www.fl-y.com Open in urlscan Pro
94.23.28.150 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.fl-y.com/chatterbate
Submission: On October 04 via manual (October 4th 2021, 1:34:39 pm UTC) from LU — Scanned from DE

Summary HTTP 35 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 35 HTTP transactions. The main IP is 94.23.28.150, located in France and belongs to OVH, FR. The main domain is www.fl-y.com.

This is the only time www.fl-y.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	94.23.28.150 94.23.28.150	16276 (OVH) (OVH)
5	51.91.68.112 51.91.68.112	16276 (OVH) (OVH)
1	85.114.134.182 85.114.134.182	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
12	104.26.10.209 104.26.10.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	65.9.66.127 65.9.66.127	16509 (AMAZON-02) (AMAZON-02)
35	7

13 94.23.28.150 (France)

ASN16276 (OVH, FR)
PTR: ns367892.ip-94-23-28.eu

www.fl-y.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.91.68.112 (France)

ASN16276 (OVH, FR)
PTR: ns3161774.ip-51-91-68.eu

view.webplexmedia.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.134.182 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: h104.hubuhost.com

g.cash-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.26.10.209 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.239.217 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

impfr.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.127 (United States)

ASN16509 (AMAZON-02, US)

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	fl-y.com www.fl-y.com	162 KB
12	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	653 KB
5	webplexmedia.de view.webplexmedia.de	4 KB
2	tradedoubler.com impfr.tradedoubler.com vht.tradedoubler.com	485 KB
2	zenaps.com www.zenaps.com	1 KB
2	awin1.com 2 redirects www.awin1.com	2 KB
1	cash-ads.com g.cash-ads.com	37 KB
35	7

	Domain	Requested by
13	www.fl-y.com	www.fl-y.com
6	assets.ad4m.at	as.ad4m.at
5	view.webplexmedia.de	www.fl-y.com view.webplexmedia.de g.cash-ads.com
4	ad4m.at	view.webplexmedia.de ad4m.at
2	www.zenaps.com	as.ad4m.at
2	www.awin1.com	2 redirects
2	as.ad4m.at	ad4m.at as.ad4m.at
1	vht.tradedoubler.com	as.ad4m.at
1	impfr.tradedoubler.com	as.ad4m.at
1	g.cash-ads.com	view.webplexmedia.de
35	10

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
view.webplexmedia.de R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
g.cash-ads.com R3	`2021-09-14` - `2021-12-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.tradedoubler.com R3	`2021-09-18` - `2021-12-17`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://www.fl-y.com/chatterbate
Frame ID: 5439210F9EA6A7FB03C41BEC5A14670A
Requests: 15 HTTP requests in this frame

Frame: https://view.webplexmedia.de/b2.php?uid=436643363&e=0&s=0&p=0&w=300&h=250&sid=1061&size=4
Frame ID: 22006E98B74C5DC3CF56CB6D74329DCA
Requests: 2 HTTP requests in this frame

Frame: https://view.webplexmedia.de/in4.php?uid=436643363&e=0&s=0&p=0&sid=1061&size=4&referrer=
Frame ID: 0A0CE2E74CFF2B0DB583CA8952321565
Requests: 3 HTTP requests in this frame

Frame: https://view.webplexmedia.de/gtx.php?nc=383b5f1dffeb779f7973e4a8eaf2076d&sid=1061&uid=436643363&sz=4
Frame ID: 0938BB03B7D6D8EB476E010991AC467C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 439F189C711E72CE2BE20B359A528135
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
Frame ID: C5701D72AD0B54D504FAB718AD58FB98
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redirecting to url, please wait... - FL-Y.COM

Detected technologies

DataTables (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

dataTables.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

35
Requests

63 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

7
IPs

3
Countries

1343 kB
Transfer

1819 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.google.com/privacy.html
Title: click here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.awin1.com/cshow.php?s=2402950&v=12590&q=364258&r=412871&pv=1&pref3=oneidP2AZTBfbfDk6t9HjHbtMtPA4SZTgtMkoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=d0641c20-2517-11ec-bef8-692d023ad792&v=12590&r=412871&q=364258&s=2402950&viewref3=oneidP2AZTBfbfDk6t9HjHbtMtPA4SZTgtMkoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x250&pv=1&gdpr=0&gdpr_consent=

Request Chain 31

https://www.awin1.com/cshow.php?s=2939256&v=22506&q=418383&r=412871&pv=1&pref3=oneid52EQTXfEfG9ddhpH7HMt3tGVKtETkt4zoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=d063ce00-2517-11ec-bef8-692d023ad792&v=22506&r=412871&q=418383&s=2939256&viewref3=oneid52EQTXfEfG9ddhpH7HMt3tGVKtETkt4zoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x250&pv=1&gdpr=0&gdpr_consent=

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set chatterbate Show response
www.fl-y.com/ 26 KB
9 KB 3689ms
3674ms Document
text/html 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) / PHP/5.3.3-7+squeeze19
Resource Hash: 6c924b97f3dab18e43d9b99a9f07f54e2e87f31b7718d5f998839a9f551dd136

Request headers

Host: www.fl-y.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 04 Oct 2021 13:46:49 GMT
Server: Apache/2.2.16 (Debian)
X-Powered-By: PHP/5.3.3-7+squeeze19
Set-Cookie: shorturl=lj9e4haq179lb2e4io454c15s6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9134
Connection: close
Content-Type: text/html

GET
H/1.1 200
OK jquery-ui-1.8.9.custom.css
www.fl-y.com/themes/blue_v2/styles/ 33 KB
6 KB 28ms
15ms Stylesheet
text/css 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/themes/blue_v2/styles/jquery-ui-1.8.9.custom.css
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: a6c3f86b052c69af5d5bb6fa9d0a19ead45871487e3ea8e34ec5d6a8a8286c7d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2012 21:05:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364f38-85f0-4b646fe582c80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 6185

GET
H/1.1 200
OK screen.css
www.fl-y.com/themes/blue_v2/styles/ 14 KB
4 KB 27ms
14ms Stylesheet
text/css 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/themes/blue_v2/styles/screen.css
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: d3c5ae27aa3a1d6e3cf66d3ada33aa7e7d4e1f6ddef9cb67d8a1d7124a786204

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2012 21:05:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364f39-38e7-4b646fe582c80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 3333

GET
H/1.1 200
OK tabview-core.css
www.fl-y.com/themes/blue_v2/styles/ 11 KB
2 KB 28ms
15ms Stylesheet
text/css 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/themes/blue_v2/styles/tabview-core.css
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: 597fb1d1fdfebef9dc6deb9d1bbcc59bb010d60a060cc3ea8ef479c4f3a597b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2012 21:05:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364f36-2d05-4b646fe582c80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2126

GET
H/1.1 200
OK data_table.css
www.fl-y.com/themes/blue_v2/styles/ 9 KB
3 KB 29ms
15ms Stylesheet
text/css 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/themes/blue_v2/styles/data_table.css
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: f3e6ab1c041fa2c775e4e125baa560510d145a2137626e91c7b1694af6e0077a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2012 21:05:38 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364f35-254f-4b646fe582c80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2572

GET
H/1.1 200
OK jquery-1.6.1.min.js Show response
www.fl-y.com/themes/blue_v2/js/ 89 KB
32 KB 31ms
18ms Script
application/javascript 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/themes/blue_v2/js/jquery-1.6.1.min.js
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2012 21:05:35 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364f31-164ce-4b646fe2a65c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 31940

GET
H/1.1 200
OK jquery-ui-1.8.9.custom.min.js Show response
www.fl-y.com/themes/blue_v2/js/ 202 KB
51 KB 36ms
23ms Script
application/javascript 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/themes/blue_v2/js/jquery-ui-1.8.9.custom.min.js
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: 14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2012 21:05:37 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364f32-3292a-4b646fe48ea40"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 51785

GET
H/1.1 200
OK jquery.dataTables.min.js Show response
www.fl-y.com/themes/blue_v2/js/ 68 KB
19 KB 58ms
16ms Script
application/javascript 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/themes/blue_v2/js/jquery.dataTables.min.js
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: 6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2012 21:05:37 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364f2e-10fe4-4b646fe48ea40"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 19275

GET
H/1.1 200
OK FusionCharts.js Show response
www.fl-y.com/js/fusionCharts/JSClass/ 13 KB
5 KB 56ms
14ms Script
application/javascript 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/js/fusionCharts/JSClass/FusionCharts.js
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: 594dda6ed39b190a5341fcbb9b5be5935e7624b66247e966a55b7cbe37f38f40

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2012 21:04:29 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364ab4-34a0-4b646fa3b5140"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 4446

GET
H/1.1 200
OK global.js Show response
www.fl-y.com/themes/blue_v2/js/ 3 KB
1 KB 57ms
15ms Script
application/javascript 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fl-y.com/themes/blue_v2/js/global.js
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: 6ceb2dbd14d506151268787dd2dcedeb08fc9354db9ba5f2000f37f670e1f4d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 11 Jan 2012 21:05:34 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364f2f-df4-4b646fe1b2380"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 1103

GET
H/1.1 200
OK main_logo.jpg
www.fl-y.com/themes/blue_v2/images/ 20 KB
21 KB 27ms
13ms Image
image/jpeg 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fl-y.com/themes/blue_v2/images/main_logo.jpg
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: 01b6aaba858a4df8f2ab2caa78c42fa540606c06c88677038237d78bd91e07b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
X-Pad: avoid browser bug
Last-Modified: Wed, 11 Jan 2012 22:12:47 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364f29-5153-4b647ee7dd5c0"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 20819

GET
H2 200 banner.php Show response
view.webplexmedia.de/ 2 KB
914 B 69ms
17ms Script
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4

Requested by

Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

cf3b8b5bdce010615eec4f4e370ba4fa3cd321d33a1f25fb21605825cb65651c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 13:34:34 GMT
cache-control: no-cache
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
content-encoding: gzip
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK pleaseWait.gif
www.fl-y.com/themes/blue_v2/images/ 9 KB
9 KB 27ms
14ms Image
image/gif 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fl-y.com/themes/blue_v2/images/pleaseWait.gif
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: 06f4e73215c99f67d0e80eabe42be736c8c152cca7517a2208a31075faeef2c1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
X-Pad: avoid browser bug
Last-Modified: Wed, 11 Jan 2012 21:05:33 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364ddd-22c0-4b646fe0be140"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 8896

GET
H/1.1 200
OK body_bg_gradient.jpg
www.fl-y.com/themes/blue_v2/images/ 474 B
730 B 27ms
14ms Image
image/jpeg 94.23.28.150
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fl-y.com/themes/blue_v2/images/body_bg_gradient.jpg
Requested by: Host: www.fl-y.com
URL: http://www.fl-y.com/chatterbate
Protocol: HTTP/1.1
Server: 94.23.28.150 , France, ASN16276 (OVH, FR),
Reverse DNS: ns367892.ip-94-23-28.eu
Software: Apache/2.2.16 (Debian) /
Resource Hash: 8ed7b1b667fac2548eb9511e8f5c00d874e2fcc0f6bce963220e9974d9157b95

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.fl-y.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.fl-y.com/chatterbate
Cookie: shorturl=lj9e4haq179lb2e4io454c15s6
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/chatterbate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 04 Oct 2021 13:46:53 GMT
Last-Modified: Wed, 11 Jan 2012 22:13:20 GMT
Server: Apache/2.2.16 (Debian)
ETag: "364efd-1da-4b647f0756000"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 474

GET
H2 200 b2.php Show response
view.webplexmedia.de/ Frame 2200 741 B
591 B 16ms
15ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/b2.php?uid=436643363&e=0&s=0&p=0&w=300&h=250&sid=1061&size=4

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

28afcde4afb3cb9a4e313c6dcda89313aa9652957cf29ea8ee12b48f4df49e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /b2.php?uid=436643363&e=0&s=0&p=0&w=300&h=250&sid=1061&size=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fl-y.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/

Response headers

server: nginx
date: Mon, 04 Oct 2021 13:34:34 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 base.js Show response
g.cash-ads.com/js/ 91 KB
37 KB 49ms
9ms Script
application/javascript 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/js/base.js

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.fl-y.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 04 Oct 2021 13:34:34 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 15:27:16 GMT
server: nginx
etag: W/"612e4a54-16b34"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 lg0.jpg
view.webplexmedia.de/ Frame 2200 1 KB
2 KB 14ms
14ms Image
image/jpeg 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://view.webplexmedia.de/lg0.jpg

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=436643363&e=0&s=0&p=0&w=300&h=250&sid=1061&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 13:34:34 GMT
last-modified: Fri, 04 Dec 2020 00:56:23 GMT
server: nginx
etag: "5fc98937-5de"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 1502
x-xss-protection: 1; mode=block

GET
H2 200 in4.php Show response
view.webplexmedia.de/ Frame 0A0C 494 B
507 B 94ms
94ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/in4.php?uid=436643363&e=0&s=0&p=0&sid=1061&size=4&referrer=

Requested by

Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/b2.php?uid=436643363&e=0&s=0&p=0&w=300&h=250&sid=1061&size=4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

1e5c9b7666879e6c996ea80d972b51a21f7e559ad432ade4a23fea082185f4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /in4.php?uid=436643363&e=0&s=0&p=0&sid=1061&size=4&referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 04 Oct 2021 13:34:34 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 57fgjj6v.js Show response
ad4m.at/ Frame 0A0C 50 KB
17 KB 59ms
23ms Script
application/javascript 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/57fgjj6v.js
Requested by: Host: view.webplexmedia.de
URL: https://view.webplexmedia.de/in4.php?uid=436643363&e=0&s=0&p=0&sid=1061&size=4&referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb68c7dee0489b45f038957a815eb002c70ea04ea836f2a5e949980bb888039a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://view.webplexmedia.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=voWUtw==, md5=D+3p4xSw7jUCU0j4soS14g==
date: Mon, 04 Oct 2021 13:34:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29443
cf-polished: origSize=51221
x-guploader-uploadid: ADPycdt9mV3pZx4DhPWcmzuCo5lwz4-X4X5XJQCwLJ0PghA1-CwOOCD85kMqeABP_LVX9Ws8nMiJwk3FbWtHT9pg1b0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 05:20:32 GMT
server: cloudflare
etag: W/"0fede9e314b0ee35025348f8b284b5e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21X1M%2BLkVJtkezEHMCN0fJOKJXAu%2Bzu5OF%2FH%2FQOZb1vRob5fFbhdPaV0HJ%2Fpwt7i1AhPCszcbYvXAQVyOhbYcKCgw5IpnCf10W7NK7%2FSREEEkl8uYy4KxKQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1631078432792716
content-type: application/javascript; charset=utf-8
expires: Mon, 04 Oct 2021 05:23:51 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 16075
cf-ray: 698ec9dc88f74137-PRG
cf-bgj: minify

GET
H2 200 gtx.php Show response
view.webplexmedia.de/ Frame 0938 0
195 B 16ms
15ms Document
text/html 51.91.68.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://view.webplexmedia.de/gtx.php?nc=383b5f1dffeb779f7973e4a8eaf2076d&sid=1061&uid=436643363&sz=4

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/js/base.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.68.112 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3161774.ip-51-91-68.eu

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: view.webplexmedia.de
:scheme: https
:path: /gtx.php?nc=383b5f1dffeb779f7973e4a8eaf2076d&sid=1061&uid=436643363&sz=4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.fl-y.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.fl-y.com/

Response headers

server: nginx
date: Mon, 04 Oct 2021 13:34:34 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 frame.html Show response
ad4m.at/ Frame 439F 2 KB
1 KB 23ms
22ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://view.webplexmedia.de/

Response headers

date: Mon, 04 Oct 2021 13:34:35 GMT
content-type: text/html
x-guploader-uploadid: ABg5-Uwn3myKqNzKJaXHyUiZqbP8NSrxOcbkyaRD5NRgbFtq-4RIcqJ4vnL2qiKZKS--51-luBSbS_wwXQ-ancMVjw
expires: Mon, 04 Oct 2021 14:34:35 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 806518
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HT6TX%2F6dgD3HS21XCbqmykq2GyVa1mJogcYdc8Cv7ynl1ElM0%2FDcnYr3fqfVOVX6NSLlnpC%2FSfABKtp6v%2Fq4CvcIqx4LAoUtTUptopOWnULAbvZ%2Fm5cFwM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 698ec9dcc9174137-PRG
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame 0A0C 487 B
964 B 41ms
41ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c354f0f2da16773655a83ab6c20266f3df84a4b6a4bd45eeb83b6c9b6b7f20a9

Request headers

Referer: https://view.webplexmedia.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 04 Oct 2021 13:34:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 698ec9dd4a0ff9ce-PRG
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8yVEFizKkDmwuwYJed1t9vgg%2FXIrSrUook6PygAsetFGzbujipIbogV%2BsSlTl5Wtv8Iy1JLC%2Fl9vnw8YaYASZscjfMOXenbC%2BVJL78gKfGrZ7AJ4BwDVrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://view.webplexmedia.de
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-v52b

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 54ms
38ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://view.webplexmedia.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 04 Oct 2021 13:34:35 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://view.webplexmedia.de
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-v52b
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DroWzT1JRV7WwWy9ViH%2BktaQuQ1B%2BCU4ITQ1XoedurDvSXkzVqP22b5Dcm%2BE7pXZ4lir2cmGvpWnbQOlXuXtEJJ9wkwz45dtbBPWg8TJful4H3n6Gbzla8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 698ec9dd19ebf9ce-PRG

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame C570 6 KB
4 KB 43ms
35ms Document
text/html 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/57fgjj6v.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e95de40bf0b25280e994f40c3b1516bbd0a4af08e580b5429e52051a6ac7f51

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://view.webplexmedia.de/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://view.webplexmedia.de/

Response headers

date: Mon, 04 Oct 2021 13:34:35 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 698ec9ddaa024137-PRG
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame C570 64 KB
8 KB 21ms
21ms Stylesheet
text/css 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 13:34:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 953954
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 698ec9ddebea27b8-PRG
cf-bgj: minify

GET
H2 200 934C8AC62A33B57D7EC1B51A7A6A721852B1F95C14355EFB97970BDD5EB2684EF98175F3A5BFEF5B533B8F2FDB99A8690E02D9F59DC1DD8610FAEF7C3D82C48D
assets.ad4m.at/logo/ Frame C570 7 KB
8 KB 33ms
24ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/934C8AC62A33B57D7EC1B51A7A6A721852B1F95C14355EFB97970BDD5EB2684EF98175F3A5BFEF5B533B8F2FDB99A8690E02D9F59DC1DD8610FAEF7C3D82C48D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d29f85aaf6621e781bf0f40de0cb7bcd56e7f6f981f714519013bc7bb93d841

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=wotKSg==, md5=dPCYkIJ/MwjGxojWKpQPsQ==
date: Mon, 04 Oct 2021 13:34:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 973678
cf-polished: qual=85, origFmt=jpeg, origSize=22210
x-guploader-uploadid: ADPycduNNSDFB5qWNJE9SUF0ZkE9W7gQG1YI9qpJGG7bOcMLa3d27z5iDPE-T21_pIRtyRFncoicjmF3QeNOICRhSfHSpfO8PQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7352
last-modified: Fri, 11 Sep 2020 14:08:02 GMT
server: cloudflare
etag: "74f09890827f3308c6c688d62a940fb1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIXj6KOuUtUe9%2FDLX9GSMxvuQNaynLiQxM%2FOivpMMMOrFqttd71%2BSYKFemTHRmJzRvrfwCV62j%2BhUc1Nau50SXxbEuQpuiiqD4d1Y4n%2BX3ayYrxKKBx6gYtxuySW23%2BS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1599833282143302
content-type: image/webp
expires: Tue, 05 Oct 2021 13:34:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 22210
accept-ranges: bytes
cf-ray: 698ec9de0a844137-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 BF64FEC68551D029983F532607395166E14F6E99F321A0B10F7A04A8AC6611A3E7DE9F01CBC95180DF1FBE6302751AEBCD2D8CF167471D6FEBB82B68EA174156
assets.ad4m.at/ Frame C570 31 KB
32 KB 37ms
28ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BF64FEC68551D029983F532607395166E14F6E99F321A0B10F7A04A8AC6611A3E7DE9F01CBC95180DF1FBE6302751AEBCD2D8CF167471D6FEBB82B68EA174156
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a09f63cddacf0290f5f64ae98dc651436ab9144905d8a40ed7ac1e1892a3135

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=9IuT2w==, md5=CIU/fWg9WLY7CdGdCUiQ2g==
date: Mon, 04 Oct 2021 13:34:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 929179
cf-polished: qual=85, origFmt=jpeg, origSize=99064
x-guploader-uploadid: ADPycdt-_IzV6QZ2grO9AJQMx3ExokFoHLzRxD4no4nWuZdZh8jwz3rbOiVeRhHWAUGnsq5XHTyu05RMHTHuqXTREaM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31524
last-modified: Tue, 15 Oct 2019 08:14:50 GMT
server: cloudflare
etag: "08853f7d683d58b63b09d19d094890da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AodlmJTfF9Peo3CBwEKcztUhN%2BsVcvai%2F3c4IjSNSoRSc39s%2F%2FUuULZFaIVtVGE15qFo2SUx%2FIECEt3v3nalkMGjfkr4bEcGSc7C%2FWkzRwbspkvspmjFqOuJI6wfm5tO"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1571127290332984
content-type: image/webp
expires: Tue, 05 Oct 2021 13:34:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 99064
accept-ranges: bytes
cf-ray: 698ec9de0a864137-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

cshow.php
www.zenaps.com/ Frame C570
Redirect Chain

https://www.awin1.com/cshow.php?s=2402950&v=12590&q=364258&r=412871&pv=1&pref3=oneidP2AZTBfbfDk6t9HjHbtMtPA4SZTgtMkoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x...
https://www.zenaps.com/cshow.php?pvr=d0641c20-2517-11ec-bef8-692d023ad792&v=12590&r=412871&q=364258&s=2402950&viewref3=oneidP2AZTBfbfDk6t9HjHbtMtPA4SZTgtMkoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6A...

43 B
705 B

59ms
32ms

Image
image/gif

104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zenaps.com/cshow.php?pvr=d0641c20-2517-11ec-bef8-692d023ad792&v=12590&r=412871&q=364258&s=2402950&viewref3=oneidP2AZTBfbfDk6t9HjHbtMtPA4SZTgtMkoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x250&pv=1&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Oct 2021 13:34:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

Redirect headers

Date: Mon, 04 Oct 2021 13:34:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.zenaps.com/cshow.php?pvr=d0641c20-2517-11ec-bef8-692d023ad792&v=12590&r=412871&q=364258&s=2402950&viewref3=oneidP2AZTBfbfDk6t9HjHbtMtPA4SZTgtMkoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x250&pv=1&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 3914CA57312862375AA0C2B960FE342E3EA9799DA94E08AAF085CCBE742CFFB75C340133DB289CFF7EC3962329FCF7CD1F79B976915BC20E58FD92042C5B7D8C
assets.ad4m.at/logo/ Frame C570 15 KB
16 KB 35ms
27ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/3914CA57312862375AA0C2B960FE342E3EA9799DA94E08AAF085CCBE742CFFB75C340133DB289CFF7EC3962329FCF7CD1F79B976915BC20E58FD92042C5B7D8C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91a25e39ba42309216c72700c26c1aaa1d2759e7089a97376688d766e7637005

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=MKNobw==, md5=JYZPEYu6cX9exytuP3K7QQ==
date: Mon, 04 Oct 2021 13:34:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 361448
cf-polished: origFmt=png, origSize=26145
x-guploader-uploadid: ADPycdvd_HdoXrMbxO5kWKfnYCiCmg4J-OMRR7TnFlowFPE9Hn5ayQQGYOMT-dDmt1WjGIxG93b-5FS9fdMh6F_qFRU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15844
last-modified: Mon, 02 Aug 2021 09:43:33 GMT
server: cloudflare
etag: "25864f118bba717f5ec72b6e3f72bb41"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQHfS6jCQDUD0qTtC8SelAQIpsJq%2B%2Fppmjh9G1Gov4jlpxc0w2U81CVUqtQMc1iiQlrup2FdtVXlL2bce1R5AfIjrI41Dvn%2BHU%2F0OlJl1AObXJ3KPu5wc0b7MIIw7o59"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627897413808119
content-type: image/webp
expires: Tue, 05 Oct 2021 13:34:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26145
accept-ranges: bytes
cf-ray: 698ec9de0a7b4137-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 14B2EFC5264973D75A694F5ECC3E1C060F3A4B993EFE9364E2270709A30BB40AFBD9175C3507A553974C47D03E1AE957BD07968EF5B22E2BFC3592CE453DCC16
assets.ad4m.at/product_image/ Frame C570 259 KB
260 KB 48ms
40ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/14B2EFC5264973D75A694F5ECC3E1C060F3A4B993EFE9364E2270709A30BB40AFBD9175C3507A553974C47D03E1AE957BD07968EF5B22E2BFC3592CE453DCC16
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0301fa72e29c43882eb4d19a27a4df0a56ac7236b74fb078fdc63fc5c026fbc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=0Qj9Mw==, md5=zpgN8dCC1xd4F2oM1irqlw==
date: Mon, 04 Oct 2021 13:34:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 361448
cf-polished: origFmt=png, origSize=493463
x-guploader-uploadid: ADPycdtMpvixK-lwnNaOIyHMpNsqZeCjzShW_9ge6M4Y_hzgICxGK3kHrjCWP8_Y50WOOQkrXucEhX4by4r-sKZdPbM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 265368
last-modified: Thu, 30 Sep 2021 08:15:27 GMT
server: cloudflare
etag: "ce980df1d082d71778176a0cd62aea97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYuRL2P8kSCWObMNuaHGmXzYgfsNw2d7Cs6aPhmLEuGQzg6GtmcB5xU3Fa3mIE9HIOW1fv1akv7E2Paj2WJ2qMsz3xMufOWkVBnxstrWdyKJ0xDTuwydNUVl%2F%2F6X9fSl"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1632989727019063
content-type: image/webp
expires: Tue, 05 Oct 2021 13:34:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 493463
accept-ranges: bytes
cf-ray: 698ec9de0a824137-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 7FA67180D5A27475200A3D8C28EA3B6E6342219C6304DA4B47E1F6B68ACDBBD8C6ABCE82AEFB75F9C12AE181D6E45398725C3FF70979FAE4CD7D93FDA0F7A874
assets.ad4m.at/logo/ Frame C570 3 KB
4 KB 33ms
25ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/7FA67180D5A27475200A3D8C28EA3B6E6342219C6304DA4B47E1F6B68ACDBBD8C6ABCE82AEFB75F9C12AE181D6E45398725C3FF70979FAE4CD7D93FDA0F7A874
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d9df8f766f5bf133771bb7f521ee11a498a605c9d92b8ba25b4965330a93db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=5lwWxQ==, md5=HTw2iD391u7JacG1+ujlpg==
date: Mon, 04 Oct 2021 13:34:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 935664
cf-polished: qual=85, origFmt=jpeg, origSize=7496
x-guploader-uploadid: ADPycdsKUdr0mzS7URIvSrD0ZGfC_Z6ijzcEPP7VekVSIEbU-8XJYnbUU2x6NNciuLG16pVHV8P47BT__MlBwXL_XIk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3176
last-modified: Thu, 23 Sep 2021 11:18:05 GMT
server: cloudflare
etag: "1d3c36883dfdd6eec969c1b5fae8e5a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Sf9Tr%2FfTRg%2FpwDViabN5ae7MfLC53w%2FcDffWIxOt%2FibE7Gp4Aw2e4Q77fG1qKqAA6mhi2Se%2FD%2Ft7nFD3adIDILEx7gjLlRfIoOvOfLYKcEiADxjGiHvqsKkR4US2i9R"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1632395885057157
content-type: image/webp
expires: Tue, 05 Oct 2021 13:34:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 7496
accept-ranges: bytes
cf-ray: 698ec9de0a7f4137-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 0A2D7FC02189CAB171B0822558A0DB474DAA4405B84C682DD0C3E4C19D9514D25990E61108FF3C476686F848DF81142E04EA9E1F27C76D908D8AD3BCF11EDEFE
assets.ad4m.at/product_image/ Frame C570 302 KB
303 KB 53ms
45ms Image
image/webp 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/0A2D7FC02189CAB171B0822558A0DB474DAA4405B84C682DD0C3E4C19D9514D25990E61108FF3C476686F848DF81142E04EA9E1F27C76D908D8AD3BCF11EDEFE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8919450e1062e9586921de98c3fa7b33caae60c315fc41ac74810e17afa38625

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=n6tBTA==, md5=ISPQWsccqvIJ+CfMWOQKDg==
date: Mon, 04 Oct 2021 13:34:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 935664
cf-polished: origFmt=png, origSize=551623
x-guploader-uploadid: ADPycdus6s3TaGLQwEIxfvg5g2OfLneCqj6isZV9ctwq8I4glcZyZ41S6nd8l6MSlLu9vYUBwiVCpDVXvPVrx2Ps_ms
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 309414
last-modified: Thu, 23 Sep 2021 11:25:42 GMT
server: cloudflare
etag: "2123d05ac71caaf209f827cc58e40a0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5k46YlDlN5kQlmbQORJPFi8U4B%2BJr1NpZC2iyc7yF26CjUFHk6dif1KK9Np22xNBx%2Bw66u%2BU4wTcePvt0SKuBMy9SRp6Mflc%2F2dFtVrynnLbWEvN%2Fn5yamwxuOLF%2Bds"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1632396342280598
content-type: image/webp
expires: Tue, 05 Oct 2021 13:34:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 551623
accept-ranges: bytes
cf-ray: 698ec9de0a814137-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

cshow.php
www.zenaps.com/ Frame C570
Redirect Chain

https://www.awin1.com/cshow.php?s=2939256&v=22506&q=418383&r=412871&pv=1&pref3=oneid52EQTXfEfG9ddhpH7HMt3tGVKtETkt4zoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300...
https://www.zenaps.com/cshow.php?pvr=d063ce00-2517-11ec-bef8-692d023ad792&v=22506&r=412871&q=418383&s=2939256&viewref3=oneid52EQTXfEfG9ddhpH7HMt3tGVKtETkt4zoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6...

43 B
707 B

72ms
41ms

Image
image/gif

104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zenaps.com/cshow.php?pvr=d063ce00-2517-11ec-bef8-692d023ad792&v=22506&r=412871&q=418383&s=2939256&viewref3=oneid52EQTXfEfG9ddhpH7HMt3tGVKtETkt4zoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x250&pv=1&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 04 Oct 2021 13:34:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

Redirect headers

Date: Mon, 04 Oct 2021 13:34:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.zenaps.com/cshow.php?pvr=d063ce00-2517-11ec-bef8-692d023ad792&v=22506&r=412871&q=418383&s=2939256&viewref3=oneid52EQTXfEfG9ddhpH7HMt3tGVKtETkt4zoneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x250&pv=1&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 imp Show response
impfr.tradedoubler.com/ Frame C570 360 B
1 KB 32ms
8ms Script
application/x-javascript 35.186.231.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://impfr.tradedoubler.com/imp?type(js)g(25087812)a(3196197)epi(oneidDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8goneid__asuidghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJasuid__webplexmedia_advancedad_UK_300x250)365182418
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.231.186.35.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: 1967f6f6dead6d0034a9fb6a777fda79903e40b258d01527a5b49093c3294156

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Oct 2021 13:34:35 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: application/x-javascript; charset=ISO-8859-1
alt-svc: clear
content-length: 360

GET
H/1.1 200
OK advanced_store_627x627.png
vht.tradedoubler.com/file/317522/ Frame C570 483 KB
484 KB 38ms
9ms Image
image/png 65.9.66.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vht.tradedoubler.com/file/317522/advanced_store_627x627.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15423%2C164293%2C163367&b=P2AZTBfbfDk6t9HjHbtMtPA4SZTgtMk%2CDZdAH3fwfX8pwa3HmH9t1tkEgqcWTVt8g%2C52EQTXfEfG9ddhpH7HMt3tGVKtETkt4z&f=bGe9UQfZfeJZSYHbHzt8CwD6fxT3tWJ%2Cdpe3uEfkfPZdKhEHjHwtqC5kMAH3TRtW1%2CpqXzs1fgfmPKKukH4HmtJC6pghgT7tX1&c=300&d=250&e=ghlz6OjPvT2_BxdTbC1lj0JENV-C6AfJ&g=69d4344e87c7c846fa30fe2dab278ddd%2F15695601293754060152&i=20258%2C63541%2C30181&j=16%2C19%2C16&k=0&l=0&m=0&n=&p=&q=&o=webplexmedia_advancedad_UK_300x250&r=1633354475110&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 5301bde81bda71f3e769c6c2e91083564953d09967b965e74a1855a16d16cb2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 09:11:57 GMT
Via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
Age: 361358
X-Edge-Origin-Shield-Skipped: 0
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 495080
Last-Modified: Wed, 29 Sep 2021 12:14:46 GMT
Server: Apache
ETag: "78de8-5cd21469f1980"
Content-Type: image/png
Cache-Control: max-age=604800, public
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: B9mt8ZEn03ZXPK8Iq8U_XmoKKbumUk_ZHAvvmBYRWjtD7XRqvbkcWQ==
Expires: Thu, 07 Oct 2021 09:11:57 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fl-y.com/	1969-12-31 23:59:59	Name: shorturl Value: lj9e4haq179lb2e4io454c15s6
.tradedoubler.com/	1970-01-20 06:28:10	Name: BT Value: 1z11zzqQziKWmszcgcXduVzzJx1z9ycgcXduV
.tradedoubler.com/	1970-01-20 06:28:10	Name: PI Value: 1z11z1zqQz1o9M4hzFXAny1y24949y1eGbyyyB89py1WChy2Gkpr9yyDf8k%79g8VRGgiUsseGbs0T648Wepw7%78TM7P7q.MV2h70o3%78rXFE%79U_bBepYc4BDOkv%7afd%7ao2RWLVND3.KcD%78a%79wptdsnpB6aU8gI8_Ga37Zi%7aOdv%7ac1f0KEiF0LWEB_q4AZ49JlOJEXXS4rDanSk2mtcKiB.9X1UhHG%79PW0bNlv7Qoy
.tradedoubler.com/	1970-01-20 06:28:10	Name: UI Value: 1z11zzqQz1MfgkPz1SC2yKuEY
.awin1.com/	1970-01-19 21:45:27	Name: awpv22506 Value: 412871\|1633354475\|d063ce00-2517-11ec-bef8-692d023ad792
.awin1.com/	1970-01-19 22:04:10	Name: awpv12590 Value: 412871\|1633354475\|d0641c20-2517-11ec-bef8-692d023ad792
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 364258:2402950
.zenaps.com/	1970-01-19 22:04:10	Name: awpv12590 Value: 412871\|1633354475\|d0641c20-2517-11ec-bef8-692d023ad792
.zenaps.com/	1970-01-19 21:45:27	Name: awpv22506 Value: 412871\|1633354475\|d063ce00-2517-11ec-bef8-692d023ad792
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 418383:2939256

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://view.webplexmedia.de/banner.php?uid=436643363&e=0&p=0&s=0&sid=1061&size=4 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://g.cash-ads.com/js/base.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
as.ad4m.at
assets.ad4m.at
g.cash-ads.com
impfr.tradedoubler.com
vht.tradedoubler.com
view.webplexmedia.de
www.awin1.com
www.fl-y.com
www.zenaps.com
104.111.239.217
104.26.10.209
35.186.231.97
51.91.68.112
65.9.66.127
85.114.134.182
94.23.28.150
01b6aaba858a4df8f2ab2caa78c42fa540606c06c88677038237d78bd91e07b6
0301fa72e29c43882eb4d19a27a4df0a56ac7236b74fb078fdc63fc5c026fbc2
06f4e73215c99f67d0e80eabe42be736c8c152cca7517a2208a31075faeef2c1
09d9df8f766f5bf133771bb7f521ee11a498a605c9d92b8ba25b4965330a93db
14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5
1967f6f6dead6d0034a9fb6a777fda79903e40b258d01527a5b49093c3294156
1e5c9b7666879e6c996ea80d972b51a21f7e559ad432ade4a23fea082185f4b3
1e95de40bf0b25280e994f40c3b1516bbd0a4af08e580b5429e52051a6ac7f51
28afcde4afb3cb9a4e313c6dcda89313aa9652957cf29ea8ee12b48f4df49e08
2d29f85aaf6621e781bf0f40de0cb7bcd56e7f6f981f714519013bc7bb93d841
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
5301bde81bda71f3e769c6c2e91083564953d09967b965e74a1855a16d16cb2b
594dda6ed39b190a5341fcbb9b5be5935e7624b66247e966a55b7cbe37f38f40
597fb1d1fdfebef9dc6deb9d1bbcc59bb010d60a060cc3ea8ef479c4f3a597b6
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841
6c924b97f3dab18e43d9b99a9f07f54e2e87f31b7718d5f998839a9f551dd136
6ceb2dbd14d506151268787dd2dcedeb08fc9354db9ba5f2000f37f670e1f4d3
7a09f63cddacf0290f5f64ae98dc651436ab9144905d8a40ed7ac1e1892a3135
8919450e1062e9586921de98c3fa7b33caae60c315fc41ac74810e17afa38625
8c25ade0a1d20dfb962dbc265e60d98d90544f13ce586820e3c3dc2baae64e81
8ed7b1b667fac2548eb9511e8f5c00d874e2fcc0f6bce963220e9974d9157b95
91a25e39ba42309216c72700c26c1aaa1d2759e7089a97376688d766e7637005
a6c3f86b052c69af5d5bb6fa9d0a19ead45871487e3ea8e34ec5d6a8a8286c7d
bb68c7dee0489b45f038957a815eb002c70ea04ea836f2a5e949980bb888039a
c354f0f2da16773655a83ab6c20266f3df84a4b6a4bd45eeb83b6c9b6b7f20a9
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
cf3b8b5bdce010615eec4f4e370ba4fa3cd321d33a1f25fb21605825cb65651c
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d3c5ae27aa3a1d6e3cf66d3ada33aa7e7d4e1f6ddef9cb67d8a1d7124a786204
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a21f00272ebf0c6b15973a9298b362917872a7ea7c882dd1d8593c19ef13ab
f3e6ab1c041fa2c775e4e125baa560510d145a2137626e91c7b1694af6e0077a

www.fl-y.com Open in urlscan Pro 94.23.28.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

63 %HTTPS

0 %IPv6

7 Domains

10 Subdomains

7 IPs

3 Countries

1343 kBTransfer

1819 kBSize

10 Cookies

1 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.fl-y.com Open in urlscan Pro
94.23.28.150 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

63 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

7
IPs

3
Countries

1343 kB
Transfer

1819 kB
Size

10
Cookies

35 HTTP transactions
0 data transactions