fw.dnslink.com Open in urlscan Pro
209.15.13.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://domainassetmanager.de/
Effective URL:
http://fw.dnslink.com/?domainname=dutchbul.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
Submission: On May 17 via manual (May 17th 2021, 8:03:41 pm UTC) from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 12 domains to perform 17 HTTP transactions. The main IP is 209.15.13.134, located in Toronto, Canada and belongs to COGECO-PEER1, CA. The main domain is fw.dnslink.com.

This is the only time fw.dnslink.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	78.46.155.196 78.46.155.196	24940 (HETZNER-AS) (HETZNER-AS)
1	108.161.188.132 108.161.188.132	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 4	167.233.8.197 167.233.8.197	24940 (HETZNER-AS) (HETZNER-AS)
1	176.123.7.125 176.123.7.125	200019 (ALEXHOST) (ALEXHOST)
2	159.69.83.207 159.69.83.207	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	209.15.13.134 209.15.13.134	13768 (COGECO-PEER1) (COGECO-PEER1)
17	9

6 78.46.155.196 (Alheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: dedi3962.your-server.de

domainassetmanager.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
harzfriends.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xiku.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.harzfriends.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sylverlight.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.188.132 (United States)

ASN33438 (HIGHWINDS2, US)

trafficclub-nde.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.233.8.197 (Hallbergmoos, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.197.8.233.167.clients.your-server.de

track.traffic.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.vcdc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.123.7.125 (Chisinau, Moldova)

ASN200019 (ALEXHOST, MD)
PTR: 176-123-7-125.alexhost.md

zixu.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.83.207 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.207.83.69.159.clients.your-server.de

www.dutchbul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.15.13.134 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)

fw.dnslink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	vcdc.com 1 redirects track.vcdc.com	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	dutchbul.com www.dutchbul.com	2 KB
2	harzfriends.de harzfriends.de www.harzfriends.de	1 KB
2	domainassetmanager.de 1 redirects domainassetmanager.de	854 B
1	dnslink.com fw.dnslink.com	1 KB
1	sylverlight.net sylverlight.net	451 B
1	zixu.de zixu.de	602 B
1	traffic.club track.traffic.club	251 B
1	googleapis.com ajax.googleapis.com	29 KB
1	netdna-ssl.com trafficclub-nde.netdna-ssl.com	3 KB
1	xiku.de xiku.de	552 B
17	12

	Domain	Requested by
3	track.vcdc.com	1 redirects www.dutchbul.com track.vcdc.com
3	www.google-analytics.com	www.google-analytics.com
2	www.dutchbul.com	www.dutchbul.com
2	domainassetmanager.de	1 redirects
1	fw.dnslink.com	track.vcdc.com
1	sylverlight.net
1	zixu.de	www.harzfriends.de
1	track.traffic.club	trafficclub-nde.netdna-ssl.com
1	ajax.googleapis.com	trafficclub-nde.netdna-ssl.com
1	trafficclub-nde.netdna-ssl.com	www.harzfriends.de
1	www.harzfriends.de	xiku.de
1	xiku.de
1	harzfriends.de	domainassetmanager.de
17	13

This site contains no links.

Subject Issuer	Validity	Valid
domainassetmanager.de Encryption Everywhere DV TLS CA - G1	`2020-11-08` - `2021-11-08`	a year	crt.sh
harzfriends.de Encryption Everywhere DV TLS CA - G1	`2020-11-08` - `2021-11-08`	a year	crt.sh
xiku.de Encryption Everywhere DV TLS CA - G1	`2020-08-27` - `2021-08-28`	a year	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-03-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
track.traffic.club GlobeSSL DV CA	`2021-01-05` - `2022-01-05`	a year	crt.sh
zixu.de GlobeSSL DV CA	`2020-10-08` - `2021-10-08`	a year	crt.sh
sylverlight.net Encryption Everywhere DV TLS CA - G1	`2021-01-13` - `2022-01-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
track.vcdc.com GlobeSSL DV CA	`2020-10-28` - `2021-10-28`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://fw.dnslink.com/?domainname=dutchbul.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
Frame ID: 79630150935385B789DAC7DA670B9C46
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://domainassetmanager.de/ HTTP 301
https://domainassetmanager.de/ Page URL
https://harzfriends.de/myred/splitter.php Page URL
https://xiku.de/ Page URL
https://www.harzfriends.de/myred/114.php?f=x Page URL
https://zixu.de/ Page URL
https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5kdXRjaGJ1bC5jb20=&hash=60f86bb07c9a34... Page URL
http://www.dutchbul.com/ Page URL
https://track.vcdc.com/?mid=114&f=114&domain=dutchbul.com Page URL
https://track.vcdc.com/go.php?mid=114&f=114&domain=dutchbul.com&ref=http://www.dutchbul.com/ HTTP 302
https://track.vcdc.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWR1dGNoYnVsLmNv... Page URL
http://fw.dnslink.com/?domainname=dutchbul.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

17
Requests

82 %
HTTPS

33 %
IPv6

12
Domains

13
Subdomains

9
IPs

4
Countries

60 kB
Transfer

147 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://domainassetmanager.de/ HTTP 301
https://domainassetmanager.de/ Page URL
https://harzfriends.de/myred/splitter.php Page URL
https://xiku.de/ Page URL
https://www.harzfriends.de/myred/114.php?f=x Page URL
https://zixu.de/ Page URL
https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5kdXRjaGJ1bC5jb20=&hash=60f86bb07c9a34de5f67a0400d120352 Page URL
http://www.dutchbul.com/ Page URL
https://track.vcdc.com/?mid=114&f=114&domain=dutchbul.com Page URL
https://track.vcdc.com/go.php?mid=114&f=114&domain=dutchbul.com&ref=http://www.dutchbul.com/ HTTP 302
https://track.vcdc.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWR1dGNoYnVsLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=eecfb60ac0d5ddbf1b43b54b54eab7f1 Page URL
http://fw.dnslink.com/?domainname=dutchbul.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://domainassetmanager.de/ HTTP 301
https://domainassetmanager.de/

Request Chain 11

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 14

http://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=1991237987&t=pageview&_s=2&dl=http%3A%2F%2Fwww.dutchbul.com%2F&ul=en-us&de=UTF-8&dt=dutchbul.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=464017739.1621281807&tid=UA-43967021-7&_gid=1558924963.1621281807&cd1=splitter&cd2=10&cd3=no&z=371794980 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=1991237987&t=pageview&_s=2&dl=http%3A%2F%2Fwww.dutchbul.com%2F&ul=en-us&de=UTF-8&dt=dutchbul.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=464017739.1621281807&tid=UA-43967021-7&_gid=1558924963.1621281807&cd1=splitter&cd2=10&cd3=no&z=371794980

Request Chain 15

https://track.vcdc.com/go.php?mid=114&f=114&domain=dutchbul.com&ref=http://www.dutchbul.com/ HTTP 302
https://track.vcdc.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWR1dGNoYnVsLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=eecfb60ac0d5ddbf1b43b54b54eab7f1

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
domainassetmanager.de/
Redirect Chain

http://domainassetmanager.de/
https://domainassetmanager.de/

493 B
602 B

116ms
57ms

Document
text/html

78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://domainassetmanager.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 Alheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: df008372c6dd12c7441c0e85df400597d70fd25d41448ee7dd277acce2bc1cab

Request headers

:method: GET
:authority: domainassetmanager.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 20:03:23 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=0, no-cache, s-maxage=10
pragma: no-cache
vary: Accept-Encoding
set-cookie: XID=e299b6bf4477705c128ddc587b12a77d; path=/
x-mod-pagespeed: 1.13.35.2-0
content-encoding: gzip
content-length: 338
content-type: text/html;charset=utf-8

Redirect headers

Date: Mon, 17 May 2021 20:03:23 GMT
Server: Apache
Location: https://domainassetmanager.de/
Content-Length: 309
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 splitter.php Show response
harzfriends.de/myred/ 474 B
448 B 113ms
35ms Document
text/html 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://harzfriends.de/myred/splitter.php
Requested by: Host: domainassetmanager.de
URL: https://domainassetmanager.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 Alheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: 0223274929bf45cc9941fd40daa1d7200ad8ee1c93128d9ca282c4fd4957854a

Request headers

:method: GET
:authority: harzfriends.de
:scheme: https
:path: /myred/splitter.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://domainassetmanager.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://domainassetmanager.de/

Response headers

date: Mon, 17 May 2021 20:03:23 GMT
server: Apache
referrer-policy: no-referrer
cache-control: max-age=0
expires: Mon, 17 May 2021 20:03:23 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 296
content-type: text/html; charset=utf-8

GET
H2 200 / Show response
xiku.de/ 496 B
552 B 204ms
41ms Document
text/html 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://xiku.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 Alheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: 5c2218aebdc35bd7e44cc5ab40880cfd165b7e71ebeb4ea1bd7e5a00bc8f79e2

Request headers

:method: GET
:authority: xiku.de
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 20:03:23 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding
set-cookie: XID=6f46cd6e84671008e69d448061746b0d; path=/
content-type: text/html; charset=UTF-8

GET
H2 200 114.php Show response
www.harzfriends.de/myred/ 928 B
589 B 64ms
57ms Document
text/html 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.harzfriends.de/myred/114.php?f=x
Requested by: Host: xiku.de
URL: https://xiku.de/
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 Alheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: a5a90f0cbf55bdab526189c7c0add61c28c69bf75f95015c3c60ff04db632a9c

Request headers

:method: GET
:authority: www.harzfriends.de
:scheme: https
:path: /myred/114.php?f=x
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://xiku.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://xiku.de/

Response headers

date: Mon, 17 May 2021 20:03:23 GMT
server: Apache
cache-control: max-age=0
expires: Mon, 17 May 2021 20:03:23 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 557
content-type: text/html; charset=utf-8

GET
H2 200 rtb.min.js Show response
trafficclub-nde.netdna-ssl.com/ 7 KB
3 KB 61ms
19ms Script
application/javascript 108.161.188.132
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js
Requested by: Host: www.harzfriends.de
URL: https://www.harzfriends.de/myred/114.php?f=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.132 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 6249d2dcfb60c3c54da30e6a64dec8ae78f54483af7549354a8c7679796dd89c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 20:03:24 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 08:36:01 GMT
server: NetDNA-cache/2.2
etag: W/"1b66-5adaf97c97e40"
x-cache: HIT
content-type: application/javascript

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: trafficclub-nde.netdna-ssl.com
URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 05:07:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226545
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 May 2022 05:07:39 GMT

GET
H2 200 rtb.php
track.traffic.club/ 19 B
251 B 524ms
465ms XHR
text/html 167.233.8.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.traffic.club/rtb.php?hash=bd8727d0059b01d78e9451c27a9625bc&mid=114&f=114&request=rtb&keyword=hransunion.com&domain=hransunion.com

Requested by

Host: trafficclub-nde.netdna-ssl.com
URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.233.8.197 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.197.8.233.167.clients.your-server.de

Software

nginx / PHP/5.3.10-1ubuntu3.25

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 20:03:25 GMT
content-encoding: none
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/5.3.10-1ubuntu3.25
content-type: text/html; charset=utf8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 19
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK /
zixu.de/ 930 B
602 B 1093ms
878ms Document
text/html 176.123.7.125
ALEXHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://zixu.de/
Requested by: Host: www.harzfriends.de
URL: https://www.harzfriends.de/myred/114.php?f=x
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 176.123.7.125 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS: 176-123-7-125.alexhost.md
Software: nginx /
Resource Hash

Request headers

Host: zixu.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Mon, 17 May 2021 20:03:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 369
Connection: keep-alive
Referrer-Policy: no-referrer
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 / Show response
sylverlight.net/ 835 B
451 B 175ms
34ms Document
text/html 78.46.155.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sylverlight.net/?action=redirect&target=aHR0cDovL3d3dy5kdXRjaGJ1bC5jb20=&hash=60f86bb07c9a34de5f67a0400d120352
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 78.46.155.196 Alheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dedi3962.your-server.de
Software: Apache /
Resource Hash: 30f2f891bf3e15b6c7e8f62eb203419a95cb78469107d2683216111589dbbcbd

Request headers

:method: GET
:authority: sylverlight.net
:scheme: https
:path: /?action=redirect&target=aHR0cDovL3d3dy5kdXRjaGJ1bC5jb20=&hash=60f86bb07c9a34de5f67a0400d120352
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 20:03:26 GMT
server: Apache
referrer-policy: no-referrer
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=0, no-cache, s-maxage=10
content-length: 286
content-type: text/html;charset=utf-8

GET
H/1.1 200
OK Cookie set / Show response
www.dutchbul.com/ 1 KB
1 KB 100ms
66ms Document
text/html 159.69.83.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://www.dutchbul.com/

Protocol

HTTP/1.1

Server

159.69.83.207 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.207.83.69.159.clients.your-server.de

Software

openresty /

Resource Hash

1eb95b960602dea0ba1939cda5dfcbcb71805b7865dcbbb3c4d8f0989cf54486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.dutchbul.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: openresty
Date: Mon, 17 May 2021 19:49:24 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ndsp=eyJkb21haW5OYW1lIjoiZHV0Y2hidWwuY29tIiwibWVtYmVyIjoiMTAiLCJ0ZW1wbGF0ZSI6InNwbGl0dGVyIiwidXNlckFnZW50IjoiTW96aWxsYVwvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0XC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWVcLzg5LjAuNDM4OS43MiBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjZDZiMWJkZWU3NDljZWRhYzIyOGYxYjJiODg3MDhjMyIsInRpbWVfaW5pdCI6MTYyMTI4MDk2NH0%3D; expires=Mon, 17-May-2021 21:59:59 GMT; Max-Age=7835; path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip

GET
H/1.1 200
OK banner_ads.js
www.dutchbul.com/ 111 B
469 B 28ms
28ms Script
application/javascript 159.69.83.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.dutchbul.com/banner_ads.js
Requested by: Host: www.dutchbul.com
URL: http://www.dutchbul.com/
Protocol: HTTP/1.1
Server: 159.69.83.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.207.83.69.159.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.dutchbul.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.dutchbul.com/
Cookie: ndsp=eyJkb21haW5OYW1lIjoiZHV0Y2hidWwuY29tIiwibWVtYmVyIjoiMTAiLCJ0ZW1wbGF0ZSI6InNwbGl0dGVyIiwidXNlckFnZW50IjoiTW96aWxsYVwvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0XC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWVcLzg5LjAuNDM4OS43MiBTYWZhcmlcLzUzNy4zNiIsInNlc3Npb24iOiJjZDZiMWJkZWU3NDljZWRhYzIyOGYxYjJiODg3MDhjMyIsInRpbWVfaW5pdCI6MTYyMTI4MDk2NH0%3D
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.dutchbul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: public
Date: Mon, 17 May 2021 19:49:25 GMT
Last-Modified: Thu, 26 Sep 2019 08:13:05 GMT
Server: openresty
ETag: "5d8c7311-6f"
Content-Type: application/javascript
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 111
Expires: Wed, 16 Jun 2021 19:49:25 GMT

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.dutchbul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5794
date: Mon, 17 May 2021 18:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 17 May 2021 20:26:52 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 /
track.vcdc.com/ 737 B
640 B 90ms
29ms Document
text/html 167.233.8.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.vcdc.com/?mid=114&f=114&domain=dutchbul.com

Requested by

Host: www.dutchbul.com
URL: http://www.dutchbul.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.233.8.197 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.197.8.233.167.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.vcdc.com
:scheme: https
:path: /?mid=114&f=114&domain=dutchbul.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://www.dutchbul.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.dutchbul.com/

Response headers

server: nginx
date: Mon, 17 May 2021 20:03:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip

POST
H3-29 200 collect
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&aip=1&a=1991237987&t=event&ni=1&_s=1&dl=http%3A%2F%2Fwww.dutchbul.com%2F&ul=en-us&de=UTF-8&dt=dutchbul.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Blocking%20Ads&ea=No&_u=YEBAAEABAAAAAC~&jid=2017967280&gjid=1347003837&cid=464017739.1621281807&tid=UA-43967021-7&_gid=1558924963.1621281807&_r=1&_slc=1&cd1=splitter&cd2=10&cd3=no&z=15149374

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.dutchbul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 17 May 2021 20:03:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.dutchbul.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=1991237987&t=pageview&_s=2&dl=http%3A%2F%2Fwww.dutchbul.com%2F&ul=en-us&de=UTF-8&dt=dutchbul.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&...
https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=1991237987&t=pageview&_s=2&dl=http%3A%2F%2Fwww.dutchbul.com%2F&ul=en-us&de=UTF-8&dt=dutchbul.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0...

35 B
55 B

6ms
6ms

Image
image/gif

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=1991237987&t=pageview&_s=2&dl=http%3A%2F%2Fwww.dutchbul.com%2F&ul=en-us&de=UTF-8&dt=dutchbul.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=464017739.1621281807&tid=UA-43967021-7&_gid=1558924963.1621281807&cd1=splitter&cd2=10&cd3=no&z=371794980

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.dutchbul.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 May 2021 07:01:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46890
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=1991237987&t=pageview&_s=2&dl=http%3A%2F%2Fwww.dutchbul.com%2F&ul=en-us&de=UTF-8&dt=dutchbul.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=464017739.1621281807&tid=UA-43967021-7&_gid=1558924963.1621281807&cd1=splitter&cd2=10&cd3=no&z=371794980
Non-Authoritative-Reason: HSTS

GET
H2

200

beam.php
track.vcdc.com/
Redirect Chain

https://track.vcdc.com/go.php?mid=114&f=114&domain=dutchbul.com&ref=http://www.dutchbul.com/
https://track.vcdc.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWR1dGNoYnVsLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=eecfb60ac0d5ddbf1b43b54b54ea...

931 B
1 KB

42ms
42ms

Document
text/html

167.233.8.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.vcdc.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWR1dGNoYnVsLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=eecfb60ac0d5ddbf1b43b54b54eab7f1

Requested by

Host: track.vcdc.com
URL: https://track.vcdc.com/?mid=114&f=114&domain=dutchbul.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.233.8.197 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.197.8.233.167.clients.your-server.de

Software

nginx / PHP/5.3.10-1ubuntu3.24

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.vcdc.com
:scheme: https
:path: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWR1dGNoYnVsLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=eecfb60ac0d5ddbf1b43b54b54eab7f1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://track.vcdc.com/?mid=114&f=114&domain=dutchbul.com
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: XID=eq3884g0hrgrfj387qliunfcq4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://track.vcdc.com/?mid=114&f=114&domain=dutchbul.com

Response headers

server: nginx
date: Mon, 17 May 2021 20:03:27 GMT
content-type: text/html
content-length: 931
x-powered-by: PHP/5.3.10-1ubuntu3.24
cache-control: no-cache, must-revalidate
content-encoding: none
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

server: nginx
date: Mon, 17 May 2021 20:03:27 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/5.3.10-1ubuntu3.25
set-cookie: XID=eq3884g0hrgrfj387qliunfcq4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
location: /beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWR1dGNoYnVsLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=eecfb60ac0d5ddbf1b43b54b54eab7f1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 404
No Coverage Primary Request / Show response
fw.dnslink.com/ 1 KB
1 KB 263ms
230ms Document
text/html 209.15.13.134
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: http://fw.dnslink.com/?domainname=dutchbul.com&publicid=1C7BB734-6D04-4DB7-836F-6807B8E4D10A
Requested by: Host: track.vcdc.com
URL: https://track.vcdc.com/beam.php?target=aHR0cDovL2Z3LmRuc2xpbmsuY29tLz9kb21haW5uYW1lPWR1dGNoYnVsLmNvbSZwdWJsaWNpZD0xQzdCQjczNC02RDA0LTREQjctODM2Ri02ODA3QjhFNEQxMEE=&hash=eecfb60ac0d5ddbf1b43b54b54eab7f1
Protocol: HTTP/1.1
Server: 209.15.13.134 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Host: fw.dnslink.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Date: Mon, 17 May 2021 20:03:26 GMT
Connection: close
Content-Length: 1245

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js(Line 1) Message: [object Object]
console-api	log	URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js(Line 1) Message: 1
console-api	log	URL: https://trafficclub-nde.netdna-ssl.com/rtb.min.js(Line 1) Message: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
domainassetmanager.de
fw.dnslink.com
harzfriends.de
sylverlight.net
track.traffic.club
track.vcdc.com
trafficclub-nde.netdna-ssl.com
www.dutchbul.com
www.google-analytics.com
www.harzfriends.de
xiku.de
zixu.de
108.161.188.132
159.69.83.207
167.233.8.197
176.123.7.125
209.15.13.134
2a00:1450:4001:80e::200e
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
78.46.155.196
0223274929bf45cc9941fd40daa1d7200ad8ee1c93128d9ca282c4fd4957854a
1eb95b960602dea0ba1939cda5dfcbcb71805b7865dcbbb3c4d8f0989cf54486
30f2f891bf3e15b6c7e8f62eb203419a95cb78469107d2683216111589dbbcbd
5c2218aebdc35bd7e44cc5ab40880cfd165b7e71ebeb4ea1bd7e5a00bc8f79e2
6249d2dcfb60c3c54da30e6a64dec8ae78f54483af7549354a8c7679796dd89c
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
a5a90f0cbf55bdab526189c7c0add61c28c69bf75f95015c3c60ff04db632a9c
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
df008372c6dd12c7441c0e85df400597d70fd25d41448ee7dd277acce2bc1cab

fw.dnslink.com Open in urlscan Pro 209.15.13.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

82 %HTTPS

33 %IPv6

12 Domains

13 Subdomains

9 IPs

4 Countries

60 kBTransfer

147 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

fw.dnslink.com Open in urlscan Pro
209.15.13.134 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

33 %
IPv6

12
Domains

13
Subdomains

9
IPs

4
Countries

60 kB
Transfer

147 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions