live4x-german.tk Open in urlscan Pro
163.172.197.59 Public Scan

URL:
http://live4x-german.tk/
Submission: On October 02 via api (October 2nd 2018, 8:57:14 pm UTC) from US

Summary HTTP 110 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 17 domains to perform 110 HTTP transactions. The main IP is 163.172.197.59, located in United Kingdom and belongs to AS12876, FR. The main domain is live4x-german.tk.

This is the only time live4x-german.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	163.172.197.59 163.172.197.59	12876 (AS12876) (AS12876)
1	2400:cb00:204... 2400:cb00:2048:1::6814:d03b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	193.232.121.79 193.232.121.79	50214 (QWARTA) (QWARTA)
2	87.240.129.133 87.240.129.133	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
5	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	216.58.214.98 216.58.214.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	212.224.118.36 212.224.118.36	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2	2400:cb00:204... 2400:cb00:2048:1::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	212.129.18.73 212.129.18.73	12876 (AS12876) (AS12876)
5	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 2	87.240.129.71 87.240.129.71	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
8	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
20	148.251.11.72 148.251.11.72	24940 (HETZNER-AS) (HETZNER-AS)
1 2	88.212.201.194 88.212.201.194	39134 (UNITEDNET) (UNITEDNET)
5	193.232.121.29 193.232.121.29	50214 (QWARTA) (QWARTA)
1	2400:cb00:204... 2400:cb00:2048:1::6810:a10d	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	212.224.124.70 212.224.124.70	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	2a00:1450:400... 2a00:1450:4001:812::200d	15169 (GOOGLE) (GOOGLE - Google LLC)
2	193.232.121.218 193.232.121.218	50214 (QWARTA) (QWARTA)
1	95.181.171.232 95.181.171.232	50214 (QWARTA) (QWARTA)
6	144.76.152.140 144.76.152.140	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	34.255.224.65 34.255.224.65	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	199.16.156.201 199.16.156.201	13414 (TWITTER) (TWITTER - Twitter Inc.)
3	54.72.202.113 54.72.202.113	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
110	32

12 163.172.197.59 (United Kingdom) 1 redirects

ASN12876 (AS12876, FR)
PTR: serv56.coopertino.ru

live4x-german.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6814:d03b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

coinhive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.232.121.79 (Moscow, Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.129.133 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv133-129-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.214.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f98.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.224.118.36 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde49-3.fornex.org

ad.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6810:a40d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.129.18.73 (France)

ASN12876 (AS12876, FR)
PTR: 212-129-18-73.rev.poneytelecom.eu

live4x-afrikans.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.129.71 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv71-129-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 148.251.11.72 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dusseldorf.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.194 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host194.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.232.121.29 (Moscow, Russian Federation)

ASN50214 (QWARTA, RU)

cdn-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6810:a10d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.224.124.70 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde48-1.fornex.org

cdn.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.121.218 (Moscow, Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv215.qwarta.ru

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.181.171.232 (Russian Federation)

ASN50214 (QWARTA, RU)
PTR: asrv232.qwarta.ru

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 144.76.152.140 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: essen.aucourant.info

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.255.224.65 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-255-224-65.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.156.201 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.72.202.113 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-202-113.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	acint.net www.acint.net	12 KB
17	google.com apis.google.com adservice.google.com cse.google.com www.google.com accounts.google.com clients1.google.com	307 KB
13	sape.ru cdn-rtb.sape.ru ssp-rtb.sape.ru	155 KB
12	live4x-german.tk 1 redirects live4x-german.tk	79 KB
10	viglink.com cdn.viglink.com api.viglink.com	35 KB
7	googlesyndication.com pagead2.googlesyndication.com	127 KB
6	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	37 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net	171 B
4	vk.com 1 redirects vk.com	6 KB
2	facebook.com staticxx.facebook.com www.facebook.com
2	yadro.ru 1 redirects counter.yadro.ru	965 B
2	live4x-afrikans.tk live4x-afrikans.tk	19 KB
2	admitad.com ad.admitad.com cdn.admitad.com	50 KB
1	googleapis.com www.googleapis.com	85 B
1	facebook.net connect.facebook.net	72 KB
1	google.de adservice.google.de	171 B
1	coinhive.com coinhive.com	67 KB
110	17

	Domain	Requested by
26	www.acint.net	cdn-rtb.sape.ru www.acint.net live4x-german.tk blank
12	live4x-german.tk	1 redirects live4x-german.tk pagead2.googlesyndication.com
10	cdn-rtb.sape.ru	live4x-german.tk
8	www.google.com	cse.google.com www.google.com live4x-german.tk
7	api.viglink.com	cdn.viglink.com live4x-german.tk
7	pagead2.googlesyndication.com	live4x-german.tk pagead2.googlesyndication.com
5	platform.twitter.com	live4x-german.tk platform.twitter.com
5	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
4	apis.google.com	live4x-german.tk apis.google.com
4	vk.com	1 redirects live4x-german.tk pagead2.googlesyndication.com
3	ssp-rtb.sape.ru	cdn-rtb.sape.ru
3	cdn.viglink.com	live4x-german.tk
2	counter.yadro.ru	1 redirects live4x-german.tk
2	live4x-afrikans.tk	live4x-german.tk pagead2.googlesyndication.com
2	cse.google.com	live4x-german.tk www.google.com
1	www.facebook.com	connect.facebook.net
1	syndication.twitter.com	1 redirects
1	clients1.google.com	live4x-german.tk
1	staticxx.facebook.com	connect.facebook.net
1	www.googleapis.com	live4x-german.tk
1	accounts.google.com	apis.google.com
1	cdn.admitad.com	live4x-german.tk
1	connect.facebook.net	live4x-german.tk
1	ad.admitad.com	live4x-german.tk
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	coinhive.com	live4x-german.tk
110	27

This site contains links to these domains. Also see Links.

Domain
ad.admitad.com
www.admitad.com
vk.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
ssl809251.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-08-15` - `2019-02-21`	6 months	crt.sh
live4x-france.tk Let's Encrypt Authority X3	`2018-08-09` - `2018-11-07`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2018-07-13` - `2019-07-14`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.admitad.com COMODO RSA Domain Validation Secure Server CA	`2018-01-18` - `2019-01-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
www.google.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2017-12-02` - `2018-12-05`	a year	crt.sh
accounts.google.com Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-09-18` - `2018-12-11`	3 months	crt.sh

This page contains 26 frames:

Primary Page: http://live4x-german.tk/
Frame ID: 9E86FCF90C290F98A0F65C79E7F9CE3F
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180926/r20180604/zrt_lookup.html
Frame ID: 8C7B8C497484722AF90996F2F7FD2F2C
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js
Frame ID: ED2593D37822C7674D929AA1C53ED2F7
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&annotation=none&width=30&origin=http%3A%2F%2Flive4x-german.tk&url=http%3A%2F%2Flive4x-german.tk%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.2TZiqvVbNE8.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ%2Fm%3D__features__
Frame ID: 1B771485DEDB6374ED49E93384C60C5E
Requests: 1 HTTP requests in this frame

Frame: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Frame ID: 539B9A1D1D2447590ACC83C4D7F85EDB
Requests: 8 HTTP requests in this frame

Frame: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Frame ID: 728F64792A7A254600081ABE3C17C387
Requests: 8 HTTP requests in this frame

Frame: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Frame ID: 82B357D966B1E55E0BCA5C1BD5DDE1AD
Requests: 4 HTTP requests in this frame

Frame: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Frame ID: 12F3DF898D110DEA2C7E257A890CF99C
Requests: 8 HTTP requests in this frame

Frame: http://www.acint.net/mc/?dp=14
Frame ID: 88DB111E7DB316785862E78A7DEF347F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.dfd87ccf5e4cb67cb5cb5553619dfa4a.html?origin=http%3A%2F%2Flive4x-german.tk&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: CBF691DB772925ED057BCC26DEBCB5F5
Requests: 1 HTTP requests in this frame

Frame: http://live4x-afrikans.tk/clicksor.php
Frame ID: BC69E38BB97AFA57F1907C3B5CD2D95A
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Flive4x-german.tk&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.2TZiqvVbNE8.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ%2Fm%3D__features__
Frame ID: B400D2B0D79B75AC25557CA1B644E2EA
Requests: 1 HTTP requests in this frame

Frame: http://www.acint.net/mc/?dp=14
Frame ID: 3AFAB7903D029061D92E3FB388977D3D
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js
Frame ID: 3E6EBBAB8B251B1F709699EBF329D1F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=689426997&adf=726854780&w=1200&fwrn=4&fwrnh=100&lmt=1538513822&loeid=21062081&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=http%3A%2F%2Flive4x-german.tk%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1538513822439&bpp=12&bdt=167&fdt=383&idt=387&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=160x600&correlator=5907556893365&frm=20&pv=1&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=236&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&fsb=1&xpc=Xeuae7AGgp&p=http%3A//live4x-german.tk&dtd=400
Frame ID: 93EF660DD39008D75F2C731BD00D4EB0
Requests: 1 HTTP requests in this frame

Frame: http://www.acint.net/mc/?dp=14
Frame ID: 9A3B1E639555AE58AD3C6620B354BE63
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.dfd87ccf5e4cb67cb5cb5553619dfa4a.en.html
Frame ID: 7875733DB88859956A391CC2E0D4AA5F
Requests: 1 HTTP requests in this frame

Frame: http://www.acint.net/mc/?dp=14
Frame ID: 2C5519E542E49C37A5351D8260D58EB2
Requests: 1 HTTP requests in this frame

Frame: http://www.acint.net/mc/?dp=14
Frame ID: 44522E6478A9002B11B76C5C625DDB0C
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js
Frame ID: 38E5196CCF2C30CF98535548C2FF0FBC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=689426997&adf=2157533745&w=1200&fwrn=4&fwrnh=100&lmt=1538513822&loeid=21062081&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=http%3A%2F%2Flive4x-german.tk%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1538513822476&bpp=25&bdt=204&fdt=425&idt=426&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=160x600%2C1200x90&correlator=5907556893365&frm=20&pv=1&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=217&ady=1153&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=3&fsb=1&xpc=9zsVyGd8sM&p=http%3A//live4x-german.tk&dtd=450
Frame ID: 5A7A68D50E54D5BAB7425811B18704E1
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js
Frame ID: 27860E663CB85716AD33526CC0B93980
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&adk=1812271804&adf=3025194257&lmt=1538513823&loeid=21062081&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=http%3A%2F%2Flive4x-german.tk%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1538513822476&bpp=424&bdt=204&fdt=528&idt=529&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=160x600%2C1200x90%2C1200x90&nras=1&correlator=5907556893365&frm=20&pv=1&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=3&fsb=1&dtd=536
Frame ID: E8DBBD458C6546031E5F1DC8F1B5558B
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/30jx6e8KIxc.js?version=42
Frame ID: F347B8124323A2D1D6407D6078BC10DB
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 6F936C19097161207DEC1E1E039C3234
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/share_button.php?app_id=1703687853256452&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F30jx6e8KIxc.js%3Fversion%3D42%23cb%3Df1593f1da63d33%26domain%3Dlive4x-german.tk%26origin%3Dhttp%253A%252F%252Flive4x-german.tk%252Ff37b0b280cb3b1%26relation%3Dparent.parent&container_width=80&href=http%3A%2F%2Flive4x-german.tk%2F&layout=button&locale=ru_RU&mobile_iframe=true&sdk=joey&size=small
Frame ID: 470F5D3CF5743A588A8AF803251DA9EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:^[^\/]*\/\/[^\/]*viglink\.com\/api\/|vglnk\.js)/i
env /^(?:vglnk(?:$|_)|vl_(?:cB|disable)$)/i

Page Statistics

110
Requests

34 %
HTTPS

47 %
IPv6

17
Domains

27
Subdomains

32
IPs

6
Countries

966 kB
Transfer

4137 kB
Size

11
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://ad.admitad.com/g/z17mp6xtgnbf8c1aab0d88db4c134f

Search URL Search Domain Scan URL

URL: https://www.admitad.com/webmaster/8e36228732/

Search URL Search Domain Scan URL

URL: http://vk.com/share.php?url=http%3A%2F%2Flive4x-german.tk%2F

Search URL Search Domain Scan URL

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://live4x-german.tk/foto/li.jpg HTTP 302
http://live4x-german.tk/index.php

Request Chain 29

http://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Flive4x-german.tk%2F HTTP 302
https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Flive4x-german.tk%2F

Request Chain 30

http://connect.facebook.net/ru_RU/sdk.js HTTP 307
https://connect.facebook.net/ru_RU/sdk.js

Request Chain 37

http://counter.yadro.ru/hit?t26.11;r;s1600*1200*24;uhttp%3A//live4x-german.tk/;0.4147158536843303 HTTP 302
http://counter.yadro.ru/hit?q;t26.11;r;s1600*1200*24;uhttp%3A//live4x-german.tk/;0.4147158536843303

Request Chain 55

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=600&slotname=3429799461&adk=449050052&adf=3936649417&w=160&lmt=1538513822&loeid=21062081&guci=1.2.0.0.2.2.0&format=160x600&url=http%3A%2F%2Flive4x-german.tk%2F&flash=0&wgl=1&adsid=NT&dt=1538513822415&bpp=16&bdt=142&fdt=18&idt=264&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&correlator=5907556893365&frm=20&pv=2&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=40&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=25&ady=681&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=dDNMb5a177&p=http%3A//live4x-german.tk&dtd=295 HTTP 302
http://live4x-afrikans.tk/clicksor.php

Request Chain 95

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

110 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
live4x-german.tk/ 20 KB
7 KB 5501ms
5400ms Document
text/html 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

http://live4x-german.tk/

Protocol

HTTP/1.1

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx / PHP/7.0.30

Resource Hash

8cc607218d103cf3ee9f032a4d0f68b16f1f8146d40da9edd8d18e21112dd3d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: live4x-german.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Tue, 02 Oct 2018 20:57:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.0.30
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

GET
S 200 coinhive.min.js Show response
coinhive.com/lib/ 256 KB
67 KB 12ms
9ms Script
application/javascript 2400:cb00:2048:1::6814:d03b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://coinhive.com/lib/coinhive.min.js
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2400:cb00:2048:1::6814:d03b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d514880ad502302dd4bf0ef8da5d38356385d1c43689f6739f6771ed7a4ef73

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 11 Apr 2018 09:51:50 GMT
server: cloudflare
status: 200
etag: W/"5acddab6-40063"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=28800
cf-ray: 463a143d3a93bee4-FRA
expires: Wed, 03 Oct 2018 04:57:02 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 73 KB
27 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a030e41fd98521ac201760d8a6b40472ee980ad299a522e4e89c7287ff540f16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4450160169987594039
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 27508
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Oct 2018 20:57:02 GMT

GET
H/1.1 200
OK style.css
live4x-german.tk/ 11 KB
2 KB 31ms
29ms Stylesheet
text/css 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

http://live4x-german.tk/style.css

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

HTTP/1.1

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx /

Resource Hash

bd452fb7c214bb48c9be2271fe6488ad93afd8de392c41916ea5b210fa8bd875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://live4x-german.tk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Jan 2018 20:15:00 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Nov 2018 20:57:01 GMT

GET
H/1.1 200
OK style.css
live4x-german.tk/ 11 KB
2 KB 137ms
45ms Stylesheet
text/css 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to

Full URL

https://live4x-german.tk/style.css

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx /

Resource Hash

bd452fb7c214bb48c9be2271fe6488ad93afd8de392c41916ea5b210fa8bd875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Jan 2018 20:15:00 GMT
Server: nginx
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/css
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Nov 2018 20:57:01 GMT

GET
H/1.1 200
OK vverx.jpg
live4x-german.tk/foto/ 495 B
919 B 60ms
28ms Image
image/jpeg 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://live4x-german.tk/foto/vverx.jpg

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

HTTP/1.1

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx /

Resource Hash

a133c1dfb792fd46cdf3307861d230fc063aa9d034a8f2e17ad418e054118091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://live4x-german.tk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Jan 2018 20:14:54 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 495
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 Dec 2018 20:57:01 GMT

GET
H/1.1 200
OK SHAPKA.jpg
live4x-german.tk/foto/struct/ 29 KB
29 KB 75ms
51ms Image
image/jpeg 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://live4x-german.tk/foto/struct/SHAPKA.jpg

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

HTTP/1.1

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx /

Resource Hash

c872a9c2a35748b059f52f001e90086a6d9a81dcfcead3ae619222cf5c0cac37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://live4x-german.tk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Jan 2018 20:14:53 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 29383
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 Dec 2018 20:57:01 GMT

GET
H/1.1 200
OK 55895.js Show response
cdn-rtb.sape.ru/rtb-b/js/895/2/ 106 KB
27 KB 108ms
48ms Script
application/x-javascript 193.232.121.79
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-rtb.sape.ru/rtb-b/js/895/2/55895.js
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 193.232.121.79 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: bcfdae0988e7e8fa24075290e6a0b7f569e27aec7f2132f93252c86b7c3606b3

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Sep 2018 14:28:18 GMT
Server: nginx
ETag: W/"5bace902-1a6cb"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 02 Oct 2018 21:57:02 GMT

GET
H/1.1 200
OK 1042634853.js Show response
cdn-rtb.sape.ru/rtb-b/js/u/853/ 69 KB
17 KB 115ms
51ms Script
application/x-javascript 193.232.121.79
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-rtb.sape.ru/rtb-b/js/u/853/1042634853.js
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 193.232.121.79 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: 21207a80ecaec0cb659056bc54e5f2606ee8219560d48e4092acad6fefb3c552

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Sep 2018 21:00:07 GMT
Server: nginx
ETag: W/"5b997e57-1120d"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 02 Oct 2018 21:57:02 GMT

GET
H/1.1 200
OK back.jpg
live4x-german.tk/foto/ 678 B
1 KB 59ms
35ms Image
image/jpeg 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://live4x-german.tk/foto/back.jpg

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

HTTP/1.1

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx /

Resource Hash

b5e953307382198c72b98b959070f4f278af80b1130681cae12e5a25b901a2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://live4x-german.tk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Jan 2018 20:14:51 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 678
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 Dec 2018 20:57:01 GMT

GET
H/1.1 200
OK next.jpg
live4x-german.tk/foto/ 686 B
1 KB 77ms
53ms Image
image/jpeg 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://live4x-german.tk/foto/next.jpg

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

HTTP/1.1

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx /

Resource Hash

d00ec51cc5dc8f80479d16762fe3bf81851b4387fb55a76a99da4fc49920fc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://live4x-german.tk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Jan 2018 20:14:52 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 686
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 Dec 2018 20:57:01 GMT

GET
S 200 share.js Show response
vk.com/js/api/ 10 KB
4 KB 149ms
49ms Script
application/x-javascript 87.240.129.133
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/share.js?94
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv133-129-240-87.vk.com
Software: nginx /
Resource Hash: 0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
x-frontend: front623304
last-modified: Sat, 02 Jun 2018 00:06:22 GMT
server: nginx
etag: W/"5b11df7e-287f"
content-type: application/x-javascript
status: 200
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
expires: Sat, 06 Oct 2018 20:57:02 GMT

GET
S 200 platform.js Show response
apis.google.com/js/ 43 KB
17 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

80987e6a22838bf198a30ba4cde9892ca6585dca8e76e7e3015f2e0bf5fa5a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-9NHk8szxI2AcT9FAxZ1xP12isMM' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "f7398fbc6369c58b4cd4fb634433af6c"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Tue, 02 Oct 2018 20:57:02 GMT

GET
H/1.1 200
OK top.jpg
live4x-german.tk/foto/ 686 B
1 KB 74ms
51ms Image
image/jpeg 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://live4x-german.tk/foto/top.jpg

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

HTTP/1.1

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx /

Resource Hash

422b4ff75f47377c2a2bd4b23c0b523aa97f63b5cda2246e98f01ae863787131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://live4x-german.tk/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Jan 2018 20:14:54 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 686
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 Dec 2018 20:57:01 GMT

GET
BLOB 200
OK 5bccb9b1-fa70-47dc-b1fb-4c834c11d7a8
http://live4x-german.tk/ 240 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://live4x-german.tk/5bccb9b1-fa70-47dc-b1fb-4c834c11d7a8
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d085a1f10225e78e0d5b77cc2e1b05a4a2e8e09c3b8f6ee431844626a889f116

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 245793

GET
BLOB 200
OK 5bccb9b1-fa70-47dc-b1fb-4c834c11d7a8
http://live4x-german.tk/ 240 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://live4x-german.tk/5bccb9b1-fa70-47dc-b1fb-4c834c11d7a8
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d085a1f10225e78e0d5b77cc2e1b05a4a2e8e09c3b8f6ee431844626a889f116

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 245793

GET
BLOB 200
OK 5bccb9b1-fa70-47dc-b1fb-4c834c11d7a8
http://live4x-german.tk/ 240 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://live4x-german.tk/5bccb9b1-fa70-47dc-b1fb-4c834c11d7a8
Requested by: Host: coinhive.com
URL: https://coinhive.com/lib/coinhive.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d085a1f10225e78e0d5b77cc2e1b05a4a2e8e09c3b8f6ee431844626a889f116

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length: 245793

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=live4x-german.tk

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=live4x-german.tk

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:811::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 cse.js Show response
cse.google.com/ 5 KB
2 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=003793951171196536530:i_i4j7qpmvc

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

84953cd6279bb69f9f2db4a22792d4c1fa711fb8fedd8492054839f132bae78a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1698
x-xss-protection: 1; mode=block
expires: Tue, 02 Oct 2018 20:57:02 GMT

GET
H/1.1 200
OK fon3.jpg
live4x-german.tk/foto/ 12 KB
13 KB 62ms
61ms Image
image/jpeg 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live4x-german.tk/foto/fon3.jpg

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx /

Resource Hash

2f292ca25299ca1366b66d6af235b43ce94c68dbf422097b87009857644cce96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://live4x-german.tk/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Jan 2018 20:14:51 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 12612
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 Dec 2018 20:57:01 GMT

GET
H/1.1

200
OK

index.php
live4x-german.tk/
Redirect Chain

https://live4x-german.tk/foto/li.jpg
http://live4x-german.tk/index.php

20 KB
20 KB

77ms
77ms

Image
text/html

163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://live4x-german.tk/index.php

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

HTTP/1.1

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx / PHP/7.0.30

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Powered-By: PHP/7.0.30
Vary: Accept-Encoding
X-Nginx-Cache-Status: MISS
Transfer-Encoding: chunked
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block

Redirect headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Nginx-Cache-Status: MISS
Location: http://live4x-german.tk/index.php
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 217
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 Dec 2018 20:57:01 GMT

GET
H/1.1 200
OK vverx.jpg
live4x-german.tk/foto/ 495 B
919 B 144ms
81ms Image
image/jpeg 163.172.197.59
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://live4x-german.tk/foto/vverx.jpg

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.172.197.59 , United Kingdom, ASN12876 (AS12876, FR),

Reverse DNS

serv56.coopertino.ru

Software

nginx /

Resource Hash

a133c1dfb792fd46cdf3307861d230fc063aa9d034a8f2e17ad418e054118091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://live4x-german.tk/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:01 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 09 Jan 2018 20:14:54 GMT
Server: nginx
X-Nginx-Cache-Status: MISS
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 495
X-XSS-Protection: 1; mode=block
Expires: Sat, 01 Dec 2018 20:57:01 GMT

GET
S 200 ca-pub-7619566160263618.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
236 B 39ms
38ms Script
text/javascript 216.58.214.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-7619566160263618.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.214.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s05-in-f98.1e100.net

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Oct 2018 04:31:28 GMT
server: sffe
age: 0
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Wed, 03 Oct 2018 08:57:02 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180926/r20180604/ Frame 8C7B 0
0 7ms
6ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20180926/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20180926/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://live4x-german.tk/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 26 Sep 2018 13:59:21 GMT
expires: Wed, 10 Oct 2018 13:59:21 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 543461
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/ Frame ED25 196 KB
73 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ebd392a539676dbe820041444b955a8c23d6afd7df1ecb830437b602289b4e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1405537544995975097
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 74276
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Oct 2018 20:57:02 GMT

GET
S 200 / Show response
ad.admitad.com/shuffle/1828c3bc53/ 7 KB
7 KB 81ms
33ms Script
text/javascript 212.224.118.36
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.admitad.com/shuffle/1828c3bc53/?inject_to=admitad_shuffle26351476
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.224.118.36 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde49-3.fornex.org
Software: nginx /
Resource Hash: 6564aa8a4d5b088a685ac63afad05cd673502a6212374052035c80e36584d675

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 02 Oct 2018 20:57:02 GMT
server: nginx
content-type: text/javascript
content-length: 6776
p3p: CP="NON DSP COR CURa TIA"

GET
H/1.1 200
OK vglnk.js Show response
cdn.viglink.com/api/ 79 KB
28 KB 23ms
14ms Script
text/javascript 2400:cb00:2048:1::6810:a40d
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.viglink.com/api/vglnk.js
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bf6a92a50156df8d8018b0916a7c98b22e9d2201e42c32dcf9d6d7187df8ab0

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: 5F68A38625E0BA60
Connection: keep-alive
Content-Length: 27815
x-amz-id-2: P8GOAu1/++mcnAmQZdnIwBr8sZPSUQsrAkWIb1YBLD1hIasTbeqygCR8IcM1tuQRRZUq/Kj5OAY=
Last-Modified: Tue, 18 Sep 2018 20:37:04 GMT
Server: cloudflare
ETag: "15468e63d7aba3f957c1cb44354bddfa"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=1800
Accept-Ranges: bytes
CF-RAY: 463a143e435996be-FRA
Expires: Tue, 02 Oct 2018 21:27:02 GMT

GET
H/1.1 200
OK zolotko.JPG
live4x-afrikans.tk/foto/for_site/ 19 KB
19 KB 147ms
42ms Image
image/jpeg 212.129.18.73
AS12876

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://live4x-afrikans.tk/foto/for_site/zolotko.JPG
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 212.129.18.73 , France, ASN12876 (AS12876, FR),
Reverse DNS: 212-129-18-73.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 1f6bd4bab5ba0fccdcbec1e12f6f053eea6c9230b64cc70ba06fe2b54d26dc99

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: public
Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Sat, 28 Oct 2017 21:37:39 GMT
Server: nginx
X-Cache-Status: MISS
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=5184000, public
X-Server-Powered-By: Engintron
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19484
Expires: Sat, 01 Dec 2018 20:57:02 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 118 KB
35 KB 6ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DC) /
Resource Hash: d35dc41de2bc5e68be504a7185b438d782775b9f8ba0e6654c3806ee158f5e41

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Oct 2018 20:24:36 GMT
Server: ECS (fcn/40DC)
Etag: "5ad65c6d8e094f641e13fb92bd6cfbcf+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 35358

GET
S

200

share.php Show response
vk.com/
Redirect Chain

http://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Flive4x-german.tk%2F
https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Flive4x-german.tk%2F

21 B
256 B

62ms
61ms

Script
text/html

87.240.129.133
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Flive4x-german.tk%2F

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

srv133-129-240-87.vk.com

Software

nginx / PHP/3.16874

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
x-frontend: front623304
server: nginx
x-powered-by: PHP/3.16874
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
status: 200
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 41

Redirect headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
X-Frontend: front504215
Server: Internet Information Services
X-Powered-By: PHP/3.16874
Content-Type: text/html; charset=windows-1251
Location: https://vk.com/share.php?act=count&index=0&url=http%3A%2F%2Flive4x-german.tk%2F
Access-Control-Expose-Headers: X-Frontend
Cache-control: no-store
Connection: keep-alive
Content-Length: 20

GET
S

200

sdk.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/sdk.js
https://connect.facebook.net/ru_RU/sdk.js

238 KB
72 KB

45ms
6ms

Script
application/x-javascript

2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f3bdce387b398cd59046d941e66d6e10124d4d6fe632e1081c653d09f6eedd9f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: lEPdqnuvKjFIUMgJPLgR1A==
status: 200
content-length: 73306
x-xss-protection: 0
x-fb-debug: MkFGX0mZJaUaIoPvzXEvi3Uq8mX0vTEqO6iDo2fqVIXJNGnllbFQ3c7si6dflYXo3pDVMSJsJTbeXr15Jp3M2A==
x-fb-content-md5: e68edbda4e6023dcc80723e7ff87dba3
x-frame-options: DENY
date: Tue, 02 Oct 2018 20:57:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a0ce29bba7d596b0b420c19251b535db"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin: *
expires: Tue, 02 Oct 2018 21:01:31 GMT

Redirect headers

Location: https://connect.facebook.net/ru_RU/sdk.js#xfbml=1&version=v2.8&appId=1703687853256452
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK like_widget.png
vk.com/images/icons/ 538 B
932 B 95ms
45ms Image
image/png 87.240.129.71
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vk.com/images/icons/like_widget.png
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: HTTP/1.1
Server: 87.240.129.71 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS: srv71-129-240-87.vk.com
Software: Internet Information Services /
Resource Hash: 3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
X-Frontend: front504215
Last-Modified: Sat, 02 Jun 2018 00:06:21 GMT
Server: Internet Information Services
ETag: "5b11df7d-21a"
Content-Type: image/png
Access-Control-Expose-Headers: X-Frontend
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 538
Expires: Tue, 09 Oct 2018 20:57:02 GMT

GET
S 200 jsapi Show response
www.google.com/ 26 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:812::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22de%22%7D%5D%7D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=003793951171196536530:i_i4j7qpmvc

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

b50a1da46415e52b6c97677d622db87757ed84363e12bdb5711b0b1d3966eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: private, max-age=3600, must-revalidate
vary: Accept-Encoding
content-length: 6406
x-xss-protection: 1; mode=block
expires: Tue, 02 Oct 2018 20:57:02 GMT

GET
S 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2TZiqvVbNE8.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ/ 131 KB
46 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2TZiqvVbNE8.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

22d1f52781cd6088826c115793877a8088448e5dd12026d4e299a10884200a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 01 Oct 2018 18:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Sep 2018 23:35:52 GMT
server: sffe
age: 95797
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 46708
x-xss-protection: 1; mode=block
expires: Tue, 01 Oct 2019 18:20:25 GMT

GET
S 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2TZiqvVbNE8.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ/ 99 KB
35 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2TZiqvVbNE8.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c87e71762eba3bfd6436314de77dbc6ea5aa164861e5437feca2e98aa2e26a9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 01 Oct 2018 18:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 29 Sep 2018 23:35:52 GMT
server: sffe
age: 95794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35612
x-xss-protection: 1; mode=block
expires: Tue, 01 Oct 2019 18:20:28 GMT

GET
H2 200 fastbutton
apis.google.com/se/0/_/+1/ Frame 1B77 0
0 51ms
49ms Document
text/html 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&annotation=none&width=30&origin=http%3A%2F%2Flive4x-german.tk&url=http%3A%2F%2Flive4x-german.tk%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.2TZiqvVbNE8.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&annotation=none&width=30&origin=http%3A%2F%2Flive4x-german.tk&url=http%3A%2F%2Flive4x-german.tk%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.2TZiqvVbNE8.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://live4x-german.tk/
accept-encoding: gzip, deflate
cookie: NID=140=FX3Oyezt2ilIRkJWyBFzM-Lc1T1KyrXY0UrSKQBFZ4dMR1ZZkLuuGYfVb383I8OMCE8qj0xh7B3UU2WTBkN_k9KUVFdqR9xueCL-AOtkY8iFdK54ImjPrQJ_ARsJlDZ6; 1P_JAR=2018-10-02-20; CONSENT=WP.27205d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge, chrome=1
vary: Accept-Encoding
timing-allow-origin: *
expires: Tue, 02 Oct 2018 20:57:02 GMT
date: Tue, 02 Oct 2018 20:57:02 GMT
cache-control: private, max-age=3600
content-security-policy-report-only: script-src 'report-sample' 'nonce-RGaW3EkA2/Lxr/eUykuWuKPxURw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /se/0/_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK aci.js Show response
www.acint.net/ 17 KB
6 KB 19ms
1ms Script
application/x-javascript 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/895/2/55895.js
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: 394713abe6f6c411ac5896f405b97b3e68e3ac41a3f327d2173a058566de6691

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Dec 2017 12:55:20 GMT
Server: nginx
ETag: "5a2545b8-16b7"
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Content-Length: 5815
Expires: Wed, 03 Oct 2018 08:57:02 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?t26.11;r;s1600*1200*24;uhttp%3A//live4x-german.tk/;0.4147158536843303
http://counter.yadro.ru/hit?q;t26.11;r;s1600*1200*24;uhttp%3A//live4x-german.tk/;0.4147158536843303

120 B
489 B

42ms
42ms

Image
image/gif

88.212.201.194
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/hit?q;t26.11;r;s1600*1200*24;uhttp%3A//live4x-german.tk/;0.4147158536843303
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 88.212.201.194 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host194.rax.ru
Software: 0W/0.8c /
Resource Hash: 92e3a433c7cd57f7f76405917626c5ca0ea600fda464df3f4c8b5a6c6990f6c1

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 20:57:02 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: Close
Content-Type: image/gif
Content-Length: 120
Expires: Sun, 01 Oct 2017 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 20:57:02 GMT
Server: 0W/0.8c
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: http://counter.yadro.ru/hit?q;t26.11;r;s1600*1200*24;uhttp%3A//live4x-german.tk/;0.4147158536843303
Cache-control: no-cache
Content-Type: text/html
Content-Length: 32
Expires: Sun, 01 Oct 2017 21:00:00 GMT

GET
H/1.1 200
OK /
cdn-rtb.sape.ru/rtb-b/track/error/ 43 B
229 B 51ms
50ms Image
image/gif 193.232.121.79
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn-rtb.sape.ru/rtb-b/track/error/?msg=Cannot%20run%20code%20for%20site%2055895%20on%20domain%20live4x-german.tk&url=&line=&col=
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 193.232.121.79 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK 83629.js Show response
cdn-rtb.sape.ru/rtb-b/js/629/2/ Frame 539B 104 KB
27 KB 69ms
69ms Script
application/x-javascript 193.232.121.79
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 193.232.121.79 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5bf079decf1237d0c419ce5d22144bdbb553255c68678e4fce582098dac5007b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Sep 2018 14:48:27 GMT
Server: nginx
ETag: W/"5bacedbb-1a170"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 02 Oct 2018 21:57:02 GMT

GET
H/1.1 200
OK 83629.js Show response
cdn-rtb.sape.ru/rtb-b/js/629/2/ Frame 728F 104 KB
27 KB 93ms
54ms Script
application/x-javascript 193.232.121.79
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 193.232.121.79 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5bf079decf1237d0c419ce5d22144bdbb553255c68678e4fce582098dac5007b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Sep 2018 14:48:27 GMT
Server: nginx
ETag: W/"5bacedbb-1a170"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 02 Oct 2018 21:57:02 GMT

GET
H/1.1 200
OK 83629.js Show response
cdn-rtb.sape.ru/rtb-b/js/629/2/ Frame 82B3 104 KB
27 KB 98ms
43ms Script
application/x-javascript 193.232.121.29
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 193.232.121.29 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5bf079decf1237d0c419ce5d22144bdbb553255c68678e4fce582098dac5007b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Sep 2018 14:48:27 GMT
Server: nginx
ETag: W/"5bacedbb-1a170"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 02 Oct 2018 21:57:02 GMT

GET
H/1.1 200
OK 83629.js Show response
cdn-rtb.sape.ru/rtb-b/js/629/2/ Frame 12F3 104 KB
27 KB 99ms
47ms Script
application/x-javascript 193.232.121.29
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 193.232.121.29 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5bf079decf1237d0c419ce5d22144bdbb553255c68678e4fce582098dac5007b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Sep 2018 14:48:27 GMT
Server: nginx
ETag: W/"5bacedbb-1a170"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=3600
Connection: keep-alive
Expires: Tue, 02 Oct 2018 21:57:02 GMT

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
543 B 14ms
12ms Image
image/gif 2400:cb00:2048:1::6810:a40d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=1&rn=3.0751418972479696
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6810:a40d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
x-amz-request-id: 40B2715987E1B24A
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 463a143f33b396be-FRA
Content-Length: 43
x-amz-id-2: 5hXuMsHv0JB9hPUCxQC8GZcLoA1KT9W+DEgd3gQjL1CnvNte49l+3MZyWbzydZDY6XZQZPE0bKY=

GET
H/1.1 200
OK pixel.gif
cdn.viglink.com/images/ 43 B
543 B 19ms
13ms Image
image/gif 2400:cb00:2048:1::6810:a10d
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.viglink.com/images/pixel.gif?ch=2&rn=3.0751418972479696
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6810:a10d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
CF-Cache-Status: HIT
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Server: cloudflare
x-amz-request-id: 40B2715987E1B24A
ETag: "221d8352905f2c38b3cb2bd191d630b0"
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=15, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 463a143f47c4646f-FRA
Content-Length: 43
x-amz-id-2: 5hXuMsHv0JB9hPUCxQC8GZcLoA1KT9W+DEgd3gQjL1CnvNte49l+3MZyWbzydZDY6XZQZPE0bKY=

GET
S 200 e59879049f07edd14e3bd0ab8c362174.gif
cdn.admitad.com/bs/2017/04/12/ 44 KB
44 KB 59ms
18ms Image
image/gif 212.224.124.70
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.admitad.com/bs/2017/04/12/e59879049f07edd14e3bd0ab8c362174.gif
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.224.124.70 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde48-1.fornex.org
Software: nginx /
Resource Hash: 98e9fe53b3319943c91ae10212e4331cd8ce4735f1ba2abb67bf9ea702ce0b11

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:02 GMT
last-modified: Wed, 12 Apr 2017 13:01:31 GMT
server: nginx
content-type: image/gif
status: 200
cache-control: no-cache
accept-ranges: bytes
content-length: 44615
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
S 200 default+de.css
www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/ 45 KB
10 KB 7ms
5ms Stylesheet
text/css 2a00:1450:4001:812::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/default+de.css

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi?autoload=%7B%22modules%22%3A%5B%7B%22name%22%3A%22search%22%2C%22version%22%3A%221.0%22%2C%22callback%22%3A%22__gcse.scb%22%2C%22style%22%3A%22https%3A%2F%2Fwww.google.com%2Fcse%2Fstatic%2Fstyle%2Flook%2Fv2%2Fdefault.css%22%2C%22language%22%3A%22de%22%7D%5D%7D

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

210ce3869572640906f4b3216d111907c74e554706ec7f3c71eb13049da1c5b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 21 Sep 2018 06:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
age: 1002986
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
status: 200
vary: Accept-Encoding
cache-control: public, max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 10168
x-xss-protection: 1; mode=block
expires: Sat, 21 Sep 2019 06:20:36 GMT

GET
S 200 default.css
www.google.com/cse/static/style/look/v2/ 14 KB
3 KB 47ms
46ms Stylesheet
text/css 2a00:1450:4001:812::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v2/default.css

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

24e52f3d9583171bcaa45172261052d86ab0b98bac201aee1c123bf8d1313b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Apr 2018 13:30:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=0
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 3081
x-xss-protection: 1; mode=block
expires: Tue, 02 Oct 2018 20:57:02 GMT

GET
S 200 default+de.I.js Show response
www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/ 310 KB
90 KB 8ms
7ms Script
application/x-javascript 2a00:1450:4001:812::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/default+de.I.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

ce1a692683df7d67ac352ef98bfdfdf99e47a860509d905a25666e2df352db54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 21 Sep 2018 06:11:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
age: 1003519
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=UTF-8
status: 200
vary: Accept-Encoding
cache-control: public, max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 91965
x-xss-protection: 1; mode=block
expires: Sat, 21 Sep 2019 06:11:43 GMT

GET
H/1.1 200
OK Cookie set /
www.acint.net/mc/ Frame 88DB 0
0 2ms
1ms Document
text/html 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash

Request headers

Host: www.acint.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://live4x-german.tk/
Accept-Encoding: gzip, deflate
Cookie: aid=lPsLSFuz2550jnRjMdJFAhDF1WO04rqu3e8KQnSZnfrshCHX
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

Server: nginx
Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cSyncDp7v2=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp14=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp17=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp23=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp24=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp32=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp35=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp37=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp45=1538513822; expires=Sat, 06-Oct-18 14:57:02 GMT; path=/; domain=.acint.net cSyncDp54v2=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp62=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp67v2=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp68=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp71=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp74=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp75=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp77=1538513822; expires=Sat, 20-Oct-18 08:57:02 GMT; path=/; domain=.acint.net cSyncDp79=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp84=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp88=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp92=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp96=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp98=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp101=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net cSyncDp104=1538513822; expires=Thu, 01-Nov-18 20:57:02 GMT; path=/; domain=.acint.net
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Content-Encoding: gzip

GET
H/1.1 200
OK /
www.acint.net/hit/ 43 B
471 B 1ms
0ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/hit/?v=0.1.1&uid=1c8dd470-ab7f-4b80-8da1-b7ac74120e98&dp=14&tz=%2B00%3A00&nc=35783063&u=http%3A%2F%2Flive4x-german.tk%2F&r=&rs=1600x1200&t=Doktor%20hilft&oE=1&oP=1&dT=2018-10-02T20%3A57%3A02.619
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
DATA 200
OK truncated
/ 299 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d053cfb57619c8815b467e8fb5a96585124835dfbaef7f425ff1d0cc07754d05

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18a9e1031cc3a50338fed6cefd5d131a86637c10c2558baf00e37b6eba8d97d8

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK widget_iframe.dfd87ccf5e4cb67cb5cb5553619dfa4a.html
platform.twitter.com/widgets/ Frame CBF6 0
0 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.dfd87ccf5e4cb67cb5cb5553619dfa4a.html?origin=http%3A%2F%2Flive4x-german.tk&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E2) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://live4x-german.tk/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 02 Oct 2018 20:57:02 GMT
Etag: "e3ed684480c273645854c25215f7a43c+gzip"
Last-Modified: Tue, 02 Oct 2018 20:23:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40E2)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5879

GET
H/1.1 200
OK button.3ebb4253c7cb2cc3c9eaac42044fc82c.js Show response
platform.twitter.com/js/ 4 KB
2 KB 9ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.3ebb4253c7cb2cc3c9eaac42044fc82c.js
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40AD) /
Resource Hash: 88b74fc1273d791411862278b6a6e282a7086f0e7a6a9a450edc6a2c1c26d6ee

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Oct 2018 20:23:24 GMT
Server: ECS (fcn/40AD)
Etag: "319271f510c69e13eb1ef42e5aa76c1d+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 1395

GET
H/1.1

200
OK

clicksor.php
live4x-afrikans.tk/ Frame BC69
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=600&slotname=3429799461&adk=449050052&adf=3936649417&w=160&lmt=1538513822&loeid=21062081&guci=1.2.0.0.2.2...
http://live4x-afrikans.tk/clicksor.php

0
0

532ms
531ms

Document
text/html

212.129.18.73
AS12876

General

Check archive.org

Show headers Download Go to

Full URL: http://live4x-afrikans.tk/clicksor.php
Requested by: Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js
Protocol: HTTP/1.1
Server: 212.129.18.73 , France, ASN12876 (AS12876, FR),
Reverse DNS: 212-129-18-73.rev.poneytelecom.eu
Software: nginx / PHP/7.1.21
Resource Hash

Request headers

Host: live4x-afrikans.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://live4x-german.tk/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

Server: nginx
Date: Tue, 02 Oct 2018 20:57:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding,User-Agent
X-Powered-By: PHP/7.1.21
X-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
location: http://live4x-afrikans.tk/clicksor.php
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 02 Oct 2018 20:57:02 GMT
server: cafe
cache-control: private
content-length: 82
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Oct-2018 21:12:02 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/ 72 KB
26 KB 6ms
5ms Script
text/javascript 216.58.214.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.214.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s05-in-f98.1e100.net

Software

cafe /

Resource Hash

0dadc447d7f793e740259bf90ddb93a668281aa30ece8dca336116addc34ddf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 26 Sep 2018 14:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26707
x-xss-protection: 1; mode=block
server: cafe
etag: 4869988788165801929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Oct 2018 14:13:24 GMT

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame B400 0
0 19ms
18ms Document
text/html 2a00:1450:4001:812::200d
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Flive4x-german.tk&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.2TZiqvVbNE8.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.2TZiqvVbNE8.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ/cb=gapi.loaded_1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:812::200d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yzr0lkK8A9/CUC7E18tIfGnupjc' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Flive4x-german.tk&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.2TZiqvVbNE8.O%2Fam%3DwQ%2Frt%3Dj%2Fd%3D1%2Frs%3DAGLTcCPmDeWCR9u306tQriDE2nmU3M8IbQ%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://live4x-german.tk/
accept-encoding: gzip, deflate
cookie: NID=140=FX3Oyezt2ilIRkJWyBFzM-Lc1T1KyrXY0UrSKQBFZ4dMR1ZZkLuuGYfVb383I8OMCE8qj0xh7B3UU2WTBkN_k9KUVFdqR9xueCL-AOtkY8iFdK54ImjPrQJ_ARsJlDZ6; 1P_JAR=2018-10-02-20; CONSENT=WP.27205d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 02 Oct 2018 20:57:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-Yzr0lkK8A9/CUC7E18tIfGnupjc' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'none';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 1; mode=block
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

GET
H/1.1 200
OK aci.js Show response
www.acint.net/ Frame 539B 17 KB
0 19ms
1ms Script
application/x-javascript 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: 394713abe6f6c411ac5896f405b97b3e68e3ac41a3f327d2173a058566de6691

Request headers

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Dec 2017 12:55:20 GMT
Server: nginx
ETag: "5a2545b8-16b7"
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Content-Length: 5815
Expires: Wed, 03 Oct 2018 08:57:02 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ Frame 539B 442 B
840 B 222ms
142ms Script
text/javascript 193.232.121.218
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: http://ssp-rtb.sape.ru/data/?callback=sapeRTBreadResponse&srtbid=83629&scids=43834566&sx=160&sy=600&ref=http%3A%2F%2Flive4x-german.tk%2F&u=http%3A%2F%2Flive4x-german.tk%2F&allimps=1&fl=1&tz=%2B00%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Protocol: HTTP/1.1
Server: 193.232.121.218 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv215.qwarta.ru
Software: nginx /
Resource Hash: 8c490c1556e80be1ab70211909e3688ac65fa36ae25cb8da131c867e72a8c74f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Server: nginx
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 442
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK 1
www.acint.net/pxl/ Frame 539B 43 B
341 B 6ms
0ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/pxl/1?dp=16&id=83629.390615.43834566&sid=s4a1xnve-tyc9-9nhx-fej6-kgko67u3s2ei&r=11fu44gmzdh0
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK aci.js Show response
www.acint.net/ Frame 728F 17 KB
0 19ms
1ms Script
application/x-javascript 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: 394713abe6f6c411ac5896f405b97b3e68e3ac41a3f327d2173a058566de6691

Request headers

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Dec 2017 12:55:20 GMT
Server: nginx
ETag: "5a2545b8-16b7"
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Content-Length: 5815
Expires: Wed, 03 Oct 2018 08:57:02 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ Frame 728F 442 B
840 B 155ms
95ms Script
text/javascript 193.232.121.218
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: http://ssp-rtb.sape.ru/data/?callback=sapeRTBreadResponse&srtbid=83629&scids=43834568&sx=300&sy=250&ref=http%3A%2F%2Flive4x-german.tk%2F&u=http%3A%2F%2Flive4x-german.tk%2F&allimps=1&fl=1&tz=%2B00%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Protocol: HTTP/1.1
Server: 193.232.121.218 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv215.qwarta.ru
Software: nginx /
Resource Hash: 8d708e47334b69140daf8495fab9f8549fb7c9820f0c500531cc2116322f18ed

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Server: nginx
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 442
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK 1
www.acint.net/pxl/ Frame 728F 43 B
341 B 3ms
0ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/pxl/1?dp=16&id=83629.390617.43834568&sid=ryzvful3-9wum-pfju-7v9k-q5g317ppdyoz&r=2wm3qihcr8g8
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK aci.js Show response
www.acint.net/ Frame 82B3 17 KB
0 19ms
1ms Script
application/x-javascript 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: 394713abe6f6c411ac5896f405b97b3e68e3ac41a3f327d2173a058566de6691

Request headers

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Dec 2017 12:55:20 GMT
Server: nginx
ETag: "5a2545b8-16b7"
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Content-Length: 5815
Expires: Wed, 03 Oct 2018 08:57:02 GMT

GET
H/1.1 200
OK aci.js Show response
www.acint.net/ Frame 12F3 17 KB
0 19ms
1ms Script
application/x-javascript 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/aci.js
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: 394713abe6f6c411ac5896f405b97b3e68e3ac41a3f327d2173a058566de6691

Request headers

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Dec 2017 12:55:20 GMT
Server: nginx
ETag: "5a2545b8-16b7"
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Content-Length: 5815
Expires: Wed, 03 Oct 2018 08:57:02 GMT

GET
H/1.1 200
OK / Show response
ssp-rtb.sape.ru/data/ Frame 12F3 442 B
840 B 140ms
80ms Script
text/javascript 95.181.171.232
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: http://ssp-rtb.sape.ru/data/?callback=sapeRTBreadResponse&srtbid=83629&scids=43834567&sx=240&sy=400&ref=http%3A%2F%2Flive4x-german.tk%2F&u=http%3A%2F%2Flive4x-german.tk%2F&allimps=1&fl=1&tz=%2B00%3A00
Requested by: Host: cdn-rtb.sape.ru
URL: http://cdn-rtb.sape.ru/rtb-b/js/629/2/83629.js
Protocol: HTTP/1.1
Server: 95.181.171.232 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv232.qwarta.ru
Software: nginx /
Resource Hash: fbffff087f562195ac1be4e4d278b0b22cbe3721ff527a9794bb565ada2bf8cb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Server: nginx
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 442
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK 1
www.acint.net/pxl/ Frame 12F3 43 B
341 B 2ms
1ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/pxl/1?dp=16&id=83629.390616.43834567&sid=rhtwm4n7-iuiy-d6bd-ulx9-afu0npy1vjxu&r=dgne9wz58pr3
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK /
www.acint.net/mc/ Frame 3AFA 0
0 4ms
1ms Document
text/html 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash

Request headers

Host: www.acint.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: aid=lPsLSFuz2550jnRjMdJFAhDF1WO04rqu3e8KQnSZnfrshCHX; cSyncDp7v2=1538513822; cSyncDp14=1538513822; cSyncDp17=1538513822; cSyncDp23=1538513822; cSyncDp24=1538513822; cSyncDp32=1538513822; cSyncDp35=1538513822; cSyncDp37=1538513822; cSyncDp45=1538513822; cSyncDp54v2=1538513822; cSyncDp62=1538513822; cSyncDp67v2=1538513822; cSyncDp68=1538513822; cSyncDp71=1538513822; cSyncDp74=1538513822; cSyncDp75=1538513822; cSyncDp77=1538513822; cSyncDp79=1538513822; cSyncDp84=1538513822; cSyncDp88=1538513822; cSyncDp92=1538513822; cSyncDp96=1538513822; cSyncDp98=1538513822; cSyncDp101=1538513822; cSyncDp104=1538513822
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Content-Encoding: gzip

GET
H/1.1 200
OK /
www.acint.net/hit/ Frame 539B 43 B
341 B 3ms
1ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/hit/?v=0.1.1&uid=5ce7b00e-7e2f-45b3-9ac3-a0d4bdc641d0&dp=14&tz=%2B00%3A00&nc=58005291&u=http%3A%2F%2Flive4x-german.tk%2F&r=&rs=1600x1200&t=&oE=1&oP=1&dT=2018-10-02T20%3A57%3A02.819&if=about%3Ablank
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/ Frame 3E6E 196 KB
0 26ms
25ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ebd392a539676dbe820041444b955a8c23d6afd7df1ecb830437b602289b4e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 1405537544995975097
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 74276
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Oct 2018 20:57:02 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 93EF 0
0 212ms
212ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=689426997&adf=726854780&w=1200&fwrn=4&fwrnh=100&lmt=1538513822&loeid=21062081&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=http%3A%2F%2Flive4x-german.tk%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1538513822439&bpp=12&bdt=167&fdt=383&idt=387&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=160x600&correlator=5907556893365&frm=20&pv=1&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=236&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&fsb=1&xpc=Xeuae7AGgp&p=http%3A//live4x-german.tk&dtd=400

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=689426997&adf=726854780&w=1200&fwrn=4&fwrnh=100&lmt=1538513822&loeid=21062081&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=http%3A%2F%2Flive4x-german.tk%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1538513822439&bpp=12&bdt=167&fdt=383&idt=387&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=160x600&correlator=5907556893365&frm=20&pv=1&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=208&ady=236&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=2&fsb=1&xpc=Xeuae7AGgp&p=http%3A//live4x-german.tk&dtd=400
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://live4x-german.tk/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 02 Oct 2018 20:57:03 GMT
server: cafe
cache-control: private
content-length: 2405
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Oct-2018 21:12:02 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Tue, 02 Oct 2018 20:57:03 GMT

GET
H/1.1 200
OK /
www.acint.net/mc/ Frame 9A3B 0
0 7ms
1ms Document
text/html 144.76.152.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: HTTP/1.1
Server: 144.76.152.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: essen.aucourant.info
Software: nginx /
Resource Hash

Request headers

Host: www.acint.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: aid=lPsLSFuz2550jnRjMdJFAhDF1WO04rqu3e8KQnSZnfrshCHX; cSyncDp7v2=1538513822; cSyncDp14=1538513822; cSyncDp17=1538513822; cSyncDp23=1538513822; cSyncDp24=1538513822; cSyncDp32=1538513822; cSyncDp35=1538513822; cSyncDp37=1538513822; cSyncDp45=1538513822; cSyncDp54v2=1538513822; cSyncDp62=1538513822; cSyncDp67v2=1538513822; cSyncDp68=1538513822; cSyncDp71=1538513822; cSyncDp74=1538513822; cSyncDp75=1538513822; cSyncDp77=1538513822; cSyncDp79=1538513822; cSyncDp84=1538513822; cSyncDp88=1538513822; cSyncDp92=1538513822; cSyncDp96=1538513822; cSyncDp98=1538513822; cSyncDp101=1538513822; cSyncDp104=1538513822
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Content-Encoding: gzip

GET
H/1.1 200
OK /
www.acint.net/hit/ Frame 728F 43 B
341 B 4ms
0ms Image
image/gif 144.76.152.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/hit/?v=0.1.1&uid=a5c78671-5d2f-4d7a-adfb-fd057161a035&dp=14&tz=%2B00%3A00&nc=03461219&u=http%3A%2F%2Flive4x-german.tk%2F&r=&rs=1600x1200&t=&oE=1&oP=1&dT=2018-10-02T20%3A57%3A02.867&if=about%3Ablank
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 144.76.152.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: essen.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK tweet_button.dfd87ccf5e4cb67cb5cb5553619dfa4a.en.html
platform.twitter.com/widgets/ Frame 7875 0
0 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.dfd87ccf5e4cb67cb5cb5553619dfa4a.en.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A7) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://live4x-german.tk/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 02 Oct 2018 20:57:02 GMT
Etag: "20b143e60ed2edb1feaaf02c9ee927ca+gzip"
Last-Modified: Tue, 02 Oct 2018 20:23:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41A7)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12562

GET
H/1.1 200
OK /
www.acint.net/mc/ Frame 2C55 0
0 3ms
1ms Document
text/html 144.76.152.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: HTTP/1.1
Server: 144.76.152.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: essen.aucourant.info
Software: nginx /
Resource Hash

Request headers

Host: www.acint.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: aid=lPsLSFuz2550jnRjMdJFAhDF1WO04rqu3e8KQnSZnfrshCHX; cSyncDp7v2=1538513822; cSyncDp14=1538513822; cSyncDp17=1538513822; cSyncDp23=1538513822; cSyncDp24=1538513822; cSyncDp32=1538513822; cSyncDp35=1538513822; cSyncDp37=1538513822; cSyncDp45=1538513822; cSyncDp54v2=1538513822; cSyncDp62=1538513822; cSyncDp67v2=1538513822; cSyncDp68=1538513822; cSyncDp71=1538513822; cSyncDp74=1538513822; cSyncDp75=1538513822; cSyncDp77=1538513822; cSyncDp79=1538513822; cSyncDp84=1538513822; cSyncDp88=1538513822; cSyncDp92=1538513822; cSyncDp96=1538513822; cSyncDp98=1538513822; cSyncDp101=1538513822; cSyncDp104=1538513822
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Content-Encoding: gzip

GET
H/1.1 200
OK /
www.acint.net/hit/ Frame 82B3 43 B
341 B 5ms
0ms Image
image/gif 144.76.152.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/hit/?v=0.1.1&uid=5cc29141-ef1f-459a-b2c5-e307c0585c52&dp=14&tz=%2B00%3A00&nc=81585704&u=http%3A%2F%2Flive4x-german.tk%2F&r=&rs=1600x1200&t=&oE=1&oP=1&dT=2018-10-02T20%3A57%3A02.875&if=about%3Ablank
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 144.76.152.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: essen.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK /
www.acint.net/mc/ Frame 4452 0
0 11ms
5ms Document
text/html 144.76.152.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.acint.net/mc/?dp=14
Requested by: Host: www.acint.net
URL: http://www.acint.net/aci.js
Protocol: HTTP/1.1
Server: 144.76.152.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: essen.aucourant.info
Software: nginx /
Resource Hash

Request headers

Host: www.acint.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Cookie: aid=lPsLSFuz2550jnRjMdJFAhDF1WO04rqu3e8KQnSZnfrshCHX; cSyncDp7v2=1538513822; cSyncDp14=1538513822; cSyncDp17=1538513822; cSyncDp23=1538513822; cSyncDp24=1538513822; cSyncDp32=1538513822; cSyncDp35=1538513822; cSyncDp37=1538513822; cSyncDp45=1538513822; cSyncDp54v2=1538513822; cSyncDp62=1538513822; cSyncDp67v2=1538513822; cSyncDp68=1538513822; cSyncDp71=1538513822; cSyncDp74=1538513822; cSyncDp75=1538513822; cSyncDp77=1538513822; cSyncDp79=1538513822; cSyncDp84=1538513822; cSyncDp88=1538513822; cSyncDp92=1538513822; cSyncDp96=1538513822; cSyncDp98=1538513822; cSyncDp101=1538513822; cSyncDp104=1538513822
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Content-Encoding: gzip

GET
H/1.1 200
OK /
www.acint.net/hit/ Frame 12F3 43 B
341 B 5ms
1ms Image
image/gif 144.76.152.140
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/hit/?v=0.1.1&uid=3850c4b7-c8ee-4885-bb89-f627f21fa0fb&dp=14&tz=%2B00%3A00&nc=03070357&u=http%3A%2F%2Flive4x-german.tk%2F&r=&rs=1600x1200&t=&oE=1&oP=1&dT=2018-10-02T20%3A57%3A02.885&if=about%3Ablank
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 144.76.152.140 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: essen.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/ Frame 38E5 196 KB
0 26ms
25ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ebd392a539676dbe820041444b955a8c23d6afd7df1ecb830437b602289b4e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 1405537544995975097
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 74276
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Oct 2018 20:57:02 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5A7A 0
0 203ms
203ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=689426997&adf=2157533745&w=1200&fwrn=4&fwrnh=100&lmt=1538513822&loeid=21062081&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=http%3A%2F%2Flive4x-german.tk%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1538513822476&bpp=25&bdt=204&fdt=425&idt=426&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=160x600%2C1200x90&correlator=5907556893365&frm=20&pv=1&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=217&ady=1153&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=3&fsb=1&xpc=9zsVyGd8sM&p=http%3A//live4x-german.tk&dtd=450

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7619566160263618&output=html&h=90&slotname=5452671033&adk=689426997&adf=2157533745&w=1200&fwrn=4&fwrnh=100&lmt=1538513822&loeid=21062081&rafmt=1&guci=1.2.0.0.2.2.0&format=1200x90&url=http%3A%2F%2Flive4x-german.tk%2F&flash=0&fwr=0&resp_fmts=3&wgl=1&adsid=NT&dt=1538513822476&bpp=25&bdt=204&fdt=425&idt=426&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=160x600%2C1200x90&correlator=5907556893365&frm=20&pv=1&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=217&ady=1153&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&ifi=3&fsb=1&xpc=9zsVyGd8sM&p=http%3A//live4x-german.tk&dtd=450
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://live4x-german.tk/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 02 Oct 2018 20:57:03 GMT
server: cafe
cache-control: private
content-length: 2415
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Oct-2018 21:12:02 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Tue, 02 Oct 2018 20:57:03 GMT

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/ Frame 2786 196 KB
0 26ms
25ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ebd392a539676dbe820041444b955a8c23d6afd7df1ecb830437b602289b4e42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 1405537544995975097
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 74276
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Oct 2018 20:57:02 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E8DB 0
0 55ms
53ms Document
text/html 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7619566160263618&output=html&adk=1812271804&adf=3025194257&lmt=1538513823&loeid=21062081&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=http%3A%2F%2Flive4x-german.tk%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1538513822476&bpp=424&bdt=204&fdt=528&idt=529&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=160x600%2C1200x90%2C1200x90&nras=1&correlator=5907556893365&frm=20&pv=1&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=3&fsb=1&dtd=536

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180926/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7619566160263618&output=html&adk=1812271804&adf=3025194257&lmt=1538513823&loeid=21062081&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=http%3A%2F%2Flive4x-german.tk%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1538513822476&bpp=424&bdt=204&fdt=528&idt=529&shv=r20180926&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=160x600%2C1200x90%2C1200x90&nras=1&correlator=5907556893365&frm=20&pv=1&ga_vid=1958135170.1538513823&ga_sid=1538513823&ga_hid=1013778937&ga_fc=0&iag=0&icsg=561030635648&dssz=41&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C370204052&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&ifi=3&fsb=1&dtd=536
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://live4x-german.tk/
accept-encoding: gzip, deflate
cookie: IDE=AHWqTUkLCcwzqQb1Ph8Ox6Jkivyfnkmnwr3g_QHMh7_DoaSxm6H3XQRM0cusKsXj; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 02 Oct 2018 20:57:03 GMT
server: cafe
cache-control: private
content-length: 64
x-xss-protection: 1; mode=block
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Tue, 02 Oct 2018 20:57:03 GMT

GET
S 204 generate_204
www.googleapis.com/ 0
85 B 50ms
7ms Image
text/plain 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 02 Oct 2018 20:57:03 GMT
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0

GET
H2 200 30jx6e8KIxc.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame F347 0
0 34ms
6ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/30jx6e8KIxc.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/30jx6e8KIxc.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://live4x-german.tk/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

status: 200
expires: Wed, 02 Oct 2019 02:06:29 GMT
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: +Djyd9fBZBXN9SdYAQdM539GkjZKBlputAcIEgzN+HX5wrPQsec5u6or8Go1KCVp0V2mxiZgRpSsq7SuPTBmRQ==
content-length: 13931
date: Tue, 02 Oct 2018 20:57:03 GMT

GET
H/1.1 200
OK async-ads.js Show response
cse.google.com/adsense/search/ 224 KB
73 KB 74ms
39ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/default+de.I.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0207113aa36d1a4dfbcd9479e3fc03c3957b339e97160d56e5b4a0988a0e5e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "11444829305574103379"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Oct 2018 20:57:03 GMT

GET
S 200 clear.png
www.google.com/uds/css/v2/ 1018 B
1 KB 26ms
13ms Image
image/png 2a00:1450:4001:812::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/uds/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/default+de.I.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/cse/static/style/look/v2/default.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:03 GMT
x-content-type-options: nosniff
last-modified: Wed, 05 Sep 2018 20:52:43 GMT
server: GSE
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=0
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1018
x-xss-protection: 1; mode=block
expires: Tue, 02 Oct 2018 20:57:03 GMT

GET
S 200 nav_logo114.png
www.google.com/images/ 22 KB
23 KB 24ms
11ms Image
image/png 2a00:1450:4001:812::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/nav_logo114.png

Requested by

Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/default+de.I.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b280b516f629c540111e06cfbb9767dd4f257e143583ee31868a1503f9836c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/default+de.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 29 Sep 2018 00:51:54 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Dec 2016 12:30:00 GMT
server: sffe
age: 331509
content-type: image/png
status: 200
cache-control: public, max-age=691200
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 23010
x-xss-protection: 1; mode=block
expires: Sun, 07 Oct 2018 00:51:54 GMT

GET
H/1.1 200
OK googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 551 B
883 B 48ms
38ms Image
image/png 2a00:1450:4001:812::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/uds/api/search/1.0/1ca94331d67f5f17586b15e6157d4d31/default+de.I.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Jan 2017 21:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Accept-Ranges: bytes
Content-Length: 551
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Oct 2018 20:57:03 GMT

GET
S 200 googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ 919 B
1015 B 41ms
39ms Image
image/png 2a00:1450:4001:812::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_grey_46x15dp.png

Requested by

Host: live4x-german.tk
URL: http://live4x-german.tk/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:812::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 20:57:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Dec 2016 15:00:00 GMT
server: sffe
content-type: image/png
status: 200
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 919
x-xss-protection: 1; mode=block
expires: Tue, 02 Oct 2018 20:57:03 GMT

GET
H/1.1 204
No Content generate_204
clients1.google.com/ 0
83 B 32ms
6ms Image
text/plain 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clients1.google.com/generate_204
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:03 GMT
Content-Length: 0

GET
H/1.1 200
OK 3
www.acint.net/pxl/ Frame 728F 43 B
471 B 4ms
0ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/pxl/3?dp=16&id=83629.390617.43834568&sid=ryzvful3-9wum-pfju-7v9k-q5g317ppdyoz&r=e3zuo25ayclj
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:03 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK 3
www.acint.net/pxl/ Frame 12F3 43 B
471 B 5ms
1ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/pxl/3?dp=16&id=83629.390616.43834567&sid=rhtwm4n7-iuiy-d6bd-ulx9-afu0npy1vjxu&r=s6c65df2cct6
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:03 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 385 B
1 KB 90ms
39ms XHR
text/javascript 34.255.224.65
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.255.224.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-255-224-65.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 65a7075da0118b52fbdad4d6b41c4523d35f203b0bfdf51d866c7e32c550f3ef

Request headers

Referer: http://live4x-german.tk/
Origin: http://live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 20:57:02 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://live4x-german.tk
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 385
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 3
www.acint.net/pxl/ Frame 539B 43 B
341 B 25ms
1ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/pxl/3?dp=16&id=83629.390615.43834566&sid=s4a1xnve-tyc9-9nhx-fej6-kgko67u3s2ei&r=cl3gig8sl04s
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:03 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame 6F93
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4196) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 02 Oct 2018 20:57:03 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 02 Oct 2018 20:24:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4196)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 02 Oct 2018 20:57:03 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 02 Oct 2018 20:57:03 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_b
strict-transport-security: max-age=631138519
x-connection-hash: 0d836b2107263565bca6f81f8ba7ad9a
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 9
x-transaction: 003cb6d4005812c2
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 28ms
27ms Image
text/plain 34.255.224.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.viglink.com/api/sync.gif?partner_id=lot
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 34.255.224.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-255-224-65.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 20:57:03 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
api.viglink.com/api/ 75 B
522 B 55ms
29ms XHR
text/javascript 34.255.224.65
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/domains
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.255.224.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-255-224-65.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4d35fa9c4cc25ac86ac263725b5dc81071a973acb7b27f93965abb97a5dc9b1d

Request headers

Referer: http://live4x-german.tk/
Origin: http://live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 20:57:02 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://live4x-german.tk
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 75
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK insert Show response
api.viglink.com/api/ 7 KB
2 KB 84ms
54ms XHR
text/javascript 54.72.202.113
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/insert
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 54.72.202.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-202-113.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: d297db618dafbefe4d7dcfcd8ef7feae0f83ec674b1cafb26461e9323ffeef06

Request headers

Referer: http://live4x-german.tk/
Origin: http://live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 20:57:02 GMT
Content-Encoding: gzip
Server: Apache-Coyote/1.1
Vary: Accept-Encoding
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://live4x-german.tk
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 1427
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 43 B
390 B 41ms
29ms Image
image/gif 54.72.202.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.viglink.com/api/sync.gif?partner_id=rkt
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 54.72.202.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-202-113.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 20:57:02 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
api.viglink.com/api/ 0
307 B 28ms
27ms Image
text/plain 54.72.202.113
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.viglink.com/api/sync.gif?partner_id=eyt
Requested by: Host: live4x-german.tk
URL: http://live4x-german.tk/
Protocol: HTTP/1.1
Server: 54.72.202.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-202-113.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 20:57:03 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 400
Bad Request optimize Show response
api.viglink.com/api/ 986 B
1 KB 28ms
28ms XHR
text/html 34.255.224.65
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.viglink.com/api/optimize
Requested by: Host: cdn.viglink.com
URL: http://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Server: 34.255.224.65 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-255-224-65.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af

Request headers

Referer: http://live4x-german.tk/
Origin: http://live4x-german.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 02 Oct 2018 20:57:03 GMT
Server: Apache-Coyote/1.1
Content-Language: en
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: http://live4x-german.tk
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html;charset=utf-8
Content-Length: 986
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 share_button.php
www.facebook.com/v2.8/plugins/ Frame 470F 0
0 92ms
55ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/share_button.php?app_id=1703687853256452&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F30jx6e8KIxc.js%3Fversion%3D42%23cb%3Df1593f1da63d33%26domain%3Dlive4x-german.tk%26origin%3Dhttp%253A%252F%252Flive4x-german.tk%252Ff37b0b280cb3b1%26relation%3Dparent.parent&container_width=80&href=http%3A%2F%2Flive4x-german.tk%2F&layout=button&locale=ru_RU&mobile_iframe=true&sdk=joey&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.8/plugins/share_button.php?app_id=1703687853256452&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F30jx6e8KIxc.js%3Fversion%3D42%23cb%3Df1593f1da63d33%26domain%3Dlive4x-german.tk%26origin%3Dhttp%253A%252F%252Flive4x-german.tk%252Ff37b0b280cb3b1%26relation%3Dparent.parent&container_width=80&href=http%3A%2F%2Flive4x-german.tk%2F&layout=button&locale=ru_RU&mobile_iframe=true&sdk=joey&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://live4x-german.tk/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://live4x-german.tk/

Response headers

status: 200
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v2.8
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
cache-control: private, no-cache, no-store, must-revalidate
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
pragma: no-cache
x-xss-protection: 0
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: rzufZN5YIH0LacMAkoB1l9b2OJcFSddE5mPYd7uJaV3hjIouEk3aL2dfphUXQfrW2d3f6CZg2FXXSZN1Y611JQ==
date: Tue, 02 Oct 2018 20:57:04 GMT

GET
H/1.1 200
OK /
www.acint.net/ping/ 43 B
341 B 2ms
2ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/ping/?v=0.1.1&uid=1c8dd470-ab7f-4b80-8da1-b7ac74120e98&dp=14&tz=%2B00%3A00&nc=05462913&dT=2018-10-02T20%3A57%3A05.621
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://live4x-german.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:05 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK /
www.acint.net/ping/ Frame 539B 43 B
341 B 1ms
0ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/ping/?v=0.1.1&uid=5ce7b00e-7e2f-45b3-9ac3-a0d4bdc641d0&dp=14&tz=%2B00%3A00&nc=91704592&dT=2018-10-02T20%3A57%3A05.821
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:05 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK /
www.acint.net/ping/ Frame 728F 43 B
341 B 1ms
1ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/ping/?v=0.1.1&uid=a5c78671-5d2f-4d7a-adfb-fd057161a035&dp=14&tz=%2B00%3A00&nc=89926338&dT=2018-10-02T20%3A57%3A05.869
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:05 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK /
www.acint.net/ping/ Frame 82B3 43 B
341 B 1ms
0ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/ping/?v=0.1.1&uid=5cc29141-ef1f-459a-b2c5-e307c0585c52&dp=14&tz=%2B00%3A00&nc=19582803&dT=2018-10-02T20%3A57%3A05.880
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:05 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK /
www.acint.net/ping/ Frame 12F3 43 B
341 B 2ms
1ms Image
image/gif 148.251.11.72
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.acint.net/ping/?v=0.1.1&uid=3850c4b7-c8ee-4885-bb89-f627f21fa0fb&dp=14&tz=%2B00%3A00&nc=13395056&dT=2018-10-02T20%3A57%3A05.887
Protocol: HTTP/1.1
Server: 148.251.11.72 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: dusseldorf.aucourant.info
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:05 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H/1.1 200
OK /
cdn-rtb.sape.ru/rtb-b/track/error/ Frame 728F 43 B
229 B 47ms
46ms Image
image/gif 193.232.121.29
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn-rtb.sape.ru/rtb-b/track/error/?msg=Place%20empty%20offset%20for%20ID%3DSRTB_390617&url=&line=&col=
Protocol: HTTP/1.1
Server: 193.232.121.29 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:06 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
cdn-rtb.sape.ru/rtb-b/track/error/ Frame 12F3 43 B
229 B 43ms
42ms Image
image/gif 193.232.121.29
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn-rtb.sape.ru/rtb-b/track/error/?msg=Place%20empty%20offset%20for%20ID%3DSRTB_390616&url=&line=&col=
Protocol: HTTP/1.1
Server: 193.232.121.29 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:06 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
cdn-rtb.sape.ru/rtb-b/track/error/ Frame 539B 43 B
229 B 46ms
46ms Image
image/gif 193.232.121.29
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn-rtb.sape.ru/rtb-b/track/error/?msg=Place%20empty%20offset%20for%20ID%3DSRTB_390615&url=&line=&col=
Protocol: HTTP/1.1
Server: 193.232.121.29 Moscow, Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 02 Oct 2018 20:57:06 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ad.dyntracker.com/	1970-01-19 12:54:32	Name: DTU Value: F3E2C15E6D770F9844A8D2810C84CD81
.blau.de/	1970-01-18 19:31:58	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_zx_1082842_-OXDF2LZ7GE&utm_term=AFF_zx_1082842_-OXDF2LZ7GE&utm_content=BLU_AFF_POV_EXA_35008&zanpid=41073899C55618862S42629808T2482310840092143616
ad.zanox.com/	1970-01-18 20:05:05	Name: zpvc Value: 5C117597S2482310838065907713T0II5C241439S2482310838070102016T0II10377311C0SV1LJMVy4dqmqo55109044y83y85qeyqzcxqoya3495yab190yb3308u35yc1yc33yc7zg4xpmya3psnyabuzyb1gjyb7gxxdmyc36vmycb04yd1y06yd5742g70ye36y1a162y22308g35y30vzdy38pw5nfcy46fq69dqkOXy22Mq54y28q59nnq74cy347lcy3c25y7499802y80374y88glsrjq79y96kufy9e1874416281yb4yb6yb8ybaybcybcybeT2482310840217585665I42629808C0T2482310838065907713
.zanox.com/	1969-12-31 23:59:59	Name: zttpvc Value: 5C67109S2482310839773376512T0II5C241439S2482310838070102016T0II42629808C0T2482310839773376512
.ad4mat.de/	1970-01-18 19:22:37	Name: sess_daten_3 Value: 472%2C1319%2C10489
ad.dyntracker.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ca2ebex3bzlqlnihmjfsfaxl
.doubleclick.net/	1970-01-19 04:43:29	Name: IDE Value: AHWqTUmiKdzfyzz6VVUVPVCy7OZNFFwFHjbnDkqgaYFI_bxym8-BCaXSkWJg4OUC
ad.zanox.com/	1969-12-31 23:59:59	Name: ztvc Value: 5C128529S2482310838065907713T0II5C241439S2482310838070102016T0II42629808C0T2482310838065907713
.zanox.com/	1970-01-18 21:31:29	Name: zptpvc Value: 5C328088S2482310839773376512T0II5C241439S2482310838070102016T0II28813272C0SV1LJMVy4dqmqo55109044y83y85qeyqzcxqoya312847yaf62550ybb185k14yc9ycb1ycfpw2nfcyabfq69dyb3kpyb9wzybfwnnq74cycb3lcyd382yd9y0eydd620w68yeb3y22930y2a185w14y38lpq74y40fm4dvsy4evq79q74qsUDy2aSZy30Eddjsy3c6bsy4404y7c77580y88162y90wbq69hzoy9eakvya69562293059ybcybeyc0yc2yc4yc4yc6T2482310840288906241I42629808C0T2482310839773376512
.o2online.de/	1970-01-18 19:31:58	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&vo_nr=WB.60.1003&type=o2_aPV&pt_kennung=o2_aPV&mediacode=AFF_zx_1082842&utm_term=AFF_zx_1082842&utm_content=O2_AFF_POV_EXA_15008
.acint.net/	1970-01-25 20:05:16	Name: aid Value: lPsLSFuz2590MnRgMbGRAo9eOBmIPERgdv6Qmj85vel4TjyB

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.admitad.com
adservice.google.com
adservice.google.de
api.viglink.com
apis.google.com
cdn-rtb.sape.ru
cdn.admitad.com
cdn.viglink.com
clients1.google.com
coinhive.com
connect.facebook.net
counter.yadro.ru
cse.google.com
googleads.g.doubleclick.net
live4x-afrikans.tk
live4x-german.tk
pagead2.googlesyndication.com
platform.twitter.com
ssp-rtb.sape.ru
staticxx.facebook.com
syndication.twitter.com
vk.com
www.acint.net
www.facebook.com
www.google.com
www.googleapis.com
144.76.152.140
148.251.11.72
163.172.197.59
193.232.121.218
193.232.121.29
193.232.121.79
199.16.156.201
212.129.18.73
212.224.118.36
212.224.124.70
216.58.214.98
2400:cb00:2048:1::6810:a10d
2400:cb00:2048:1::6810:a40d
2400:cb00:2048:1::6814:d03b
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:806::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200d
2a00:1450:4001:812::200e
2a00:1450:4001:817::200e
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.255.224.65
54.72.202.113
87.240.129.133
87.240.129.71
88.212.201.194
95.181.171.232
0207113aa36d1a4dfbcd9479e3fc03c3957b339e97160d56e5b4a0988a0e5e5b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8
0dadc447d7f793e740259bf90ddb93a668281aa30ece8dca336116addc34ddf5
18a9e1031cc3a50338fed6cefd5d131a86637c10c2558baf00e37b6eba8d97d8
1f6bd4bab5ba0fccdcbec1e12f6f053eea6c9230b64cc70ba06fe2b54d26dc99
210ce3869572640906f4b3216d111907c74e554706ec7f3c71eb13049da1c5b7
21207a80ecaec0cb659056bc54e5f2606ee8219560d48e4092acad6fefb3c552
22d1f52781cd6088826c115793877a8088448e5dd12026d4e299a10884200a05
24e52f3d9583171bcaa45172261052d86ab0b98bac201aee1c123bf8d1313b69
2f292ca25299ca1366b66d6af235b43ce94c68dbf422097b87009857644cce96
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
394713abe6f6c411ac5896f405b97b3e68e3ac41a3f327d2173a058566de6691
4192f7a925a86b25b87e422c509071dc6d5222fef92358406b627882ee2c22af
422b4ff75f47377c2a2bd4b23c0b523aa97f63b5cda2246e98f01ae863787131
4d35fa9c4cc25ac86ac263725b5dc81071a973acb7b27f93965abb97a5dc9b1d
5bf079decf1237d0c419ce5d22144bdbb553255c68678e4fce582098dac5007b
5d514880ad502302dd4bf0ef8da5d38356385d1c43689f6739f6771ed7a4ef73
6564aa8a4d5b088a685ac63afad05cd673502a6212374052035c80e36584d675
65a7075da0118b52fbdad4d6b41c4523d35f203b0bfdf51d866c7e32c550f3ef
6bf6a92a50156df8d8018b0916a7c98b22e9d2201e42c32dcf9d6d7187df8ab0
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
80987e6a22838bf198a30ba4cde9892ca6585dca8e76e7e3015f2e0bf5fa5a79
84953cd6279bb69f9f2db4a22792d4c1fa711fb8fedd8492054839f132bae78a
88b74fc1273d791411862278b6a6e282a7086f0e7a6a9a450edc6a2c1c26d6ee
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c490c1556e80be1ab70211909e3688ac65fa36ae25cb8da131c867e72a8c74f
8cc607218d103cf3ee9f032a4d0f68b16f1f8146d40da9edd8d18e21112dd3d5
8d708e47334b69140daf8495fab9f8549fb7c9820f0c500531cc2116322f18ed
92e3a433c7cd57f7f76405917626c5ca0ea600fda464df3f4c8b5a6c6990f6c1
98e9fe53b3319943c91ae10212e4331cd8ce4735f1ba2abb67bf9ea702ce0b11
a030e41fd98521ac201760d8a6b40472ee980ad299a522e4e89c7287ff540f16
a133c1dfb792fd46cdf3307861d230fc063aa9d034a8f2e17ad418e054118091
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
b280b516f629c540111e06cfbb9767dd4f257e143583ee31868a1503f9836c24
b50a1da46415e52b6c97677d622db87757ed84363e12bdb5711b0b1d3966eb13
b5e953307382198c72b98b959070f4f278af80b1130681cae12e5a25b901a2c4
bcfdae0988e7e8fa24075290e6a0b7f569e27aec7f2132f93252c86b7c3606b3
bd452fb7c214bb48c9be2271fe6488ad93afd8de392c41916ea5b210fa8bd875
c872a9c2a35748b059f52f001e90086a6d9a81dcfcead3ae619222cf5c0cac37
c87e71762eba3bfd6436314de77dbc6ea5aa164861e5437feca2e98aa2e26a9d
ce1a692683df7d67ac352ef98bfdfdf99e47a860509d905a25666e2df352db54
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00ec51cc5dc8f80479d16762fe3bf81851b4387fb55a76a99da4fc49920fc0c
d053cfb57619c8815b467e8fb5a96585124835dfbaef7f425ff1d0cc07754d05
d085a1f10225e78e0d5b77cc2e1b05a4a2e8e09c3b8f6ee431844626a889f116
d297db618dafbefe4d7dcfcd8ef7feae0f83ec674b1cafb26461e9323ffeef06
d35dc41de2bc5e68be504a7185b438d782775b9f8ba0e6654c3806ee158f5e41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd392a539676dbe820041444b955a8c23d6afd7df1ecb830437b602289b4e42
f3bdce387b398cd59046d941e66d6e10124d4d6fe632e1081c653d09f6eedd9f
fbffff087f562195ac1be4e4d278b0b22cbe3721ff527a9794bb565ada2bf8cb

live4x-german.tk Open in urlscan Pro 163.172.197.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

110 Requests

34 %HTTPS

47 %IPv6

17 Domains

27 Subdomains

32 IPs

6 Countries

966 kBTransfer

4137 kBSize

11 Cookies

4 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

live4x-german.tk Open in urlscan Pro
163.172.197.59 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

34 %
HTTPS

47 %
IPv6

17
Domains

27
Subdomains

32
IPs

6
Countries

966 kB
Transfer

4137 kB
Size

11
Cookies

110 HTTP transactions
2 data transactions