urlscan.io logo urlscan.io
SecurityTrails logo

lucifer.atw.hu Open in urlscan Pro
88.151.96.4  Public Scan

Go To Rescan Add Verdict Report
URL: http://lucifer.atw.hu/
Submission: On January 03 via api from BG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 59 HTTP transactions. The main IP is 88.151.96.4, located in Hungary and belongs to ATW-AS, HU. The main domain is lucifer.atw.hu.
This is the only time lucifer.atw.hu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    88.151.96.4 (Hungary)

ASN41075 (ATW-AS, HU)
PTR: users.atw.hu
lucifer.atw.hu
f.atw.hu
users.atw.hu
4    2a00:f820:425::3 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)
rf.revolvermaps.com
3    2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    94.125.176.29 (Hungary)

ASN41075 (ATW-AS, HU)
atw.hu
5    66.147.232.32 (Clifton Park, United States)

ASN23535 (HOSTROCKET, US)
PTR: rotate4all.com
www.rotate4all.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
13    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
scontent.xx.fbcdn.net
connect.facebook.net
2    52.117.55.80 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 50.37.7534.ip4.static.sl-reverse.com
www.easyhits4u.com
1    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    52.117.55.82 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 52.37.7534.ip4.static.sl-reverse.com
static.easyhits4u.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    52.117.55.81 (None, )

ASN- ()
page-creation.biz
Apex Domain
Subdomains		 Transfer
11 easyhits4u.com
www.easyhits4u.com — Cisco Umbrella Rank: 480390
static.easyhits4u.com — Cisco Umbrella Rank: 496533
419 KB
11 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 548
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 249
157 KB
8 atw.hu
lucifer.atw.hu
f.atw.hu
users.atw.hu — Cisco Umbrella Rank: 540928
atw.hu — Cisco Umbrella Rank: 274530
252 KB
5 rotate4all.com
www.rotate4all.com — Cisco Umbrella Rank: 624804
43 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
ajax.googleapis.com — Cisco Umbrella Rank: 520
32 KB
4 revolvermaps.com
rf.revolvermaps.com — Cisco Umbrella Rank: 142234
11 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
37 KB
2 page-creation.biz
page-creation.biz
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
88 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 163
43 KB
2 gstatic.com
fonts.gstatic.com
59 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
15 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
441 B
0 lltrco.com Failed
lltrco.com Failed
59 14
Domain Requested by
10 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
9 static.easyhits4u.com www.easyhits4u.com
static.easyhits4u.com
5 www.rotate4all.com 1 redirects users.atw.hu
www.rotate4all.com
4 rf.revolvermaps.com users.atw.hu
rf.revolvermaps.com
3 www.google-analytics.com f.atw.hu
www.rotate4all.com
www.google-analytics.com
3 fonts.googleapis.com f.atw.hu
www.easyhits4u.com
3 users.atw.hu lucifer.atw.hu
users.atw.hu
3 f.atw.hu lucifer.atw.hu
f.atw.hu
2 page-creation.biz www.easyhits4u.com
page-creation.biz
2 connect.facebook.net www.easyhits4u.com
connect.facebook.net
2 apis.google.com www.easyhits4u.com
apis.google.com
2 www.easyhits4u.com www.rotate4all.com
www.easyhits4u.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com f.atw.hu
connect.facebook.net
1 stats.g.doubleclick.net www.google-analytics.com
1 scontent.xx.fbcdn.net www.facebook.com
1 atw.hu f.atw.hu
1 ajax.googleapis.com f.atw.hu
1 lucifer.atw.hu
0 lltrco.com Failed users.atw.hu
59 20

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
atw.hu
R3		 2022-10-17 -
2023-01-15		 3 months crt.sh
rotate4all.com
Sectigo RSA Organization Validation Secure Server CA		 2022-08-15 -
2023-08-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-13 -
2023-01-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.easyhits4u.com
R3		 2022-12-19 -
2023-03-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
static.easyhits4u.com
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
page-creation.biz
R3		 2022-11-19 -
2023-02-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://lucifer.atw.hu/
Frame ID: DCF29A14FB9C821B4389B7AAB51929A5
Requests: 1 HTTP requests in this frame

Frame: http://f.atw.hu/reklam.php?ad=lucifer&kat=16
Frame ID: 160FCF27766C3EDDF6966D824FA69103
Requests: 8 HTTP requests in this frame

Frame: http://users.atw.hu/lucifer/
Frame ID: 10FD37C31DF74B8B4397ECBA869679E5
Requests: 6 HTTP requests in this frame

Frame: https://lltrco.com/?r=lucifer3650
Frame ID: 103DB02EB2B7FAAF82E306BC834E539B
Requests: 1 HTTP requests in this frame

Frame: https://www.rotate4all.com/ptp/promote-9133
Frame ID: 6C31AB9113211389003E2B0F09A75DC8
Requests: 7 HTTP requests in this frame

Frame: http://rf.revolvermaps.com/w/8/a/a2.php?i=51h8trwz234&m=0&c=ff0000&cr1=ffffff&f=arial&l=33
Frame ID: 9C980FB885ACF422DEAFE60EAB8468AA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Frame ID: E94F7758563816B9E4A388642E127BF3
Requests: 12 HTTP requests in this frame

Frame: https://www.easyhits4u.com/splash/?ref=ryan102383
Frame ID: FF85254FAE15EE3D0E4364DA53B9288C
Requests: 19 HTTP requests in this frame

Frame: https://page-creation.biz/fb-button/?ref=ryan102383&splash=1&id=50
Frame ID: A59BDF5AC942F8C1F1756A4B1B7FD5B2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

lucifer

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.revolvermaps\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

75 %
HTTPS

60 %
IPv6

14
Domains

20
Subdomains

16
IPs

5
Countries

1160 kB
Transfer

2268 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70 HTTP 307
  • https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Request Chain 16
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 27
  • https://www.rotate4all.com/go/ptp HTTP 302
  • https://www.easyhits4u.com/splash/?ref=ryan102383

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lucifer.atw.hu/ 		532 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
http://lucifer.atw.hu/
Protocol
HTTP/1.1
Server
88.151.96.4 , Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
users.atw.hu
Software
nginx /
Resource Hash
a4831caa9c240ec0454690cd8304cbeae209085c4c92ddf2e0f70fe71b4f6602

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 03 Jan 2023 19:24:45 GMT
Server
nginx
Transfer-Encoding
chunked
reklam.php
f.atw.hu/ Frame 160F 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://f.atw.hu/reklam.php?ad=lucifer&kat=16
Requested by
Host: lucifer.atw.hu
URL: http://lucifer.atw.hu/
Protocol
HTTP/1.1
Server
88.151.96.4 , Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
users.atw.hu
Software
nginx /
Resource Hash
fa61d21aff217a2e1d5ff56ff8ca264a44c6d340e6d8272a278d70ec439936f3

Request headers

Referer
http://lucifer.atw.hu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 03 Jan 2023 19:24:45 GMT
Server
nginx
Transfer-Encoding
chunked
/
users.atw.hu/lucifer/ Frame 10FD 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://users.atw.hu/lucifer/
Requested by
Host: lucifer.atw.hu
URL: http://lucifer.atw.hu/
Protocol
HTTP/1.1
Server
88.151.96.4 , Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
users.atw.hu
Software
nginx /
Resource Hash
da959a60135ea90bbbbc4b5ca92ea1dda478c8e0e5fd86c7d023bd785ad7a00a

Request headers

Referer
http://lucifer.atw.hu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
1867
Content-Type
text/html
Date
Tue, 03 Jan 2023 19:24:45 GMT
Last-Modified
Tue, 03 Jan 2023 18:19:57 GMT
Server
nginx
eh4ub.gif
users.atw.hu/lucifer/ Frame 10FD 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://users.atw.hu/lucifer/eh4ub.gif
Requested by
Host: users.atw.hu
URL: http://users.atw.hu/lucifer/
Protocol
HTTP/1.1
Server
88.151.96.4 , Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
users.atw.hu
Software
nginx /
Resource Hash
b5c11965e68c253077f706c03eba51914eb73456a6144ea9458a06ca7c62cce7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://users.atw.hu/lucifer/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 19:24:46 GMT
Last-Modified
Mon, 28 Feb 2022 20:53:22 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47477
Content-Type
image/gif
eh4u.jpg
users.atw.hu/lucifer/ Frame 10FD 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://users.atw.hu/lucifer/eh4u.jpg
Requested by
Host: users.atw.hu
URL: http://users.atw.hu/lucifer/
Protocol
HTTP/1.1
Server
88.151.96.4 , Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
users.atw.hu
Software
nginx /
Resource Hash
13f4e0ac81a3a796f4c43f68097d9be5eaed52338a12005f8774da0b8533f4dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://users.atw.hu/lucifer/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 19:24:46 GMT
Last-Modified
Mon, 28 Feb 2022 18:56:26 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67819
Content-Type
image/jpeg
8.js
rf.revolvermaps.com/0/0/ Frame 10FD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://rf.revolvermaps.com/0/0/8.js?i=51h8trwz234&m=0&c=ff0000&cr1=ffffff&f=arial&l=33
Requested by
Host: users.atw.hu
URL: http://users.atw.hu/lucifer/
Protocol
HTTP/1.1
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
52f3c7b61f178c5e0537cfa9131a54b2a12bf3fb612bc9f649bedb830527bd2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://users.atw.hu/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 19:24:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Jun 2017 10:53:18 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=4, max=100
Content-Length
948
css
fonts.googleapis.com/ Frame 160F 		1 KB
931 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dosis:200
Requested by
Host: f.atw.hu
URL: http://f.atw.hu/reklam.php?ad=lucifer&kat=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5a30a9883ea623accb1598b9802c7b949c167b0352800a4a9f7d1c803ebe479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.atw.hu/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 19:24:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Jan 2023 19:24:46 GMT
animate.css
f.atw.hu/ Frame 160F 		71 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://f.atw.hu/animate.css
Requested by
Host: f.atw.hu
URL: http://f.atw.hu/reklam.php?ad=lucifer&kat=16
Protocol
HTTP/1.1
Server
88.151.96.4 , Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
users.atw.hu
Software
nginx /
Resource Hash
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.atw.hu/reklam.php?ad=lucifer&kat=16
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 19:24:46 GMT
Last-Modified
Fri, 01 Jul 2016 12:52:04 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72259
Content-Type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 160F 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: f.atw.hu
URL: http://f.atw.hu/reklam.php?ad=lucifer&kat=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.atw.hu/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 21:44:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
510002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 21:44:44 GMT
atw-logo-3d-md.png
atw.hu/img/ Frame 160F 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atw.hu/img/atw-logo-3d-md.png
Requested by
Host: f.atw.hu
URL: http://f.atw.hu/reklam.php?ad=lucifer&kat=16
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.125.176.29 , Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
Software
openresty /
Resource Hash
d781ce5460d38648aa488ca9ca818b451552a3ab77de1c79434c87942a0c752b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.atw.hu/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
last-modified
Mon, 13 Dec 2021 07:26:22 GMT
server
openresty
etag
"19b1-5d301fd522380"
content-type
image/png
accept-ranges
bytes
content-length
6577
x-xss-protection
1; mode=block
magicdental.jpg
f.atw.hu/ Frame 160F 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://f.atw.hu/magicdental.jpg
Requested by
Host: f.atw.hu
URL: http://f.atw.hu/reklam.php?ad=lucifer&kat=16
Protocol
HTTP/1.1
Server
88.151.96.4 , Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
users.atw.hu
Software
nginx /
Resource Hash
04fa159466f336ce6e0fd46d08d2891b0d40b1af7e25c7bb57a7252abbeeb634

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.atw.hu/reklam.php?ad=lucifer&kat=16
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 19:24:46 GMT
Last-Modified
Sat, 23 Oct 2021 20:14:44 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53292
Content-Type
image/jpeg
/
lltrco.com/ Frame 103D 		0
0
promote-9133
www.rotate4all.com/ptp/ Frame 6C31 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rotate4all.com/ptp/promote-9133
Requested by
Host: users.atw.hu
URL: http://users.atw.hu/lucifer/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.147.232.32 Clifton Park, United States, ASN23535 (HOSTROCKET, US),
Reverse DNS
rotate4all.com
Software
Apache /
Resource Hash
cbf8aee8d21d41c084d2efd0698775494f4eb0e067ada522b8aad65e110ae8b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://users.atw.hu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
3334
content-type
text/html; charset=UTF-8
date
Tue, 03 Jan 2023 19:24:40 GMT
p3p
CP="No P3P policy"
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block
c.php
rf.revolvermaps.com/js/ Frame 10FD 		43 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rf.revolvermaps.com/js/c.php?i=51h8trwz234
Requested by
Host: users.atw.hu
URL: http://users.atw.hu/lucifer/
Protocol
HTTP/1.1
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://users.atw.hu/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 19:24:46 GMT
Last-Modified
Tue, 03 Jan 2023 19:24:46 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=900
Connection
Keep-Alive
Keep-Alive
timeout=4, max=99
Content-Length
43
r.php
rf.revolvermaps.com/js/ Frame 10FD 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://rf.revolvermaps.com/js/r.php?i=51h8trwz234&l=http%3A%2F%2Fusers.atw.hu%2Flucifer%2F&r=1672773886365
Requested by
Host: users.atw.hu
URL: http://users.atw.hu/lucifer/
Protocol
HTTP/1.1
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://users.atw.hu/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 19:24:46 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=4, max=100
Content-Length
43
Content-Type
image/gif
a2.php
rf.revolvermaps.com/w/8/a/ Frame 9C98 		24 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rf.revolvermaps.com/w/8/a/a2.php?i=51h8trwz234&m=0&c=ff0000&cr1=ffffff&f=arial&l=33
Requested by
Host: rf.revolvermaps.com
URL: http://rf.revolvermaps.com/0/0/8.js?i=51h8trwz234&m=0&c=ff0000&cr1=ffffff&f=arial&l=33
Protocol
HTTP/1.1
Server
2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software
Apache /
Resource Hash
a5370aa7ec1aaa3658b68a3d731bd916885a28b252a3528c24a7b17325c8299a

Request headers

Referer
http://users.atw.hu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
public, max-age=2592000
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 03 Jan 2023 19:24:46 GMT
Keep-Alive
timeout=4, max=98
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
likebox.php
www.facebook.com/plugins/ Frame E94F
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
  • https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
39 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Requested by
Host: f.atw.hu
URL: http://f.atw.hu/reklam.php?ad=lucifer&kat=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce5925958d1f39af84f6f5a1f9915285034539ed0b7779a57939c0d3bf619ab5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://f.atw.hu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 03 Jan 2023 19:24:46 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
08T67GJ0ZleClRaew4NUu0SZZQ43K6Zsm+wMHgFnMMhVHrp7H8RXMJgeiM+/fUgKcGCJAZmhMDxc2nHGZPaRHw==
x-fb-rlafr
0
x-xss-protection
0

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Non-Authoritative-Reason
HSTS
ga.js
www.google-analytics.com/ Frame 160F
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: f.atw.hu
URL: http://f.atw.hu/reklam.php?ad=lucifer&kat=16
Protocol
H2
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://f.atw.hu/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 03 Jan 2023 18:39:05 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2741
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 03 Jan 2023 20:39:05 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
HhyJU5sn9vOmLxNkIwRSjTVNWLEJt7Ml2xME.woff2
fonts.gstatic.com/s/dosis/v27/ Frame 160F 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dosis/v27/HhyJU5sn9vOmLxNkIwRSjTVNWLEJt7Ml2xME.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Dosis:200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8aa25012ffbcdbc1f3e5d041c6a1f9ef9c75dc58763e395f3eab0eac2713ca96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://f.atw.hu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:55:35 GMT
x-content-type-options
nosniff
age
566951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14604
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:23:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 05:55:35 GMT
jwej-BxaN7V.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame E94F 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/jwej-BxaN7V.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
780c3b6723f37b3697aab869234e6b6321f72c7d0389fedcaca432c2301a4b9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
V0xDcnuOoyqRF635G9aUxA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5206
x-fb-rlafr
0
x-fb-debug
ehDs2WdPUdO9+AE22VsUMMuxEE8ccwRPrP/iVm939w66Hoj/qRgs49yxJiqt58WAM3EqXi8tFL53+OMJssM+yw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 03 Jan 2024 16:41:51 GMT
k9frVvgZWTr.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame E94F 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/k9frVvgZWTr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q6bCky1+00PrRbx3auADnQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
833
x-fb-rlafr
0
x-fb-debug
b2yHkQwvtWEPlg6ZR4E3rs+gpfTIjml9R2tE3nifFOzTWEmerhiNgXnpE92F/uv57VH0mtCbJMuBpRXNaOe1og==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 29 Dec 2023 15:27:29 GMT
Qzn2RIyQjXT.js
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame E94F 		305 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Qzn2RIyQjXT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08bd4dabba430e39f74aa9770bfafa097db6326d0d5593e841d7f2d4a801dad2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KrVT92UrAudZwVhYX85qpQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
82832
x-fb-rlafr
0
x-fb-debug
CmoUJDXXNefV3Q4eBKyKjMuBf1L3D+UWNAUEmOmKUXGknwv1+cZvzF0j+pHr7kcC5+7/VVvPr2rSFcllvt4Ilg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Dec 2023 20:05:54 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame E94F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
koakLGY1v5R2GWTxsSnA3g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1615
x-fb-rlafr
0
x-fb-debug
k24In7YtTC0lTM11wv8/vTZm/viWziNGFz4sXJP5NUjf+Amq/3sC1CllBaUpTnGKDRv6U+wHn24BKU1e/AFBtw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 29 Dec 2023 01:35:30 GMT
8LoDHCcRMmF.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame E94F 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GtFa/ANPMQQnyBsHWWA6Kw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12334
x-fb-rlafr
0
x-fb-debug
HgQe1kFIPVWoMR/ddokq+u2Fs79VYiM0U8uLy7HY7eTitsP151iYhqTsBPjg2JbZBVemYfNfEDk+qqD9izThIw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 29 Dec 2023 13:29:04 GMT
bPhRbIw5d4Y.js
static.xx.fbcdn.net/rsrc.php/v3/yR/r/ Frame E94F 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yS75TjCi3ZRz/Z/lM0crcw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16232
x-fb-rlafr
0
x-fb-debug
+EkNuky58kfhUUrwb8YQ88PTFDcK5Ckh0Gd16CcMyJSJtSBAij3i1yVLLLHdco1XmvYdb+UtxxsOspDMHV7rAQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 21 Dec 2023 16:16:46 GMT
ACK0uX4zgFf.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yh/l/de_DE/ Frame E94F 		84 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yh/l/de_DE/ACK0uX4zgFf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
295bc4a2c23d860dc335f59bf84004856e60ae4adeef8db4d861ab335424aaab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aXEGkfRhOT5ohoEuJDFCgQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
23580
x-fb-rlafr
0
x-fb-debug
lekEhhpHSbeKrtBxf+mG6otK9Tcoy3Az7ZkHsWHd1WLb3gbUsWMGN4rBVJikexpMmMvY3MSWc/mf/v8skCeupA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 28 Dec 2023 23:05:53 GMT
294189243_483866117075107_5518724420108468693_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame E94F 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/294189243_483866117075107_5518724420108468693_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=100&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=COy_VbYLELYAX-17aEI&_nc_oc=AQl0DIEUp1QSaWjJqU0n9J9EZhDNqZaS0e2VmPsCGAWb_lyB7C-UrYuq6MUsw0HLBnc&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfDnoBy9YU9gwfY81d4ogMR2OcI4PDLIEKw0dXIqKB_F0A&oe=63B91718
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fatwhu&width=350&colorscheme=light&show_faces=false&stream=false&header=false&height=70
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39a310029a37135b3ca4db26de9a7461d60db41a898df5a1aa5a043589e744e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

x-haystack-needlechecksum
1851499736
date
Tue, 03 Jan 2023 19:24:47 GMT
x-fb-trip-id
917726464
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Fri, 22 Jul 2022 22:37:58 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=4142067398
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3812591591
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1528
ptp13.min.css
www.rotate4all.com/ptp/assets/css/custom/ Frame 6C31 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rotate4all.com/ptp/assets/css/custom/ptp13.min.css?v=1.02
Requested by
Host: www.rotate4all.com
URL: https://www.rotate4all.com/ptp/promote-9133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.147.232.32 Clifton Park, United States, ASN23535 (HOSTROCKET, US),
Reverse DNS
rotate4all.com
Software
Apache /
Resource Hash
02bbdd126d011ab5dd25eddecd12d9bdeadd681887e817a0b4ac0d2b228a51da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rotate4all.com/ptp/promote-9133
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 03 Jan 2023 19:24:40 GMT
last-modified
Sun, 25 Jul 2021 13:43:41 GMT
server
Apache
vary
Accept-Encoding,User-Agent
p3p
CP="No P3P policy"
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3312
x-xss-protection
1; mode=block
expires
Thu, 02 Feb 2023 19:24:40 GMT
/
www.easyhits4u.com/splash/ Frame FF85
Redirect Chain
  • https://www.rotate4all.com/go/ptp
  • https://www.easyhits4u.com/splash/?ref=ryan102383
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.easyhits4u.com/splash/?ref=ryan102383
Requested by
Host: www.rotate4all.com
URL: https://www.rotate4all.com/ptp/promote-9133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.80 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
50.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
422f9bba1e979d28b2d920c4913bed01019b5e1399b8f0d54be176891024b8c8

Request headers

Referer
https://www.rotate4all.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
http://www.easyhits4u.com
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Jan 2023 19:24:48 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache
content-type
text/html; charset=UTF-8
date
Tue, 03 Jan 2023 19:24:40 GMT
location
https://www.easyhits4u.com/splash/?ref=ryan102383
p3p
CP="No P3P policy"
pragma
no-cache
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
User-Agent
x-content-type-options
nosniff
x-xss-protection
1; mode=block
combined_ptp.js
www.rotate4all.com/ptp/assets/js/custom/ Frame 6C31 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rotate4all.com/ptp/assets/js/custom/combined_ptp.js?v1.10
Requested by
Host: www.rotate4all.com
URL: https://www.rotate4all.com/ptp/promote-9133
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.147.232.32 Clifton Park, United States, ASN23535 (HOSTROCKET, US),
Reverse DNS
rotate4all.com
Software
Apache /
Resource Hash
be4f9edb34c78a7d0b68dac8e7884547837e58c32d50737b83879bf309e6ef28
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rotate4all.com/ptp/promote-9133
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 03 Jan 2023 19:24:40 GMT
last-modified
Mon, 04 Oct 2021 06:06:43 GMT
server
Apache
vary
Accept-Encoding,User-Agent
p3p
CP="No P3P policy"
content-type
application/javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
34528
x-xss-protection
1; mode=block
expires
Wed, 18 Jan 2023 19:24:40 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame E94F 		573 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/jwej-BxaN7V.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/jwej-BxaN7V.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
x-fb-rlafr
0
x-fb-debug
mDbrbbZp31KHstiZwAAxbfDKE0jZBN9rr77mMEf70GvUpLyFWBAbG+QI/KGFxMgIgKCc5D6ettBKknIwzbaKjQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Mon, 25 Dec 2023 06:45:34 GMT
7Nmln25n6YE.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame E94F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/7Nmln25n6YE.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Qzn2RIyQjXT.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fLiXl86iqEuUjfrlPQyQ1A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7199
x-fb-rlafr
0
x-fb-debug
DX0Boq+QGfxct2bY2+lJiqvIhlE3sj6yj71qIFSLYbkaS6nYa4LEugFbjuJ7dIOoRtOh3EfaAWaizvIijtw1sQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Dec 2023 19:58:06 GMT
0cKQbVrk19s.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame E94F 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/0cKQbVrk19s.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Qzn2RIyQjXT.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
42319f941cd9da4e2937e856dbb573f3fa9fb05e6784a5fb3761f7b8c91ac724
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:46 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q8AcXLnh9lqBhL0/oorl3w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6166
x-fb-rlafr
0
x-fb-debug
Z9PXOI7ya8+8qYdve/vRKTCzOztWl2GpBj5Ag9HkrRYWmyPUve68ofpymQoNXJ5UwIrPwj+0xXL9MZXIL/LuSw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 30 Dec 2023 16:24:40 GMT
analytics.js
www.google-analytics.com/ Frame 6C31 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.rotate4all.com
URL: https://www.rotate4all.com/ptp/assets/js/custom/combined_ptp.js?v1.10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rotate4all.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 03 Jan 2023 17:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5643
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 03 Jan 2023 19:50:44 GMT
collect
www.google-analytics.com/j/ Frame 6C31 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=322365340&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rotate4all.com%2Fptp%2Fpromote-9133&dr=http%3A%2F%2Fusers.atw.hu%2F&ul=en-us&de=UTF-8&dt=rotate4all.com%20-%20Get%20paid%20to%20promote&sd=24-bit&sr=1600x1200&vp=1200x600&je=0&_u=IEBAAAABAAAAACAAIC~&jid=1072764225&gjid=221024324&cid=1499599603.1672773887&tid=UA-46127189-1&_gid=74137298.1672773887&_r=1&_slc=1&z=779540330
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rotate4all.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 03 Jan 2023 19:24:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rotate4all.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 6C31 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46127189-1&cid=1499599603.1672773887&jid=1072764225&gjid=221024324&_gid=74137298.1672773887&_u=IEBAAAAAAAAAACAAIC~&z=202890877
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rotate4all.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 03 Jan 2023 19:24:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rotate4all.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
splash:1665576062.css
static.easyhits4u.com/css/pages/ Frame FF85 		48 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.easyhits4u.com/css/pages/splash:1665576062.css
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
0bfe96bd97ded5979e1d99eae853345087fc23a4a83e08105575546dc4e5b7ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
W/"6346ac7e-c196"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=10368000
expires
Wed, 03 May 2023 19:24:48 GMT
jquery.1.11.0.min.js
static.easyhits4u.com/js/jquery/ Frame FF85 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.easyhits4u.com/js/jquery/jquery.1.11.0.min.js
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
W/"6346ac7e-1787d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=10368000
expires
Wed, 03 May 2023 19:24:48 GMT
signin_facebook.js
static.easyhits4u.com/js/ Frame FF85 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.easyhits4u.com/js/signin_facebook.js
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
723254eac8ac9e4821668f42feff6e1bc742d772ed73fd20498cafed4ac6dffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
W/"6346ac7e-9d3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=10368000
expires
Wed, 03 May 2023 19:24:48 GMT
signin_google.js
static.easyhits4u.com/js/ Frame FF85 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.easyhits4u.com/js/signin_google.js
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
ed38622bffcceb5ec1c28d3af993513e8362347f135ccee38a73d3bcb1b0cc31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
W/"6346ac7e-cab"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=10368000
expires
Wed, 03 May 2023 19:24:48 GMT
css
fonts.googleapis.com/ Frame FF85 		8 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6ae6faf0336d8aeb746e551e9a2cc1d33fcfa2e3eab3a8eadbe2a63849e6591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Jan 2023 19:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 18:31:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Jan 2023 19:24:48 GMT
animate.min.css
static.easyhits4u.com/css/common/ Frame FF85 		52 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.easyhits4u.com/css/common/animate.min.css
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
W/"6346ac7e-ce35"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=10368000
expires
Wed, 03 May 2023 19:24:48 GMT
splashes.js
static.easyhits4u.com/js/pages/ Frame FF85 		409 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.easyhits4u.com/js/pages/splashes.js
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
b6e92f04553b57a8c9cb5ac98234683c8764acdf2bc083de9532953310c623cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
content-encoding
gzip
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
W/"6346ac7e-199"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=10368000
expires
Wed, 03 May 2023 19:24:48 GMT
41_logo.png
static.easyhits4u.com/img/splash/ Frame FF85 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.easyhits4u.com/img/splash/41_logo.png
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
cbaa948b4ab7447b7498dafb55986a9ae6be8106f3ebc783491d91d7ac8e2ec3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
"6346ac7e-f7d6"
content-type
image/png
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
63446
expires
Wed, 03 Jan 2024 19:24:48 GMT
css
fonts.googleapis.com/ Frame FF85 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 03 Jan 2023 19:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 17:58:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 03 Jan 2023 19:24:48 GMT
icomoon.ttf
www.rotate4all.com/ptp/assets/css/custom/fonts/ Frame 6C31 		2 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rotate4all.com/ptp/assets/css/custom/fonts/icomoon.ttf
Requested by
Host: www.rotate4all.com
URL: https://www.rotate4all.com/ptp/assets/css/custom/ptp13.min.css?v=1.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.147.232.32 Clifton Park, United States, ASN23535 (HOSTROCKET, US),
Reverse DNS
rotate4all.com
Software
Apache /
Resource Hash
4e134ed763658f75f57e9ee183c45d3fc35b73db4eab6d944aec7d17fbcc06b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.rotate4all.com/ptp/assets/css/custom/ptp13.min.css?v=1.02
Origin
https://www.rotate4all.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 03 Jan 2023 19:24:41 GMT
last-modified
Sun, 25 Jul 2021 13:48:19 GMT
server
Apache
vary
Accept-Encoding,User-Agent
p3p
CP="No P3P policy"
content-type
font/ttf
cache-control
max-age=31536000
accept-ranges
bytes
content-length
915
x-xss-protection
1; mode=block
expires
Wed, 03 Jan 2024 19:24:41 GMT
api.js
apis.google.com/js/ Frame FF85 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js?onload=gapiLoad
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
336c4e9e8dc705807dd229bb064dd3863858421f63c16e90bef3e926e7e68e8d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 03 Jan 2023 19:24:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6891
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"f939cbb9128c1c7b"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Jan 2023 19:24:48 GMT
all.js
connect.facebook.net/en_US/ Frame FF85 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
09ff4d2642843f0c7ddd91b2830954cc9cb4c0e0a81b143095a31fe15c063f3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 03 Jan 2023 19:24:48 GMT
content-md5
5TIl7qqJG3if7JEua8+1tw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
3hKSak1vGT3aPU+PNsDQ+qcdMOIsE2kfJiwCKod5LRB6oQpOJo1SDSTFUiS4HWE3uowspn6hTJsPeI0G06w9Ng==
x-fb-trip-id
917726464
x-fb-content-md5
c75ab8e305cddc53e977f963f859ab51
cross-origin-opener-policy
same-origin-allow-popups
etag
"31b29beb25cee702ed4262a774c4a847"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 19:34:24 GMT
/
page-creation.biz/fb-button/ Frame A59B 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://page-creation.biz/fb-button/?ref=ryan102383&splash=1&id=50
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.55.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8da288879cd5b0cbcda18467695c18e0bd46c97506b0944e4160b11dc7419961

Request headers

Referer
https://www.easyhits4u.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
http://www.easyhits4u.com
content-type
text/html; charset=utf-8
date
Tue, 03 Jan 2023 19:24:49 GMT
server
nginx
50_flag.png
static.easyhits4u.com/img/splash/ Frame FF85 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.easyhits4u.com/img/splash/50_flag.png
Requested by
Host: static.easyhits4u.com
URL: https://static.easyhits4u.com/css/pages/splash:1665576062.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
f41071f9095b19f977e393a41b9aafda315d13d90480d5a79968872c5f930b7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.easyhits4u.com/css/pages/splash:1665576062.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
"6346ac7e-48c"
content-type
image/png
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1164
expires
Wed, 03 Jan 2024 19:24:48 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame FF85 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.easyhits4u.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 18:50:24 GMT
x-content-type-options
nosniff
age
88464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 18:50:24 GMT
all.js
connect.facebook.net/en_US/ Frame FF85 		308 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=6684d3b8defdd54e2db441eae5d2a3db
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c2e2e795731f76a8cc8775d8111e26201bfe25bfa03d6004123d1c114c685813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.easyhits4u.com/
Origin
https://www.easyhits4u.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 03 Jan 2023 19:24:48 GMT
content-md5
fr89bKWMeWQHvE3VIwIJKA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88347
x-fb-rlafr
0
x-fb-debug
7t9dikbkBpsxD8hgcJcX0T4Mal8TX0/l6s6LzZRUtD0cKGkiJ/2g06l0fVp15xRaE+al3xxGAK1a9YHaYS8Cjg==
x-fb-content-md5
e861220c3527f7f840f0358431f43a7a
cross-origin-opener-policy
same-origin-allow-popups
etag
"e952f392d1f5efa2564bbc87f732de9b"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 03 Jan 2024 18:20:36 GMT
gp_sign.png
static.easyhits4u.com/img/splash/ Frame FF85 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.easyhits4u.com/img/splash/gp_sign.png
Requested by
Host: static.easyhits4u.com
URL: https://static.easyhits4u.com/css/pages/splash:1665576062.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.82 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
52.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
8a4d94bf3d7dad57a3b28538dcc94ed3fd34373dda1f3e7b0ade8502c43e3c39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.easyhits4u.com/css/pages/splash:1665576062.css
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
"6346ac7e-487"
content-type
image/png
access-control-allow-origin
https://www.easyhits4u.com
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1159
expires
Wed, 03 Jan 2024 19:24:48 GMT
50_bg.jpg
www.easyhits4u.com/img/splash/ Frame FF85 		298 KB
298 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.easyhits4u.com/img/splash/50_bg.jpg
Requested by
Host: www.easyhits4u.com
URL: https://www.easyhits4u.com/splash/?ref=ryan102383
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.117.55.80 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
50.37.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
440467b21fa95f771063331fa34c5a5bc9a9af2ae9f01988371d417383b40214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/splash/?ref=ryan102383
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:48 GMT
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
etag
"6346ac7e-4a654"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
304724
expires
Wed, 03 Jan 2024 19:24:48 GMT
status
www.facebook.com/x/oauth/ Frame FF85 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.rotate4all.com%2Chttp%3A%2F%2Fusers.atw.hu%2Chttp%3A%2F%2Flucifer.atw.hu&client_id=209097609191626&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.easyhits4u.com%2Fsplash%2F%3Fref%3Dryan102383&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=6684d3b8defdd54e2db441eae5d2a3db
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 03 Jan 2023 19:24:49 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
6JHfjbihJdu9A3pxGfk9DWFjaCQNO+wkz2SGvTYb3WXh99HfTsWYpOSzQ8bcgOvzolrqsSTY4+lCTXWwyh512g==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.easyhits4u.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame FF85 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?onload=gapiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6e53945eb5c19b339fd89d67adb6d68ba1f4ef7a78826122ab98a65be0e1167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.easyhits4u.com/
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 12:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36874
x-xss-protection
0
last-modified
Tue, 06 Dec 2022 15:21:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Dec 2023 12:19:07 GMT
splash:1665576062.css
page-creation.biz/static/css/pages/ Frame A59B 		32 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://page-creation.biz/static/css/pages/splash:1665576062.css
Requested by
Host: page-creation.biz
URL: https://page-creation.biz/fb-button/?ref=ryan102383&splash=1&id=50
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.55.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page-creation.biz/fb-button/?ref=ryan102383&splash=1&id=50
User-Agent
Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:24:49 GMT
last-modified
Wed, 12 Oct 2022 12:01:02 GMT
server
nginx
accept-ranges
bytes
etag
"6346ac7e-c196"
content-length
49558
content-type
text/css
jquery.1.11.0.min.js
page-creation.biz/static/js/jquery/ Frame A59B 		0
0
signin_facebook:1665576062.js
page-creation.biz/static/js/ Frame A59B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lltrco.com
URL
https://lltrco.com/?r=lucifer3650
Domain
page-creation.biz
URL
https://page-creation.biz/static/js/jquery/jquery.1.11.0.min.js
Domain
page-creation.biz
URL
https://page-creation.biz/static/js/signin_facebook:1665576062.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange

13 Cookies

Domain/Path Name / Value
.www.rotate4all.com/ Name: recog
Value: 6f97ca4405518b7664b6e3168bde67eb
.www.rotate4all.com/ Name: real_input
Value: 990ccb6fd12d893f6d40bf6e6792dc7b
.www.rotate4all.com/ Name: visit_session
Value: ecfa064f0341122e1149968e7fbc6a1b048eff76
.www.rotate4all.com/ Name: referral
Value: lucifer3650
.www.rotate4all.com/ Name: refid
Value: NUtNMytHVUpnMXdPZi9HRU1BNEhDUT09
.www.rotate4all.com/ Name: http_referrer
Value: YnZYUnVLT3NTN1V4eklHeVhXN2NoL2dBL0xWUzZJYmltTnc5WVVuUzkrcz0%253D
.rotate4all.com/ Name: dest_src
Value: 38908
.rotate4all.com/ Name: _ga
Value: GA1.2.1499599603.1672773887
.rotate4all.com/ Name: _gid
Value: GA1.2.74137298.1672773887
.rotate4all.com/ Name: _gat
Value: 1
.easyhits4u.com/ Name: se
Value: 1
.easyhits4u.com/ Name: http_referer
Value: https%3A%2F%2Fwww.rotate4all.com%2F
.easyhits4u.com/ Name: ref
Value: ryan102383

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
atw.hu
connect.facebook.net
f.atw.hu
fonts.googleapis.com
fonts.gstatic.com
lltrco.com
lucifer.atw.hu
page-creation.biz
rf.revolvermaps.com
scontent.xx.fbcdn.net
static.easyhits4u.com
static.xx.fbcdn.net
stats.g.doubleclick.net
users.atw.hu
www.easyhits4u.com
www.facebook.com
www.google-analytics.com
www.rotate4all.com
lltrco.com
page-creation.biz
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:400d:80d::200a
2a00:1450:4025:401::9c
2a00:f820:425::3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.117.55.80
52.117.55.81
52.117.55.82
66.147.232.32
88.151.96.4
94.125.176.29
02bbdd126d011ab5dd25eddecd12d9bdeadd681887e817a0b4ac0d2b228a51da
04fa159466f336ce6e0fd46d08d2891b0d40b1af7e25c7bb57a7252abbeeb634
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
08bd4dabba430e39f74aa9770bfafa097db6326d0d5593e841d7f2d4a801dad2
09ff4d2642843f0c7ddd91b2830954cc9cb4c0e0a81b143095a31fe15c063f3b
0bfe96bd97ded5979e1d99eae853345087fc23a4a83e08105575546dc4e5b7ab
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13f4e0ac81a3a796f4c43f68097d9be5eaed52338a12005f8774da0b8533f4dd
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
295bc4a2c23d860dc335f59bf84004856e60ae4adeef8db4d861ab335424aaab
336c4e9e8dc705807dd229bb064dd3863858421f63c16e90bef3e926e7e68e8d
39a310029a37135b3ca4db26de9a7461d60db41a898df5a1aa5a043589e744e7
422f9bba1e979d28b2d920c4913bed01019b5e1399b8f0d54be176891024b8c8
42319f941cd9da4e2937e856dbb573f3fa9fb05e6784a5fb3761f7b8c91ac724
440467b21fa95f771063331fa34c5a5bc9a9af2ae9f01988371d417383b40214
4e134ed763658f75f57e9ee183c45d3fc35b73db4eab6d944aec7d17fbcc06b9
52f3c7b61f178c5e0537cfa9131a54b2a12bf3fb612bc9f649bedb830527bd2d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
723254eac8ac9e4821668f42feff6e1bc742d772ed73fd20498cafed4ac6dffb
780c3b6723f37b3697aab869234e6b6321f72c7d0389fedcaca432c2301a4b9e
7e0085a77923b9e5a13ae8105a8e54337d44464f114e6d9c58a3c06a9cbcbc61
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a4d94bf3d7dad57a3b28538dcc94ed3fd34373dda1f3e7b0ade8502c43e3c39
8aa25012ffbcdbc1f3e5d041c6a1f9ef9c75dc58763e395f3eab0eac2713ca96
8b95825e949e0d6c15b2cea8657756404426fe621d9c187dafb1c7b5133fad87
8da288879cd5b0cbcda18467695c18e0bd46c97506b0944e4160b11dc7419961
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
a4831caa9c240ec0454690cd8304cbeae209085c4c92ddf2e0f70fe71b4f6602
a5370aa7ec1aaa3658b68a3d731bd916885a28b252a3528c24a7b17325c8299a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5c11965e68c253077f706c03eba51914eb73456a6144ea9458a06ca7c62cce7
b6e92f04553b57a8c9cb5ac98234683c8764acdf2bc083de9532953310c623cc
be4f9edb34c78a7d0b68dac8e7884547837e58c32d50737b83879bf309e6ef28
c2e2e795731f76a8cc8775d8111e26201bfe25bfa03d6004123d1c114c685813
cb5c67ccd076f55e9436fb016a51b3c33f646751187a7e0053908ca5e265108b
cbaa948b4ab7447b7498dafb55986a9ae6be8106f3ebc783491d91d7ac8e2ec3
cbf8aee8d21d41c084d2efd0698775494f4eb0e067ada522b8aad65e110ae8b2
ce5925958d1f39af84f6f5a1f9915285034539ed0b7779a57939c0d3bf619ab5
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
d5a30a9883ea623accb1598b9802c7b949c167b0352800a4a9f7d1c803ebe479
d6ae6faf0336d8aeb746e551e9a2cc1d33fcfa2e3eab3a8eadbe2a63849e6591
d781ce5460d38648aa488ca9ca818b451552a3ab77de1c79434c87942a0c752b
da959a60135ea90bbbbc4b5ca92ea1dda478c8e0e5fd86c7d023bd785ad7a00a
dc07d382f00a25c7cab4993b3675027b7ba9fdf978474e9611aadde6383d9a57
ed38622bffcceb5ec1c28d3af993513e8362347f135ccee38a73d3bcb1b0cc31
f41071f9095b19f977e393a41b9aafda315d13d90480d5a79968872c5f930b7c
f6e53945eb5c19b339fd89d67adb6d68ba1f4ef7a78826122ab98a65be0e1167
f93df2735d94cf2ebfc2f07b0f8038e4c9e177d89e3e8b7cd1604e23c556f63b
fa61d21aff217a2e1d5ff56ff8ca264a44c6d340e6d8272a278d70ec439936f3