022 07:55:36 GMT
mediahosting.engine
engine.spotscenered.info/ Frame 4EA7
Redirect Chain
  • https://engine.spotscenered.info/link.engine?z=60751&guid=c50b1c72-8f6d-4393-a8ac-fb565f497872&kw=
  • https://engine.spotscenered.info/Redirect.eng?MediaSegmentId=54836&dcid=1_ctx_0943b44e-c97e-4dc3-92da-9680b829d758&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=w6K4iOYx87V0...
  • https://engine.spotscenered.info/mediahosting.engine?MediaId=88229&AId=8399&CId=39377&PId=77547&SiteId=15562&ZoneId=60751&VolumeMetricId=902232d2-3452-4f98-a14d-b2d544ad5f0a&PassBackUrl=&res=&dcid=...
844 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://engine.spotscenered.info/mediahosting.engine?MediaId=88229&AId=8399&CId=39377&PId=77547&SiteId=15562&ZoneId=60751&VolumeMetricId=902232d2-3452-4f98-a14d-b2d544ad5f0a&PassBackUrl=&res=&dcid=1_ctx_0943b44e-c97e-4dc3-92da-9680b829d758&cu=&kw=&mw=500&mh=500
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.96.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7a5d67fb3fda34696e359be1444e2f0672e8d74ee1c41f55e3c6c226dac512f0

Request headers

:method
GET
:authority
engine.spotscenered.info
:scheme
https
:path
/mediahosting.engine?MediaId=88229&AId=8399&CId=39377&PId=77547&SiteId=15562&ZoneId=60751&VolumeMetricId=902232d2-3452-4f98-a14d-b2d544ad5f0a&PassBackUrl=&res=&dcid=1_ctx_0943b44e-c97e-4dc3-92da-9680b829d758&cu=&kw=&mw=500&mh=500
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mediacpm.pl/
accept-encoding
gzip, deflate, br
cookie
IKSR={}; INF_DFL8=true; IUID=cb15ba0a-c36a-4109-a89c-f06ce04aa0b5; ISSH=5DE3A8; CHN=#AgAAAIuOBQA=; MSSH=#AgAAAKuuBQA=; MSRH=#AgAAAKuuBQA=; ILP=null; ILPLU=#FAAAADPUN9Q3MDAwVDA0sjIwACIFR18A; ILEALC=#FAAAADPUN9Q3MDAwVDA0sjIwACIFR18A; ILMPF=#BQAAAHNLzClOBQA=; IPMPLU=#AAAAAA==; IPMUID=#AAAAAA==; BSWUID=#AAAAAA==; IBL=#AgAAAIuOBQA=; IMCH=#AgAAAKuuBQA=; IMCH_Q=#AgAAAIuOBQA=; PZK={"P":"2N0UfmioiibmvRtQ7iGdrVv8L8mBpM9dtxfCh0EyLfyw2fKccht6OiTHRvolLiaR","B":[],"UD":1631516888}; ISH=#VQAAAKtWMjQ1NTNSsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; ISH_Q=#DQAAAIs2NDU1M9IBk7EA; VMI=902232d2-3452-4f98-a14d-b2d544ad5f0a; IPLH=#VQAAAKtWMjc3NTFXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; IPLH_Q=#DQAAAIs2Nzc1MdcBk7EA; IPLSH=#WwAAAKtWMjQ1NTOKNzc3NTFXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; IPLSH_Q=#HQAAAItWMjQ1NTOKNzc3NTFX0kHhxQIA; IZH=#VQAAAKtWMjMwNzVUsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; IZH_Q=#DQAAAIs2MzA3NdQBk7EA; IMH=#VQAAAKtWsrAwMrJUsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; IMH_Q=#DQAAAIu2sDAystQBk7EA; ISPH=#VQAAAKtWMjQ1NTNSsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; ISPH_Q=#DQAAAIs2NDU1M9IBk7EA; ICH=#VQAAAKtWMrY0NjdXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; ICH_Q=#DQAAAIs2tjQ2N9cBk7EA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/page2.html

Response headers

date
Mon, 13 Sep 2021 07:08:08 GMT
content-type
text/html; charset=utf-8
content-length
844
cache-control
private, no-transform
access-control-allow-origin
*
set-cookie
IKSR={}; path=/; SameSite=None; secure INF_DFL8=true; path=/; SameSite=None; secure IUID=cb15ba0a-c36a-4109-a89c-f06ce04aa0b5; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure ISSH=5DE3A8; path=/; SameSite=None; secure VMI=902232d2-3452-4f98-a14d-b2d544ad5f0a; path=/; SameSite=None; secure IPLH=#VQAAAKtWMjc3NTFXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IPLH_Q=#DQAAAIs2Nzc1MdcBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly CHN=#AgAAAIuOBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly MSSH=#AgAAAKuuBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly MSRH=#AgAAAKuuBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ILP=null; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure ILPLU=#FAAAADPUN9Q3MDAwVDA0sjIwACIFR18A; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ILEALC=#FAAAADPUN9Q3MDAwVDA0sjIwACIFR18A; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ILMPF=#BQAAAHNLzClOBQA=; expires=Mon, 13-Sep-2021 11:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IPMPLU=#AAAAAA==; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IPMUID=#AAAAAA==; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly BSWUID=#AAAAAA==; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IKSR={}; path=/; SameSite=None; secure IBL=#AgAAAIuOBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly PZK={"P":"2N0UfmioiibmvRtQ7iGdrVv8L8mBpM9dtxfCh0EyLfyw2fKccht6OiTHRvolLiaR","B":[],"UD":1631516888}; expires=Wed, 13-Oct-2021 07:08:08 GMT; path=/; SameSite=None; secure IPLSH=#WwAAAKtWMjQ1NTOKNzc3NTFXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH_Q=#HQAAAItWMjQ1NTOKNzc3NTFX0kHhxQIA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IZH=#VQAAAKtWMjMwNzVUsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IZH_Q=#DQAAAIs2MzA3NdQBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IMCH=#AgAAAKuuBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IMCH_Q=#AgAAAIuOBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IMH=#VQAAAKtWsrAwMrJUsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IMH_Q=#DQAAAIu2sDAystQBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ISH=#VQAAAKtWMjQ1NTNSsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ISH_Q=#DQAAAIs2NDU1M9IBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ISPH=#VQAAAKtWMjQ1NTNSsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ISPH_Q=#DQAAAIs2NDU1M9IBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ICH=#VQAAAKtWMrY0NjdXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ICH_Q=#DQAAAIs2tjQ2N9cBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly
x-powered-by
ASP.NET
p3p
CP="CAO PSA OUR IND"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68df8aeb2a022187-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Mon, 13 Sep 2021 07:08:08 GMT
content-type
text/html; charset=utf-8
content-length
424
cache-control
private, no-transform
location
//engine.spotscenered.info/mediahosting.engine?MediaId=88229&AId=8399&CId=39377&PId=77547&SiteId=15562&ZoneId=60751&VolumeMetricId=902232d2-3452-4f98-a14d-b2d544ad5f0a&PassBackUrl=&res=&dcid=1_ctx_0943b44e-c97e-4dc3-92da-9680b829d758&cu=&kw=&mw=500&mh=500
access-control-allow-origin
*
set-cookie
IKSR={}; path=/; SameSite=None; secure INF_DFL8=true; path=/; SameSite=None; secure IUID=cb15ba0a-c36a-4109-a89c-f06ce04aa0b5; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure ISSH=5DE3A8; path=/; SameSite=None; secure VMI=902232d2-3452-4f98-a14d-b2d544ad5f0a; path=/; SameSite=None; secure IPLH=#VQAAAKtWMjc3NTFXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IPLH_Q=#DQAAAIs2Nzc1MdcBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly CHN=#AgAAAIuOBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly MSSH=#AgAAAKuuBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly MSRH=#AgAAAKuuBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ILP=null; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure ILPLU=#FAAAADPUN9Q3MDAwVDA0sjIwACIFR18A; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ILEALC=#FAAAADPUN9Q3MDAwVDA0sjIwACIFR18A; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ILMPF=#BQAAAHNLzClOBQA=; expires=Mon, 13-Sep-2021 11:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IPMPLU=#AAAAAA==; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IPMUID=#AAAAAA==; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly BSWUID=#AAAAAA==; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IKSR={}; path=/; SameSite=None; secure IBL=#AgAAAIuOBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly PZK={"P":"2N0UfmioiibmvRtQ7iGdrVv8L8mBpM9dtxfCh0EyLfyw2fKccht6OiTHRvolLiaR","B":[],"UD":1631516888}; expires=Wed, 13-Oct-2021 07:08:08 GMT; path=/; SameSite=None; secure IPLSH=#WwAAAKtWMjQ1NTOKNzc3NTFXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IPLSH_Q=#HQAAAItWMjQ1NTOKNzc3NTFX0kHhxQIA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IZH=#VQAAAKtWMjMwNzVUsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IZH_Q=#DQAAAIs2MzA3NdQBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IMCH=#AgAAAKuuBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IMCH_Q=#AgAAAIuOBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IMH=#VQAAAKtWsrAwMrJUsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly IMH_Q=#DQAAAIu2sDAystQBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ISH=#VQAAAKtWMjQ1NTNSsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ISH_Q=#DQAAAIs2NDU1M9IBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ISPH=#VQAAAKtWMjQ1NTNSsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ISPH_Q=#DQAAAIs2NDU1M9IBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ICH=#VQAAAKtWMrY0NjdXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly ICH_Q=#DQAAAIs2tjQ2N9cBk7EA; expires=Sat, 13-Sep-2031 07:08:08 GMT; path=/; SameSite=None; secure; HttpOnly
x-powered-by
ASP.NET
p3p
CP="CAO PSA OUR IND"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68df8ae92df22187-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cookie set pop
cdn.tabici.com/ Frame 8505 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.tabici.com/pop?wi=1934&subid=page
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.23.2.199 , France, ASN16276 (OVH, FR),
Reverse DNS
ns365170.ip-94-23-2.eu
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
cdn.tabici.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://mediacpm.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://mediacpm.pl/

Response headers

Date
Mon, 13 Sep 2021 07:08:08 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=oodsu9p4igidt81kgtaph732n5; path=/
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding
Content-Encoding
gzip
X-Frame-Options
DENY
Content-Length
1487
Keep-Alive
timeout=2, max=1000
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 489E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=3922357469780431&bg=!ICOlI2fNAAYT0U73E9E7ACkAdvg8Wt4ya7n7kskt3LPaGbjEcZu3UxB5gLOuTJ4TOAI1qOW7eHFttAIAAANIUgAAAL5oAQcKAHk4n0IPdTSL4gmISMjpmSnX_hVDCkDLvtx2XMo48XOQGTKl3BoXQFLe7K0dIpfvHUaH5JY5p-Xv5On2lrwX8aW-qyIMOjdObDfYgIUk-LRlxU9iYXpznE4WmBwQ_RiEiWX4nF3QVxnj4Lw4FRaTCiaQxBXxLEAb0SVomQKW_ggHJ8GXkVBgWu5b6T3eE9nO-j6AKi7CIDsPV6aAI3YDtBKvvVnHl_DNE3yJXJ08f_j5u9UPeifd7QA1C9IcW3pLB_nMmYL-IVW3-fjeFQumiP-xx2klMmxxqD2tgLPEG6E3XLQgK2lS0kheQqTjU_OupgchbwMS4ldDvKmyizolcHAFIOr8NJ8gMG5Jwf9K4f4eCNBMYe9MoJMKOQAB0yMQBRKUart2K0PZSx33y6W79yrGP4RTNkSsCXhdNG1IEvAbYfZDiEKnCF_uF8jeHcWXzfHs5OGYkRMSDHWlIIRFOmRuabujDO77-OC0VhNX-EgGrMu2MCfydil_OH9e0x_DerQ4yVoZhsg6fOLQSfH95UIOcJqjH_2B_hYFY_JCR8_O3xT2vK1DuiJNEvnXZhwZpU5tJtwHl6BrO3RjQm0eCDLnC_aySIOsiHADXsbv82BgNbdeKjbxMeTksTY2aGOx_-rnfcfoA1FlnFr1hlrvUuweMep5Kkp7Et179ILNYkX0yrfmeImlnBNqPOeUDhfYGGeBZCPGk8IZ-q6yl68iwG7mcuk_zbNNcUopwuT6hFomhTlrEnO_XZuptiH0G0wwS1z8z5j9CM_ROHtdXid3LPqxbnVSbiKG05yi7OvDYDbOJNQJrrZvC61Ct1gpdE4nIZ4TiQi-cAUAhmlTQqnmxyArf79LVq06j8SOSgTvXdyx1JPG58ULUksE63FlVBe1D1jmFW8tTip8CJt734POQzsgRqxsn8Zxld4T9BvrP-u7EUeD5vf_Uqgzslyiua4DHyiUc7aNiG6b-TQsEPQuG18lvhHJceOgsVcPfZsRrq4Dq6CygFbMxBzeq0MDCCNUzxdJZIxAPT3hy7eSQKhC9udS4Os
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.211.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aimarketing.mediacpm.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m88229.jpg
digiadsply.com/ Frame 4EA7 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://digiadsply.com/m88229.jpg
Requested by
Host: engine.spotscenered.info
URL: https://engine.spotscenered.info/mediahosting.engine?MediaId=88229&AId=8399&CId=39377&PId=77547&SiteId=15562&ZoneId=60751&VolumeMetricId=902232d2-3452-4f98-a14d-b2d544ad5f0a&PassBackUrl=&res=&dcid=1_ctx_0943b44e-c97e-4dc3-92da-9680b829d758&cu=&kw=&mw=500&mh=500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.174 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d8821b66d12ba53d25ea2ffd69aeb51eaf9807a26712909f573736f8a16d56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://engine.spotscenered.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:08:09 GMT
via
1.1 2b782f5f082f9e98adf8c50f24b6bb6d.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
73513
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
cf-bgj
h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
87961
last-modified
Thu, 30 May 2019 18:29:27 GMT
server
cloudflare
etag
"317de75ca89c3031039caa5e41c60d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
cf-ray
68df8aecbd2e3312-CDG
x-amz-cf-id
xAX6I0C5GYMJbbTMoIrVPGj25LMrdSWjfdxbTiWGVAd4q4u6R5Giqw==
expires
Mon, 13 Sep 2021 11:08:09 GMT
Primary Request redirect
adp13a.com/ 		21 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://adp13a.com/redirect?sid=79411
Requested by
Host: mediacpm.pl
URL: https://mediacpm.pl/v.php?user=13428
Protocol
HTTP/1.1
Server
172.64.173.27 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
489a22549db424135319b340e22b8a6de861c9eeb0d68d600770f6fa800769ef

Request headers

Host
adp13a.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 13 Sep 2021 07:08:12 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
21811
Connection
keep-alive
cache-control
no-transform,no-cache
pragma
no-cache
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiYopWLTEVvsOyU09IJzDQLdU9WHdbd8QDv%2B4XVC52R3TDQsx%2BPf7ze1hxkY1ChvOLRKWNDyfgvvsWszb2lUuVQTOINRokNZL7XsPA3Fi1el%2BpVLvWGl5jXo0%2BaJ"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
68df8affec07ee54-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
t.dtscout.com/pv/ 		0
0
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mediacpm.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 13 Sep 2021 07:08:12 GMT
content-length
0
vary
Origin
/
t.dtscout.com/pv/ Frame C28B 		0
0
metrics
connect-metrics-collector.s-onetag.com/ Frame C28B 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://news-btc.info/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 13 Sep 2021 07:08:12 GMT
content-length
0
vary
Origin
69147001
mc.yandex.com/webvisor/ Frame F4DD 		43 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/69147001?wmode=0&wv-part=2&wv-hit=54821127&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&rn=37222729&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1631516892%3Aw%3A0x0%3Av%3A631%3Az%3A0%3Ai%3A20210913070812%3Au%3A163151688117833305%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631516892
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bitcoin-ad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:12 GMT
last-modified
Mon, 13-Sep-2021 07:08:12 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.bitcoin-ad.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Sep-2021 07:08:12 GMT
69147001
mc.yandex.com/webvisor/ Frame F4DD 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/69147001?wmode=0&wv-part=2&wv-hit=54821127&page-url=https%3A%2F%2Fwww.bitcoin-ad.com%2F%3Futm_source%3D%26utm_medium%3D%26utm_content%3D&rn=930598168&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631516892%3Aw%3A0x0%3Av%3A631%3Az%3A0%3Ai%3A20210913070812%3Au%3A163151688117833305%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631516892
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bitcoin-ad.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 07:08:12 GMT
last-modified
Mon, 13-Sep-2021 07:08:12 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.bitcoin-ad.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 13-Sep-2021 07:08:12 GMT
rum
cryptotabbrowser.com/cdn-cgi/ Frame 6296 		0
0
atr
www.youtube-nocookie.com/api/stats/ Frame 1617 		0
0
atr
www.youtube-nocookie.com/api/stats/ Frame 9802 		0
0
redirect
adp13a.com/ 		0
687 B 		Document
General
Check archive.org
Download Go to
Full URL
http://adp13a.com/redirect?cid=TXjtdFCtZJ&http_referer=&sid=79411&subid=&s3=&8a22d0dc6220510fb8d20fb443445df2=1&rr=1&id=&t=1631516892&hrf=7JVfsoFPLMFKqHVmd68N2s8ejndGrRyTqUSe%2Bf5uln3DfXBxznY%3D&iwx=1600&iwy=1200&owx=1600&owy=1200&isph=0&pbc=0&fp=null&hf=1&op=1&pd=24&tp=%3F&xd=%3F&yd=%3F&pl=3&mt=4&sw=1600&sh=1200&fw=1600&fh=1200&pw=0&ph=0&ow=1600x1200&iw=1600x1200&sd=24&ifr=0&coo=1&m=0&hr=7&ab=1&ua=%257B%2522ef%2522%253A%25224g%2522%252C%2522rtt%2522%253A0%252C%2522down%2522%253A9.2%252C%2522save%2522%253Afalse%257D&npl=Linux+x86_64&ncpu=%3F&nhc=4&gtz=0&nba=1&nbt=0&nve=Google+Inc.&vapp=Netscape&napv=5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F92.0.4515.159+Safari%2F537.36&ss=1&ls=1&bl=en-US&sl=undefined&dr=Intel%2520Inc.%257CIntel%2520Iris%2520OpenGL%2520Engine%257CWebGL%25201.0%2520%28OpenGL%2520ES%25202.0%2520Chromium%29&is=1590925605&wc=object&msy=undefined&ddm=undefined&ps=20030107&st=0&sp=undefined&mob=0&ifp1=0&ifp2=0&wn=&nap=0&ind=1&opd=0&dab=0&nsb=1&chk1=0&chk2=1&chk3=0&chk4=0
Protocol
HTTP/1.1
Server
172.64.173.27 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
adp13a.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://adp13a.com/redirect?sid=79411
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://adp13a.com/redirect?sid=79411

Response headers

Date
Mon, 13 Sep 2021 07:08:12 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
0
Connection
keep-alive
cache-control
no-transform,no-cache
pragma
no-cache
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zkwY0ElhspKgN3LQa5gz25CkxNteLcCcFGh81FTUXJKZSvxPWya1%2FH6y7MG3KsxReMms18rs16w6%2BXXljkLtzbaAddDZfSlMXGNJ%2BcD2ceTWQZ6H9iOSy30BlAm"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
68df8b01edd9ee54-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mfk-network.com
URL
https://mfk-network.com/ads/l4.php
Domain
tinyurl.com
URL
https://tinyurl.com/pj44bp8v
Domain
tinyurl.com
URL
https://tinyurl.com/yxecj4tx
Domain
tinyurl.com
URL
https://tinyurl.com/fjcuh964
Domain
tinyurl.com
URL
https://tinyurl.com/2kz2d78s
Domain
player.vimeo.com
URL
https://player.vimeo.com/_csp
Domain
t.dtscout.com
URL
https://t.dtscout.com/pv/
Domain
t.dtscout.com
URL
https://t.dtscout.com/pv/
Domain
cryptotabbrowser.com
URL
https://cryptotabbrowser.com/cdn-cgi/rum?
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/api/stats/atr?ns=yt&el=embedded&cpn=PiCQbJewhPwV9XRb&docid=FIPg15MTHu0&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Faimarketing.mediacpm.pl%2F&lact=10359&cl=395555459&mos=0&volume=100&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210908.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=de_DE&cr=DE&len=181&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082661%2C24084443%2C24632129&muted=0&vis=3
Domain
www.youtube-nocookie.com
URL
https://www.youtube-nocookie.com/api/stats/atr?ns=yt&el=embedded&cpn=BqlNHdFry2yMwHjn&docid=MdhY3J_GNW4&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Faimarketing.mediacpm.pl%2F&lact=10452&cl=395555459&mos=0&volume=100&cbr=Chrome&cbrver=92.0.4515.159&c=WEB_EMBEDDED_PLAYER&cver=1.20210908.1.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&hl=de_DE&cr=DE&len=74&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24066622%2C24080738%2C24082662%2C24084443%2C24091242&muted=0&vis=3

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforexrselect boolean| originAgentCluster string| var1 string| var2 string| var3 string| var4 object| pop1 object| pop2 object| pop3 string| str function| $ function| jQuery string| hidden string| visibilityChange number| rdy function| hVC function| isivp object| elements function| cbF object| _Hasync function| delayer number| onLoad function| setCookie function| getCookie object| urls string| url function| chfh function| chfh2 string| _HST_cntval object| Histats boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_521 function| histats_canvascounters_base.js object| _HistatsCounterGraphics_521_setValues object| a object| cv object| Tynt object| _dtspv object| _33Across function| __uspapi object| __connect number| char number| adcode_count function| post_sticky_handler function| post_noads_handler function| post_trackdata_handler function| post_skin_handler function| post_expandable_handler function| post_pop_handler function| post_interstitial_handler function| post_native_handler function| native_resize_handler function| post_iframe_handler object| ItemDataScript_parameter string| ItemDataScript_parameter_new object| ItemDataScript_parameter_seperate string| aduid string| pid string| width string| height string| displaytype number| responsive number| block_id number| adSectionWidth object| page_meta_data string| page_title string| page_referrer string| meta_description string| meta_keywords string| search_keywords number| currently_rendered number| currently_rendered_flag string| currently_rendered_adunit object| cpc_impression object| cpm_impression object| cpa_impression string| cpd_impression string| cpv_impression object| html_impression string| ret string| iframe_src

164 Cookies

Domain/Path Name / Value
www.goldrotator.com/user Name: check_cookie_status
Value: test
mediacpm.pl/ Name: ptp
Value: 1631517276
mediacpm.pl/ Name: PHPSESSID
Value: 4tmdbagv8f1rav31v41jec1cu5
mediacpm.pl/ Name: pop3validate
Value: 1631517276%2C83
mediacpm.pl/ Name: HstCfa4336751
Value: 1631516880250
mediacpm.pl/ Name: HstCla4336751
Value: 1631516880250
mediacpm.pl/ Name: HstCmu4336751
Value: 1631516880250
mediacpm.pl/ Name: HstPn4336751
Value: 1
mediacpm.pl/ Name: HstPt4336751
Value: 1
mediacpm.pl/ Name: HstCnv4336751
Value: 1
mediacpm.pl/ Name: HstCns4336751
Value: 1
.cryptobrowser.site/ Name: _ctt_id
Value: ca75e3da-f5db-4d5b-a90e-c0fc0e26a61a
.mediacpm.pl/ Name: __cf_bm
Value: ZcYTVEllF_a23nTLQgFoqIbl4fqu8Go_VCb67ljo5P8-1631516880-0-AUL+uyNsNLqK0/fFOwcObLl9S9dr+HhGZ3HC1N+7n6XEsvcKcsJb6aJWet/ITqYH5UB/0TxO20UZCYt6Y/Wd+OY=
.adsluna.com/ Name: __cf_bm
Value: vSVNnNFTWY2ieHSVi7cCz.858cxzlNDlx0PmokDtLpI-1631516880-0-AVNUAeSxbA37A0FVnQQ2dqXAw0dhVoA612gqL5tS3ff0rpIOlmRVxqukqKF95IrDuqbczWo6mRQ6Cg+XLfnoPos=
.youtube.com/ Name: YSC
Value: TVJCxuvHZKM
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: q_tqujoDzsc
.pornoxo.com/ Name: guestTrack_www_
Value: 1469582043
.pornoxo.com/ Name: pxo_hit
Value: 11129
.dtscout.com/ Name: df
Value: 1631516881
.dtscout.com/ Name: l
Value: 6D00163151688187F2A01F0B9C019034
.pornoxo.com/ Name: webShoutboxUserName
Value: Guest%286297%29
.pornoxo.com/ Name: showMoreRelatedVideos
Value: 1
.pornoxo.com/ Name: pvsbs
Value: 1
.bitcoin-ad.com/ Name: _ym_uid
Value: 163151688117833305
.bitcoin-ad.com/ Name: _ym_d
Value: 1631516881
www.bitcoin-ad.com/ Name: route
Value: 1631516882.281.42.507980
.bitcoin-ad.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjFKOEVNRGovcHRLMzE2SFZHcFRtTFE9PSIsInZhbHVlIjoiY0JNNzVEOEF6SVYwU1JZWmp4eFZuV1JCTS9obzl4WVJraHBjTFBJQlhZSlIwUUFSZHNKcE1sR3dWZ1pLUUc1VGtnWDlSYmx0Mnl2TGN0bHVaRWhsY282OWI5Wi9OYk5HcFlBRjBETWFtTEZTWVE4NUtKSnFXaFFlMFlmbWV4TnciLCJtYWMiOiJjOTA3ZDVlZTIwMmEwZTliODViOWEzNzZmYjhhMzA0ZWYyOWVmMzM2NTQ1MDQxNTIxODgyMDkxYzcyOTY3NzNkIn0%3D
.bitcoin-ad.com/ Name: laravel_session
Value: eyJpdiI6InE1QlV4aVZKY1dJUWh0ZFdCK3BBSHc9PSIsInZhbHVlIjoibmZlWHE4OXdITVpPTzZibEJBRnAwUmdkWjlrK3laQ2g0dHVuTVdmSFByNjZIU2JOc2t4WDFIWHJjS2syOGowc2ZaZ3RhQmxFYTVReDVnTE40Q1dqOHluZm1kVFlIT1NUSTVnSXk5Z1owWVRkUTRITTBmaUxGbHVlOWp1aTVFaWsiLCJtYWMiOiJmY2QwYTQ1ZWExNDdiNjU4ZmQ5NTA1NmQ4ODI4MzJkZGFhZDI0Y2I3NDdhNjRiNWNjNjRjMzJlNzgwNGVjMjM5In0%3D
.yandex.com/ Name: yandexuid
Value: 8697229821631516881
.yandex.com/ Name: yuidss
Value: 8697229821631516881
mc.yandex.com/ Name: yabs-sid
Value: 1333210801631516881
.yandex.com/ Name: i
Value: CX9ANr7FODFFkuLjUqIfNo2D0vwO9XIU5bQHJxhWiZm84iagoiRrLHd3I/t9WBLIDLN5Ffa/pUwTRXjmBon4f3ziPWY=
.yandex.com/ Name: ymex
Value: 1663052881.yrts.1631516881#1663052881.yrtsi.1631516881
www.goldrotator.com/ Name: PHPSESSID
Value: 19mmn3nvnjevbnt0fl1bqphe30
www.goldrotator.com/ Name: check_cookie_status
Value: test
.vimeo.com/ Name: vuid
Value: pl1796571180.584399516
.bitcoin-ad.com/ Name: _ym_isad
Value: 2
.bitcoin-ad.com/ Name: _ym_visorc
Value: w
m1.firon.xyz/ Name: u
Value: 3cc972bef0eaceac6b6a802e16075467
.mediacpm.pl/ Name: __dtsu
Value: 6D00163151688187F2A01F0B9C019034
.mediacpm.pl/ Name: __gads
Value: ID=ee199c34809b287e-221079de1cc900eb:T=1631516881:RT=1631516881:S=ALNI_Mb8nDABEPloQPdYLD5yU0JMPtkUFQ
.onaudience.com/ Name: cookie
Value: 914798ab80e71f4a
.onaudience.com/ Name: done_redirects147
Value: 1
.toplist.cz/ Name: ui
Value: 56944
.pornoxo.com/ Name: screenSize
Value: 0
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 6a76e1abf733ace646cf2f123e3811aa
.adsrvr.org/ Name: TDID
Value: 3c2eb7e6-90ac-4b36-9cfe-bf980179142d
.exosrv.com/ Name: __uvt
Value: a%3A1%3A%7Bi%3A0%3Bs%3A31%3A%22613ef8d2426bb9.3457260053584277%22%3B%7D
.exosrv.com/ Name: c-tag
Value: %7B%22tag-video%22%3A%22v3%7C%7CDEU%7C3588779%7C63967044%7C0%7C%7C508%7C0%7C2%7C15%7C0%7C0%7C0%7C34597821%7C2905330%7C2925533%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Cpornoxo.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
.dtscdn.com/ Name: uid
Value: 6D00163151688187F2A01F0B9C019034
.pornoxo.com/ Name: videosLengthFilter
Value: all
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjkif7O_qP7ORAFOAE.
.onaudience.com/ Name: done_redirects109
Value: 1
.pornoxo.com/ Name: _ym_uid
Value: 1631516883789787384
.pornoxo.com/ Name: _ym_d
Value: 1631516883
.yandex.ru/ Name: ymex
Value: 1663052883.yrts.1631516883#1663052883.yrtsi.1631516883
.yandex.ru/ Name: yandexuid
Value: 7065133621631516883
.yandex.ru/ Name: yuidss
Value: 7065133621631516883
mc.yandex.ru/ Name: yabs-sid
Value: 2120684861631516883
.yandex.ru/ Name: i
Value: r/uECSUNhEEB7AokbJNALLPoBxURiqqOLEf1BvhAfEXfjdwbBudOhZaVHI6vuqxdkjvQAWulik5russcZUyGbOu6LA4=
www.goldrotator.com/ Name: bitmedia_fid
Value: eyJmaWQiOiJmMGIxOWQwNGNmMTk2YzM2NTA5MmZlYzkyMGE2NGQ0YyIsImZpZG5vdWEiOiI3OGU5NmQ3NGM0MGM0MWY5NTg1Y2E5NjgyNWQwZDVhNCJ9
.pornoxo.com/ Name: _ym_isad
Value: 2
.exosrv.com/ Name: impressions
Value: x%9C%ABV2135012%D253%B643701Q%B2%8A6%D41436454%B3%B00%D61411%88%AD%05%00%AF%D5%08%C6
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 4055149491fake
.dtscout.com/ Name: m
Value: 2
.dtscout.com/ Name: b
Value: 2
.dtscout.com/ Name: st
Value: 2
.dtscout.com/ Name: oa
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1021060562fake
.onaudience.com/ Name: done_redirects236
Value: 1
.webvisor.org/ Name: yandexuid
Value: 7065133621631516883
.webvisor.org/ Name: yuidss
Value: 7065133621631516883
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
engine.spotscenered.info/ Name: IKSR
Value: {}
engine.spotscenered.info/ Name: INF_DFL8
Value: true
engine.spotscenered.info/ Name: IUID
Value: cb15ba0a-c36a-4109-a89c-f06ce04aa0b5
engine.spotscenered.info/ Name: ISSH
Value: 5DE3A8
engine.spotscenered.info/ Name: CHN
Value: #AgAAAIuOBQA=
engine.spotscenered.info/ Name: MSSH
Value: #AgAAAKuuBQA=
engine.spotscenered.info/ Name: MSRH
Value: #AgAAAKuuBQA=
engine.spotscenered.info/ Name: ILP
Value: null
engine.spotscenered.info/ Name: ILPLU
Value: #FAAAADPUN9Q3MDAwVDA0sjIwACIFR18A
engine.spotscenered.info/ Name: ILEALC
Value: #FAAAADPUN9Q3MDAwVDA0sjIwACIFR18A
engine.spotscenered.info/ Name: ILMPF
Value: #BQAAAHNLzClOBQA=
engine.spotscenered.info/ Name: IPMPLU
Value: #AAAAAA==
engine.spotscenered.info/ Name: IPMUID
Value: #AAAAAA==
engine.spotscenered.info/ Name: BSWUID
Value: #AAAAAA==
engine.spotscenered.info/ Name: IBL
Value: #AgAAAIuOBQA=
engine.spotscenered.info/ Name: IMCH
Value: #AgAAAKuuBQA=
engine.spotscenered.info/ Name: IMCH_Q
Value: #AgAAAIuOBQA=
.eyeota.net/ Name: mako_uid
Value: 17bddfbfd34-52b10000010a46be
.eyeota.net/ Name: SERVERID
Value: 18110~DM
.doubleclick.net/ Name: IDE
Value: AHWqTUmAZXl_sUIoupPfsx2sFphlj7na4PnJsAJLVk_TxIljYRmAnVnwhbAqj-KOfYQ
.goldrotator.com/ Name: __dtsu
Value: 6D00163151688187F2A01F0B9C019034
.goldrotator.com/ Name: lotame_domain_check
Value: goldrotator.com
.onaudience.com/ Name: done_redirects219
Value: 1
.zeotap.com/ Name: zc
Value: 06f7f84a-0374-4afb-4316-a935f0d114ad
.zeotap.com/ Name: zsc
Value: %06%D6%99%81%F5%FA%C1M~%11%D0%F7%1D%04%0B%ADxG%C9%C9yQ%19%0Dj3%87%E1%85%7F%15d%BEk%E1f%96%87%09%86u%E0%AB%8C-%8D%C3%EE%A2~%12%9C%90%09%07%87%B1%CA%5DP%84%D1%DC%13u%2A%829c8%E215%8D%91%88%A6v%21%1D%1FQ%E5
.krxd.net/ Name: _kuid_
Value: OW-l9oG1
.tapad.com/ Name: TapAd_TS
Value: 1631516885489
.tapad.com/ Name: TapAd_DID
Value: 51467b15-d6d8-42c1-914a-b43759cecbae
.mathtag.com/ Name: uuid
Value: ede9613e-f8d5-4b00-b82b-d75e9efb32c6
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.sitescout.com/ Name: ssi
Value: 188298e0-bee5-4b99-b1d3-6cfa9127eea7#1631516885621
.sitescout.com/ Name: _ssuma
Value: eyI3IjoxNjMxNTE2ODg1Njc5fQ
.w55c.net/ Name: wfivefivec
Value: bFMjGKoe1MpG4t5
.w55c.net/ Name: matchlotame
Value: 5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YT741QABKAoLkwAR
.adnxs.com/ Name: uuid2
Value: 7290806411776642473
.tidaltv.com/ Name: tidal_ttid
Value: b6eb9797-4ff3-4daf-aa06-c89a52027d41
.turn.com/ Name: uid
Value: 3111422955303986384
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0sjA3sTI0NAAAJfZClAkAAAA="
.agkn.com/ Name: ab
Value: 0001%3AvikfVpKBUltCBlWGErwg5si6g2Pe9wQf
.demdex.net/ Name: demdex
Value: 41255208547110937242980651892122625978
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: iepvpxchb5jhl2z2zyuypdtn
.dpm.demdex.net/ Name: dpm
Value: 41255208547110937242980651892122625978
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: 129e3242-d037-4e07-aeb5-5b3d65adf041#1631516883793#2
.id5-sync.com/ Name: 3pi
Value: 224#1631516884171#957167947|321#1631516884133#-1897356074|19#1631516883826#-282521204#6a76e1abf733ace646cf2f123e3811aa|398#1631516884171#-177515217
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEs0N0s1TExKMzc2TkxONTMxS04zSjM0Mk41tjA0TExkAIJEux%2FX%2Fvz%2F%2F58fxAEDoc%2BdW9UZP8oy%2FGdkZOi5t1gHxt7w5JwojH180xQWJoiaD0xglR8%2FW6IKPFs8B03J8j%2BFqErOA5XATLxx6hEbjP2h4b4AqsrDGIZNP6GOqmTNhqfcqCJHGjdowx189BAzquzufZfRLHm3BN3FnZNPaqHqAgBkLnOg"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBItPtxDUhBACsDA9cMMHNRK5gSZAdTxnNBJOPDeiAJALYcBoU%3D"
.goldrotator.com/ Name: _cc_id
Value: 6a76e1abf733ace646cf2f123e3811aa
.goldrotator.com/ Name: panoramaId_expiry
Value: 1632121686849
.goldrotator.com/ Name: panoramaId
Value: 38d7fa0f2d651bf5341cf9bb7a2d16d53938ec3cb8485056bed713f2a109ad63
.exelator.com/ Name: EE
Value: "cbfc2d79315d40f3a063d450be3f251c"
.onaudience.com/ Name: done_redirects104
Value: 1
.adform.net/ Name: C
Value: 1
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSE5KS3ZKMXc0tjQNMXEIM040cDMOMXE1CAp1TjNyNQweXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ4SX5RZvoiF9fFRSlpDItKik8F7333DwCOUSsx"
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: a2v0bq10dcjctdh3vvyslhm5
.ib.mookie1.com/ Name: ibkukiuno
Value: s=3d656a51-322e-46bb-95b2-dd009faeb466&h=&v=8960465545&l=-8585700899984804423&op=&hl=0&vlu=3&tcs=1&dcc=-8585700899984804423
.ib.mookie1.com/ Name: ibkukinet
Value: 3632492431=-8585700899984804423
.scorecardresearch.com/ Name: UID
Value: 1DVYBTDICKALZGMGSQKQQQg1631516887
.adform.net/ Name: uid
Value: 8328661342495520270
ads.avct.cloud/ Name: uuid
Value: 139b005b-44fe-4816-9c6c-5148ccdca87e
.thrtle.com/ Name: mc
Value: eyJpZCI6ImM2YTRiNWFlLWQ4Y2MtNDFjYy05NDJhLTA3OGIwZjI4NzM2MiIsImwiOjE2MzE1MTY4ODczNDIsInQiOjF9
.adhigh.net/ Name: gi_u
Value: uMCdZAyqzdC.AikABlF73fwJXg
.rlcdn.com/ Name: rlas3
Value: +l58j/qeR543hZLm7WNeSXv9AHYDv4dAaAQxIpUFNdE=
.rlcdn.com/ Name: pxrc
Value: CAA=
.lijit.com/ Name: ljt_reader
Value: 6147fc24a063b5c2409d1b6b
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-085d2984-8d80-41c0-4250-bc9a6e94e35d.F4XqEm9Iq5yGpPHCrcoOhKHkQN13VAGJkCNSGphe6Ms
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-085d2984-8d80-41c0-4250-bc9a6e94e35d%24ip%24216.131.111.143.PV3CpCLR20xmUZGvdfDDgze9UX7qipFl8OXN%2BnbGgSs
.agkn.com/ Name: u
Value: C|0AAAAAAAAKNG1WAAAAAAA
engine.spotscenered.info/ Name: PZK
Value: {"P":"2N0UfmioiibmvRtQ7iGdrVv8L8mBpM9dtxfCh0EyLfyw2fKccht6OiTHRvolLiaR","B":[],"UD":1631516888}
engine.spotscenered.info/ Name: ISH
Value: #VQAAAKtWMjQ1NTNSsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=
engine.spotscenered.info/ Name: ISH_Q
Value: #DQAAAIs2NDU1M9IBk7EA
engine.spotscenered.info/ Name: VMI
Value: 902232d2-3452-4f98-a14d-b2d544ad5f0a
engine.spotscenered.info/ Name: IPLH
Value: #VQAAAKtWMjc3NTFXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=
engine.spotscenered.info/ Name: IPLH_Q
Value: #DQAAAIs2Nzc1MdcBk7EA
engine.spotscenered.info/ Name: IPLSH
Value: #WwAAAKtWMjQ1NTOKNzc3NTFXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=
engine.spotscenered.info/ Name: IPLSH_Q
Value: #HQAAAItWMjQ1NTOKNzc3NTFX0kHhxQIA
engine.spotscenered.info/ Name: IZH
Value: #VQAAAKtWMjMwNzVUsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=
engine.spotscenered.info/ Name: IZH_Q
Value: #DQAAAIs2MzA3NdQBk7EA
engine.spotscenered.info/ Name: IMH
Value: #VQAAAKtWsrAwMrJUsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=
engine.spotscenered.info/ Name: IMH_Q
Value: #DQAAAIu2sDAystQBk7EA
engine.spotscenered.info/ Name: ISPH
Value: #VQAAAKtWMjQ1NTNSsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=
engine.spotscenered.info/ Name: ISPH_Q
Value: #DQAAAIs2NDU1M9IBk7EA
engine.spotscenered.info/ Name: ICH
Value: #VQAAAKtWMrY0NjdXsoquVgr2TFGyUjJ1cTV2tFDSUXIBcowM9S31DY1DDKwsrEyUanUIKrJQqo2tBQA=
engine.spotscenered.info/ Name: ICH_Q
Value: #DQAAAIs2tjQ2N9cBk7EA

47 Console Messages

Source Level URL
Text
javascript warning URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/banner/?code=%2B4sllsj4Z%2B%2Fh1LvvhFJunbu6QVlDBzzlS6o8seorIHU%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/banner/?code=IkQB7EwJX%2BPPGyEAGLq3zKPT5pf7soanjIqlFS5dJkA%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/banner/?code=WJJHkJnooS9lsyPdgGH6X2ofe7%2FcCUhxtpKHUQROTPA%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/banner/?code=%2B4sllsj4Z%2B%2Fh1LvvhFJunbu6QVlDBzzlS6o8seorIHU%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/banner/?code=IkQB7EwJX%2BPPGyEAGLq3zKPT5pf7soanjIqlFS5dJkA%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/banner/?code=WJJHkJnooS9lsyPdgGH6X2ofe7%2FcCUhxtpKHUQROTPA%3D, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://g.cash-ads.com/banner/?code=%2B4sllsj4Z%2B%2Fh1LvvhFJunbu6QVlDBzzlS6o8seorIHU%3D
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://g.cash-ads.com/banner/?code=%2B4sllsj4Z%2B%2Fh1LvvhFJunbu6QVlDBzzlS6o8seorIHU%3D
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://g.cash-ads.com/banner/?code=IkQB7EwJX%2BPPGyEAGLq3zKPT5pf7soanjIqlFS5dJkA%3D
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://g.cash-ads.com/banner/?code=IkQB7EwJX%2BPPGyEAGLq3zKPT5pf7soanjIqlFS5dJkA%3D
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://g.cash-ads.com/banner/?code=WJJHkJnooS9lsyPdgGH6X2ofe7%2FcCUhxtpKHUQROTPA%3D
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://g.cash-ads.com/banner/?code=WJJHkJnooS9lsyPdgGH6X2ofe7%2FcCUhxtpKHUQROTPA%3D
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://acceptable.a-ads.com/1650865
Message:
Failed to load resource: the server responded with a status of 577 ()
network error URL: https://click.a-ads.com/1634265/99434/
Message:
Failed to load resource: the server responded with a status of 577 ()
network error URL: https://acceptable.a-ads.com/1650865
Message:
Failed to load resource: the server responded with a status of 577 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://click.a-ads.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://click.a-ads.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://click.a-ads.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 503 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://a-ads.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 503 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://a-ads.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 503 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://a-ads.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 503 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://a-ads.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://bc.game/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://bc.game/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://bc.game/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://bc.game/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security error URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
Mixed Content: The page at 'https://mediacpm.pl/v.php?user=13428' was loaded over HTTPS, but requested an insecure frame 'http://cryptogpt.com/home'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
Mixed Content: The page at 'https://mediacpm.pl/v.php?user=13428' was loaded over HTTPS, but requested an insecure frame 'http://www.lama-projects.be/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
Mixed Content: The page at 'https://mediacpm.pl/v.php?user=13428' was loaded over HTTPS, but requested an insecure frame 'http://www.goldrotator.com/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://mediacpm.pl/v.php?user=13428(Line 80)
Message:
Mixed Content: The page at 'https://mediacpm.pl/v.php?user=13428' was loaded over HTTPS, but requested an insecure frame 'http://www.affiliate.mgwebz.com/'. This request has been blocked; the content must be served over HTTPS.
deprecation warning URL: https://www.gstatic.com/firebasejs/8.7.1/firebase-messaging.js
Message:
Permission for the Notification API may no longer be requested from a cross-origin iframe. You should consider requesting permission from a top-level frame or opening a new window instead. See https://www.chromestatus.com/feature/6451284559265792 for more details.
other warning URL: https://aimarketing.mediacpm.pl/(Line 454)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://www.mycrazysextoys.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://adsluna.com/page2.html
Message:
Mixed Content: The page at 'https://mediacpm.pl/v.php?user=13428' was loaded over HTTPS, but requested an insecure frame 'http://adp13a.com/redirect?sid=68682'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://lh3.googleusercontent.com/-rY6Ib-CGmJY/YG0_KvNbqfI/AAAAAAAAJOM/tTwD6C8wXwkARqxuTWZPblHM2grj0MXJACLcBGAsYHQ/s0/icon23.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://lh3.googleusercontent.com/-Rlb9TchvQFM/YG0_KmH6-vI/AAAAAAAAJOI/6xKUTCKiyiUj3IPurX8vnQAw7yb2FSu_gCLcBGAsYHQ/s0/icon1.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://lh3.googleusercontent.com/-UeKyxDBrSNo/YG0-28pz8tI/AAAAAAAAJNw/SguTI6yWztcHhVB2BUJCtxz-XAJhHUe5ACLcBGAsYHQ/s0/anh3.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://lh3.googleusercontent.com/-roKewrwWKys/YG1APyA0PNI/AAAAAAAAJOY/DUGx8KaokWs7j7YEItOufIqyOUnnqzfGgCLcBGAsYHQ/s0/logop.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://lh3.googleusercontent.com/-GXVjoiCQk7c/YG0-2zqbw-I/AAAAAAAAJN0/LHoGmaMXljExaJgtsTdiWxt_LVdmVJV8QCLcBGAsYHQ/s0/anh1.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://lh3.googleusercontent.com/-ou4mDiB--5A/YG0-2_9wtyI/AAAAAAAAJN4/gRn-60U515s2P1AxwFtcAwMODjDJjIgwQCLcBGAsYHQ/s0/anh2.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cngcpy.com/cuhdl?wh=DKOtcjBADSc_IqSwmLmXOHa4
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://cdn.tabici.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

666192.xmlfeed.feed-xml.com
a-ads.com
a.dtssrv.com
aa.agkn.com
acceptable.a-ads.com
ad.a-ads.com
adf.ly
adp13a.com
adservice.google.com
adservice.google.de
adsluna.com
ai-marketing.com.vn
aimarketing.mediacpm.pl
bc.game
bcp.crwdcntrl.net
beacon.krxd.net
c.cintnetworks.com
cdn.adf.ly
cdn.jsdelivr.net
cdn.popcash.net
cdn.shareaholic.net
cdn.tabici.com
cdn.tynt.com
click.a-ads.com
cm.adgrx.com
cm.g.doubleclick.net
cngcpy.com
code.jquery.com
connect-metrics-collector.s-onetag.com
cryptotabbrowser.com
d.turn.com
dashboard.jalewaads.com
dcba.popcash.net
de.tynt.com
digiadsply.com
display.jalewaads.com
dmp.truoptik.com
dpm.demdex.net
e.dtscout.com
engine.spotscenered.info
f.vimeocdn.com
fonts.gstatic.com
fresnel.vimeocdn.com
g.cash-ads.com
get.s-onetag.com
global.ib-ibi.com
googleads.g.doubleclick.net
i.vimeocdn.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
image6.pubmatic.com
lh3.googleusercontent.com
m9m6e2w5.stackpathcdn.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mediacpm.pl
mfk-network.com
ml314.com
news-btc.info
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
partner.googleadservices.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
player.vimeo.com
pm.w55c.net
polyfill.io
ps.eyeota.net
resources.blogblog.com
rotf.lol
s.adlane.info
s10.histats.com
s4.histats.com
secure.adnxs.com
static.a-ads.com
static.adlane.info
static.cloudflareinsights.com
sx1.josulaph.cyou
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.sharethis.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
themes.googleusercontent.com
tinyurl.com
tpc.googlesyndication.com
tr.cryptobrowser.site
tradingcoins.bar
trafficplan.pl
usercontent.one
vimeo.com
www.bitcoin-ad.com
www.blogger.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.greatdexchange.com
www.gstatic.com
www.mycrazysextoys.com
www.relationshipadvice.info
www.youtube-nocookie.com
www.youtube.com
cryptotabbrowser.com
mfk-network.com
player.vimeo.com
t.dtscout.com
tinyurl.com
www.youtube-nocookie.com
103.9.156.119
104.16.88.26
104.16.91.60
104.16.95.65
104.18.23.174
104.18.96.60
104.20.138.65
104.20.81.199
104.21.16.104
104.21.17.99
104.21.234.95
104.21.63.195
104.21.72.157
104.21.73.22
104.21.78.98
104.21.85.254
104.26.11.230
104.26.14.247
138.197.56.196
141.95.34.104
142.250.74.110
142.250.74.129
142.250.74.130
142.250.74.35
142.250.74.41
142.250.74.66
142.250.74.68
142.250.74.72
142.250.74.78
142.250.74.97
142.250.74.98
151.101.0.217
151.101.112.217
151.101.113.229
151.101.114.109
151.101.114.49
151.101.193.26
151.139.128.11
156.154.202.36
158.69.139.226
172.64.100.29
172.64.173.27
172.64.175.21
185.173.160.142
185.29.134.244
185.33.221.13
185.64.190.78
192.119.9.82
192.99.8.28
195.47.247.16
208.100.17.185
208.100.17.186
213.174.135.1
213.239.209.209
216.58.207.195
216.58.207.206
216.58.207.211
216.58.207.226
216.58.211.2
23.227.137.50
3.125.99.7
3.221.87.95
34.120.202.204
34.197.192.192
34.223.168.126
34.253.111.115
34.255.250.31
35.201.103.0
35.227.248.159
45.15.27.99
46.105.201.240
46.228.164.13
51.144.7.192
51.161.15.93
51.210.112.63
52.208.138.90
52.215.191.146
54.164.83.247
54.74.18.91
54.76.25.53
63.251.232.170
64.58.232.176
64.58.232.180
66.155.71.150
69.16.175.42
72.246.100.56
75.2.13.80
76.223.111.131
85.114.134.182
87.250.251.119
88.198.195.3
94.23.2.199
99.86.116.102
99.86.116.18
99.86.116.25
99.86.116.26
99.86.116.52
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
007ed6ed7109ab63ddc0c8d00203e485a8fd7e4d06af35ec9d4f1dc3e8c818a0
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04b05136db23da5e7626847e5ddb07b830ee43d3910e27e9776b92990a789582
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
0708aabb36f4cb66b4bef3ab9cd194cb1a257cdee3213e652147cf4035022421
07deb066fa883daffe7d0a7b3ee5cbb65bc1c1abe6ec69fc63192149498a2dee
083190c4f1d80f18209ed4433ed3dba0c87f3a7cb4513e6813df7fa1db1144b1
085269f30c091f6369961a7421156547365e3b13e3a70b329d1ad600d6963113
0929bd49017bdbe79f832bfde8588a9068e34ed4bc838c5339934bb0acb6dcdd
0ae994aa9611e8319e3ae009747d9a205e7e074e5358e333894c7f80b7b4da45
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
0ed0d06751f3d219974a3113a383b5ac140296b7a2e8efc14ae18f7741082eec
1368d75ee5fe253d7d899d4674aa73d81a0d4b5339435e4dd2fe3268256f0d33
13ae7e5a59de6cef3c3cedeaa348b17157b3cbc2b1bc9607c6d84ced4d137269
1599aa265cd8d84b21db5660f33fb4d13b2c7a76fbeb7b457326d3d9df0ac65c
15e3af36c0b3a9a1acba9c736a47776722e065004fd0697a1f08b0005afc9f57
161351615ac31efe9ba038b2aa64c07faa624f70ae641477fa6622083f8ca0f1
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1909f7a0987737a889c32edd451793c78d8f2ec88ac99dc024d3999ba97a0b85
195be65a93adbd9ec192508ffecf4950dac9676534a8084afc2e8c7ae247d21c
200077eba2d5dbf25783bf878e03b8da44fd2684ba9591cf7ba629f40b46ba15
2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326
21bf415bff7452c3ca9d2fd6b7afa9156844757a7802193acfb5a6c0d2621a81
221679fa13b2aa0610233ec6bdb134312d0cc7b6ed452d861a758da831c915e7
255c9d8c86e9ff143d05233330db8bfb6a04196b5e2600561e10ddba4678466d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25d96cc434b01b3b592f29f2fd5c6bf2e678c0e84530936e5b4c3d3f55576f25
279a15eaae136a15f92085047a7eb7dc6b4f1ccdd22153f17b9f6e367d02eeaa
2809da1dcd6feadcaa9839e11eeed0e3398ed03996eaf3b0d1e775bb9be2d26f
2a73c6e6b96ff3a9c1c878325e74fbf39cadab5e3b969be3c06c758ee53e432c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e31c9bab999580b0a194dccb45a2f79378237ef53082e01ea3f539976c8780f
2eded2f73ee8300f26f93a0b1965e541aa07206e3345e57f7a208426fc840382
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fc2aceb73705d3af2edde0c44cf0971a3c85e2846e83b3db7a8fbf9de457563
305e7dd2cc4dc389f851cc9b22ebe3b15167a4f8d8166b7002bd0cc63db6ce8f
30cb74ff6d46df3d19838113d642371c2f67a48b43a30922b510d5af41610b10
3128026abb74a5f03f49d98d581a843545bd02efcc594ebe8741c30551f9dab5
31516d62ef17249b8a8b275a4eaab2fd9f21f573496da31371266038c4214144
31b2f942258a4215e74331641c99e36b0797ba0f90eeca8b6d3424c4e19a4a48
32284426dd1a0f77a7877448bc7fdc84843939c30d155b4c62d5fe0cd14c68a5
3439f40df7ad4714cdd5695d237ce23f6d17b56cf1600a7c8fe4c6616b5353e3
3442ae37457e81e92f7a992de4faed603d2befc415bd19f2d78c964469f81930
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
34e54ef72a1911e980a348e078be8ce3f187136b64f1b30b7d39c8e8bb910a26
37d64228463d1a0c1276a2f6e8118a7a34b3b6871b9ec362000d589894c94cde
3bcb2b137cef71af95b45a6f40b3ac7e508d164e4782a131691fe1bbd271a7e2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f388d523e8376ab53f40039d261de1fe0b337e566ce2a6c5a22c767ee460774
3f56e85da8c5cc11bda6826f875f1fb01e453a7a6427b4a3d06cedaba4d215af
3f8b51d5d6b7b6bfb14c70557e860ebe136a025bc9f35683542f855441a0fa43
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
43235502435ccc0b352e0e9189abed6b6b39a8b2b0ff8627d6a3ab834e1c64bd
4378b3e7bcf530a0a8d366c0017e5bc85a08147d0f89b3fd72d7b9297cd9e97f
44a06f9a8602e353caef718985cb92dbea7188ba55070d542a4817e33ff41ede
46528896adb21ccf3fb71d5105426db63aead7f3e3a7731e6a284a74a02e8be4
46717c032f82e2316c694c6cb20d63d109954cc77e1aeee251dd5b1591915716
47b4624dac711b00f5f541390699b1d953ffd5d6f1944a23c5c5627832bce59d
484d2fe1db9c40ab67ee9bf4a151732956f616fde9c879c8b7c562edc9544491
489a22549db424135319b340e22b8a6de861c9eeb0d68d600770f6fa800769ef
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
4966cb23ef6dfde265440bd81a088c92d6b0a47a5be6e096e005dc8ab4efc671
4b67d948e653f56aa7bc25cd403afa4fe04bafa3d8f3399ab0b84d96f1292259
4b70532866c82754d014a36f60ff5da196dfb5ea9b435e101251c97d5f765cf7
4c23e2ad12be1e72417e5a5eb5cddd1d5d28b4afdbdb1107dc7470ae458ea59b
4d1bc8ea5eedb2f62d2ef10cc7b07b952336d97c582f62433d70120858ae459c
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5003785298ca24466e12d6f3056d3f163ebcb104d6a3245f5e9ea7216377d8a7
501ba1afa440dad02c2a931cddf6c9348174332b25fafd900264a92a11b8e152
526ecaf8fbd157b776733e40cd4e3af19fb4185e081f72d27284026138cc30e8
52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c
52aa3af6b42f8e24b284596e6a28751a908066bcc1f4d2767252682be8ff87b4
52f9d4474b57f290761a0a855c365812e98bf770bbe44cd7d6df96a72a5c8b51
540b5be2b05010cda2423355e9068d0114d2fb7cca71fdf18e15f3c92c07db16
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d910ce193acd5e673d7a94ce23371b223bb0eea8bcb4d1705bf7770ca15e38
55b39bdfbc1845ff7f8dec7f508ceaced7115c594b4454fcbd17d5ff4cfd32bd
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
597f331d06dd9fc93f45c4ba20b0e24af778d442e512b1a915abf6946fc8dab6
5b28fd34a4d0cc2d8d163b86d14a38c796d1cfe95afaaf253343a5bc474fcfb3
5cf5a451fa81f45d9dc9c072f357f43677d5a584c8fff498b4a8d7d8577b5935
5d680885a5d08bb72ad1e88d007cfcd27ce0b79e3d917cbacaf6aa20b508aed0
5e87d2b62ad984e7dc4a572378f053a8be0b98e71d54932532e07c40cf68a289
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
62d28870303ab4db7b864138bcafd63b3351675b69bdfb520e874dc307fb9e0c
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
6619e59f923305ba4081bdb14814afe98b8563b540447a0d65561455d4c19ef1
697afb3838e114389244d448f188d9c3ecbcac43561af068e2b8d9e8ad05f621
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6b2fa831bbef342d64b25582f981c24dc9e6d77fc7b013ca635864b8dd40da73
6e2634227c5906eeb2407f03baca83b584545a730421f902e914da937f6b6aef
7012169c5d011e7a6ba2571b8715b41ed261ef85fa32fe4ff0b334bd1c4caecb
73489d9071ef40a1fdce399ee4faee08addd584314f4eb9a82d2f65d2af541a2
73ada3130e5eb7e05247e6b7b7085672097241f7bc81b5d531663f82c9203967
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
7445e8309a2743c26ba9acca938beed86cb780a887cc578f81ba7633deedeb57
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
7650775bf4e77cfcca2dfa5fdf6ef03bb30036424839a986f6a7b4fe4bbc3e78
77704840fae3c26e156f8a43a8b9851a0737205568a6d00075de579ad327e019
78e61005e2e726664f75289aa628502a8d5b778028d7a20f5801fbb54a5ecd7a
793f74260ee2e569cd18a2d804a4683a35489aebc7c3a9eda3fbed602e7547dd
7998fdc70409b584aaf012c1ce11ec0365cffd6881f112d926afda280180f6ed
7a2d41d6f97271a49672b50d97709de6d97c6c6babb7ccc2eb16003692c93c73
7a5d67fb3fda34696e359be1444e2f0672e8d74ee1c41f55e3c6c226dac512f0
7dd9ffdbb2c792348e6bdad92b509ed85a88b07f89e97632cce148b7b1e78083
7e8d29607f969ca73328db10dc3495f210f83efdd0c13fe2ce22100b6f2fea52
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
7fe57667b71762bb90bd4e679374aec63f7732f896e8109bb351084e07773253
80ad0cb0bed455b29d573fef2b07a04814e1129a379141f7b970efdcd4eb9059
814c75a8279e7a7db7e42fd516710b10fdfbdf3089acbec7411fb968a99d638f
83115a9457b2f1c2ec643c52232d2f5c47023bf4ec359a7a83e6cc2fedb127ef
84342812515333ea02bbcc817b5cdea1c54303b26e45b4183a742fbb410f11b6
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca
8bd8fd000352ffd93afce21b9264517cd30bc972c5ff8043ea655ac4fccc5d5f
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de531e0c8c89678745ec98b7a8748cee307694e0098e032ea1e0d47826fead3
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
8edaa9777a4af94afe813104c64c5744e8d8a43c8c8b7a326d5daf9c99479602
8f3b6d4df4e5c113797c3c10522eea8b78ac7451586915073259f6e0c63db334
8f71be43410464b552463b9fc74aa5aadc89ca5655756333de499bff49206e9b
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
919a34024fb3cdd165a351cbc087d5698a39525a803f9ce96b149883c29b1773
92d359364a4920990f0409fb7cedabd7fa1e9c6528b9c117e4e23fcb5afe2ef8
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
932e0727ba57162cc6a3a2538c10696ef9b70b6948ef8d05d0ccf593bba5ffd9
9381d39e680065bae76712b562f4c755b3f2fc51343e079a2a8cb91c1617ba52
943751cc42f9fa3f4fd41328ec1202bdb369e0c3c385e26b254284483c4ad149
94d4e838dd16caead3b96d01fb499f03f4ee6ea1d8ca2a0b33132febad4151ed
951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
967ddbcc85d2c1c53b40930d8f31e8f85b28ba5e1b5cef4ac6ef7bd200fd5a95
96e61209b1c1fff1abe78fb763fbf093a04e6e992dc24b299ab1c4c5f4272f16
988ed4ae36747f2f5cc6d07c9414cc331be7da4309ae70a3d57a78407dc8b1a8
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
99b4ed54d4df0583a1d004eefa246ef679290315b01c11edea482e06b58291aa
9d84281739b46009a840a499d15b091b8a59fdb1c3fb653ff1c15c7125edaa74
a0d8821b66d12ba53d25ea2ffd69aeb51eaf9807a26712909f573736f8a16d56
a192e1ed253d730c89e744d59e4b39f25f6dab5bc963e2129a5cf39e8f5a15f2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a76f2fb2a72b720fe656187edcf8ec071d72c251f398d4ac832eca23bd0e0bc8
aa34b83fd19d4b67f0b46a3f634b022f3f9d90c81b5362867a577edee8e9617d
ad82748c4b8df804abe12f35698e508ca0148acd7fc0ab07b5238da368c5147d
aec654e35e955d62a4f0e92ae99b698d84d299d17179caf0d7bd46be4c609b3a
b01205a82e63f3bfd8aa9dd8390a1fc7dcc91e9ad05ad2a8c0ae1d5788829c84
b029f360f627fecc151c9aa1a4f2cc1f3629ccd2f8fa4dfff382a401e415bfc3
b0d8daeaba9b5a1f9ae1a8a9068da0a5cce4464a49c89117a1617bd8da4f47eb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e04b81ef69615f4c1cde4ef37bd867fa8556237183b0339b766af54e13b1e8
b4d058a2392da692a81ecce2d5e0afd3be83e282bb1c3f8a76f7bb75e44ca6b3
b6d5756a976666da152bd211229f702975641d3f1f6ba1a9e09c66d6bf572c2c
b76f0550732cdf48b5ae9a40f73e70b3855909ff1a1ae362eb5d28b04952da7e
b778afabbd05c267dfed62cee70a595dc9397dcb121e375f56b5343ad37f017d
b7ea706f69f9ae9de66274d847149b537915f4a842130be13af08ec0a91e4609
b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93
ba07ef2168673db7fa877c989c3f1650a332d6dee29abd12671a761c82ac05e7
bc336068336a59ac6965a0f714d112c4ce94b52057b941124af0636dfad65c0e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf274e9e27aa02da6ab16c8d6ff1d89ceb222b7e862c6d24a7eeba828810846e
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c0c6268bea879ab718cd35393b0ac9f2f9393b47a024d1deae2a0623c2c1b79a
c2e88497c9c1790bf661e70d60a6aa07fad64f331172c61753f1cce0c7a04e3c
c334c496e0dca99d37eaabf0e3a251080618ac108eb3b782a43071c6ab7fca3b
c361d31e923c45db375c6b0ab21cf0c590abc89eb3243022dd67b47797c46556
c4d471447f92711025507b88a1a5ea20db8d2aa73b1c7574c5375994ae46e076
c4efeeb957e361500bf19ba26282beae1a8e4083c5ccff10dccab2eaa09acd45
c83f3877325e989f9fe003438e17bda24d6e7b0280c96f35e25c9543b5250fd4
c96ac812fc81ed76e587b9eee9a1496a145035ee14b2663b1c77ade1d867f17d
cb0fde09218c8e13e30efd007a8ce2bcfd68b2e19a960a643aefcd975f907367
cb74591fdccf58f4c86347f0d604394585cb7037016a053947d0665cf54cd86b
cd5effa5741d9d26a830fb2d74340c1d3261271af626e2d506babb3f7a4373a9
cf1cf4db10fdb8c31fe5818b78725615feb38fa12e6ede86ea901e277d7f83bb
d069b57221d407cce7111787799552c6dc186bdb108050b560328733f2519ea7
d10e141019db4e8919e5bbcbc07dd6d2d16705aea6f43e53122c0d97ed5a1bee
d13c1e98de57589930024cd422a0888bf701841df65766c148b8bc3085b50a84
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d21fa7e50c17f60e8e08f3910892f0d673a77cd0d9be2d2387fd57fc1a010824
d4d577f41095fadc22f4d3df64c84db9366992f2556f131621fa331427cb25b7
d4ea45c56f1f6fcb94369655fa8a84275ee89271c3dde5e7cb5396d559bd509e
d7c31539215ccbd19344b1dbb96d913a6865122160471cd2dabf3fccb275fbb3
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
da588f64f4fbfd746d132775505493b244ab8d6800def6413f9f016f90257454
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
dcb6fde84aa7cace22128e8df350ada3e9e8192f50f57205cc1f4519935e6fbb
ddf6b2c57c9e35c90dd384d73684cf9440fd906debc6183eb0dafdcfdf4c620e
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df9d314dd8e640438b66277f94235ee94129f1b3e08b4d641b8d5009fc4ebe8f
e0d0b201399b2e698eb95459e993aad4a38d350392454f9238fb871c8dc4dbb4
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e1e1af3423ce1d04e1f0897ee70fa5e1b4306a0fa8b5af61877ac4b17d9e7eb6
e224c53efa192c124b80d96b2d732fbb3771f8cb7643a64308942115f3a5728c
e2e45e62ed03a23a91e8ece2ea0508a82c19d873fb3d99c13fb3f5565dc19afd
e376b4d5b71d75bf9e226e642dda173dec49b7c47d74a4ed38f0f7309152950e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9
e4663b5c7b2a94e780c8982d0e678ec0d5d0d32270c40579ed81393d6dd74fb5
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
e9b844b33eee13abadf0061aef7dea25c8b5d0a8e1ce8799a2a1e1545c933b72
eac64365f691073d4103638d8087cf35fd9e91fb0f5b2f7a219ea2bc39f782b5
ec0118b25ce823d082675143af3b5661bbdca0615e74caddb64677d6da72b8c6
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39ee47c81ceb4f65b3ef2ef48d16b50e6184adc5d48e7f8c257468f1e120e1c
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
f7936229441aa3c84bbd8f9978b2c27e35e6c2da2f34b078d8546f1818eba7c7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9ea3a4daa69c5ae6797d3ff9766922bd40472c5289102b566450625158f36ac
fc056fdaa0ca329785bc4cb547df0e00530fe88777a5faa6ab0973c4d1253d2a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fde48cf135998859ebee11df2185c746ab3fe43e9e2c5e18e450f2dac358874f
fe148cbdf6f6f75b0042f4c7ebee98d63cd38e4c046c12801466d1a86469f818
fe56e1283d0c66df2e226021d45c2d338b70c727dc25cd7457e469340f721193
feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffdeb931791f6ca7631e5b0d8ee8ac776f71b510d0ba77e30e1b8b009001b85c