godl.de Open in urlscan Pro
2a01:488:42:1000:b24d:6b9d:fff9:e2c8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clck.ru.com/JObmgp
Effective URL:
https://godl.de/?ID=106535
Submission: On March 29 via manual (March 29th 2020, 8:55:41 pm UTC) from US

Summary HTTP 200 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 71 IPs in 9 countries across 61 domains to perform 200 HTTP transactions. The main IP is 2a01:488:42:1000:b24d:6b9d:fff9:e2c8, located in Germany and belongs to GODADDY, DE. The main domain is godl.de.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on February 28th 2020. Valid for: a year.

This is the only time godl.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3035::681f:4f76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
1	92.38.252.165 92.38.252.165	12695 (DINET-AS) (DINET-AS)
10	188.72.202.2 188.72.202.2	35415 (WEBZILLA) (WEBZILLA)
1 7	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	2a01:488:42:1... 2a01:488:42:1000:b24d:6b9d:fff9:e2c8	20773 (GODADDY) (GODADDY)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	89.19.36.50 89.19.36.50	9002 (RETN-AS) (RETN-AS)
6	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
2	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
8	62.138.21.14 62.138.21.14	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
16	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	78.140.191.78 78.140.191.78	35415 (WEBZILLA) (WEBZILLA)
1	13.224.194.93 13.224.194.93	16509 (AMAZON-02) (AMAZON-02)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1 2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:214... 2600:9000:214f:9a00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
1	74.214.194.132 74.214.194.132	59940 (PULSEPOIN...) (PULSEPOINT-EU)
1	13.225.73.41 13.225.73.41	16509 (AMAZON-02) (AMAZON-02)
1 6	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
3	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff10	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	145.239.192.166 145.239.192.166	16276 (OVH) (OVH)
2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.228.74.187 91.228.74.187	27281 (QUANTCAST) (QUANTCAST)
1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1	13.225.87.221 13.225.87.221	16509 (AMAZON-02) (AMAZON-02)
3	72.247.225.98 72.247.225.98	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	188.72.202.229 188.72.202.229	35415 (WEBZILLA) (WEBZILLA)
2	54.236.96.85 54.236.96.85	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:dc00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:dc00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:e0:... 2606:4700:e0::ac40:6304	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:205... 2600:9000:2057:6400:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	176.34.251.17 176.34.251.17	16509 (AMAZON-02) (AMAZON-02)
1	143.204.202.93 143.204.202.93	16509 (AMAZON-02) (AMAZON-02)
1	143.204.97.6 143.204.97.6	16509 (AMAZON-02) (AMAZON-02)
2	78.140.190.68 78.140.190.68	35415 (WEBZILLA) (WEBZILLA)
1	35.157.40.44 35.157.40.44	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 18	188.42.29.196 188.42.29.196	7979 (SERVERS) (SERVERS)
2 7	3.124.245.94 3.124.245.94	16509 (AMAZON-02) (AMAZON-02)
1	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
2	54.38.64.100 54.38.64.100	16276 (OVH) (OVH)
2	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
3	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY)
2	23.55.161.7 23.55.161.7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
4	185.255.84.155 185.255.84.155	200271 (IGUANE-) (IGUANE-)
1 3	172.227.85.103 172.227.85.103	16625 (AKAMAI-AS) (AKAMAI-AS)
2	87.98.153.73 87.98.153.73	16276 (OVH) (OVH)
6	34.240.117.131 34.240.117.131	16509 (AMAZON-02) (AMAZON-02)
1	18.194.134.136 18.194.134.136	16509 (AMAZON-02) (AMAZON-02)
2	37.187.190.91 37.187.190.91	16276 (OVH) (OVH)
2	5.135.32.18 5.135.32.18	16276 (OVH) (OVH)
200	71

4 2606:4700:3035::681f:4f76 (United States)

ASN13335 (CLOUDFLARENET, US)

clck.ru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.38.252.165 (Russian Federation)

ASN12695 (DINET-AS, RU)

allstat-pp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 188.72.202.2 (Netherlands)

ASN35415 (WEBZILLA, NL)

propu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:488:42:1000:b24d:6b9d:fff9:e2c8 (Germany)

ASN20773 (GODADDY, DE)

godl.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.19.36.50 (Netherlands)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 62.138.21.14 (Germany)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: vs237273.vs.hosteurope.de

vs237273.vs.hosteurope.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2, US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.140.191.78 (Netherlands)

ASN35415 (WEBZILLA, NL)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-93.fra2.r.cloudfront.net

cdn.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.145 (France)

ASN16276 (OVH, FR)

g.themoneytizer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.194.132 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.41 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-41.fra2.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.86.137.32 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4a0:1338:28::c38a:ff10 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.192.166 (France)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (Germany)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.187 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.221 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-221.fra2.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.247.225.98 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-225-98.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.72.202.229 (Netherlands)

ASN35415 (WEBZILLA, NL)

ofgogoatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.236.96.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-96-85.compute-1.amazonaws.com

api.purpleads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:dc00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:dc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:6304 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:6400:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.251.17 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-251-17.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.202.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-93.fra53.r.cloudfront.net

api.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-6.fra50.r.cloudfront.net

audit.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.140.190.68 (Netherlands)

ASN35415 (WEBZILLA, NL)

static.ptoahaistais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.40.44 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-40-44.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.145 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 188.42.29.196 (Luxembourg) 6 redirects

ASN7979 (SERVERS, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.124.245.94 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

moneytizer-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.38.64.100 (France)

ASN16276 (OVH, FR)

c.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

fo-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fo-ssp.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.55.161.7 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-55-161-7.deploy.static.akamaitechnologies.com

fo-static.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

clarium.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.255.84.155 (France)

ASN200271 (IGUANE-, FR)

tracking.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.227.85.103 (United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a172-227-85-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.98.153.73 (France)

ASN16276 (OVH, FR)

7cwl6ef162.s.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.240.117.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-117-131.eu-west-1.compute.amazonaws.com

s.clcktrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.134.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-134-136.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.187.190.91 (France)

ASN16276 (OVH, FR)
PTR: ip91.ip-37-187-190.eu

c.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.ad6media.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.135.32.18 (France)

ASN16276 (OVH, FR)
PTR: ip18.ip-5-135-32.eu

style.ad6.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
style2.ad6.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	betweendigital.com 6 redirects ads.betweendigital.com	7 KB
16	themoneytizer.com ads.themoneytizer.com	194 KB
16	yandex.ru 2 redirects an.yandex.ru mc.yandex.ru	343 KB
10	propu.sh propu.sh	76 KB
8	omnitagjs.com fo-api.omnitagjs.com fo-static.omnitagjs.com tracking.omnitagjs.com fo-ssp.omnitagjs.com	104 KB
8	hosteurope.de vs237273.vs.hosteurope.de	409 KB
7	360yield.com 2 redirects ice.360yield.com	13 KB
7	consensu.org quantcast.mgr.consensu.org static.quantcast.mgr.consensu.org vendorlist.consensu.org api.quantcast.mgr.consensu.org audit.quantcast.mgr.consensu.org	170 KB
6	clcktrax.com s.clcktrax.com	36 KB
6	smartadserver.com 1 redirects ww1097.smartadserver.com	10 KB
6	yandex.net avatars.mds.yandex.net	151 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	135 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	94 KB
4	ad6media.fr 7cwl6ef162.s.ad6media.fr c.ad6media.fr m.ad6media.fr	21 KB
4	inpagepush.com inpagepush.com	19 KB
4	gstatic.com fonts.gstatic.com	40 KB
4	godl.de godl.de	63 KB
4	ru.com clck.ru.com	29 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	taboola.com cdn.taboola.com trc.taboola.com Failed	308 KB
3	adnxs.com ib.adnxs.com	4 KB
3	ofgogoatan.com ofgogoatan.com	31 KB
3	sascdn.com ced-ns.sascdn.com	22 KB
3	fontawesome.com use.fontawesome.com	102 KB
3	purpleads.io cdn.purpleads.io api.purpleads.io	5 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	159 B
2	ad6.fr style.ad6.fr style2.ad6.fr	2 KB
2	tmyzer.com c.tmyzer.com	400 B
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	ptoahaistais.com static.ptoahaistais.com	15 KB
2	facebook.com www.facebook.com
2	4dex.io script.4dex.io	19 KB
2	facebook.net connect.facebook.net	112 KB
2	onetag-sys.com onetag-sys.com	453 B
2	criteo.com gum.criteo.com bidder.criteo.com	466 B
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
2	yastatic.net yastatic.net	8 KB
2	google.com 1 redirects adservice.google.com www.google.com	360 B
2	google.de adservice.google.de www.google.de	948 B
1	clarium.io protected-by.clarium.io	345 B
1	fastly.net clarium.global.ssl.fastly.net	15 KB
1	openx.net moneytizer-d.openx.net	422 B
1	districtm.io dmx.districtm.io	262 B
1	3lift.com tlx.3lift.com	471 B
1	adleadevent.com adtrack.adleadevent.com	518 B
1	quantcount.com rules.quantcount.com	966 B
1	indexww.com js-sec.indexww.com	454 B
1	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	26 KB
1	eyeota.net ps.eyeota.net	1 KB
1	quantserve.com secure.quantserve.com	6 KB
1	zeotap.com spl.zeotap.com
1	leadplace.fr tag.leadplace.fr	3 KB
1	cpx.to p.cpx.to	2 KB
1	contextweb.com tag.contextweb.com	11 KB
1	themoneytizer.net g.themoneytizer.net	200 B
1	bing.com www.bing.com	336 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	rtmark.net my.rtmark.net	769 B
1	googletagservices.com www.googletagservices.com	27 KB
1	allstat-pp.ru allstat-pp.ru	11 KB
0	webeaglepower.com Failed www.webeaglepower.com Failed
200	61

	Domain	Requested by
18	ads.betweendigital.com	6 redirects
16	ads.themoneytizer.com	godl.de ads.themoneytizer.com
10	propu.sh	clck.ru.com propu.sh
9	mc.yandex.ru	1 redirects clck.ru.com mc.yandex.ru
8	vs237273.vs.hosteurope.de	godl.de ajax.googleapis.com
7	ice.360yield.com	2 redirects godl.de
7	an.yandex.ru	1 redirects clck.ru.com an.yandex.ru
6	s.clcktrax.com	clarium.global.ssl.fastly.net s.clcktrax.com
6	ww1097.smartadserver.com	1 redirects ads.themoneytizer.com
6	avatars.mds.yandex.net	clck.ru.com an.yandex.ru
4	tracking.omnitagjs.com
4	inpagepush.com	godl.de inpagepush.com
4	fonts.gstatic.com	ajax.googleapis.com godl.de
4	godl.de	clck.ru.com godl.de
4	pagead2.googlesyndication.com	clck.ru.com pagead2.googlesyndication.com
4	clck.ru.com	clck.ru.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com godl.de
3	cdn.taboola.com	clck.ru.com cdn.taboola.com
3	ib.adnxs.com	ads.themoneytizer.com
3	ofgogoatan.com	godl.de ads.themoneytizer.com
3	ced-ns.sascdn.com	godl.de ads.themoneytizer.com
3	use.fontawesome.com	godl.de
3	ajax.googleapis.com	clck.ru.com godl.de ads.themoneytizer.com
2	7cwl6ef162.s.ad6media.fr	clck.ru.com godl.de
2	fo-static.omnitagjs.com	fo-api.omnitagjs.com ads.themoneytizer.com
2	c.tmyzer.com	ads.themoneytizer.com
2	as-sec.casalemedia.com	ads.themoneytizer.com
2	static.ptoahaistais.com
2	vendorlist.consensu.org	quantcast.mgr.consensu.org
2	www.facebook.com	connect.facebook.net
2	script.4dex.io	ads.themoneytizer.com script.4dex.io
2	static.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
2	api.purpleads.io	cdn.purpleads.io godl.de
2	connect.facebook.net	godl.de connect.facebook.net
2	onetag-sys.com	ads.themoneytizer.com
2	ssl.google-analytics.com	1 redirects godl.de
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	yastatic.net	an.yandex.ru yastatic.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.googleapis.com	clck.ru.com godl.de
1	fo-ssp.omnitagjs.com	fo-static.omnitagjs.com
1	style2.ad6.fr	c.ad6media.fr
1	style.ad6.fr	c.ad6media.fr
1	m.ad6media.fr	godl.de
1	c.ad6media.fr	clck.ru.com
1	protected-by.clarium.io	godl.de
1	clarium.global.ssl.fastly.net	ads.themoneytizer.com
1	fo-api.omnitagjs.com	ads.themoneytizer.com
1	moneytizer-d.openx.net	ads.themoneytizer.com
1	dmx.districtm.io	ads.themoneytizer.com
1	bidder.criteo.com	ads.themoneytizer.com
1	tlx.3lift.com	ads.themoneytizer.com
1	audit.quantcast.mgr.consensu.org	static.quantcast.mgr.consensu.org
1	api.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	adtrack.adleadevent.com	ajax.googleapis.com
1	rules.quantcount.com	secure.quantserve.com
1	www.google.de	godl.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	js-sec.indexww.com	ads.themoneytizer.com
1	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
1	ps.eyeota.net	ads.themoneytizer.com
1	secure.quantserve.com	ads.themoneytizer.com
1	spl.zeotap.com	ads.themoneytizer.com
1	tag.leadplace.fr	ads.themoneytizer.com
1	gum.criteo.com	ads.themoneytizer.com
1	p.cpx.to	ads.themoneytizer.com
1	tag.contextweb.com	ads.themoneytizer.com
1	g.themoneytizer.net	ads.themoneytizer.com
1	quantcast.mgr.consensu.org	godl.de
1	www.bing.com	godl.de
1	cdn.purpleads.io	godl.de
1	cdnjs.cloudflare.com	godl.de
1	my.rtmark.net	clck.ru.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	allstat-pp.ru	clck.ru.com
0	trc.taboola.com Failed	cdn.taboola.com
0	www.webeaglepower.com Failed	godl.de
200	80

This site contains links to these domains. Also see Links.

Domain
www.ebesucher.de
godl.uservoice.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-22` - `2020-10-09`	8 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
allstat-pp.ru Let's Encrypt Authority X3	`2020-03-10` - `2020-06-08`	3 months	crt.sh
*.propu.sh Let's Encrypt Authority X3	`2020-03-19` - `2020-06-17`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2019-09-24` - `2020-09-23`	a year	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
www.godl.de Starfield Secure Certificate Authority - G2	`2020-02-28` - `2021-05-29`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-03-12` - `2020-06-10`	3 months	crt.sh
*.avatars.yandex.net Yandex CA	`2019-10-04` - `2020-10-03`	a year	crt.sh
static.yandex.net Yandex CA	`2019-09-06` - `2020-09-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
vs237273.vs.hosteurope.de Encryption Everywhere DV TLS CA - G2	`2019-07-04` - `2020-07-03`	a year	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-02-23` - `2020-05-23`	3 months	crt.sh
*.purpleads.io Amazon	`2020-01-29` - `2021-02-28`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
quantcast.mgr.consensu.org Amazon	`2019-05-06` - `2020-06-06`	a year	crt.sh
g.themoneytizer.net GoGetSSL RSA DV CA	`2019-10-16` - `2022-01-17`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2021-02-08`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-10-17` - `2020-10-16`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2018-09-06` - `2020-09-12`	2 years	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-03-02` - `2020-05-31`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-02-10` - `2020-05-10`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
ofgogoatan.com Let's Encrypt Authority X3	`2020-03-17` - `2020-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
vendorlist.consensu.org Amazon	`2020-02-07` - `2021-03-07`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2019-06-30` - `2020-07-30`	a year	crt.sh
ptoahaistais.com Let's Encrypt Authority X3	`2020-03-19` - `2020-06-17`	3 months	crt.sh
*.3lift.com Amazon	`2019-07-17` - `2020-08-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
districtm.io CloudFlare Inc ECC CA-2	`2020-02-25` - `2020-10-09`	7 months	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-02-16`	2 years	crt.sh
*.360yield.com Amazon	`2019-09-24` - `2020-10-24`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
c.tmyzer.com Let's Encrypt Authority X3	`2020-02-11` - `2020-05-11`	3 months	crt.sh
omnitagjs.com Sectigo RSA Organization Validation Secure Server CA	`2019-03-26` - `2020-06-23`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-03` - `2020-07-25`	5 months	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-12-18` - `2020-12-18`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.s.ad6media.fr Let's Encrypt Authority X3	`2020-02-24` - `2020-05-24`	3 months	crt.sh
tworismo.com Sectigo ECC Domain Validation Secure Server CA	`2019-06-05` - `2020-06-04`	a year	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2018-04-26` - `2020-04-26`	2 years	crt.sh
*.ad6.fr Let's Encrypt Authority X3	`2020-03-03` - `2020-06-01`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://godl.de/?ID=106535
Frame ID: 70732A00F1A39D1F96B54B552A5066E0
Requests: 169 HTTP requests in this frame

Frame: https://godl.de/?ID=106535
Frame ID: 045426636F8BF485B61076B9407B2BB5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200324/r20190131/zrt_lookup.html
Frame ID: 75DB1A2B4D3053E54A2C402119050F48
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4295317565354360&output=html&adk=1812271804&adf=3025194257&lmt=1585515322&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fclck.ru.com%2FJObmgp&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585515321953&bpp=10&bdt=243&idt=51&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5227423882285&frm=20&pv=2&ga_vid=1881263945.1585515322&ga_sid=1585515322&ga_hid=851404028&ga_fc=0&iag=0&icsg=528032&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44713364&oid=3&pvsid=842508112497876&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=64
Frame ID: 3050CD01A3DD882A59D70CA7AB3C9EE7
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 43E25AE1FAC9B19AEFDC1D98DF3699FB
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html
Frame ID: CD2CA6C85ADF0AFC4869608DF4F15705
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: A1BA58C4DE1BD881ACD49751E55F12AB
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1585515324456
Frame ID: 0357ABD3A5CAE6F1019B606FBD65B105
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: A15FC6279DD0B86EF052285AAB495B7C
Requests: 1 HTTP requests in this frame

Frame: https://static.quantcast.mgr.consensu.org/v32/cmp-3pc-check.html
Frame ID: 3B1B6BA4C1CDBC200FD6B851582B7563
Requests: 1 HTTP requests in this frame

Frame: https://ofgogoatan.com/fac.php
Frame ID: F06F2A5776A3F99D5862C15B09893821
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=510498218989214&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df20413882acb98%26domain%3Dgodl.de%26origin%3Dhttps%253A%252F%252Fgodl.de%252Ff23a3c821090fc%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.facebook.com%2Fgodl.de&layout=button_count&locale=de_DE&sdk=joey&show_faces=false
Frame ID: 8C87DA0D10277D92A5A35549F813406A
Requests: 1 HTTP requests in this frame

Frame: https://static.ptoahaistais.com/contents/s/d0/a2/96/f1aade4ffa6cc944798be8a8ff/0584772231814.png
Frame ID: EBCE360A5614CD77984019FB0D78D001
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: D49F990D1673BF34C9CCDEA9F71E144A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 3EEF14E182D435846EA02CFA1CE6280E
Requests: 5 HTTP requests in this frame

Frame: https://clarium.global.ssl.fastly.net/?wrapper=kvOrV736ysbL2xjqNpLELG0upfU&tpid=a3ZPclY3MzZ5c2JMMnhqcU5wTEVMRzB1cGZVL2ltcHJvdmVkaWdpdGFsOjcyOHg5MA%3D%3D&d=eyJ3aCI6ImEzWlBjbFkzTXpaNWMySk1NbmhxY1U1d1RFVk1SekIxY0daVkwybHRjSEp2ZG1Wa2FXZHBkR0ZzT2pjeU9IZzVNQT09Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsiaW1wcm92ZWRpZ2l0YWwiXSwiaGJfc2l6ZSI6WyI3Mjh4OTAiXX19LCJ3ciI6MH0=
Frame ID: 46EDE84993073F5B89164E6BF75C2876
Requests: 14 HTTP requests in this frame

Frame: https://style.ad6.fr/js/ads/img.htm?2
Frame ID: F016E1BFDB35DFFC70FCE3DCCED7792F
Requests: 1 HTTP requests in this frame

Frame: https://7cwl6ef162.s.ad6media.fr/p/50057/41414/13/0/0/0/0/1.005/0/0/0/58/0/2255358441213724/37117?&t=v
Frame ID: ED82FD5C8F2F8B669478298BDEBB8B1C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://clck.ru.com/JObmgp Page URL
https://godl.de/?ID=106535 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

200
Requests

98 %
HTTPS

40 %
IPv6

61
Domains

80
Subdomains

71
IPs

9
Countries

3000 kB
Transfer

8227 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ebesucher.de/werbung/buchen
Title: Werbung buchen

Search URL Search Domain Scan URL

URL: https://godl.uservoice.com/
Title: Ideen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clck.ru.com/JObmgp Page URL
https://godl.de/?ID=106535 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://an.yandex.ru/meta/409899?grab=dNCh0LXRgNCy0LjRgSDRgdC-0LrRgNCw0YnQtdC90LjRjyDRgdGB0YvQu9C-0LogY2xjay5ydSBjb20gLSDQo9C60L7RgNC-0YLQuNGC0YwgVVJMCjPQodC-0LrRgNCw0YLQuNGC0Ywg0YHRgdGL0LvQutGDIAo%3D&target-ref=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&imp-id=2&enable-flat-highlight=1&test-tag=274877906944002&ad-session-id=6825621585515322124&target-id=47222486&pcode-version=10740&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A0%2C%22height%22%3A0%2C%22left%22%3A1567%2C%22top%22%3A21%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B8483749400141%5D HTTP 302
https://an.yandex.ru/meta/409899?redir-setuniq=1&grab=dNCh0LXRgNCy0LjRgSDRgdC-0LrRgNCw0YnQtdC90LjRjyDRgdGB0YvQu9C-0LogY2xjay5ydSBjb20gLSDQo9C60L7RgNC-0YLQuNGC0YwgVVJMCjPQodC-0LrRgNCw0YLQuNGC0Ywg0YHRgdGL0LvQutGDIAo%3D&target-ref=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&imp-id=2&enable-flat-highlight=1&test-tag=274877906944002&ad-session-id=6825621585515322124&target-id=47222486&pcode-version=10740&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A0%2C%22height%22%3A0%2C%22left%22%3A1567%2C%22top%22%3A21%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B8483749400141%5D

Request Chain 29

https://mc.yandex.ru/watch/52933453?wmode=7&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200329225522%3Aet%3A1585515322%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A801127726%3Ahid%3A788275724%3Ads%3A15%2C33%2C1595%2C1%2C0%2C0%2C0%2C226%2C10%2C%2C%2C%2C1873%3Afp%3A1909%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585515322%3Au%3A1585515322178344781%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20clck.ru%20com%20-%20%D0%A3%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%B8%D1%82%D1%8C%20URL HTTP 302
https://mc.yandex.ru/watch/52933453/1?wmode=7&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200329225522%3Aet%3A1585515322%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A801127726%3Ahid%3A788275724%3Ads%3A15%2C33%2C1595%2C1%2C0%2C0%2C0%2C226%2C10%2C%2C%2C%2C1873%3Afp%3A1909%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585515322%3Au%3A1585515322178344781%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20clck.ru%20com%20-%20%D0%A3%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%B8%D1%82%D1%8C%20URL

Request Chain 89

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 103

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=719568530&utmhn=godl.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Werbung%20buchen%20%26%20Geld%20verdienen%20als%20Affiliate&utmhid=1424981012&utmr=https%3A%2F%2Fclck.ru.com%2FJObmgp&utmp=%2F%3FID%3D106535&utmht=1585515324574&utmac=UA-116505-7&utmcc=__utma%3D70168966.343894665.1585515325.1585515325.1585515325.1%3B%2B__utmz%3D70168966.1585515325.1.1.utmcsr%3Dclck.ru.com%7Cutmccn%3D(referral)%7Cutmcmd%3Dreferral%7Cutmcct%3D%2FJObmgp%3B&utmjid=926570486&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116505-7&cid=343894665.1585515325&jid=926570486&_v=5.7.2&z=719568530 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116505-7&cid=343894665.1585515325&jid=926570486&_v=5.7.2&z=719568530 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116505-7&cid=343894665.1585515325&jid=926570486&_v=5.7.2&z=719568530&slf_rd=1&random=3549481247

Request Chain 142

https://ads.betweendigital.com/adjson?jst=hb&ord=321652836772019.5&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=2977350&bidid=51e8e3cf9e5feeb&transactionid=f2ece287-61ef-48cf-8b25-bc7a0914c4da&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=321652836772019.5&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=2977350&bidid=51e8e3cf9e5feeb&transactionid=f2ece287-61ef-48cf-8b25-bc7a0914c4da&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Request Chain 143

https://ads.betweendigital.com/adjson?jst=hb&ord=8197357704079462&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=600&s=3026078&bidid=522464ff4a2794e&transactionid=523d5be8-e8cd-47c5-ae18-3a1b92a783b5&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=8197357704079462&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=600&s=3026078&bidid=522464ff4a2794e&transactionid=523d5be8-e8cd-47c5-ae18-3a1b92a783b5&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Request Chain 144

https://ads.betweendigital.com/adjson?jst=hb&ord=208315684950868.28&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=3026079&bidid=533b5813efbe8ae&transactionid=5d7822e6-b117-4dec-9ad6-642421ed6f89&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=208315684950868.28&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=3026079&bidid=533b5813efbe8ae&transactionid=5d7822e6-b117-4dec-9ad6-642421ed6f89&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Request Chain 145

https://ads.betweendigital.com/adjson?jst=hb&ord=3310028911581846&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=970&h=250&s=3138548&bidid=549ff2a3019c806&transactionid=d2301689-6917-434f-9eea-8bc6e0b74582&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=3310028911581846&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=970&h=250&s=3138548&bidid=549ff2a3019c806&transactionid=d2301689-6917-434f-9eea-8bc6e0b74582&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Request Chain 146

https://ads.betweendigital.com/adjson?jst=hb&ord=8917946469248590&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=160&h=600&s=3560152&bidid=55edf21492b1ec1&transactionid=b9e95b48-0538-44ab-81ff-eb83b69d3295&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=8917946469248590&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=160&h=600&s=3560152&bidid=55edf21492b1ec1&transactionid=b9e95b48-0538-44ab-81ff-eb83b69d3295&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Request Chain 147

https://ads.betweendigital.com/adjson?jst=hb&ord=4934642085059955&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=300&s=3632028&bidid=5670a9500553bd5&transactionid=f5f4a81c-fac0-4f72-a177-cf4ad231c7d0&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=4934642085059955&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=300&s=3632028&bidid=5670a9500553bd5&transactionid=f5f4a81c-fac0-4f72-a177-cf4ad231c7d0&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Request Chain 148

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2285559ea19f03c0f%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22582c733f0acab1d%22%2C%22pid%22%3A%2222123545%22%2C%22tid%22%3A%22ed439310-6f84-4939-9c12-c1e38e4004b7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%22598fb0e6c69ae64%22%2C%22pid%22%3A%2213319419%22%2C%22tid%22%3A%22688b765a-86d0-4f8d-a2dc-a2e191363d0b%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2260e1ecfc845ee91%22%2C%22pid%22%3A%2213319418%22%2C%22tid%22%3A%22f2ece287-61ef-48cf-8b25-bc7a0914c4da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22614dcf6047269a2%22%2C%22pid%22%3A%2222186949%22%2C%22tid%22%3A%22523d5be8-e8cd-47c5-ae18-3a1b92a783b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2285559ea19f03c0f%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22582c733f0acab1d%22%2C%22pid%22%3A%2222123545%22%2C%22tid%22%3A%22ed439310-6f84-4939-9c12-c1e38e4004b7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%22598fb0e6c69ae64%22%2C%22pid%22%3A%2213319419%22%2C%22tid%22%3A%22688b765a-86d0-4f8d-a2dc-a2e191363d0b%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2260e1ecfc845ee91%22%2C%22pid%22%3A%2213319418%22%2C%22tid%22%3A%22f2ece287-61ef-48cf-8b25-bc7a0914c4da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22614dcf6047269a2%22%2C%22pid%22%3A%2222186949%22%2C%22tid%22%3A%22523d5be8-e8cd-47c5-ae18-3a1b92a783b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D

Request Chain 149

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2286185258673e8f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226239ab6f2b114bd%22%2C%22pid%22%3A%2222000069%22%2C%22tid%22%3A%225d7822e6-b117-4dec-9ad6-642421ed6f89%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22635abae45dbda21%22%2C%22pid%22%3A%2222032868%22%2C%22tid%22%3A%22d2301689-6917-434f-9eea-8bc6e0b74582%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%22643ac3a8b3a424b%22%2C%22pid%22%3A%2222170882%22%2C%22tid%22%3A%22b9e95b48-0538-44ab-81ff-eb83b69d3295%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2265ace87d9922028%22%2C%22pid%22%3A%2222185926%22%2C%22tid%22%3A%22f5f4a81c-fac0-4f72-a177-cf4ad231c7d0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D HTTP 302
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2286185258673e8f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226239ab6f2b114bd%22%2C%22pid%22%3A%2222000069%22%2C%22tid%22%3A%225d7822e6-b117-4dec-9ad6-642421ed6f89%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22635abae45dbda21%22%2C%22pid%22%3A%2222032868%22%2C%22tid%22%3A%22d2301689-6917-434f-9eea-8bc6e0b74582%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%22643ac3a8b3a424b%22%2C%22pid%22%3A%2222170882%22%2C%22tid%22%3A%22b9e95b48-0538-44ab-81ff-eb83b69d3295%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2265ace87d9922028%22%2C%22pid%22%3A%2222185926%22%2C%22tid%22%3A%22f5f4a81c-fac0-4f72-a177-cf4ad231c7d0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D

Request Chain 185

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1585515335802&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1585515335802&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&c9=

200 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 JObmgp Show response
clck.ru.com/ 5 KB
2 KB 1645ms
1596ms Document
text/html 2606:4700:3035::681f:4f76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clck.ru.com/JObmgp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:4f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: ce001627506034a4b34f4e15d58a1a64846263474a8c85c5a63a140571e1c664

Request headers

:method: GET
:authority: clck.ru.com
:scheme: https
:path: /JObmgp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
date: Sun, 29 Mar 2020 20:55:21 GMT
content-type: text/html
set-cookie: __cfduid=dbc3c2803b3bc58bf2aed75d779f359b71585515320; expires=Tue, 28-Apr-20 20:55:20 GMT; path=/; domain=.clck.ru.com; HttpOnly; SameSite=Lax PHPSESSID=bfb069ff0048d30429032ae5f946f864; path=/
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-beget-proxy: rauf3.beget.ru
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57bc7dbebdf61f29-FRA
content-encoding: br

GET
H2 200 bootstrap.min.css
clck.ru.com/assets/css/ 107 KB
17 KB 210ms
209ms Stylesheet
text/css 2606:4700:3035::681f:4f76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clck.ru.com/assets/css/bootstrap.min.css
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:4f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 29 Mar 2020 20:55:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Aug 2014 06:02:34 GMT
server: cloudflare
etag: W/"53f2e87a-1abce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=604800
cf-ray: 57bc7dc8bde01f29-FRA
x-beget-proxy: rauf3.beget.ru
expires: Sun, 05 Apr 2020 20:55:21 GMT

GET
H2 200 style.css
clck.ru.com/assets/css/ 17 KB
2 KB 39ms
37ms Stylesheet
text/css 2606:4700:3035::681f:4f76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clck.ru.com/assets/css/style.css
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:4f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a04a3d726a53c11457891156f47f2e5241800c18f2f39fed6e63e70fd6f6b

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 29 Mar 2020 20:55:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Aug 2014 12:27:46 GMT
server: cloudflare
age: 84552
etag: W/"53f342c2-4324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=604800
cf-ray: 57bc7dc8bde21f29-FRA
expires: Sat, 04 Apr 2020 21:26:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
783 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,latin-ext,cyrillic

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bab0b174425982331c71791b61db7a1194be7a08bcad2a265d5ca9e21753dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Mar 2020 20:55:21 GMT
server: ESF
date: Sun, 29 Mar 2020 20:55:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Mar 2020 20:55:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 38ms
1ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 05 Feb 2020 03:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4640953
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 03:46:08 GMT

GET
H2 200 bootstrap.min.js Show response
clck.ru.com/assets/js/ 31 KB
8 KB 39ms
38ms Script
application/x-javascript 2606:4700:3035::681f:4f76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clck.ru.com/assets/js/bootstrap.min.js
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:4f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:21 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Aug 2014 06:04:08 GMT
server: cloudflare
age: 100355
etag: W/"53f2e8d8-7c4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=604800
cf-ray: 57bc7dc8bde41f29-FRA
x-beget-proxy: rauf3.beget.ru
expires: Sat, 04 Apr 2020 17:02:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 108 KB
39 KB 78ms
28ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5770296964d94c22c5e1910d596ad954432f78031b3a2911e9e4fea39a9e839

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39155
x-xss-protection: 0
server: cafe
etag: 18020887556007674622
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 29 Mar 2020 20:55:21 GMT

GET
H2 200 3d4d5a5edfb219975a61b2adaf980defc6f47fd3.js Show response
allstat-pp.ru/6422/ 41 KB
11 KB 257ms
72ms Script
application/javascript 92.38.252.165
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://allstat-pp.ru/6422/3d4d5a5edfb219975a61b2adaf980defc6f47fd3.js
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 92.38.252.165 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: d97d906a4f2d89a3416faf010b964bdea98cb3a0809bf107e159dcde435e7c68

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:21 GMT
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 14:31:19 GMT
server: nginx/1.16.1
etag: W/"5e7cbcb7-a54e"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tag.min.js Show response
propu.sh/pfe/current/ 38 KB
12 KB 77ms
20ms Script
application/javascript 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/pfe/current/tag.min.js?z=3149449
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: fcd8e5faedb2e8b4db653598635f424279c6cd7a58ea9b8d31f511ae5d3dd501

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 11:11:14 GMT
Server: nginx
ETag: W/"5e7ddf52-9677"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 context.js Show response
an.yandex.ru/system/ 57 KB
16 KB 183ms
95ms Script
application/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

5982f897398489eb413c6b74baf38686668206eeadcba824beea24d86a1d1686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:22 GMT
content-encoding: br
last-modified: Fri, 27 Mar 2020 08:52:26 GMT
server: nginx/1.12.2
access-control-allow-origin: *
etag: W/"E206-5E7DBECA"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 29 Mar 2020 21:55:22 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 363 KB
92 KB 184ms
91ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

a4912d4672193aaabe4d977455cf9e2209e14c40dea212cfe1fd7020e217b19b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:22 GMT
Content-Encoding: br
Last-Modified: Fri, 27 Mar 2020 15:30:02 GMT
Server: nginx/1.14.2
ETag: "5e7e1bfa-16eea"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 93930
Expires: Sun, 29 Mar 2020 21:55:22 GMT

GET
H/1.1 200
OK Cookie set /
godl.de/ Frame 0454 0
0 386ms
335ms Document
text/html 2a01:488:42:1000:b24d:6b9d:fff9:e2c8
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://godl.de/?ID=106535

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:488:42:1000:b24d:6b9d:fff9:e2c8 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: godl.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://clck.ru.com/JObmgp
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://clck.ru.com/JObmgp

Response headers

Date: Sun, 29 Mar 2020 20:55:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 23066
Connection: keep-alive
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Feature-Policy: sync-xhr 'self' https://godl.de
Set-Cookie: PHPSESSID=c9bba356ed5065b81622ab5964ee2882; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://godl.report-uri.com/a/d/g"}],"include_subdomains":true}

GET
H2 200 jizaRExUiTo99u79D0aExcOPIDUg-g.woff2
fonts.gstatic.com/s/ptsans/v11/ 7 KB
7 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0aExcOPIDUg-g.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001c2984ebf5eb5558b1039695d020c76566d2c272a49cc10d24c5a3fe4596d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,latin-ext,cyrillic
Origin: https://clck.ru.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Mar 2020 00:40:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:19:35 GMT
server: sffe
age: 1628119
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 7124
x-xss-protection: 0
expires: Thu, 11 Mar 2021 00:40:02 GMT

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v11/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v11/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700,400italic,700italic&subset=latin,latin-ext,cyrillic
Origin: https://clck.ru.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 04 Mar 2020 22:17:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:28:02 GMT
server: sffe
age: 2155047
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11380
x-xss-protection: 0
expires: Thu, 04 Mar 2021 22:17:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 27ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=clck.ru.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=clck.ru.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/ 225 KB
85 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa367d459d8a6e0e561310bffc233bcd6193fe984ecd62c34d87e6d2bbdf358b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 86411
x-xss-protection: 0
server: cafe
etag: 14090742720300430934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Mar 2020 20:55:21 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200324/r20190131/ Frame 75DB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200324/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200324/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://clck.ru.com/JObmgp
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://clck.ru.com/JObmgp

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Sat, 28 Mar 2020 13:30:01 GMT
expires: Sat, 11 Apr 2020 13:30:01 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 113120
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK zone Show response
propu.sh/ 664 B
1 KB 21ms
21ms Fetch
application/json 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/zone?pub=0&zone_id=3149449&is_mobile=false&domain=clck.ru.com&var=&ymid=

Requested by

Host: propu.sh
URL: https://propu.sh/pfe/current/tag.min.js?z=3149449

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

24bf1a2a6beaa20614d051946d3b55e842155ef7021fe0c968bbeee3ee727840

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Trace-Id: aa1cfa6194d69c18de385005f3cc6a74
Date: Sun, 29 Mar 2020 20:55:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 664

GET
H/1.1 200
OK universal.min.js Show response
propu.sh/pfe/current/ 136 KB
42 KB 88ms
33ms Fetch
application/javascript 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/pfe/current/universal.min.js?v=3.1.204
Requested by: Host: propu.sh
URL: https://propu.sh/pfe/current/tag.min.js?z=3149449
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: ca8ff94e6fe2b8f2f121a6168758f99c3ab90daf0265c9bbb3811d1589b63e88

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 11:11:14 GMT
Server: nginx
ETag: W/"5e7ddf52-220ed"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://clck.ru.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 3050 0
0 41ms
41ms Document
text/html 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4295317565354360&output=html&adk=1812271804&adf=3025194257&lmt=1585515322&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fclck.ru.com%2FJObmgp&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585515321953&bpp=10&bdt=243&idt=51&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5227423882285&frm=20&pv=2&ga_vid=1881263945.1585515322&ga_sid=1585515322&ga_hid=851404028&ga_fc=0&iag=0&icsg=528032&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44713364&oid=3&pvsid=842508112497876&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=64

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4295317565354360&output=html&adk=1812271804&adf=3025194257&lmt=1585515322&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fclck.ru.com%2FJObmgp&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585515321953&bpp=10&bdt=243&idt=51&shv=r20200324&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5227423882285&frm=20&pv=2&ga_vid=1881263945.1585515322&ga_sid=1585515322&ga_hid=851404028&ga_fc=0&iag=0&icsg=528032&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44713364&oid=3&pvsid=842508112497876&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=31&ifi=0&uci=a!0&fsb=1&dtd=64
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://clck.ru.com/JObmgp
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://clck.ru.com/JObmgp

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 29 Mar 2020 20:55:22 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Mar-2020 21:10:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585308637081045"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27959
x-xss-protection: 0
expires: Sun, 29 Mar 2020 20:55:22 GMT

OPTIONS
H/1.1 200
OK custom Show response
propu.sh/ 0
459 B 20ms
19ms Fetch
text/plain 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/custom
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://clck.ru.com
Referer: https://clck.ru.com/JObmgp
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sun, 29 Mar 2020 20:55:22 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
769 B 90ms
33ms Fetch
application/json 89.19.36.50
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=67f81e0b3bcc41a295634b08b94369de&zoneId=3149449&checkDuplicate=true&ymid=&var=

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

89.19.36.50 , Netherlands, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

8d66ef23600c42a07b805460c9de8d8eca8ce0a1a41bafdf896053001348e6f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 29 Mar 2020 20:55:22 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 3841ad75b334f8b1754a.js Show response
an.yandex.ru/partner-code-bundles/10760/ 59 KB
16 KB 44ms
43ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/10760/3841ad75b334f8b1754a.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

7e0327b4c3fa3bee3da4e9ec1d73dad4c2eadbacbbf5e13dbd20768417a75b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:22 GMT
content-encoding: br
x-yc-s3-bucket-tags: {}
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
content-length: 15600
timing-allow-origin: *
last-modified: Fri, 27 Mar 2020 08:09:46 GMT
server: nginx/1.12.2
etag: "e50a556634b7417160a22893027b44c2"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 01 Apr 2020 08:33:18 GMT

GET
H2 200 context_static.js Show response
an.yandex.ru/partner-code-bundles/10740/ 1 MB
185 KB 85ms
84ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/partner-code-bundles/10740/context_static.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

4ce9b9103e27796acc9fe2036a85698f4473e96e7fc4153a6d8b9967f35aa9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:22 GMT
content-encoding: br
x-yc-s3-bucket-tags: {}
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
content-length: 189240
timing-allow-origin: *
last-modified: Wed, 25 Mar 2020 15:54:51 GMT
server: nginx/1.12.2
etag: "d10fe422dd76b0fd5d3a3f480326443b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Tue, 31 Mar 2020 08:46:03 GMT

POST
H/1.1 200
OK custom Show response
propu.sh/ 39 B
486 B 20ms
20ms Fetch
application/json 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 48a99fe2b55da0045ce9a33d696af488
Date: Sun, 29 Mar 2020 20:55:22 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2

302

409899 Show response
an.yandex.ru/meta/
Redirect Chain

https://an.yandex.ru/meta/409899?grab=dNCh0LXRgNCy0LjRgSDRgdC-0LrRgNCw0YnQtdC90LjRjyDRgdGB0YvQu9C-0LogY2xjay5ydSBjb20gLSDQo9C60L7RgNC-0YLQuNGC0YwgVVJMCjPQodC-0LrRgNCw0YLQuNGC0Ywg0YHRgdGL0LvQutGDIAo...
https://an.yandex.ru/meta/409899?redir-setuniq=1&grab=dNCh0LXRgNCy0LjRgSDRgdC-0LrRgNCw0YnQtdC90LjRjyDRgdGB0YvQu9C-0LogY2xjay5ydSBjb20gLSDQo9C60L7RgNC-0YLQuNGC0YwgVVJMCjPQodC-0LrRgNCw0YLQuNGC0Ywg0YH...

0
-1 B

77ms
76ms

XHR

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/409899?redir-setuniq=1&grab=dNCh0LXRgNCy0LjRgSDRgdC-0LrRgNCw0YnQtdC90LjRjyDRgdGB0YvQu9C-0LogY2xjay5ydSBjb20gLSDQo9C60L7RgNC-0YLQuNGC0YwgVVJMCjPQodC-0LrRgNCw0YLQuNGC0Ywg0YHRgdGL0LvQutGDIAo%3D&target-ref=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&imp-id=2&enable-flat-highlight=1&test-tag=274877906944002&ad-session-id=6825621585515322124&target-id=47222486&pcode-version=10740&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A0%2C%22height%22%3A0%2C%22left%22%3A1567%2C%22top%22%3A21%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B8483749400141%5D

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:22 GMT
last-modified: Sun, 29 Mar 2020 20:55:22 GMT
server: nginx/1.12.2
access-control-allow-origin: https://clck.ru.com
location: https://an.yandex.ru/meta/409899?redir-setuniq=1&grab=dNCh0LXRgNCy0LjRgSDRgdC-0LrRgNCw0YnQtdC90LjRjyDRgdGB0YvQu9C-0LogY2xjay5ydSBjb20gLSDQo9C60L7RgNC-0YLQuNGC0YwgVVJMCjPQodC-0LrRgNCw0YLQuNGC0Ywg0YHRgdGL0LvQutGDIAo%3D&target-ref=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&imp-id=2&enable-flat-highlight=1&test-tag=274877906944002&ad-session-id=6825621585515322124&target-id=47222486&pcode-version=10740&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A0%2C%22height%22%3A0%2C%22left%22%3A1567%2C%22top%22%3A21%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B8483749400141%5D
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 302
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 29 Mar 2020 20:55:22 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:22 GMT
last-modified: Sun, 29 Mar 2020 20:55:22 GMT
server: nginx/1.12.2
status: 302
location: https://an.yandex.ru/meta/409899?redir-setuniq=1&grab=dNCh0LXRgNCy0LjRgSDRgdC-0LrRgNCw0YnQtdC90LjRjyDRgdGB0YvQu9C-0LogY2xjay5ydSBjb20gLSDQo9C60L7RgNC-0YLQuNGC0YwgVVJMCjPQodC-0LrRgNCw0YLQuNGC0Ywg0YHRgdGL0LvQutGDIAo%3D&target-ref=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&imp-id=2&enable-flat-highlight=1&test-tag=274877906944002&ad-session-id=6825621585515322124&target-id=47222486&pcode-version=10740&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22width%22%3A0%2C%22height%22%3A0%2C%22left%22%3A1567%2C%22top%22%3A21%2C%22visible%22%3A1%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B8483749400141%5D
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://clck.ru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 29 Mar 2020 20:55:22 GMT

GET
H/1.1 200
OK defaultSkin.min.js Show response
propu.sh/pfe/current/ 56 KB
19 KB 22ms
22ms Fetch
application/javascript 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/pfe/current/defaultSkin.min.js
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 11:11:14 GMT
Server: nginx
ETag: W/"5e7ddf52-de6b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: https://clck.ru.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/52933453/
Redirect Chain

https://mc.yandex.ru/watch/52933453?wmode=7&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A2166136...
https://mc.yandex.ru/watch/52933453/1?wmode=7&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A21661...

0
-1 B

46ms
46ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52933453/1?wmode=7&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200329225522%3Aet%3A1585515322%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A801127726%3Ahid%3A788275724%3Ads%3A15%2C33%2C1595%2C1%2C0%2C0%2C0%2C226%2C10%2C%2C%2C%2C1873%3Afp%3A1909%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585515322%3Au%3A1585515322178344781%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20clck.ru%20com%20-%20%D0%A3%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%B8%D1%82%D1%8C%20URL

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:22 GMT
Last-Modified: Sun, 29-Mar-2020 20:55:22 GMT
Server: nginx/1.14.2
Location: /watch/52933453/1?wmode=7&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200329225522%3Aet%3A1585515322%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A801127726%3Ahid%3A788275724%3Ads%3A15%2C33%2C1595%2C1%2C0%2C0%2C0%2C226%2C10%2C%2C%2C%2C1873%3Afp%3A1909%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585515322%3Au%3A1585515322178344781%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20clck.ru%20com%20-%20%D0%A3%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%B8%D1%82%D1%8C%20URL
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://clck.ru.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 29-Mar-2020 20:55:22 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:22 GMT
Last-Modified: Sun, 29-Mar-2020 20:55:22 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://clck.ru.com
Strict-Transport-Security: max-age=31536000
Location: /watch/52933453/1?wmode=7&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&browser-info=ti%3A10%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200329225522%3Aet%3A1585515322%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A801127726%3Ahid%3A788275724%3Ads%3A15%2C33%2C1595%2C1%2C0%2C0%2C0%2C226%2C10%2C%2C%2C%2C1873%3Afp%3A1909%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585515322%3Au%3A1585515322178344781%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20clck.ru%20com%20-%20%D0%A3%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%B8%D1%82%D1%8C%20URL
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sun, 29-Mar-2020 20:55:22 GMT

GET
H2 200 409899 Show response
an.yandex.ru/meta/ 39 KB
12 KB 296ms
295ms XHR
application/x-javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

d0246e18bcaf3fcbce917edc472e225ae78daa316f6e20af8c7f289e91e6dec8

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:22 GMT
content-encoding: gzip
last-modified: Sun, 29 Mar 2020 20:55:22 GMT
server: nginx/1.12.2
timing-allow-origin: *
status: 200
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://clck.ru.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 1; mode=block
expires: Sun, 29 Mar 2020 20:55:22 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 85ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 29 Mar 2020 20:55:22 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Sun, 29 Mar 2020 21:55:22 GMT

GET
DATA 200
OK truncated
/ Frame 43E2 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom Show response
propu.sh/ 0
459 B 18ms
18ms Fetch
text/plain 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/custom
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://clck.ru.com
Referer: https://clck.ru.com/JObmgp
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sun, 29 Mar 2020 20:55:22 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/52933453/ 152 B
947 B 97ms
51ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

5fa2858417f7ece2f8a811fe45c0d10a0e92514891a8990eba8f8f4f79341130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 29-Mar-2020 20:55:22 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Sun, 29-Mar-2020 20:55:22 GMT

POST
H/1.1 200
OK custom Show response
propu.sh/ 39 B
486 B 19ms
19ms Fetch
application/json 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: e634456993c1baf4b1889e0c39db75ae
Date: Sun, 29 Mar 2020 20:55:22 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/52933453/ 43 B
534 B 46ms
46ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52933453/1?page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Az%3A120%3Ai%3A20200329225522%3Aet%3A1585515322%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A412849913%3Ahid%3A788275724%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Av%3A1827%3Awv%3A2%3Ast%3A1585515322%3Au%3A1585515322178344781%3App%3A3629563401

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:22 GMT
Last-Modified: Sun, 29-Mar-2020 20:55:22 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://clck.ru.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 29-Mar-2020 20:55:22 GMT

GET
DATA 200
OK truncated
/ 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 d60c8820c3a9d131f12d9c803540ad78.jpg
an.yandex.ru/partner-code-bundles/10740/ 16 KB
16 KB 56ms
56ms Image
image/jpeg 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/partner-code-bundles/10740/d60c8820c3a9d131f12d9c803540ad78.jpg

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10740/context_static.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

84da232969169dd946b70486569c2f0da1afab8990f8a9be316814845b38fc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;, max-age=31536000

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 29 Mar 2020 20:55:22 GMT
x-yc-s3-bucket-tags: {}
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;, max-age=31536000
content-length: 16084
timing-allow-origin: *
last-modified: Wed, 25 Mar 2020 15:54:52 GMT
server: nginx/1.12.2
etag: "d60c8820c3a9d131f12d9c803540ad78"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 01 Apr 2020 07:44:21 GMT

POST
H/1.1 200
OK 409899 Show response
mc.yandex.ru/watch/ 35 B
581 B 47ms
46ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/409899?wmode=7&cnt-class=1&nohit=1&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&browser-info=ti%3A10%3Adp%3A1%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200329225522%3Aet%3A1585515323%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aad%3A1%3Apv%3A1%3Arn%3A641950808%3Ahid%3A788275724%3Agdpr%3A14%3Aeu%3A1%3Av%3A1827%3Awv%3A2%3Ast%3A1585515323%3Au%3A1585515322178344781%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20clck.ru%20com%20-%20%D0%A3%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%B8%D1%82%D1%8C%20URL

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 29-Mar-2020 20:55:22 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Expires: Sun, 29-Mar-2020 20:55:22 GMT

POST
H/1.1 200
OK 1
mc.yandex.ru/watch/409899/ 43 B
534 B 47ms
46ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/409899/1?cnt-class=1&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Az%3A120%3Ai%3A20200329225522%3Aet%3A1585515323%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apa%3A1%3Arn%3A356922021%3Ahid%3A788275724%3Ads%3A15%2C33%2C1595%2C1%2C0%2C0%2C0%2C226%2C10%2C%2C%2C%2C1873%3Afp%3A1909%3Agdpr%3A14%3Aeu%3A1%3Av%3A1827%3Awv%3A2%3Ast%3A1585515323%3Au%3A1585515322178344781

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:22 GMT
Last-Modified: Sun, 29-Mar-2020 20:55:22 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://clck.ru.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 29-Mar-2020 20:55:22 GMT

POST
H/1.1 200
OK 409899
mc.yandex.ru/watch/ 43 B
534 B 50ms
50ms Other
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/409899?cnt-class=1&page-url=https%3A%2F%2Fclck.ru.com%2FJObmgp&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1585515320063%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A2%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200329225522%3Aet%3A1585515323%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Apv%3A1%3Arn%3A242389497%3Ahid%3A788275724%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%3Agdpr%3A14%3Aeu%3A1%3Av%3A1827%3Awv%3A2%3Ast%3A1585515323%3Au%3A1585515322178344781%3At%3A%D0%A1%D0%B5%D1%80%D0%B2%D0%B8%D1%81%20%D1%81%D0%BE%D0%BA%D1%80%D0%B0%D1%89%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D1%81%D1%8B%D0%BB%D0%BE%D0%BA%20clck.ru%20com%20-%20%D0%A3%D0%BA%D0%BE%D1%80%D0%BE%D1%82%D0%B8%D1%82%D1%8C%20URL

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:22 GMT
Last-Modified: Sun, 29-Mar-2020 20:55:22 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: https://clck.ru.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sun, 29-Mar-2020 20:55:22 GMT

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/225309/addSm6e82LUuQ6Xl04EG8Q/ 22 KB
22 KB 178ms
89ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/225309/addSm6e82LUuQ6Xl04EG8Q/y300
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3fd3d93f4b71c891005240b5ddb47c4c21a2479f03069387af6504dba1d6c185

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 29 Mar 2020 20:55:22 GMT
last-modified: Wed, 09 Jan 2019 07:52:31 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 22446
x-request-id: 315b7066951a1f7b

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/168557/FRxZfZp0xXkZWH1GzrKhkw/ 39 KB
39 KB 205ms
117ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/168557/FRxZfZp0xXkZWH1GzrKhkw/x450
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 55bac1d6e7e1047cf9d7162a19341d3c60c3d3e2e124cc566eb198d483eb0d1b

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 29 Mar 2020 20:55:22 GMT
last-modified: Sun, 03 Dec 2017 23:48:30 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 39976
x-request-id: 1bb06d731ef519ea

GET
H2 200 y450
avatars.mds.yandex.net/get-direct/2815966/ST6N3p0na14GcxEYCHqsNQ/ 14 KB
14 KB 129ms
40ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2815966/ST6N3p0na14GcxEYCHqsNQ/y450
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: f97ec5960125c6c0670092535fbc756661d0133dc144f8d2c900d950c8c932b0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 29 Mar 2020 20:55:22 GMT
last-modified: Wed, 19 Feb 2020 11:46:48 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 14120
x-request-id: a230d21efab80977

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.69/ 29 KB
8 KB 116ms
38ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10740/context_static.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:22 GMT
content-encoding: br
x-yc-s3-bucket-tags: {}
status: 200
strict-transport-security: max-age=43200000; includeSubDomains;
content-length: 8104
timing-allow-origin: *
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
server: nginx/1.17.8
etag: "901e860c36afb614c88b40352db2214f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 01 Apr 2020 08:53:29 GMT

GET
H2 200 render.html
yastatic.net/safeframe-bundles/0.69/1-1-0/ Frame CD2C 0
0 101ms
32ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.69/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.69/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

:method: GET
:authority: yastatic.net
:scheme: https
:path: /safeframe-bundles/0.69/1-1-0/render.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://clck.ru.com/JObmgp
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://clck.ru.com/JObmgp

Response headers

status: 200
server: nginx/1.17.8
date: Sun, 29 Mar 2020 20:55:23 GMT
content-type: text/html
content-length: 6026
timing-allow-origin: *
vary: Accept-Encoding
access-control-allow-origin: *
etag: "f883bd7781c332870c9968db60e89349"
expires: Wed, 01 Apr 2020 08:53:09 GMT
last-modified: Tue, 20 Aug 2019 11:55:41 GMT
x-yc-s3-bucket-tags: {}
cache-control: public, max-age=216013
content-encoding: br
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
accept-ranges: bytes

GET
H2 200 y450
avatars.mds.yandex.net/get-direct/2815966/ST6N3p0na14GcxEYCHqsNQ/ 14 KB
14 KB 133ms
45ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2815966/ST6N3p0na14GcxEYCHqsNQ/y450
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10740/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: f97ec5960125c6c0670092535fbc756661d0133dc144f8d2c900d950c8c932b0

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: image
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:23 GMT
last-modified: Wed, 19 Feb 2020 11:46:48 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 14120
x-request-id: 4b7cd3a1356da6d

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/225309/addSm6e82LUuQ6Xl04EG8Q/ 22 KB
22 KB 137ms
85ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/225309/addSm6e82LUuQ6Xl04EG8Q/y300
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10740/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3fd3d93f4b71c891005240b5ddb47c4c21a2479f03069387af6504dba1d6c185

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: image
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:23 GMT
last-modified: Wed, 09 Jan 2019 07:52:31 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 22446
x-request-id: 48ad97525b2edaca

GET
H2 200 x450
avatars.mds.yandex.net/get-direct/168557/FRxZfZp0xXkZWH1GzrKhkw/ 39 KB
39 KB 152ms
127ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/168557/FRxZfZp0xXkZWH1GzrKhkw/x450
Requested by: Host: an.yandex.ru
URL: https://an.yandex.ru/partner-code-bundles/10740/context_static.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 55bac1d6e7e1047cf9d7162a19341d3c60c3d3e2e124cc566eb198d483eb0d1b

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: image
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:23 GMT
last-modified: Sun, 03 Dec 2017 23:48:30 GMT
server: nginx
access-control-allow-origin: *
content-type: image/webp
status: 200
cache-control: max-age=604800,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 39976
x-request-id: 3ac0c32abe795eaa

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 30ms
19ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200324&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1c0c9b24cf2a4cbf4745ba37f60057af70ce51e97d45a63e700dadc503a37d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 29 Mar 2020 20:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5203
x-xss-protection: 0

OPTIONS
H/1.1 200
OK custom Show response
propu.sh/ 0
459 B 18ms
18ms Fetch
text/plain 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://propu.sh/custom
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://clck.ru.com
Referer: https://clck.ru.com/JObmgp
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sun, 29 Mar 2020 20:55:23 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 0

POST
H/1.1 200
OK custom Show response
propu.sh/ 39 B
486 B 48ms
48ms Fetch
application/json 188.72.202.2
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://propu.sh/custom

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.2 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://clck.ru.com/JObmgp
Origin: https://clck.ru.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: b014ba2c4e19a82c1790e5d6c86b48a4
Date: Sun, 29 Mar 2020 20:55:23 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://clck.ru.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 53ms
39ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200324/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Sun, 29 Mar 2020 20:55:23 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame A1BA 0
0 6ms
6ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://clck.ru.com/JObmgp
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://clck.ru.com/JObmgp

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Sun, 29 Mar 2020 20:11:54 GMT
expires: Mon, 29 Mar 2021 20:11:54 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2609
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 16ms
16ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200324&jk=842508112497876&bg=!_P-l_-dY3CFvJ9d77ykCAAAAMlIAAAAKmQFXsiGu5IGbRN_IfelCR2tr0rYWoyB88D361qZztQy3PIJ76tNqkJI5umWVwrj26JVMPKFbTzVeqr1yvso-ZZ4qr_aU3EKVXRDsXvQDQekqTtaFmTtIYxBjBqgsZG_ya0I8CNfDekcburfDcLmyLcUxi0fCErFlWFSqNtm4qqTgFkVLnY5C5pJE1W9ntuM3MrXAmpwh93MrQC5bUYSTAnZRWRdrnZpISrBKcRWzsOjQgIwGGn0HMz8o-QxqG4AVFNzwUu7eoCE8fWU8PMrpMqMOz9seiPvk9f6-nA1p_LIqpRyB8p7fBnQOUpEgIKFX3myjh_bSPJtciPaZ5JWNK2zkftQO_765aP4Msfvy6BOqo_4duuWZT8HiqzakaW4dcfSEVUEE6mJmvvHTeWcDwrpv2wOLi0EmYwh2WxQoHWiAaqG5olo94j4IoBmZoFR4bchH6oTK_bJLWw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://clck.ru.com/JObmgp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:23 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Primary Request Cookie set / Show response
godl.de/ 74 KB
23 KB 369ms
369ms Document
text/html 2a01:488:42:1000:b24d:6b9d:fff9:e2c8
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://godl.de/?ID=106535

Requested by

Host: clck.ru.com
URL: https://clck.ru.com/JObmgp

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:488:42:1000:b24d:6b9d:fff9:e2c8 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

Apache /

Resource Hash

2f56ed1d858d9943e66c20b7ea7831f2ffa55cf91ee53d35af3ba055ef336cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: godl.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://clck.ru.com/JObmgp
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://clck.ru.com/JObmgp

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 23173
Connection: keep-alive
Server: Apache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Feature-Policy: sync-xhr 'self' https://godl.de
Set-Cookie: PHPSESSID=a7a68078814cf3ecb5054f803f331b1a; path=/; secure; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains
Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://godl.report-uri.com/a/d/g"}],"include_subdomains":true}

GET
H/1.1 200
OK /
godl.de/min/ 148 KB
18 KB 79ms
78ms Stylesheet
text/css 2a01:488:42:1000:b24d:6b9d:fff9:e2c8
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://godl.de/min/?g=godl,i,fancy,Menu

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:488:42:1000:b24d:6b9d:fff9:e2c8 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

Apache /

Resource Hash

2cf3e1c85dc5c09bf3d891cf0559fa428a8d317732610e84a1932be29c6d80f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 17894
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 20 Feb 2020 23:26:36 GMT
Server: Apache
ETag: "pub1582241196;gz"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://godl.report-uri.com/a/d/g"}],"include_subdomains":true}
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=1800
Feature-Policy: sync-xhr 'self' https://godl.de
Expires: Sun, 29 Mar 2020 21:25:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 05 Feb 2020 05:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4635076
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Fri, 24 Mar 2017 20:55:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Feb 2021 05:24:08 GMT

GET
H/1.1 200
OK / Show response
godl.de/min/ 66 KB
21 KB 86ms
85ms Script
application/x-javascript 2a01:488:42:1000:b24d:6b9d:fff9:e2c8
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://godl.de/min/?g=js_i

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:488:42:1000:b24d:6b9d:fff9:e2c8 , Germany, ASN20773 (GODADDY, DE),

Reverse DNS

Software

Apache /

Resource Hash

9accb81dc640b6b324637d383549403bf8307d49095b25c7560762c0ace7db0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20918
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 12 Nov 2019 21:49:53 GMT
Server: Apache
ETag: "pub1573595393;gz"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Report-To: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://godl.report-uri.com/a/d/g"}],"include_subdomains":true}
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=1800
Feature-Policy: sync-xhr 'self' https://godl.de
Expires: Sun, 29 Mar 2020 21:25:24 GMT

GET
H/1.1 200
OK i22.png
vs237273.vs.hosteurope.de/i/ 7 KB
8 KB 38ms
37ms Image
image/png 62.138.21.14
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vs237273.vs.hosteurope.de/i/i22.png

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

62.138.21.14 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

vs237273.vs.hosteurope.de

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

de5d52346618bc3cec79943f10d4337000dfe9225eb5b21b6db1ade7b6ad0c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Powered-By-Plesk: PleskWin
Strict-Transport-Security: max-age=15768000; includeSubDomains
ETag: "bba2666fb3bcd41:0"
Last-Modified: Mon, 04 Feb 2019 17:59:55 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=31536000
Date: Sun, 29 Mar 2020 21:55:54 GMT
Accept-Ranges: bytes
Content-Length: 7432

GET
H/1.1 200
OK paypal.png
vs237273.vs.hosteurope.de/i/ 10 KB
10 KB 38ms
37ms Image
image/png 62.138.21.14
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vs237273.vs.hosteurope.de/i/paypal.png

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

62.138.21.14 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

vs237273.vs.hosteurope.de

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

de9ff9cd066e50ccd63484434cf71b850d6405fcdbbaeaf99e76c1eec00a5306

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Powered-By-Plesk: PleskWin
Strict-Transport-Security: max-age=15768000; includeSubDomains
ETag: "50fa2671b3bcd41:0"
Last-Modified: Mon, 04 Feb 2019 17:59:58 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=31536000
Date: Sun, 29 Mar 2020 21:55:54 GMT
Accept-Ranges: bytes
Content-Length: 10008

GET
H/1.1 200
OK payeer.png
vs237273.vs.hosteurope.de/i/ 26 KB
27 KB 51ms
50ms Image
image/png 62.138.21.14
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vs237273.vs.hosteurope.de/i/payeer.png

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

62.138.21.14 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

vs237273.vs.hosteurope.de

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

df9a2900c4371b4772b4a95ca36d63698fac8d9eca0dfa36689675853d1ed8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Powered-By-Plesk: PleskWin
Strict-Transport-Security: max-age=15768000; includeSubDomains
ETag: "5c598e70b3bcd41:0"
Last-Modified: Mon, 04 Feb 2019 17:59:57 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=31536000
Date: Sun, 29 Mar 2020 21:55:54 GMT
Accept-Ranges: bytes
Content-Length: 26917

GET
H/1.1 200
OK webmoney.svg
vs237273.vs.hosteurope.de/i/ 13 KB
13 KB 48ms
47ms Image
image/svg+xml 62.138.21.14
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vs237273.vs.hosteurope.de/i/webmoney.svg

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

62.138.21.14 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

vs237273.vs.hosteurope.de

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

04c09c559ee4466f1c8222154785339dbc93574010018691908606abacfc1cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Powered-By-Plesk: PleskWin
Strict-Transport-Security: max-age=15768000; includeSubDomains
ETag: "3d8b1e7bb59d51:0"
Last-Modified: Thu, 22 Aug 2019 17:03:12 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Date: Sun, 29 Mar 2020 21:55:54 GMT
Accept-Ranges: bytes
Content-Length: 13267

GET
H/1.1 200
OK coinpayments.png
vs237273.vs.hosteurope.de/i/ 60 KB
61 KB 61ms
60ms Image
image/png 62.138.21.14
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vs237273.vs.hosteurope.de/i/coinpayments.png

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

62.138.21.14 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

vs237273.vs.hosteurope.de

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

3399c3c2f5cec348a26de0b0ffa1cd835ee6cdb8e7c0924a2c4f5e50a1f282c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Powered-By-Plesk: PleskWin
Strict-Transport-Security: max-age=15768000; includeSubDomains
ETag: "f0102469b3bcd41:0"
Last-Modified: Mon, 04 Feb 2019 17:59:44 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=31536000
Date: Sun, 29 Mar 2020 21:55:54 GMT
Accept-Ranges: bytes
Content-Length: 61644

GET
H/1.1 200
OK bitcoin.png
vs237273.vs.hosteurope.de/i/ 12 KB
12 KB 59ms
58ms Image
image/png 62.138.21.14
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vs237273.vs.hosteurope.de/i/bitcoin.png

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

62.138.21.14 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

vs237273.vs.hosteurope.de

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

569868dec90d8a1e92f31a959d4f06b91b2c68dd95cc05d8057aa3b8583fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Powered-By-Plesk: PleskWin
Strict-Transport-Security: max-age=15768000; includeSubDomains
ETag: "c2ab8668b3bcd41:0"
Last-Modified: Mon, 04 Feb 2019 17:59:43 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=31536000
Date: Sun, 29 Mar 2020 21:55:54 GMT
Accept-Ranges: bytes
Content-Length: 12113

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 7 KB
3 KB 19ms
18ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=3
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2602
expires: Mon, 30 Mar 2020 20:54:40 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 74 KB
11 KB 19ms
19ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 119dc01361c3dc1579a8c11c181661fbdb5f6904518bad864afc052f2259aa67

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10954
expires: Mon, 30 Mar 2020 20:55:22 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 7 KB
3 KB 21ms
20ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=34
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2602
expires: Mon, 30 Mar 2020 20:55:22 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 72 KB
11 KB 20ms
20ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=34
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 6409a9e63708d979c9938554c3afce7a83669526cc0aae929cb235655c2bc227

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10879
expires: Mon, 30 Mar 2020 20:55:22 GMT

GET ban468.jpg
www.webeaglepower.com/images/ 0
0

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ 7 KB
3 KB 19ms
19ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=6
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2602
expires: Mon, 30 Mar 2020 20:54:27 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ 71 KB
10 KB 19ms
19ms Script
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=6
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: fa1aec912b1105901f920c39eed96ffc302b7b9834559fd05d9f499003f1cb45

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10404
expires: Mon, 30 Mar 2020 20:55:22 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 19ms
19ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 21474460
cf-ray: 57bc7dd9b948d705-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:18:32 GMT
server: cloudflare
etag: W/"5afd48e8-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 19 Mar 2021 20:55:24 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H/1.1 200
OK 3109158 Show response
inpagepush.com/400/ 46 KB
17 KB 28ms
27ms Script
application/javascript 78.140.191.78
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3109158

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.78 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

1040524488ed79f799ceea66b7bd89a0abd737188c361fc50b9666589a7a2fef

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

X-Trace-Id: 7c8d0e6b6d2361d5832b204a319100dc
Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 load.js Show response
cdn.purpleads.io/ 14 KB
4 KB 23ms
23ms Script
application/javascript 13.224.194.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.purpleads.io/load.js
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9cf49ec5807095791848db6a47329d094ac6c0afbae5c1cf366d2f28bd8dab3

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 03:09:03 GMT
content-encoding: gzip
last-modified: Sun, 15 Mar 2020 15:48:52 GMT
server: AmazonS3
age: 67717
etag: "7ce38789dd54fe641f6eff2ac6817988"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4110
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
x-amz-cf-id: b3MA--eJvB41fFmpgNxwNwcG1hSX8ME3_3nmDp6u6EdU8ywt-KB93Q==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
983 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af09b9bd74ea15400b5bcd12eaade61868a20163a6ed7cc4f61f884bd921e0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 29 Mar 2020 20:55:24 GMT
server: ESF
date: Sun, 29 Mar 2020 20:55:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 29 Mar 2020 20:55:24 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.12.0/css/ 56 KB
14 KB 23ms
22ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
last-modified: Tue, 10 Dec 2019 22:46:05 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"500d1a92f875b1d96d37a3a3f8f0438c"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: godl.de
URL: https://godl.de/min/?g=js_i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1243
date: Sun, 29 Mar 2020 20:34:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 17168
expires: Sun, 29 Mar 2020 22:34:41 GMT

GET
H2 200 th
www.bing.com/ 335 KB
336 KB 9ms
9ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OHR.BorrowingDays_EN-US1332727011_1920x1080.jpg&rf=LaDigue_1920x1080.jpg&pid=hp
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 654d76f1e26d16d1c0d3ae4d36ed1f8ff84f346c429ad59597acf699c36fc811

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 29 Mar 2020 20:55:23 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref: Ref A: 619A1845F7D44F8A93205FE09A827CB6 Ref B: FRAEDGE0420 Ref C: 2020-03-29T20:55:24Z
access-control-allow-origin: *
x-cache: TCP_HIT
content-type: image/jpeg
status: 200
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
cache-control: public, max-age=691200
timing-allow-origin: *
access-control-allow-headers: *
content-length: 343261

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.12.0/webfonts/ 13 KB
14 KB 200ms
200ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/webfonts/fa-regular-400.woff2
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Request headers

Referer: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Origin: https://godl.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
last-modified: Tue, 10 Dec 2019 22:46:52 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "9efb86976bd53e159166c12365f61e25"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 13576

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.12.0/webfonts/ 74 KB
75 KB 201ms
200ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.12.0/webfonts/fa-solid-900.woff2
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

Referer: https://use.fontawesome.com/releases/v5.12.0/css/all.css
Origin: https://godl.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
last-modified: Tue, 10 Dec 2019 22:47:06 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "f6121be597a72928f54e7ab5b95512a1"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 76084

GET
H2 200 KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1MmgVxIIzIXKMny.woff2

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
Origin: https://godl.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 03:09:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 150380
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10984
x-xss-protection: 0
expires: Sun, 28 Mar 2021 03:09:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
Origin: https://godl.de
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 03:21:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2136846
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Fri, 05 Mar 2021 03:21:18 GMT

GET
H2 200 cmp.js Show response
quantcast.mgr.consensu.org/ 264 KB
76 KB 7ms
7ms Script
text/javascript 2600:9000:214f:9a00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/cmp.js
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:9a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc73cc3b5fbc98895f0b459237df3d9aa111098c787650e72cda7eadf27388df

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:54:35 GMT
content-encoding: gzip
last-modified: Tue, 24 Mar 2020 19:10:19 GMT
server: AmazonS3
age: 577
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 1b7JR3iArifO0EE1h_jmJndjGK6QnPE0yQu2SdsOKnn751Mdv9y98Q==
via: 1.1 7d89b6cf83f15400102bd86c47585040.cloudfront.net (CloudFront)

GET
H/1.1 200
OK / Show response
g.themoneytizer.net/g/ 26 B
200 B 32ms
30ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.themoneytizer.net/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: a3977efef5215f018d68e249348803f07c8d4828660fd154ffc72d2b85afedde

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Server: nginx
X-IPLB-Instance: 29895
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ 12 KB
4 KB 20ms
19ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
last-modified: Wed, 08 Jan 2020 19:01:35 GMT
server: nginx
etag: "779a-30ad-59ba5857e2265"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3955
expires: Mon, 30 Mar 2020 20:55:14 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ 37 KB
16 KB 21ms
20ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Mon, 30 Mar 2020 20:54:57 GMT

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ 32 KB
11 KB 22ms
21ms Script
application/x-javascript 74.214.194.132
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.132 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ 1 KB
2 KB 22ms
22ms Script
application/javascript 13.225.73.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11528/px.js?r=16215
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.41 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-41.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 17:49:20 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 270365
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: Aox4hpyRzpM6makK5oEWIuJIJNYCFCoUnmMKyCNZ8win-cAdM3C0Rw==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

27 KB
9 KB

6ms
5ms

Script
application/x-javascript

2a01:4a0:1338:28::c38a:ff10
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Mar 2020 14:27:30 GMT
Server: Apache
ETag: "308b0663b760da8cd1006f7a3f2458d5:1584973650"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8932

Redirect headers

location: https://ced-ns.sascdn.com/diff/js/smart.js
date: Sun, 29 Mar 2020 20:55:23 GMT
cache-control: private
content-length: 159
content-type: text/html; charset=utf-8

GET
H2 200 sync Show response
gum.criteo.com/ 49 B
329 B 16ms
15ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600
strict-transport-security: max-age=31536000
content-length: 165
expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ 3 KB
3 KB 36ms
35ms Script
application/javascript 145.239.192.166
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.192.166 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 30195
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H2 200 /
onetag-sys.com/usync/ Frame 0357 0
0 31ms
30ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1585515324456

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=2a897e3f18e6769&cb=1585515324456
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://godl.de/?ID=106535
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://godl.de/?ID=106535

Response headers

status: 200
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H2 200 /
spl.zeotap.com/ Frame A15F 0
0 33ms
33ms Document
text/html 2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: spl.zeotap.com
:scheme: https
:path: /?env=mWeb&uc=2&zdid=1258&eventType=map
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://godl.de/?ID=106535
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://godl.de/?ID=106535

Response headers

status: 200
date: Sun, 29 Mar 2020 20:55:24 GMT
content-type: text/html
set-cookie: __cfduid=d665bc0161e3c39c42ecf869ec67324561585515324; expires=Tue, 28-Apr-20 20:55:24 GMT; path=/; domain=.zeotap.com; HttpOnly; SameSite=Lax zc=842e2bf9-4099-49c9-44aa-712b0f4c0bdb; Path=/; Domain=.zeotap.com; Max-Age=315360000; SameSite=None; Secure zc1=842e2bf9-4099-49c9-44aa-712b0f4c0bdb; Path=/; Domain=.zeotap.com; Max-Age=315360000 zsc=l%7F%8D9%90%C5%B6%F5%FC5g%C2%A6%BD%A9%E7%DF%9B%E6M%ACSF%CF%E0%81%FDDz%DF%FE%AF%5B%95%5E%1F-%F2ia%E5%F6%C1%CB%EC%ECj%5E%CF%09%C5%CA%2A%09%F9%B6q%07%7C%03hN%09%04%F02Bc%93c%8C%88%F4%8ET%C3X%F0v%93%1C%00N%CAk%01%F3%DCD%1A%5C%B5%F7%23%85%80%D4; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
access-control-allow-headers: *
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57bc7dd9dd446479-FRA
content-encoding: br

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 13 KB
6 KB 28ms
28ms Script
application/x-javascript 91.228.74.187
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.187 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29-Mar-2020 20:55:24 GMT
Server: QS
Etag: M0-56c8c653
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5651
Expires: Sun, 05 Apr 2020 20:55:24 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 976 B
1 KB 22ms
22ms Script
text/plain 3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=dnkh51u&t=ajs
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6a4be08fb09730df32409558225e24488fdc60e6bfe891fd3c6768f1cd0183d9

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Length: 976
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 25 KB
26 KB 25ms
25ms Script
text/javascript 13.225.87.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-221.fra2.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 11:15:20 GMT
Via: 1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 34813
X-Cache: Hit from cloudfront
Content-Type: text/javascript
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: on9VwoQKg6rt10Kt0eX_LdnZ-H4_0Vhs4_q9GRBuSPHrlpMS22wu9Q==

GET
H/1.1 200
OK 186329-261067657875242.js Show response
js-sec.indexww.com/ht/p/ 0
454 B 30ms
29ms Script
text/javascript 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186329-261067657875242.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Mar 2020 20:50:25 GMT
Server: Apache
ETag: "90550e-0-5a2047bde26ca"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 20
Expires: Sun, 29 Mar 2020 21:55:23 GMT

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid2_445_2/build/dist/ 407 KB
130 KB 20ms
19ms Script
text/javascript 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c0e9940676227b089871a760a8bcdd5632b8d0057e710c8862240a753fa2d26

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: gzip
last-modified: Fri, 06 Mar 2020 16:16:02 GMT
server: nginx
etag: "45703-65b8f-5a031f84724e8"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 132652
expires: Mon, 30 Mar 2020 20:55:16 GMT

GET
H2 200 all.js Show response
connect.facebook.net/de_DE/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/all.js

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f99c302297ad86833244d22b10eb0475a29677a16213a4a20e9371ee0486ba8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6kQVsIYkFy6z/VrlwHcHGQ==
status: 200
date: Sun, 29 Mar 2020 20:55:24 GMT, Sun, 29 Mar 2020 20:55:24 GMT
expires: Sun, 29 Mar 2020 20:58:09 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 1780
x-fb-debug: XTv2yZELlBvXGN3OLrIM7rY7Kko6pgHz9RUAJKtQEhpehnK2yWs5Y9PWikeraW7uhvVfp4Ump5rZH9g74prK7g==
x-fb-trip-id: 420120009
x-fb-content-md5: 5a4d98981c265de82bb8615b40169134
etag: "d044084ad02b25a3c435abdd88c1238b"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK apu.php Show response
ofgogoatan.com/ 2 KB
2 KB 21ms
21ms XHR
application/json 188.72.202.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://ofgogoatan.com/apu.php?zoneid=3109142&oo=1

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.229 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

038ad5875aae55b179a6141cd59fa5a2fba21cf455cedc6534fec466eb943633

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: ea255b9f22a7fe56d4f2219aeb37ea69
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
ofgogoatan.com/ 90 KB
29 KB 23ms
22ms Script
application/javascript 188.72.202.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://ofgogoatan.com/tag.min.js

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.229 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

22e6a49646b91c50125eaf91d41de7929b952222e9e76071060bd9867b73ec55

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 28520
X-Trace-Id: 79d195d7d6b5c5d2ed2c30f1daa80a8f
Pragma: no-cache
Last-Modified: Fri, 27 Mar 2020 13:18:14 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 / Show response
api.purpleads.io/x/ 0
254 B 316ms
105ms Fetch 54.236.96.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/
Requested by: Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.96.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-96-85.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://godl.de
Referer: https://godl.de/?ID=106535
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,x-purpleads-version

Response headers

status: 200
date: Sun, 29 Mar 2020 20:55:24 GMT
access-control-allow-credentials: true
x-request-id: 9c1aee2e-099a-4b71-a396-5c7f67e55c6a
access-control-allow-origin: https://godl.de
access-control-allow-headers: authorization,content-type,x-purpleads-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=719568530&utmhn=godl.de&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Werbung%20buc...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116505-7&cid=343894665.1585515325&jid=926570486&_v=5.7.2&z=719568530
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116505-7&cid=343894665.1585515325&jid=926570486&_v=5.7.2&z=719568530
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116505-7&cid=343894665.1585515325&jid=926570486&_v=5.7.2&z=719568530&slf_rd=1&random=3549481247

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116505-7&cid=343894665.1585515325&jid=926570486&_v=5.7.2&z=719568530&slf_rd=1&random=3549481247

Requested by

Host: godl.de
URL: https://godl.de/?ID=106535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116505-7&cid=343894665.1585515325&jid=926570486&_v=5.7.2&z=719568530&slf_rd=1&random=3549481247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK scroll-down.png
vs237273.vs.hosteurope.de/i/ 2 KB
2 KB 32ms
32ms Image
image/png 62.138.21.14
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vs237273.vs.hosteurope.de/i/scroll-down.png

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

62.138.21.14 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

vs237273.vs.hosteurope.de

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

75a6b7aaa44c6280ffec5719d847f60aa39c3f73bb24bb357a3d4fbfe13f63c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://godl.de/min/?g=godl,i,fancy,Menu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Powered-By-Plesk: PleskWin
Strict-Transport-Security: max-age=15768000; includeSubDomains
ETag: "be29ff72b3bcd41:0"
Last-Modified: Mon, 04 Feb 2019 18:00:01 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: max-age=31536000
Date: Sun, 29 Mar 2020 21:55:55 GMT
Accept-Ranges: bytes
Content-Length: 1713

GET
H2 200 cmp-3pc-check.html
static.quantcast.mgr.consensu.org/v32/ Frame 3B1B 0
0 8ms
7ms Document
text/html 2600:9000:20eb:dc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v32/cmp-3pc-check.html
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:dc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: static.quantcast.mgr.consensu.org
:scheme: https
:path: /v32/cmp-3pc-check.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://godl.de/?ID=106535
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://godl.de/?ID=106535

Response headers

status: 200
content-type: text/html
content-length: 645
last-modified: Tue, 24 Mar 2020 19:10:15 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Mar 2020 20:40:48 GMT
etag: "55b98270d639ef0c34781d9f03cce91f"
x-cache: Hit from cloudfront
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: lb_mrCXo3BAehvM-qbX11UCXrgjtutNtE0ER7jj2ww6GH9szr8ibxA==
age: 1164

GET
H2 200 all.js Show response
connect.facebook.net/de_DE/ 380 KB
110 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/all.js?hash=68a63e96058db90d0f6ec889184f3f16&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f0aa42c74182d97828db4d6769b8c96a63d97349668969b8ad223fa794290e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MpCoqve8QvdjO1SRru5/zw==
status: 200
date: Sun, 29 Mar 2020 20:55:24 GMT, Sun, 29 Mar 2020 20:55:24 GMT
expires: Mon, 29 Mar 2021 20:38:09 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 112935
x-fb-debug: zIROyqQJ/CJx/OUXLrRxqQoE5+Pxey7fRgLY0nvhqFpAifO9z0N7RDNCFIzHo+owB26Oc46eZdmZtpWqoE8QaQ==
x-fb-trip-id: 420120009
x-fb-content-md5: d99c6351d8d0b5f7e34d220715f7ec19
etag: "47bd35ec33348c6f37c0a6b3bb25c311"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ 1 KB
966 B 8ms
6ms Script
application/x-javascript 2600:9000:2057:dc00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:15:34 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 2393
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: RGcuzGzqFLpg9PJISoKmkLrDcMdQ0RJlk-zca5f4_TaZqjg4bGOJnQ==
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)

GET
H2 200 localstore.js Show response
script.4dex.io/ 450 B
712 B 27ms
10ms Script
application/javascript 2606:4700:e0::ac40:6304
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6304 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Mar 2020 10:24:34 GMT
server: cloudflare
age: 1524
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=1800
cf-ray: 57bc7ddb4d18d6c5-FRA
x-amz-request-id: 418FB05DD1018149
x-amz-id-2: ZDL6CJHiVQdlRWyAHtmkWmOOzNzsJaAzsVsF+10eFMyiqS2iqeLMIzm+gbn/NTr1DsOH+aUilmc=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 84 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 23 Jan 2020 18:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5710433
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Jan 2021 18:41:31 GMT

GET
H2 200 cmpui-banner.js Show response
static.quantcast.mgr.consensu.org/v32/ 257 KB
74 KB 7ms
6ms Script
text/javascript 2600:9000:20eb:dc00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.quantcast.mgr.consensu.org/v32/cmpui-banner.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:dc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc804d691659700a97702a671ef7e6ad9ee33ddf2faf9afb2b6ca15951185bd2

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:48:49 GMT
content-encoding: gzip
last-modified: Tue, 24 Mar 2020 19:10:14 GMT
server: AmazonS3
age: 842
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: dEUtQscS52FlMzTqP0id9SE19NseF_yymgpJboCun6Wq0SI8wtovRw==
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)

GET
H/1.1 204
No Content fac.php
ofgogoatan.com/ Frame F06F 0
0 19ms
18ms Document
text/html 188.72.202.229
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://ofgogoatan.com/fac.php

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.72.202.229 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: ofgogoatan.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://godl.de/?ID=106535
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://godl.de/?ID=106535

Response headers

Server: nginx
Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id: 9e2252cfcf9d32ba9f5fd917fb2a44d7
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2 200 adagio.js Show response
script.4dex.io/ 62 KB
18 KB 37ms
20ms Fetch
application/javascript 2606:4700:e0::ac40:6304
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6304 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 212be4c54718895beabcc9ea55a5d53249305e9c069c2a61a557f9339c2bbabb

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:24 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 338
status: 200
x-amz-request-id: 7E29B2805F21D958
x-amz-id-2: /kenvfIoiBkO3RG4C5tyY+tPJZX8I/PcLVOWGe9IfbYbUX1FITnlUsxlJgIwjMOlObF+IHcCSEY=
last-modified: Mon, 23 Mar 2020 10:24:31 GMT
server: cloudflare
etag: W/"43f4ac293d5412c50ec0398700cfc2fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 57bc7ddbfe0cbee7-FRA

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 34ms
34ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=510498218989214&input_token&origin=1&redirect_uri=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=68a63e96058db90d0f6ec889184f3f16&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: j8R0/n17+uVpKNT5BkITvylZ9MYW4EDbjKF6RBfdYnW8L3vjHUm9HodW1ux0mqxBrLSGZwB5i7CAU4Ykw6oVhw==
fb-s: unknown
status: 200
date: Sun, 29 Mar 2020 20:55:24 GMT, Sun, 29 Mar 2020 20:55:24 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://godl.de
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 95 KB
18 KB 8ms
8ms XHR
application/json 2600:9000:2057:6400:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:6400:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f71cda9ecc5006fb453c9761058c0828d30d4a7f891283718da1b545ab2afb1

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 16:11:19 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 276246
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 26 Mar 2020 16:00:32 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: EUWGyjsu5r7VdMzn2Ehby5QynGejxuEd
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: GYqysLgubGxswq4wsbjyB_bGb7F6DFAaidrQWi2Bm1Tpm5s0vT4tKw==

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ 0
518 B 47ms
46ms XHR
application/x-javascript 176.34.251.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.251.17 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-251-17.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Mar 2020 20:55:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://godl.de
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 purposes-de.json Show response
vendorlist.consensu.org/ 4 KB
2 KB 9ms
8ms XHR
application/json 2600:9000:2057:6400:1:af78:4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/purposes-de.json?timestamp=1585515324803
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:6400:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d3f0a21de382a346b8e091185851f55a9df3eaab83346dc7ff84a84382c7aad

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 03:10:42 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 63883
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 26 Mar 2020 16:21:04 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: t4krIiow8uipP379AZUiaS4W6_MiP_4l
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-pop: FRA6-C1
content-type: application/json; charset=utf-8
x-amz-cf-id: JZUThB7QAThLjR-8Ml5zUl6nT9NrlwhkrTj20JBldFjDVY_WFu4RkQ==

GET
H2 404 CookieAccess Show response
api.quantcast.mgr.consensu.org/ 30 B
585 B 308ms
308ms XHR
application/json 143.204.202.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.quantcast.mgr.consensu.org/CookieAccess
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/cmp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.202.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-93.fra53.r.cloudfront.net
Software: /
Resource Hash: 5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:25 GMT
content-encoding: gzip
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: da74b136-167e-4ee4-ab26-19902cdc7fe1
x-cache: Error from cloudfront
status: 404
x-amz-apigw-id: KK6xjEz1IAMFuSA=
content-length: 50
access-control-allow-origin: https://godl.de
x-amzn-trace-id: Root=1-5e810b3d-431e2764e0c2a1528b59395c;Sampled=0
vary: Origin
access-control-allow-methods: GET, POST
content-type: application/json
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
x-amz-cf-id: 91g8xKLbSApYCnlmTmjOa85dkwWt65RrrWQHmPxpUWXTgn_6Qxu-jg==

GET
H2 200 / Show response
api.purpleads.io/x/ 11 B
297 B 331ms
122ms Fetch
application/json 54.236.96.85
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.purpleads.io/x/
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.96.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-96-85.compute-1.amazonaws.com
Software: /
Resource Hash: a10dbac8f7c70febf2d0fa0be83c0490679aa3f71303ea82cf5848ae1539e7f6

Request headers

Origin: https://godl.de
Authorization: Bearer 9420adbd5f658339becddf03e4c6ef3e:1e9d21b720f29fac54437175a6594ba82304bbbd7dec35508d279971f29674d6b2b940ce39828c029645ce38a23e3b6610741a3b9b031ecb72e9edfc5fb73aa9
Content-Type: application/json
Accept: application/json
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://godl.de/?ID=106535
Sec-Fetch-Dest: empty
x-purpleads-version: 0.2.2

Response headers

date: Sun, 29 Mar 2020 20:55:25 GMT
status: 200
etag: W/"b-XDFsRVkby3nassI6N71kxmudYnY"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://godl.de
access-control-allow-credentials: true
content-length: 11
x-request-id: 019a939c-eb36-4f0e-b853-ce7036a0cc4c

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
audit.quantcast.mgr.consensu.org/ 80 B
487 B 25ms
24ms XHR
text/html 143.204.97.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit.quantcast.mgr.consensu.org/?log=;1585515325377;Moneytizer;https%3A%2F%2Fgodl.de%2F%3FID%3D106535;;;;;b,on,false,,1,de,32,195,true,false,false;displayConsentUi:mandatory,;GDPR-8mywqp95n355l8ernix0
Requested by: Host: static.quantcast.mgr.consensu.org
URL: https://static.quantcast.mgr.consensu.org/v32/cmpui-banner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.97.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-6.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 04:42:48 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
vary: Origin
age: 58357
x-cache: Hit from cloudfront
status: 200
content-length: 80
last-modified: Mon, 11 Jun 2018 22:07:34 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: DQWMhn0GhHQDMC2oIgyTKXUf9sGhX41_Agbowjoq2ww_KYQNudQd7Q==

GET
H/1.1 200
OK 0166.jpg
vs237273.vs.hosteurope.de/i/back/ 276 KB
276 KB 36ms
36ms Image
image/jpeg 62.138.21.14
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vs237273.vs.hosteurope.de/i/back/0166.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

62.138.21.14 , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),

Reverse DNS

vs237273.vs.hosteurope.de

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

22a05c98e9bbbc3e9bdd4777c604a2c8b1b5969f1c45e4fa521444b111a998d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Powered-By-Plesk: PleskWin
Strict-Transport-Security: max-age=15768000; includeSubDomains
ETag: "251bc6ba3438d51:0"
Last-Modified: Thu, 11 Jul 2019 22:05:20 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Date: Sun, 29 Mar 2020 21:55:56 GMT
Accept-Ranges: bytes
Content-Length: 282412

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 8C87 0
0 78ms
78ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?app_id=510498218989214&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df20413882acb98%26domain%3Dgodl.de%26origin%3Dhttps%253A%252F%252Fgodl.de%252Ff23a3c821090fc%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.facebook.com%2Fgodl.de&layout=button_count&locale=de_DE&sdk=joey&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/all.js?hash=68a63e96058db90d0f6ec889184f3f16&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?app_id=510498218989214&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D46%23cb%3Df20413882acb98%26domain%3Dgodl.de%26origin%3Dhttps%253A%252F%252Fgodl.de%252Ff23a3c821090fc%26relation%3Dparent.parent&container_width=0&font=arial&href=https%3A%2F%2Fwww.facebook.com%2Fgodl.de&layout=button_count&locale=de_DE&sdk=joey&show_faces=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://godl.de/?ID=106535
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://godl.de/?ID=106535

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 6/nEEjXIR8bYA3OaxOmGyt0nosmDP3F7C8HdQczLFvC5+7SXvPMTG5Gb1+LOHFsiPJPSnt2iFRvJ67c5OK3gXQ==
date: Sun, 29 Mar 2020 20:55:28 GMT Sun, 29 Mar 2020 20:55:28 GMT
alt-svc: h3-27=":443"; ma=3600

GET
H/1.1 200
OK dQJ2Ba7yzJsTo6wZm-5UaoHAVtCQSpOucppzGT9ocB9fRF9pTgs-2qRy8aD6eHQPEegItMXmF9ggp_lzM713J3lI2B0r_F0aFDOa5Q7d_WJXNvaGoNhJq3D5MIeoxhryTbho7heukYUcBx7-vKqkzxFb8tz3LUZhWAJZUiIU-x0aBJ-kNIBvO_VlIbGMq3SG6X-IY...
inpagepush.com/impression/ 43 B
482 B 61ms
24ms Image
image/gif 78.140.191.78
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inpagepush.com/impression/dQJ2Ba7yzJsTo6wZm-5UaoHAVtCQSpOucppzGT9ocB9fRF9pTgs-2qRy8aD6eHQPEegItMXmF9ggp_lzM713J3lI2B0r_F0aFDOa5Q7d_WJXNvaGoNhJq3D5MIeoxhryTbho7heukYUcBx7-vKqkzxFb8tz3LUZhWAJZUiIU-x0aBJ-kNIBvO_VlIbGMq3SG6X-IYtzxAXNVkVN8ISWTPWZMJu2_RDCjKrSjGjcm2s0fGfJaSZeD_OPDFEQXxcdr?z=3109158&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&drf=https%3A%2F%2Fclck.ru.com%2FJObmgp&np=0&pt=0&nb=1&ng=1&ix=0&nw=1

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.78 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Trace-Id: b6c00dfaae43a38482af3a4a8fb886f5
Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:33 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3109158 Show response
inpagepush.com/500/ 0
492 B 56ms
19ms XHR
text/plain 78.140.191.78
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3109158?excludes=5280836&oaid=67f81e0b3bcc41a295634b08b94369de&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&drf=https%3A%2F%2Fclck.ru.com%2FJObmgp&np=0&pt=0&nb=1&ng=1&ix=0&nw=1

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3109158

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.78 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: GET
Origin: https://godl.de
Referer: https://godl.de/?ID=106535
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sun, 29 Mar 2020 20:55:33 GMT
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://godl.de
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Content-Length: 0

GET
H/1.1 200
OK 3109158 Show response
inpagepush.com/500/ 1 KB
2 KB 26ms
25ms XHR
application/javascript 78.140.191.78
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

78.140.191.78 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

f9cfcc6602739d1f72571ee61fd0c3e1f1b8c972bdf47ffc19d053073b1a4d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

Date: Sun, 29 Mar 2020 20:55:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: d73ab6c65214ed240a8e0c2afe6929cb
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://godl.de
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0328983467696.png
static.ptoahaistais.com/contents/s/b4/8b/4b/5ff87cd8273d8205985c652b2e/ 7 KB
7 KB 21ms
21ms Image
image/png 78.140.190.68
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/b4/8b/4b/5ff87cd8273d8205985c652b2e/0328983467696.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.190.68 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 7954a7476b7e237c470baf3797d95e4a06d4d75a754f20d782f77459e088b899

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 29 Mar 2020 20:55:33 GMT
Last-Modified: Wed, 18 Mar 2020 08:47:55 GMT
Server: nginx
ETag: "5e71e03b-1a8e"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 6798

GET
H/1.1 200
OK 0584772231814.png
static.ptoahaistais.com/contents/s/d0/a2/96/f1aade4ffa6cc944798be8a8ff/ Frame EBCE 8 KB
8 KB 21ms
21ms Image
image/png 78.140.190.68
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ptoahaistais.com/contents/s/d0/a2/96/f1aade4ffa6cc944798be8a8ff/0584772231814.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.190.68 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9eeeed75494df44cd4e74a07680ba32eda3cbad010a057e9d27cb696fd1a13f8

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 29 Mar 2020 20:55:33 GMT
Last-Modified: Thu, 31 Jan 2019 10:18:27 GMT
Server: nginx
ETag: "5c52cb73-1e3e"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 7742

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 75 B
270 B 57ms
19ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=28163&adid=11&formatid=video&size=desktop&country=undefined
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Mar 2020 20:55:34 GMT
server: nginx
x-powered-by: PHP/5.4.45
status: 200
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 75
expires: Mon, 30 Mar 2020 20:55:34 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 631 B
666 B 58ms
20ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=28163&adid=28&formatid=30012&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: ee771822046be64e95377bad40921b041966a3bcfec6d9f5257abbc4157a7351

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 435
expires: Mon, 30 Mar 2020 20:55:34 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 628 B
662 B 57ms
20ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=28163&adid=3&formatid=26323&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: fefceea41a01fa1958bbf1492430846e09f8fa840372b49ae48317d98b22e6f3

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 431
expires: Mon, 30 Mar 2020 20:55:34 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 624 B
659 B 56ms
19ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=28163&adid=1&formatid=26322&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 3d569a7af62d067edacef0ea9ae8c36d3980d285237b4f02a195eb14bc84eadc

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 428
expires: Mon, 30 Mar 2020 20:55:34 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 628 B
663 B 57ms
20ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=28163&adid=31&formatid=39287&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: b29ad35fcf2b81ef67ce91514ea53244ba2a05dbcc342b951be394b1eb54d578

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 432
expires: Mon, 30 Mar 2020 20:55:34 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 336 B
480 B 56ms
19ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=28163&adid=20&formatid=26706&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 32f91c1f359991b2462ddc09c426099a9cc725f2c5d4016cd062440906608450

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 249
expires: Mon, 30 Mar 2020 20:55:34 GMT

GET
H2 200 moneybid.js Show response
ads.themoneytizer.com/bidder1/ 336 B
474 B 55ms
18ms XHR
text/html 151.139.241.23
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=28163&adid=2&formatid=26300&size=desktop
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 98e9745d10525432eed705fe697b27758e13058e2c3ac438f2c5960f231f566d

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
server: nginx
status: 200
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Mon, 30 Mar 2020 20:55:34 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
471 B 149ms
106ms XHR
application/json 35.157.40.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=2.44.5&referrer=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&tmax=3000

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.157.40.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-157-40-44.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:34 GMT
status: 200
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://godl.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
137 B 73ms
23ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.44.5&cb=82519676849
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 29 Mar 2020 20:55:33 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://godl.de
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
980 B 150ms
91ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=469120&v=7.2&r=%7B%22id%22%3A%22245712ce7022eb8%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22252143dca1736f2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22469120%22%2C%22sid%22%3A%22640x480%22%7D%2C%22banner%22%3A%7B%22w%22%3A640%2C%22h%22%3A480%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22265f1dec52998b4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22445170%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22272245b2b8377ae%22%2C%22ext%22%3A%7B%22siteID%22%3A%22362128%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2228d8233d4af6ba%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359981%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222998ed08c517f46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359981%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22306ac52054166b3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359981%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22311f969ddb7d988%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359981%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232feeba51770446%22%2C%22ext%22%3A%7B%22siteID%22%3A%22359981%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fclck.ru.com%2FJObmgp%22%2C%22page%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d5e4159f760152188cd2c8204259953aebb04ede026b7c4e6d338766e1d26793

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://godl.de
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Sun, 29 Mar 2020 20:55:34 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
744 B 103ms
45ms XHR
application/json 72.247.225.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=469120&v=8.1&r=%7B%22id%22%3A%22245712ce7022eb8%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22252143dca1736f2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22469120%22%2C%22sid%22%3A%22640x480%22%7D%2C%22video%22%3A%7B%22context%22%3A%22outstream%22%2C%22playerSize%22%3A%5B%5B640%2C480%5D%5D%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%5D%2C%22maxduration%22%3A60%2C%22minduration%22%3A1%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A640%2C%22h%22%3A480%2C%22placement%22%3A4%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fclck.ru.com%2FJObmgp%22%2C%22page%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1&
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.247.225.98 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-225-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d5e4159f760152188cd2c8204259953aebb04ede026b7c4e6d338766e1d26793

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:34 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://godl.de
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Sun, 29 Mar 2020 20:55:34 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 953 B
1 KB 152ms
118ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d6e3f2ac93c26a60d5b00d620dd905fc2e6bead9a6f7988ec78812e19cd4642c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 29 Mar 2020 20:55:36 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.50:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1a712169-34d3-4925-bf5a-bb7d640e57e6
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://godl.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 834 B
1 KB 70ms
35ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

225db53f5914a561e7a073bd4dfbb9e2d6567669f31edace932f13162658eb55

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 29 Mar 2020 20:55:36 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 13889354-70aa-423b-98c2-45349eafb853
Server: nginx/1.13.4
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://godl.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
262 B 73ms
30ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 29 Mar 2020 20:55:34 GMT
server: cloudflare
cf-ray: 57bc7e1a3bc8732f-AMS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2

302

adjson Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=321652836772019.5&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=2977350&bidid=51e8e3cf9e5feeb&transactionid=f2ece287-61ef-...
https://ads.betweendigital.com/adjson?jst=hb&ord=321652836772019.5&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=2977350&bidid=51e8e3cf9e5feeb&transactionid=f2ece287-61ef-...

0
-1 B

173ms
59ms

XHR

188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=321652836772019.5&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=2977350&bidid=51e8e3cf9e5feeb&transactionid=f2ece287-61ef-48cf-8b25-bc7a0914c4da&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=321652836772019.5&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=2977350&bidid=51e8e3cf9e5feeb&transactionid=f2ece287-61ef-48cf-8b25-bc7a0914c4da&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=321652836772019.5&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=2977350&bidid=51e8e3cf9e5feeb&transactionid=f2ece287-61ef-48cf-8b25-bc7a0914c4da&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

GET
H2

302

adjson Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=8197357704079462&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=600&s=3026078&bidid=522464ff4a2794e&transactionid=523d5be8-e8cd-...
https://ads.betweendigital.com/adjson?jst=hb&ord=8197357704079462&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=600&s=3026078&bidid=522464ff4a2794e&transactionid=523d5be8-e8cd-...

0
-1 B

172ms
58ms

XHR

188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=8197357704079462&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=600&s=3026078&bidid=522464ff4a2794e&transactionid=523d5be8-e8cd-47c5-ae18-3a1b92a783b5&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=8197357704079462&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=600&s=3026078&bidid=522464ff4a2794e&transactionid=523d5be8-e8cd-47c5-ae18-3a1b92a783b5&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=8197357704079462&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=600&s=3026078&bidid=522464ff4a2794e&transactionid=523d5be8-e8cd-47c5-ae18-3a1b92a783b5&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

GET
H2

302

adjson Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=208315684950868.28&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=3026079&bidid=533b5813efbe8ae&transactionid=5d7822e6-b117...
https://ads.betweendigital.com/adjson?jst=hb&ord=208315684950868.28&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=3026079&bidid=533b5813efbe8ae&transactionid=5d7822e6-b117...

0
-1 B

172ms
58ms

XHR

188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=208315684950868.28&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=3026079&bidid=533b5813efbe8ae&transactionid=5d7822e6-b117-4dec-9ad6-642421ed6f89&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=208315684950868.28&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=3026079&bidid=533b5813efbe8ae&transactionid=5d7822e6-b117-4dec-9ad6-642421ed6f89&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=208315684950868.28&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=3026079&bidid=533b5813efbe8ae&transactionid=5d7822e6-b117-4dec-9ad6-642421ed6f89&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

GET
H2

302

adjson Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=3310028911581846&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=970&h=250&s=3138548&bidid=549ff2a3019c806&transactionid=d2301689-6917-...
https://ads.betweendigital.com/adjson?jst=hb&ord=3310028911581846&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=970&h=250&s=3138548&bidid=549ff2a3019c806&transactionid=d2301689-6917-...

0
-1 B

172ms
58ms

XHR

188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=3310028911581846&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=970&h=250&s=3138548&bidid=549ff2a3019c806&transactionid=d2301689-6917-434f-9eea-8bc6e0b74582&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=3310028911581846&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=970&h=250&s=3138548&bidid=549ff2a3019c806&transactionid=d2301689-6917-434f-9eea-8bc6e0b74582&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=3310028911581846&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=970&h=250&s=3138548&bidid=549ff2a3019c806&transactionid=d2301689-6917-434f-9eea-8bc6e0b74582&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

GET
H2

302

adjson Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=8917946469248590&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=160&h=600&s=3560152&bidid=55edf21492b1ec1&transactionid=b9e95b48-0538-...
https://ads.betweendigital.com/adjson?jst=hb&ord=8917946469248590&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=160&h=600&s=3560152&bidid=55edf21492b1ec1&transactionid=b9e95b48-0538-...

0
-1 B

172ms
58ms

XHR

188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=8917946469248590&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=160&h=600&s=3560152&bidid=55edf21492b1ec1&transactionid=b9e95b48-0538-44ab-81ff-eb83b69d3295&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=8917946469248590&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=160&h=600&s=3560152&bidid=55edf21492b1ec1&transactionid=b9e95b48-0538-44ab-81ff-eb83b69d3295&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=8917946469248590&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=160&h=600&s=3560152&bidid=55edf21492b1ec1&transactionid=b9e95b48-0538-44ab-81ff-eb83b69d3295&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

GET
H2

302

adjson Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=4934642085059955&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=300&s=3632028&bidid=5670a9500553bd5&transactionid=f5f4a81c-fac0-...
https://ads.betweendigital.com/adjson?jst=hb&ord=4934642085059955&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=300&s=3632028&bidid=5670a9500553bd5&transactionid=f5f4a81c-fac0-...

0
-1 B

172ms
58ms

XHR

188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=4934642085059955&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=300&s=3632028&bidid=5670a9500553bd5&transactionid=f5f4a81c-fac0-4f72-a177-cf4ad231c7d0&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=4934642085059955&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=300&s=3632028&bidid=5670a9500553bd5&transactionid=f5f4a81c-fac0-4f72-a177-cf4ad231c7d0&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-length: 0
location: /adjson?jst=hb&ord=4934642085059955&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=300&s=3632028&bidid=5670a9500553bd5&transactionid=f5f4a81c-fac0-4f72-a177-cf4ad231c7d0&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2285559ea19f03c0f%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2285559ea19f03c0f%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl...

0
-1 B

64ms
21ms

XHR
text/plain

3.124.245.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2285559ea19f03c0f%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22582c733f0acab1d%22%2C%22pid%22%3A%2222123545%22%2C%22tid%22%3A%22ed439310-6f84-4939-9c12-c1e38e4004b7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%22598fb0e6c69ae64%22%2C%22pid%22%3A%2213319419%22%2C%22tid%22%3A%22688b765a-86d0-4f8d-a2dc-a2e191363d0b%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2260e1ecfc845ee91%22%2C%22pid%22%3A%2213319418%22%2C%22tid%22%3A%22f2ece287-61ef-48cf-8b25-bc7a0914c4da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22614dcf6047269a2%22%2C%22pid%22%3A%2222186949%22%2C%22tid%22%3A%22523d5be8-e8cd-47c5-ae18-3a1b92a783b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:34 GMT
access-control-allow-origin: https://godl.de
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2285559ea19f03c0f%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22582c733f0acab1d%22%2C%22pid%22%3A%2222123545%22%2C%22tid%22%3A%22ed439310-6f84-4939-9c12-c1e38e4004b7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%22598fb0e6c69ae64%22%2C%22pid%22%3A%2213319419%22%2C%22tid%22%3A%22688b765a-86d0-4f8d-a2dc-a2e191363d0b%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2260e1ecfc845ee91%22%2C%22pid%22%3A%2213319418%22%2C%22tid%22%3A%22f2ece287-61ef-48cf-8b25-bc7a0914c4da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22614dcf6047269a2%22%2C%22pid%22%3A%2222186949%22%2C%22tid%22%3A%22523d5be8-e8cd-47c5-ae18-3a1b92a783b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Sun, 29 Mar 2020 20:55:34 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2285559ea19f03c0f%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22582c733f0acab1d%22%2C%22pid%22%3A%2222123545%22%2C%22tid%22%3A%22ed439310-6f84-4939-9c12-c1e38e4004b7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%22598fb0e6c69ae64%22%2C%22pid%22%3A%2213319419%22%2C%22tid%22%3A%22688b765a-86d0-4f8d-a2dc-a2e191363d0b%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2260e1ecfc845ee91%22%2C%22pid%22%3A%2213319418%22%2C%22tid%22%3A%22f2ece287-61ef-48cf-8b25-bc7a0914c4da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22614dcf6047269a2%22%2C%22pid%22%3A%2222186949%22%2C%22tid%22%3A%22523d5be8-e8cd-47c5-ae18-3a1b92a783b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://godl.de
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

GET
H2

302

hb Show response
ice.360yield.com/ul_cb/
Redirect Chain

https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2286185258673e8f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F...
https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2286185258673e8f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl...

0
-1 B

66ms
24ms

XHR
text/plain

3.124.245.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2286185258673e8f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226239ab6f2b114bd%22%2C%22pid%22%3A%2222000069%22%2C%22tid%22%3A%225d7822e6-b117-4dec-9ad6-642421ed6f89%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22635abae45dbda21%22%2C%22pid%22%3A%2222032868%22%2C%22tid%22%3A%22d2301689-6917-434f-9eea-8bc6e0b74582%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%22643ac3a8b3a424b%22%2C%22pid%22%3A%2222170882%22%2C%22tid%22%3A%22b9e95b48-0538-44ab-81ff-eb83b69d3295%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2265ace87d9922028%22%2C%22pid%22%3A%2222185926%22%2C%22tid%22%3A%22f5f4a81c-fac0-4f72-a177-cf4ad231c7d0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:34 GMT
access-control-allow-origin: https://godl.de
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2286185258673e8f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226239ab6f2b114bd%22%2C%22pid%22%3A%2222000069%22%2C%22tid%22%3A%225d7822e6-b117-4dec-9ad6-642421ed6f89%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22635abae45dbda21%22%2C%22pid%22%3A%2222032868%22%2C%22tid%22%3A%22d2301689-6917-434f-9eea-8bc6e0b74582%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%22643ac3a8b3a424b%22%2C%22pid%22%3A%2222170882%22%2C%22tid%22%3A%22b9e95b48-0538-44ab-81ff-eb83b69d3295%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2265ace87d9922028%22%2C%22pid%22%3A%2222185926%22%2C%22tid%22%3A%22f5f4a81c-fac0-4f72-a177-cf4ad231c7d0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 302
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

Redirect headers

date: Sun, 29 Mar 2020 20:55:34 GMT
status: 302
location: https://ice.360yield.com:443/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2286185258673e8f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226239ab6f2b114bd%22%2C%22pid%22%3A%2222000069%22%2C%22tid%22%3A%225d7822e6-b117-4dec-9ad6-642421ed6f89%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22635abae45dbda21%22%2C%22pid%22%3A%2222032868%22%2C%22tid%22%3A%22d2301689-6917-434f-9eea-8bc6e0b74582%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%22643ac3a8b3a424b%22%2C%22pid%22%3A%2222170882%22%2C%22tid%22%3A%22b9e95b48-0538-44ab-81ff-eb83b69d3295%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2265ace87d9922028%22%2C%22pid%22%3A%2222185926%22%2C%22tid%22%3A%22f5f4a81c-fac0-4f72-a177-cf4ad231c7d0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://godl.de
access-control-allow-credentials: true
content-type: text/plain
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 232 B
1 KB 69ms
33ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

ee927fc85de581e4ad4bf6283184d4b0639daed6edeb1aa8a42d1da87821303d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:36 GMT
X-Proxy-Origin: 82.102.19.124; 82.102.19.124; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.74:80
AN-X-Request-Uuid: bf6b74b7-06a2-482d-8b44-b78f30e2cfcd
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://godl.de
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 232
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
453 B 32ms
32ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.252 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=2592000
content-encoding: gzip
status: 200
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://godl.de
cache-control: no-cache, no-transform
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Content-Type, Origin, Referer, User-Agent, x-ak-clientip

GET
H2 200 arj Show response
moneytizer-d.openx.net/w/1.0/ 173 B
422 B 51ms
44ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://moneytizer-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=688b765a-86d0-4f8d-a2dc-a2e191363d0b%2Cf2ece287-61ef-48cf-8b25-bc7a0914c4da%2C523d5be8-e8cd-47c5-ae18-3a1b92a783b5%2C5d7822e6-b117-4dec-9ad6-642421ed6f89%2Cd2301689-6917-434f-9eea-8bc6e0b74582%2Cb9e95b48-0538-44ab-81ff-eb83b69d3295%2Cf5f4a81c-fac0-4f72-a177-cf4ad231c7d0&nocache=1585515334710&x_gdpr_f=1&pubcid=d66fca50-78ff-43d0-91be-b1ca3ce6ba85&schain=1.0%2C1!themoneytizer.com%2C28163%2C1%2C%2C%2C&aus=1x1%2C728x90%2C970x90%2C1000x90%2C1000x30%2C990x90%2C950x90%2C300x250%7C728x90%2C320x50%2C300x50%2C320x100%2C300x100%7C300x600%2C300x250%7C728x90%2C320x50%2C300x50%2C320x100%2C300x100%7C970x250%2C1000x30%2C1000x90%2C800x250%2C950x250%2C900x250%2C970x90%7C160x600%7C300x250&divIds=26328%2C30012%2C26323%2C26322%2C39287%2C26706%2C26300&auid=540992440%2C540992433%2C540992430%2C540992430%2C540992430%2C540992430%2C540992430&
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid2_445_2/build/dist/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.182.1 /
Resource Hash: 175c6b8b6d6401a7f932be953da23e34b51b306d0ac6387f45dec99c8f518f7b

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
server: OXGW/16.182.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://godl.de
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 12 KB
5 KB 363ms
363ms XHR
application/json 3.124.245.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2285559ea19f03c0f%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22582c733f0acab1d%22%2C%22pid%22%3A%2222123545%22%2C%22tid%22%3A%22ed439310-6f84-4939-9c12-c1e38e4004b7%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A355%2C%22h%22%3A50%7D%2C%7B%22w%22%3A640%2C%22h%22%3A480%7D%5D%7D%7D%2C%7B%22id%22%3A%22598fb0e6c69ae64%22%2C%22pid%22%3A%2213319419%22%2C%22tid%22%3A%22688b765a-86d0-4f8d-a2dc-a2e191363d0b%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2260e1ecfc845ee91%22%2C%22pid%22%3A%2213319418%22%2C%22tid%22%3A%22f2ece287-61ef-48cf-8b25-bc7a0914c4da%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22614dcf6047269a2%22%2C%22pid%22%3A%2222186949%22%2C%22tid%22%3A%22523d5be8-e8cd-47c5-ae18-3a1b92a783b5%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 116f64cab49a2f8aff6342b0c6fd9da79d9e97f0988c3c067e0da1ed433c10e5

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Mar 2020 20:55:35 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://godl.de
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 4984

GET
H2 200 hb Show response
ice.360yield.com/ul_cb/ 10 KB
4 KB 314ms
313ms XHR
application/json 3.124.245.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/ul_cb/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2286185258673e8f2%22%2C%22version%22%3A%226.0.1-JS-6.2.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2228163%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226239ab6f2b114bd%22%2C%22pid%22%3A%2222000069%22%2C%22tid%22%3A%225d7822e6-b117-4dec-9ad6-642421ed6f89%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%22635abae45dbda21%22%2C%22pid%22%3A%2222032868%22%2C%22tid%22%3A%22d2301689-6917-434f-9eea-8bc6e0b74582%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A800%2C%22h%22%3A250%7D%2C%7B%22w%22%3A950%2C%22h%22%3A250%7D%2C%7B%22w%22%3A900%2C%22h%22%3A250%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%5D%7D%7D%2C%7B%22id%22%3A%22643ac3a8b3a424b%22%2C%22pid%22%3A%2222170882%22%2C%22tid%22%3A%22b9e95b48-0538-44ab-81ff-eb83b69d3295%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%7D%2C%7B%22id%22%3A%2265ace87d9922028%22%2C%22pid%22%3A%2222185926%22%2C%22tid%22%3A%22f5f4a81c-fac0-4f72-a177-cf4ad231c7d0%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%5D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44ffcbc961de1af560e13fb78843701d2c2920c214c663a5134cab0867866598

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 29 Mar 2020 20:55:35 GMT
content-encoding: gzip
status: 200
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://godl.de
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 3953

GET
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
223 B 59ms
57ms XHR
application/json 188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=8197357704079462&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=600&s=3026078&bidid=522464ff4a2794e&transactionid=523d5be8-e8cd-47c5-ae18-3a1b92a783b5&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-encoding: gzip
content-type: application/json

GET
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
223 B 59ms
57ms XHR
application/json 188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=208315684950868.28&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=3026079&bidid=533b5813efbe8ae&transactionid=5d7822e6-b117-4dec-9ad6-642421ed6f89&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-encoding: gzip
content-type: application/json

GET
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
223 B 59ms
58ms XHR
application/json 188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=4934642085059955&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=300&h=300&s=3632028&bidid=5670a9500553bd5&transactionid=f5f4a81c-fac0-4f72-a177-cf4ad231c7d0&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-encoding: gzip
content-type: application/json

GET
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
223 B 60ms
58ms XHR
application/json 188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=3310028911581846&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=970&h=250&s=3138548&bidid=549ff2a3019c806&transactionid=d2301689-6917-434f-9eea-8bc6e0b74582&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-encoding: gzip
content-type: application/json

GET
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
223 B 60ms
59ms XHR
application/json 188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=8917946469248590&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=160&h=600&s=3560152&bidid=55edf21492b1ec1&transactionid=b9e95b48-0538-44ab-81ff-eb83b69d3295&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-encoding: gzip
content-type: application/json

GET
H2 200 adjson Show response
ads.betweendigital.com/ 2 B
223 B 58ms
58ms XHR
application/json 188.42.29.196
SERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=321652836772019.5&tz=-120&fl=0&rr=https%253A%252F%252Fclck.ru.com%252FJObmgp&w=728&h=90&s=2977350&bidid=51e8e3cf9e5feeb&transactionid=f2ece287-61ef-48cf-8b25-bc7a0914c4da&auctionid=a1eeaf2e-c61f-4dc2-8bd1-d07092941273&cur=USD&crf=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.29.196 , Luxembourg, ASN7979 (SERVERS, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://godl.de
content-encoding: gzip
content-type: application/json

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 22 B
2 KB 84ms
34ms Script
application/javascript 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=288036&pgid=1051056&fmtid=26323&async=1&visit=m&tmstp=8837150197&tag=sas_26323&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fgodl.de%2F&hb_bid=moneytizer&hb_cpm=0.01&hb_ccy=USD&hb_dealid=0&noadcbk=sas.noad&schain=1.0,1!themoneytizer.com,28163,1,godl.de,godl.de
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 6fe765632f541a10aa5824b9db74a115f08f775b9960c58f88bf7dac61502955

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
vary: Accept-Encoding
x-smrt-d: 3%3b3%3b140
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache, no-store
content-type: application/javascript; charset=utf-8
content-length: 140
expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 214ms
94ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=28163&f=3&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 29 Mar 2020 20:55:35 GMT
Server: nginx
X-IPLB-Instance: 20687
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 10 KB
5 KB 187ms
103ms Script
application/javascript 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=288036&pgid=1051056&fmtid=26328&async=1&visit=s&tmstp=8837150197&tgt=%3Bhb_adid%3D598fb0e6c69ae64%3Bhb_pb%3D0.25%3Bhb_bidder%3Dimprovedigital%3Bhb_format%3D26328&tag=sas_26328&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fgodl.de%2F&noadcbk=sas.noad
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: da53f8f0cc7d1a17ced25271c0b551d7a16fe94112f2a9a259468eadce811094

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
vary: Accept-Encoding
x-smrt-d: 3%3b0%3b147
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9266802
cache-control: no-cache, no-store
content-type: application/javascript; charset=utf-8
content-length: 3501
expires: -1

GET
H/1.1 200
OK / Show response
c.tmyzer.com/c/ 0
200 B 437ms
311ms XHR
text/html 54.38.64.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.tmyzer.com/c/?s=28163&f=6&fi=0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 29 Mar 2020 20:55:35 GMT
Server: nginx
X-IPLB-Instance: 20688
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK sas-floorad-2.0.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/floorad/ 34 KB
11 KB 223ms
223ms Script
application/x-javascript 2a01:4a0:1338:28::c38a:ff10
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/floorad/sas-floorad-2.0.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: 575a2acdb53e916c99fbaea76ebb9e16ebaf6d23a9830897fdda18fb6319a25a

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Feb 2020 14:22:31 GMT
Server: Apache
ETag: "7f2136501ccc6fa93388fa8719710a84:1582554151"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10528

GET
H/1.1 200
OK ac Show response
ww1097.smartadserver.com/ 2 KB
2 KB 36ms
36ms Script
application/javascript 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1097.smartadserver.com/ac?nwid=1097&siteid=288036&pgid=1051056&fmtid=48311&async=1&visit=s&tmstp=8837150197&tgt=%3Bhb_adid%3Dundefined%3Bhb_pb%3Dundefined%3Bhb_bidder%3Dundefined%3Bhb_format%3D48311&tag=sas_48311&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fgodl.de%2F&noadcbk=sas.noad
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: bacbe4af7b84cc69174467729bc417993d80ee97e8458078d327361552348d06

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:34 GMT
content-encoding: gzip
vary: Accept-Encoding
x-smrt-d: 3%3b22%3b146
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 6251748
cache-control: no-cache, no-store
content-type: application/javascript; charset=utf-8
content-length: 1145
expires: -1

GET
H2 200 ot.js Show response
fo-api.omnitagjs.com/fo-api/ 15 KB
4 KB 72ms
25ms Script
text/javascript 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-api.omnitagjs.com/fo-api/ot.js?Placement=a2000d594c86f6b31d61f1d34ffceb10

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

5dce5473db1f236a89a6a8a5274c2c048ae68e5d418f140c69a614cec7212fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
status: 200
access-control-max-age: 3600
x-envoy-upstream-service-time: 3
pragma: no-cache
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding
expires: 0

GET
H/1.1 200
OK aip
ww1097.smartadserver.com/h/ 43 B
431 B 29ms
28ms Image
image/gif 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1097.smartadserver.com/h/aip?tmstp=8837150197&ckid=3849540379402627960&pubid=22&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d1930%3b%24qt%3d4_1496_29325t%3b%24dma%3d0%3b%24b%3d16740%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d2%3b%24wpc%3d166&uii=257372037046553339&acd=1585515335364&envtype=0&hol_cpm=0.19&visit=S&statid=19&tgt=%24dt%3d1t%3b%3bhb_adid%3dundefined%3bhb_pb%3dundefined%3bhb_bidder%3dundefined%3bhb_format%3d48311%3b%24hc&imptype=0&pgDomain=https%3a%2f%2fgodl.de%2f&capp=0&mcrdbt=1&insid=6251748&siteid=288036&imgid=0&pgid=1051056&fmtid=48311
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:34 GMT
cache-control: no-cache, no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 tbframe.js Show response
cdn.taboola.com/shared/ Frame D49F 14 KB
4 KB 69ms
23ms Script
application/x-javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/shared/tbframe.js
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding: gzip
age: 16504
x-cache: HIT
status: 200
date: Sun, 29 Mar 2020 20:55:35 GMT
x-amz-replication-status: COMPLETED
content-length: 3897
x-amz-id-2: +9hThpZgqSmaNAz6qSOZ5ntBC+PmswuvE+g624KMXtRCjhrN0gRwMPV1+v8IRh54vtpXJbg9sPo=
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
server: AmazonS3
x-timer: S1585515335.498507,VS0,VE0
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
vary: Accept-Encoding
x-amz-request-id: 95F04980218A6F57
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/x-javascript
abp: 92
x-cache-hits: 14714

GET
H2 200 ot_multi_widget.js Show response
fo-static.omnitagjs.com/ 308 KB
85 KB 103ms
27ms Script
application/javascript 23.55.161.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-static.omnitagjs.com/ot_multi_widget.js

Requested by

Host: fo-api.omnitagjs.com
URL: https://fo-api.omnitagjs.com/fo-api/ot.js?Placement=a2000d594c86f6b31d61f1d34ffceb10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.161.7 , United States, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-55-161-7.deploy.static.akamaitechnologies.com

Software

ayl-lb-fra02 /

Resource Hash

cf7e7425a5dbf7b9ab1da4e3cd40064933f4f05de14b6693c93381a52c7042ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Mar 2020 20:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-envoy-upstream-service-time: 0
vary: Accept-Encoding
content-length: 86812
last-modified: Fri, 20 Mar 2020 11:07:51 GMT
server: ayl-lb-fra02
etag: "5e74a407-4ce6b"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=77
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sun, 29 Mar 2020 20:56:52 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/themonetizer-network/ Frame 3EEF 700 KB
177 KB 23ms
23ms Script
application/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2a0c03e6d632d8d1e9f6a7ab097e08b27c28bb781c9fdb6dd892a2698419a19

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: O62DFJyxHoMyY.2dV4hlvE2nEPRUKG_J
content-encoding: gzip
age: 37
x-cache: HIT
status: 200
date: Sun, 29 Mar 2020 20:55:35 GMT
content-length: 180469
x-amz-id-2: s6/12LdqWMU145wAIB/vcmLZh4SLbhUY8fdEWT1vxBtxM7qiId6IVmaBgUdZcfKYKUcvNQa9TZM=
x-served-by: cache-hhn4039-HHN
last-modified: Sun, 29 Mar 2020 11:58:51 GMT
server: AmazonS3
x-timer: S1585515336.544647,VS0,VE0
etag: "5f0f811e87c60506af92e3d8e3261b2e"
vary: Accept-Encoding
x-amz-request-id: 361BF0A1C1DCB2EF
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 70
x-cache-hits: 6

GET
H/1.1 200
OK / Show response
clarium.global.ssl.fastly.net/ Frame 46ED 44 KB
15 KB 82ms
23ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/?wrapper=kvOrV736ysbL2xjqNpLELG0upfU&tpid=a3ZPclY3MzZ5c2JMMnhqcU5wTEVMRzB1cGZVL2ltcHJvdmVkaWdpdGFsOjcyOHg5MA%3D%3D&d=eyJ3aCI6ImEzWlBjbFkzTXpaNWMySk1NbmhxY1U1d1RFVk1SekIxY0daVkwybHRjSEp2ZG1Wa2FXZHBkR0ZzT2pjeU9IZzVNQT09Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsiaW1wcm92ZWRpZ2l0YWwiXSwiaGJfc2l6ZSI6WyI3Mjh4OTAiXX19LCJ3ciI6MH0=
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b3c8179343d042cebe556bc3f147b962982e9a8c3e5a19190015b5aa6175315c

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:35 GMT
Content-Encoding: gzip
Age: 12
X-Cache-Status: hit
X-Cache: HIT
Connection: keep-alive
Content-Length: 14567
Via: 1.1 varnish
X-Served-By: cache-hhn4040-HHN
Pragma: no-cache
Server: nginx
X-Timer: S1585515336.651216,VS0,VE0
ETag: 489058492e400f2cee1261fe9d3787b2d520f0bb
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Expires: Sat, 26 Jul 1997 04:59:59 GMT
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 2

GET
H/1.1 200
OK close-retina.png
ced-ns.sascdn.com/diff/templates/images/ 2 KB
2 KB 11ms
11ms Image
image/png 2a01:4a0:1338:28::c38a:ff10
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff10 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Apache /
Resource Hash: 4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 29 Mar 2020 20:55:35 GMT
Last-Modified: Tue, 21 Nov 2017 13:19:51 GMT
Server: Apache
ETag: "dc45791e534223d16a4d14fa1a1a5f4e:1511270391"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1802

GET
H/1.1 200
OK aip
ww1097.smartadserver.com/h/ 43 B
436 B 44ms
44ms Image
image/gif 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ww1097.smartadserver.com/h/aip?tmstp=8837150197&ckid=4039698716403229257&pubid=0&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d1930%3b%24qt%3d4_1496_29325t%3b%24dma%3d0%3b%24b%3d16740%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200%3b%24wpc%3d2%3b%24wpc%3d166&uii=257653512023279898&acd=1585515335240&envtype=0&visit=S&statid=19&tgt=%24dt%3d1t%3b%3bhb_adid%3d598fb0e6c69ae64%3bhb_pb%3d0.25%3bhb_bidder%3dimprovedigital%3bhb_format%3d26328&imptype=0&pgDomain=https%3a%2f%2fgodl.de%2f&capp=0&mcrdbt=1&insid=9266802&siteid=288036&imgid=24994369&pgid=1051056&fmtid=26328
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:34 GMT
cache-control: no-cache, no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
content-length: 43
expires: -1

GET
H2 200 8d25a534220b7d9a3043.chunk.js Show response
fo-static.omnitagjs.com/fo-static/ 60 KB
13 KB 93ms
24ms Script
application/javascript 23.55.161.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-static.omnitagjs.com/fo-static/8d25a534220b7d9a3043.chunk.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.55.161.7 , United States, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-55-161-7.deploy.static.akamaitechnologies.com

Software

ayl-lb-fra02 /

Resource Hash

0dda111cb158e67fc051a5764f427ae69bbf707dd3706981edd6b68c2689001e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 29 Mar 2020 20:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-envoy-upstream-service-time: 0
vary: Accept-Encoding
content-length: 13230
last-modified: Fri, 20 Mar 2020 11:07:51 GMT
server: ayl-lb-fra02
etag: "5e74a407-ef29"
access-control-max-age: 86400
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=237
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sun, 29 Mar 2020 20:59:32 GMT

GET
H2 200 pixel
tracking.omnitagjs.com/tracking/ 49 B
264 B 72ms
25ms Image
image/gif 185.255.84.155
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.omnitagjs.com/tracking/pixel?event_kind=PLACEMENT_MATCH_BROWSER&attempt=15aef546bc635a30a2000d594c86f6b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.155 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 73
expires: 0

GET
H2 200 pixel
tracking.omnitagjs.com/tracking/ 49 B
119 B 75ms
27ms Image
image/gif 185.255.84.155
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.omnitagjs.com/tracking/pixel?event_kind=AVAIL&attempt=15aef546bc635a30a2000d594c86f6b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.155 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 4
content-length: 73
expires: 0

GET
H2 200 impl.20200329-10-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 3EEF 448 KB
127 KB 24ms
24ms Script
application/javascript 151.101.114.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200329-10-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9434620e5cc3ae92ce0e646fc52393ff366707e3bea07a737cbcb17983f2cb7

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: 6qELXvy1NJrtqIegdY0M_T3vei.eeO5m
content-encoding: gzip
age: 85
x-cache: HIT
status: 200
date: Sun, 29 Mar 2020 20:55:35 GMT
x-amz-replication-status: PENDING
content-length: 129617
x-amz-id-2: OgR3NNZp6yfs+u6caLVLF8hYsy/G7d4BqDJ0TRLXSbMnHcB/3+GfwY/XRiuRb8GjJL8pzNBNa6M=
x-served-by: cache-hhn4039-HHN
last-modified: Sun, 29 Mar 2020 11:20:02 GMT
server: AmazonS3
x-timer: S1585515336.697713,VS0,VE0
etag: "daf07125760dbe8c7313ea5e223a2a4b"
vary: Accept-Encoding
x-amz-request-id: EC25387DD2726186
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 92
x-cache-hits: 1161

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 3EEF 1 KB
1 KB 71ms
24ms Script
application/x-javascript 172.227.85.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.85.103 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-85-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Mon, 30 Mar 2020 20:55:35 GMT

GET
H/1.1 200
OK / Show response
7cwl6ef162.s.ad6media.fr/ Frame 46ED 2 KB
3 KB 168ms
61ms Script
application/javascript 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://7cwl6ef162.s.ad6media.fr/?d=1585515335700&r=https%3A%2F%2Fclck.ru.com%2FJObmgp
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 9c565767027f4cb37614399bf497592c08f34d05c6ae5d7964724aaf18a3d5aa

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:35 GMT
Server: nginx
P3P: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK analytics.js Show response
s.clcktrax.com/2/749359/ Frame 46ED 4 KB
2 KB 682ms
39ms Script
application/javascript 34.240.117.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clcktrax.com/2/749359/analytics.js?dt=7493591543247331943000&pv=30bacea9-8e5d-490b-af99-348b667dbe63&to=3&ti=de68f0c6-921d-46d5-a278-8c487ee7d3b8&di=godl.de&pp=1033&si=245123&ac=112753&pc=13319419&ai=&cr=456945&ap=
Requested by: Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/?wrapper=kvOrV736ysbL2xjqNpLELG0upfU&tpid=a3ZPclY3MzZ5c2JMMnhqcU5wTEVMRzB1cGZVL2ltcHJvdmVkaWdpdGFsOjcyOHg5MA%3D%3D&d=eyJ3aCI6ImEzWlBjbFkzTXpaNWMySk1NbmhxY1U1d1RFVk1SekIxY0daVkwybHRjSEp2ZG1Wa2FXZHBkR0ZzT2pjeU9IZzVNQT09Iiwid2QiOnsiayI6eyJoYl9iaWRkZXIiOlsiaW1wcm92ZWRpZ2l0YWwiXSwiaGJfc2l6ZSI6WyI3Mjh4OTAiXX19LCJ3ciI6MH0=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0146a2e4667d7c8b80379926035bbdeaf18388633dfb2e28035c08f41dc074c6

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:36 GMT
Content-Encoding: gzip
Vary: *
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2023
Expires: 0

GET
H2 200 imp_pixel
ice.360yield.com/ Frame 46ED 43 B
732 B 25ms
24ms Image
image/gif 3.124.245.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ice.360yield.com/imp_pixel?ic=6S2HAHQpaSZuGgRIlWBwwhYfM6DoSz.OWV20bw4EjnPzpCh7W8e9y-Cxi6ijnp80zaHRwAG3WYAstv9FPLrCrfzjmok1t3NeslPEqcU36qXIdguMBGfxAUXyC1sazbCY-g0iiiZEWfVJE6L-tj2rs0cG8k6okNEVbhK1QlMbg4zPdLn9SKVRt3zgCrK6OZ04AyE6K8EAKzLVli9Me1-dGxCmgTAILeqk0CPtzguaevWWJ1uKZOjtpmRYFOr9z.UO.RXw01Kq7gxg1i8Zf3Ii2mZNxDbjLeXOqb74jVGuA7Tm7UHkSXA8CLlqEENjRQskSTFXMXiXGErl3TZiWMQ-3oqOYeAmVl7pJWMEl-xZuzBFY2xQE7d1Sm6tD6iornTjau.8TuzGArnwcRb9W9WOzC3g.pLSukyOeRejkviHsmPuxf8CtbIZI2eVr9-JUjCMuHG3h.gdOfLo6.i3JVGg-LiIKc.RgMiqn3v3AZkf8.D4DFMUgSbovGOr91pEyQt5D.EMVALgvH5lxRDJ-ZebeuqXG304G-HXaLXGZaBQMzirQsFVu5f-uzK4OTfyIY4gdd6yh4v2GmaG.pZmQkxrsVcJFWavEGFX.dKtHaq83beG30R-BcY9vf8hSPEe.mA0od-Q7CrPDA==
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.245.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-245-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 200
date: Sun, 29 Mar 2020 20:55:35 GMT
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 46ED 68 B
345 B 100ms
25ms Image
image/png 18.194.134.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_a3ZPclY3MzZ5c2JMMnhqcU5wTEVMRzB1cGZVL2ltcHJvdmVkaWdpdGFsOjcyOHg5MA==&v=5&s=b7851a5221e37e047814b1742bc2f318e872fc2c&id=eyJwcmViaWQiOnsiYWRJZCI6IjU5OGZiMGU2YzY5YWU2NCIsImNwbSI6MC4yNTM0MjcwMjQ1MzYzNDM3fX0%3D&sb=1&cb=4641440&h=godl.de
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.134.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-134-136.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:35 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET json
trc.taboola.com/themonetizer-godl/trc/3/ Frame 3EEF 0
0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/ Frame 3EEF
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1585515335802&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&c9=
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1585515335802&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&c9=

0
248 B

24ms
23ms

Image
text/plain

172.227.85.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1585515335802&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&c9=
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.85.103 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-85-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:35 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1585515335802&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&c9=
Pragma: no-cache
Date: Sun, 29 Mar 2020 20:55:35 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fo4.js Show response
c.ad6media.fr/ Frame 46ED 123 KB
18 KB 163ms
49ms Script
application/javascript 37.187.190.91
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c.ad6media.fr/fo4.js?116
Requested by: Host: clck.ru.com
URL: https://clck.ru.com/JObmgp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.190.91 , France, ASN16276 (OVH, FR),
Reverse DNS: ip91.ip-37-187-190.eu
Software: nginx /
Resource Hash: 2a5ebe5cbb92df2a6f425698972f6dd83fac0fb5cc4d1cb33c9d526abfd88914

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Nov 2019 15:11:29 GMT
Server: nginx
ETag: W/"5dd7faa1-1eb75"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Cache-Control: max-age=864000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 08 Apr 2020 20:55:35 GMT

GET
H/1.1 200
OK 0
m.ad6media.fr/sa/73485/fo/273233/ Frame 46ED 43 B
269 B 147ms
41ms Image
image/gif 37.187.190.91
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.ad6media.fr/sa/73485/fo/273233/0
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.190.91 , France, ASN16276 (OVH, FR),
Reverse DNS: ip91.ip-37-187-190.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 29 Mar 2020 20:55:35 GMT
Cache-Control: max-age=60
Expires: Sun, 29 Mar 2020 20:56:35 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK img.htm
style.ad6.fr/js/ads/ Frame F016 0
0 144ms
30ms Document
text/html 5.135.32.18
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://style.ad6.fr/js/ads/img.htm?2
Requested by: Host: c.ad6media.fr
URL: https://c.ad6media.fr/fo4.js?116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.32.18 , France, ASN16276 (OVH, FR),
Reverse DNS: ip18.ip-5-135-32.eu
Software: nginx /
Resource Hash

Request headers

Host: style.ad6.fr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://godl.de/?ID=106535
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://godl.de/?ID=106535

Response headers

Server: nginx
Date: Sun, 29 Mar 2020 20:55:36 GMT
Content-Type: text/html
Last-Modified: Tue, 28 Apr 2015 13:05:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"553f85a2-279"
Expires: Tue, 28 Apr 2020 20:55:36 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

GET
H/1.1 200
OK 37117
7cwl6ef162.s.ad6media.fr/p/50057/41414/13/0/0/0/0/1.005/0/0/0/58/0/2255358441213724/ Frame ED82 43 B
264 B 52ms
52ms Image
image/gif 87.98.153.73
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://7cwl6ef162.s.ad6media.fr/p/50057/41414/13/0/0/0/0/1.005/0/0/0/58/0/2255358441213724/37117?&t=v
Requested by: Host: godl.de
URL: https://godl.de/?ID=106535
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 87.98.153.73 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 29 Mar 2020 20:55:36 GMT
Server: nginx
P3P: policyref="https://www.ad6media.fr/w3c/p3p.xml", CP="NOI DEVa TAIa OUR BUS UNI"
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK fes.png
style2.ad6.fr/img/fe/ Frame 46ED 2 KB
2 KB 142ms
30ms Image
image/png 5.135.32.18
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://style2.ad6.fr/img/fe/fes.png
Requested by: Host: c.ad6media.fr
URL: https://c.ad6media.fr/fo4.js?116
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.135.32.18 , France, ASN16276 (OVH, FR),
Reverse DNS: ip18.ip-5-135-32.eu
Software: nginx /
Resource Hash: 67a24a05747c9eecc7baa5f9e806b4aa6c7dec809b11e079b778fd6e69b80cee

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sun, 29 Mar 2020 20:55:36 GMT
Last-Modified: Tue, 26 Apr 2016 16:26:36 GMT
Server: nginx
ETag: "571f96bc-6ba"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1722
Expires: Tue, 28 Apr 2020 20:55:36 GMT

POST
H2 200 marketplace Show response
fo-ssp.omnitagjs.com/fo-ssp/ 12 B
197 B 131ms
130ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://fo-ssp.omnitagjs.com/fo-ssp/marketplace?Attempt=15aef546bc635a30a2000d594c86f6b3&Campaign=e2a82912438eaa7d2f234f778f82c274&Origin=https%3A%2F%2Fgodl.de&RefererUrl=https%3A%2F%2Fclck.ru.com%2FJObmgp&Source=SSP&Url=https%3A%2F%2Fgodl.de%2F%3FID%3D106535&gdpr=true&_=1585515336306

Requested by

Host: fo-static.omnitagjs.com
URL: https://fo-static.omnitagjs.com/ot_multi_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

218b70bea6b6d6425c1efdbe94dfe848031bb5fd7878dfb84bf82f7cc09f904a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sun, 29 Mar 2020 20:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-envoy-upstream-service-time: 103
vary: Accept-Encoding
content-length: 50
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://godl.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H/1.1 200
OK postback Show response
s.clcktrax.com/2/4.60.1/749359/Z2yvIe7ETPTco3Jw/ Frame 46ED 2 B
159 B 110ms
36ms XHR
text/plain 34.240.117.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clcktrax.com/2/4.60.1/749359/Z2yvIe7ETPTco3Jw/postback?oz_pl=1&ai=&cr=456945&ac=112753&pp=1033&dt=7493591543247331943000&pc=13319419&to=3&di=godl.de&ap=&si=245123&pv=30bacea9-8e5d-490b-af99-348b667dbe63&ti=de68f0c6-921d-46d5-a278-8c487ee7d3b8&ci=749359
Requested by: Host: s.clcktrax.com
URL: https://s.clcktrax.com/2/749359/analytics.js?dt=7493591543247331943000&pv=30bacea9-8e5d-490b-af99-348b667dbe63&to=3&ti=de68f0c6-921d-46d5-a278-8c487ee7d3b8&di=godl.de&pp=1033&si=245123&ac=112753&pc=13319419&ai=&cr=456945&ap=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 29 Mar 2020 20:55:36 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
H/1.1 200
OK main.js Show response
s.clcktrax.com/2/4.60.1/ Frame 46ED 111 KB
33 KB 37ms
37ms Script
application/javascript 34.240.117.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clcktrax.com/2/4.60.1/main.js
Requested by: Host: s.clcktrax.com
URL: https://s.clcktrax.com/2/749359/analytics.js?dt=7493591543247331943000&pv=30bacea9-8e5d-490b-af99-348b667dbe63&to=3&ti=de68f0c6-921d-46d5-a278-8c487ee7d3b8&di=godl.de&pp=1033&si=245123&ac=112753&pc=13319419&ai=&cr=456945&ap=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5629e5f04397ceeae4db4c51a4ba29a7c98c33c9e5cb3b8e7398c46ec82a6ef6

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 29 Mar 2020 20:55:36 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, no-transform, immutable, max-age=9999999
Timing-Allow-Origin: *
Content-Length: 33312
Expires: Fri, 01 Jan 2038 00:00:00 GMT

GET
H2 200 pixel
tracking.omnitagjs.com/tracking/ 49 B
139 B 25ms
25ms Image
image/gif 185.255.84.155
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.omnitagjs.com/tracking/pixel?event_kind=INVENTORY_PASSBACK&attempt=15aef546bc635a30a2000d594c86f6b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.155 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 73
expires: 0

GET
H2 200 pixel
tracking.omnitagjs.com/tracking/ 49 B
119 B 29ms
29ms Image
image/gif 185.255.84.155
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracking.omnitagjs.com/tracking/pixel?event_kind=INVENTORY_PASSBACK_PUBLISHER&attempt=15aef546bc635a30a2000d594c86f6b3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.155 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://godl.de/?ID=106535
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sun, 29 Mar 2020 20:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 6
content-length: 73
expires: 0

POST
H/1.1 200
OK postback Show response
s.clcktrax.com/2/4.60.1/749359/Z2yvIe7ETPTco3Jw/ Frame 46ED 2 B
159 B 61ms
36ms XHR
text/plain 34.240.117.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clcktrax.com/2/4.60.1/749359/Z2yvIe7ETPTco3Jw/postback?ai=&cr=456945&ac=112753&pp=1033&dt=7493591543247331943000&pc=13319419&to=3&di=godl.de&ap=&si=245123&pv=30bacea9-8e5d-490b-af99-348b667dbe63&ti=de68f0c6-921d-46d5-a278-8c487ee7d3b8&ci=749359&oz_tc=Z2yvIe7ETPTco3Jw&oz_sc=c7b47916bf4f7424a23fe2f0&oz_st=1585515336386&oz_v=4.60.1&dp=godl.de&oz_df=85&oz_l=3354&cv=3
Requested by: Host: s.clcktrax.com
URL: https://s.clcktrax.com/2/4.60.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 29 Mar 2020 20:55:36 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

POST
H/1.1 200
OK postback Show response
s.clcktrax.com/2/4.60.1/749359/Z2yvIe7ETPTco3Jw/ Frame 46ED 2 B
159 B 97ms
36ms XHR
text/plain 34.240.117.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clcktrax.com/2/4.60.1/749359/Z2yvIe7ETPTco3Jw/postback?oz_pl=1&ai=&cr=456945&ac=112753&pp=1033&dt=7493591543247331943000&pc=13319419&to=3&di=godl.de&ap=&si=245123&pv=30bacea9-8e5d-490b-af99-348b667dbe63&ti=de68f0c6-921d-46d5-a278-8c487ee7d3b8&ci=749359
Requested by: Host: s.clcktrax.com
URL: https://s.clcktrax.com/2/749359/analytics.js?dt=7493591543247331943000&pv=30bacea9-8e5d-490b-af99-348b667dbe63&to=3&ti=de68f0c6-921d-46d5-a278-8c487ee7d3b8&di=godl.de&pp=1033&si=245123&ac=112753&pc=13319419&ai=&cr=456945&ap=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 29 Mar 2020 20:55:36 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET
BLOB 200
OK 05eb339e-3647-4cec-a030-6739773429e0
https://godl.de/ Frame 46ED 476 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://godl.de/05eb339e-3647-4cec-a030-6739773429e0
Requested by: Host: s.clcktrax.com
URL: https://s.clcktrax.com/2/4.60.1/main.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e811b97dc60cf37a74f0bffee4222c2697e409c2cc78548e47b3384926c4338

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 476

POST
H/1.1 200
OK postback Show response
s.clcktrax.com/2/4.60.1/749359/Z2yvIe7ETPTco3Jw/ Frame 46ED 2 B
159 B 70ms
37ms XHR
text/plain 34.240.117.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clcktrax.com/2/4.60.1/749359/Z2yvIe7ETPTco3Jw/postback?ai=&cr=456945&ac=112753&pp=1033&dt=7493591543247331943000&pc=13319419&to=3&di=godl.de&ap=&si=245123&pv=30bacea9-8e5d-490b-af99-348b667dbe63&ti=de68f0c6-921d-46d5-a278-8c487ee7d3b8&ci=749359&oz_tc=Z2yvIe7ETPTco3Jw&oz_sc=c7b47916bf4f7424a23fe2f0&oz_st=1585515336386&oz_v=4.60.1&dp=godl.de&oz_df=128&oz_l=4862&cv=3
Requested by: Host: s.clcktrax.com
URL: https://s.clcktrax.com/2/4.60.1/main.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.240.117.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-117-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://godl.de/?ID=106535
Origin: https://godl.de
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 29 Mar 2020 20:55:36 GMT
Timing-Allow-Origin: *
Content-Length: 2
Content-Type: text/plain

GET action
ww1097.smartadserver.com/track/ 0
0

GET 0008.jpg
vs237273.vs.hosteurope.de/i/back/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.webeaglepower.com
URL: https://www.webeaglepower.com/images/ban468.jpg

Domain: trc.taboola.com
URL: https://trc.taboola.com/themonetizer-godl/trc/3/json?tim=22%3A55%3A35.761&lti=deflated&data=%7B%22id%22%3A859%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1585515335758%2C%22cv%22%3A%2220200329-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgodl.de%2F%3FID%3D106535%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22e%22%3A%22https%3A%2F%2Fclck.ru.com%2FJObmgp%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22qs%22%3A%22%3FID%3D106535%22%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-c%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22288036-GRAND%20ANGLE%22%2C%22orig_uip%22%3A%22288036-GRAND%20ANGLE%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D

Domain: ww1097.smartadserver.com
URL: https://ww1097.smartadserver.com/track/action?sid=1585515335345&pid=1051056&iid=9266802&cid=24994369&key=viewcount&ts=1585515335345

Domain: vs237273.vs.hosteurope.de
URL: https://vs237273.vs.hosteurope.de/i/back/0008.jpg

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zeotap.com/	1970-01-19 08:26:41	Name: zsc Value: l%7F%8D9%90%C5%B6%F5%FC5g%C2%A6%BD%A9%E7%DF%9B%E6M%ACSF%CF%E0%81%FDDz%DF%FE%AF%5B%95%5E%1F-%F2ia%E5%F6%C1%CB%EC%ECj%5E%CF%09%C5%CA%2A%09%F9%B6q%07%7C%03hN%09%04%F02Bc%93c%8C%88%F4%8ET%C3X%F0v%93%1C%00N%CAk%01%F3%DCD%1A%5C%B5%F7%23%85%80%D4
.zeotap.com/	1970-01-23 00:01:15	Name: zc Value: 842e2bf9-4099-49c9-44aa-712b0f4c0bdb
.zeotap.com/	1970-01-23 00:01:15	Name: zc1 Value: 842e2bf9-4099-49c9-44aa-712b0f4c0bdb
.godl.de/	1970-01-19 08:25:18	Name: __PPU_BACKCLCK_3109142 Value: true
godl.de/	1969-12-31 23:59:59	Name: _cmpQcif3pcsupported Value: 1
.godl.de/	1970-01-19 08:25:17	Name: __utmb Value: 70168966.1.10.1585515325
.godl.de/	1969-12-31 23:59:59	Name: __utmc Value: 70168966
.godl.de/	1970-01-19 12:48:03	Name: __utmz Value: 70168966.1585515325.1.1.utmcsr=clck.ru.com\|utmccn=(referral)\|utmcmd=referral\|utmcct=/JObmgp
.godl.de/	1970-01-19 08:25:15	Name: __utmt Value: 1
.godl.de/	1970-01-20 01:56:27	Name: __utma Value: 70168966.343894665.1585515325.1585515325.1585515325.1
godl.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: a7a68078814cf3ecb5054f803f331b1a

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	(Line 1) Message: TypeError: Cannot read property 'setItem' of null
console-api	log	URL: https://cdn.purpleads.io/load.js(Line 1) Message: %c PurpleAds %s background: #7434eb; color: #fff; border-radius:1px 0.2.2
console-api	warning	URL: https://static.quantcast.mgr.consensu.org/v32/cmpui-banner.js(Line 1) Message: Unable to get NonIab Vendor list.
console-api	log	URL: https://script.4dex.io/localstore.js(Line 1) Message: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://ads.themoneytizer.com/s/requestform.js?siteId=28163&formatId=3(Line 1023) Message: undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7cwl6ef162.s.ad6media.fr
ads.betweendigital.com
ads.themoneytizer.com
adservice.google.com
adservice.google.de
adtrack.adleadevent.com
ajax.googleapis.com
allstat-pp.ru
an.yandex.ru
api.purpleads.io
api.quantcast.mgr.consensu.org
as-sec.casalemedia.com
audit.quantcast.mgr.consensu.org
avatars.mds.yandex.net
bidder.criteo.com
c.ad6media.fr
c.tmyzer.com
cdn.purpleads.io
cdn.taboola.com
cdnjs.cloudflare.com
ced-ns.sascdn.com
clarium.global.ssl.fastly.net
clck.ru.com
connect.facebook.net
d2zur9cc2gf1tx.cloudfront.net
dmx.districtm.io
fo-api.omnitagjs.com
fo-ssp.omnitagjs.com
fo-static.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
g.themoneytizer.net
godl.de
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
inpagepush.com
js-sec.indexww.com
m.ad6media.fr
mc.yandex.ru
moneytizer-d.openx.net
my.rtmark.net
ofgogoatan.com
onetag-sys.com
p.cpx.to
pagead2.googlesyndication.com
propu.sh
protected-by.clarium.io
ps.eyeota.net
quantcast.mgr.consensu.org
rules.quantcount.com
s.clcktrax.com
sb.scorecardresearch.com
script.4dex.io
secure.quantserve.com
spl.zeotap.com
ssl.google-analytics.com
static.ptoahaistais.com
static.quantcast.mgr.consensu.org
stats.g.doubleclick.net
style.ad6.fr
style2.ad6.fr
tag.contextweb.com
tag.leadplace.fr
tlx.3lift.com
tpc.googlesyndication.com
tracking.omnitagjs.com
trc.taboola.com
use.fontawesome.com
vendorlist.consensu.org
vs237273.vs.hosteurope.de
ww1097.smartadserver.com
www.bing.com
www.facebook.com
www.google.com
www.google.de
www.googletagservices.com
www.webeaglepower.com
yastatic.net
trc.taboola.com
vs237273.vs.hosteurope.de
ww1097.smartadserver.com
www.webeaglepower.com
104.16.190.66
13.224.194.93
13.225.73.41
13.225.87.221
143.204.202.93
143.204.97.6
145.239.192.166
145.239.193.145
151.101.113.194
151.101.114.2
151.139.241.23
172.227.85.103
176.34.251.17
178.250.0.165
18.194.134.136
185.255.84.150
185.255.84.155
185.33.220.145
185.86.137.32
188.42.29.196
188.72.202.2
188.72.202.229
23.111.9.35
23.55.161.7
2600:9000:2057:6400:1:af78:4c0:93a1
2600:9000:2057:dc00:6:44e3:f8c0:93a1
2600:9000:20eb:dc00:9:46dc:4700:93a1
2600:9000:214f:9a00:9:46dc:4700:93a1
2606:4700:10::6816:1857
2606:4700:3035::681f:4f76
2606:4700::6811:4004
2606:4700:e0::ac40:6304
2620:1ec:c11::200
2a00:1450:4001:806::2001
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:815::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:821::200a
2a00:1450:4001:824::200a
2a00:1450:4001:825::2002
2a00:1450:400c:c0c::9c
2a01:488:42:1000:b24d:6b9d:fff9:e2c8
2a01:4a0:1338:28::c38a:ff10
2a02:2638::1c
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.214.165
3.124.245.94
34.240.117.131
34.95.120.147
35.157.40.44
37.187.190.91
5.135.32.18
51.89.9.252
54.236.96.85
54.38.64.100
62.138.21.14
72.247.225.98
74.214.194.132
78.140.190.68
78.140.191.78
87.98.153.73
89.19.36.50
91.228.74.187
92.38.252.165
001c2984ebf5eb5558b1039695d020c76566d2c272a49cc10d24c5a3fe4596d2
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
0146a2e4667d7c8b80379926035bbdeaf18388633dfb2e28035c08f41dc074c6
038ad5875aae55b179a6141cd59fa5a2fba21cf455cedc6534fec466eb943633
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04c09c559ee4466f1c8222154785339dbc93574010018691908606abacfc1cbd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0dda111cb158e67fc051a5764f427ae69bbf707dd3706981edd6b68c2689001e
1040524488ed79f799ceea66b7bd89a0abd737188c361fc50b9666589a7a2fef
116f64cab49a2f8aff6342b0c6fd9da79d9e97f0988c3c067e0da1ed433c10e5
119dc01361c3dc1579a8c11c181661fbdb5f6904518bad864afc052f2259aa67
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
175c6b8b6d6401a7f932be953da23e34b51b306d0ac6387f45dec99c8f518f7b
1f71cda9ecc5006fb453c9761058c0828d30d4a7f891283718da1b545ab2afb1
212be4c54718895beabcc9ea55a5d53249305e9c069c2a61a557f9339c2bbabb
218b70bea6b6d6425c1efdbe94dfe848031bb5fd7878dfb84bf82f7cc09f904a
22185f510bff003e8504a6bff1759a96e745cb019155405c55fd2263898c6151
225db53f5914a561e7a073bd4dfbb9e2d6567669f31edace932f13162658eb55
22a05c98e9bbbc3e9bdd4777c604a2c8b1b5969f1c45e4fa521444b111a998d6
22e6a49646b91c50125eaf91d41de7929b952222e9e76071060bd9867b73ec55
24bf1a2a6beaa20614d051946d3b55e842155ef7021fe0c968bbeee3ee727840
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a5ebe5cbb92df2a6f425698972f6dd83fac0fb5cc4d1cb33c9d526abfd88914
2cf3e1c85dc5c09bf3d891cf0559fa428a8d317732610e84a1932be29c6d80f4
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2f56ed1d858d9943e66c20b7ea7831f2ffa55cf91ee53d35af3ba055ef336cef
32f91c1f359991b2462ddc09c426099a9cc725f2c5d4016cd062440906608450
3399c3c2f5cec348a26de0b0ffa1cd835ee6cdb8e7c0924a2c4f5e50a1f282c3
3d569a7af62d067edacef0ea9ae8c36d3980d285237b4f02a195eb14bc84eadc
3e811b97dc60cf37a74f0bffee4222c2697e409c2cc78548e47b3384926c4338
3fd3d93f4b71c891005240b5ddb47c4c21a2479f03069387af6504dba1d6c185
44ffcbc961de1af560e13fb78843701d2c2920c214c663a5134cab0867866598
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
4ce9b9103e27796acc9fe2036a85698f4473e96e7fc4153a6d8b9967f35aa9f4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55bac1d6e7e1047cf9d7162a19341d3c60c3d3e2e124cc566eb198d483eb0d1b
5629e5f04397ceeae4db4c51a4ba29a7c98c33c9e5cb3b8e7398c46ec82a6ef6
569868dec90d8a1e92f31a959d4f06b91b2c68dd95cc05d8057aa3b8583fc058
569a04a3d726a53c11457891156f47f2e5241800c18f2f39fed6e63e70fd6f6b
575a2acdb53e916c99fbaea76ebb9e16ebaf6d23a9830897fdda18fb6319a25a
5982f897398489eb413c6b74baf38686668206eeadcba824beea24d86a1d1686
5a4061ff8312e2ad494bd984b7df966438232be64a3b284ab69f66c6705009a6
5c0e9940676227b089871a760a8bcdd5632b8d0057e710c8862240a753fa2d26
5d3f0a21de382a346b8e091185851f55a9df3eaab83346dc7ff84a84382c7aad
5dce5473db1f236a89a6a8a5274c2c048ae68e5d418f140c69a614cec7212fd0
5fa2858417f7ece2f8a811fe45c0d10a0e92514891a8990eba8f8f4f79341130
6409a9e63708d979c9938554c3afce7a83669526cc0aae929cb235655c2bc227
649144be1fa79362df36ab951a8b94ba05f5e7f1a484224bf9dc7f333fdb60dd
654d76f1e26d16d1c0d3ae4d36ed1f8ff84f346c429ad59597acf699c36fc811
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67a24a05747c9eecc7baa5f9e806b4aa6c7dec809b11e079b778fd6e69b80cee
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a4be08fb09730df32409558225e24488fdc60e6bfe891fd3c6768f1cd0183d9
6fe765632f541a10aa5824b9db74a115f08f775b9960c58f88bf7dac61502955
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
75a6b7aaa44c6280ffec5719d847f60aa39c3f73bb24bb357a3d4fbfe13f63c2
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
7954a7476b7e237c470baf3797d95e4a06d4d75a754f20d782f77459e088b899
7e0327b4c3fa3bee3da4e9ec1d73dad4c2eadbacbbf5e13dbd20768417a75b19
84da232969169dd946b70486569c2f0da1afab8990f8a9be316814845b38fc0f
85c1d4efbf53b669b37f4a6efe6a0c942e3465db6ebc0812c6c22139938c6576
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87562d3773ffab3d0716a70faa73c38b322fde3b8f265c3d646a3cea976ef67e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d66ef23600c42a07b805460c9de8d8eca8ce0a1a41bafdf896053001348e6f1
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
969d3b8c3b846ba9d4dd5fa3936ec2c610f4f9f67f6f880cc9b00ebda3414083
98e9745d10525432eed705fe697b27758e13058e2c3ac438f2c5960f231f566d
9accb81dc640b6b324637d383549403bf8307d49095b25c7560762c0ace7db0e
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
9bab0b174425982331c71791b61db7a1194be7a08bcad2a265d5ca9e21753dc5
9c565767027f4cb37614399bf497592c08f34d05c6ae5d7964724aaf18a3d5aa
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9eeeed75494df44cd4e74a07680ba32eda3cbad010a057e9d27cb696fd1a13f8
9fa8c2bb49f0e9e391d87f70459663c0e3898f32d4506c81239151b9c0b870d6
a0f4abf087368a45dc01609aa814906c19330084d8a00fe6e0c8ee4595187ace
a10dbac8f7c70febf2d0fa0be83c0490679aa3f71303ea82cf5848ae1539e7f6
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a323f4957960c6c1cf494dc3b52e1e38a97a152bedf3b9a78df4d6b60c9d00b6
a3977efef5215f018d68e249348803f07c8d4828660fd154ffc72d2b85afedde
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a4912d4672193aaabe4d977455cf9e2209e14c40dea212cfe1fd7020e217b19b
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
af09b9bd74ea15400b5bcd12eaade61868a20163a6ed7cc4f61f884bd921e0a3
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b29ad35fcf2b81ef67ce91514ea53244ba2a05dbcc342b951be394b1eb54d578
b3c8179343d042cebe556bc3f147b962982e9a8c3e5a19190015b5aa6175315c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b5770296964d94c22c5e1910d596ad954432f78031b3a2911e9e4fea39a9e839
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
b9434620e5cc3ae92ce0e646fc52393ff366707e3bea07a737cbcb17983f2cb7
b9cf49ec5807095791848db6a47329d094ac6c0afbae5c1cf366d2f28bd8dab3
bacbe4af7b84cc69174467729bc417993d80ee97e8458078d327361552348d06
bc73cc3b5fbc98895f0b459237df3d9aa111098c787650e72cda7eadf27388df
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
c1c0c9b24cf2a4cbf4745ba37f60057af70ce51e97d45a63e700dadc503a37d6
c2a0c03e6d632d8d1e9f6a7ab097e08b27c28bb781c9fdb6dd892a2698419a19
c357f597ae58b89b41335942c7de0b7082db6f6807e4f49c54def56673155488
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
ca8ff94e6fe2b8f2f121a6168758f99c3ab90daf0265c9bbb3811d1589b63e88
ce001627506034a4b34f4e15d58a1a64846263474a8c85c5a63a140571e1c664
cf7e7425a5dbf7b9ab1da4e3cd40064933f4f05de14b6693c93381a52c7042ab
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d0246e18bcaf3fcbce917edc472e225ae78daa316f6e20af8c7f289e91e6dec8
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d5e4159f760152188cd2c8204259953aebb04ede026b7c4e6d338766e1d26793
d6e3f2ac93c26a60d5b00d620dd905fc2e6bead9a6f7988ec78812e19cd4642c
d97d906a4f2d89a3416faf010b964bdea98cb3a0809bf107e159dcde435e7c68
da53f8f0cc7d1a17ced25271c0b551d7a16fe94112f2a9a259468eadce811094
dc804d691659700a97702a671ef7e6ad9ee33ddf2faf9afb2b6ca15951185bd2
de5d52346618bc3cec79943f10d4337000dfe9225eb5b21b6db1ade7b6ad0c5a
de9ff9cd066e50ccd63484434cf71b850d6405fcdbbaeaf99e76c1eec00a5306
df9a2900c4371b4772b4a95ca36d63698fac8d9eca0dfa36689675853d1ed8f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7c60749c1d62942a8e0a6f901800bd14ff3094251373626cd99a8875c6391
ee771822046be64e95377bad40921b041966a3bcfec6d9f5257abbc4157a7351
ee927fc85de581e4ad4bf6283184d4b0639daed6edeb1aa8a42d1da87821303d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f0aa42c74182d97828db4d6769b8c96a63d97349668969b8ad223fa794290e47
f1e572871055c1d0e152936f664d5fb075f505b99b412a4776f65a7abe80b505
f97ec5960125c6c0670092535fbc756661d0133dc144f8d2c900d950c8c932b0
f99c302297ad86833244d22b10eb0475a29677a16213a4a20e9371ee0486ba8c
f9cfcc6602739d1f72571ee61fd0c3e1f1b8c972bdf47ffc19d053073b1a4d5f
fa1aec912b1105901f920c39eed96ffc302b7b9834559fd05d9f499003f1cb45
fa367d459d8a6e0e561310bffc233bcd6193fe984ecd62c34d87e6d2bbdf358b
fcd8e5faedb2e8b4db653598635f424279c6cd7a58ea9b8d31f511ae5d3dd501
fefceea41a01fa1958bbf1492430846e09f8fa840372b49ae48317d98b22e6f3
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

godl.de Open in urlscan Pro 2a01:488:42:1000:b24d:6b9d:fff9:e2c8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

200 Requests

98 %HTTPS

40 %IPv6

61 Domains

80 Subdomains

71 IPs

9 Countries

3000 kBTransfer

8227 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

godl.de Open in urlscan Pro
2a01:488:42:1000:b24d:6b9d:fff9:e2c8 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

98 %
HTTPS

40 %
IPv6

61
Domains

80
Subdomains

71
IPs

9
Countries

3000 kB
Transfer

8227 kB
Size

11
Cookies

200 HTTP transactions
3 data transactions