crypto-fire.website Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

• https://nadajotum.com/js/cs?uuid=56621aa3-6c56-4636-b0a2-1f05a278cf95 HTTP 302
• https://s.uuidksinc.net/match/1165/?remote_uid=56621aa3-6c56-4636-b0a2-1f05a278cf95&cb_url=https%3A%2F%2Fnadajotum.com%2Fjs%2Fcs%3Fuuid%3D56621aa3-6c56-4636-b0a2-1f05a278cf95%26oid%3D%5BUID%5D HTTP 302
• https://nadajotum.com/js/cs?uuid=56621aa3-6c56-4636-b0a2-1f05a278cf95&oid=e28hksSL7dODYZlIEXIw

Request Chain 86

• https://mc.yandex.com/watch/94345894?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D728&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A953424701217%3Ahid%3A779749034%3Az%3A60%3Ai%3A20240315113830%3Aet%3A1710499110%3Ac%3A1%3Arn%3A159329981%3Arqn%3A1%3Au%3A1710499110349905547%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A206%3Awv%3A2%3Ads%3A0%2C0%2C113%2C0%2C0%2C0%2C%2C68%2C0%2C%2C%2C%2C229%3Aco%3A0%3Acpf%3A1%3Ans%3A1710499109636%3Arqnl%3A1%3Ast%3A1710499110%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
• https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D728&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A953424701217%3Ahid%3A779749034%3Az%3A60%3Ai%3A20240315113830%3Aet%3A1710499110%3Ac%3A1%3Arn%3A159329981%3Arqn%3A1%3Au%3A1710499110349905547%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A206%3Awv%3A2%3Ads%3A0%2C0%2C113%2C0%2C0%2C0%2C%2C68%2C0%2C%2C%2C%2C229%3Aco%3A0%3Acpf%3A1%3Ans%3A1710499109636%3Arqnl%3A1%3Ast%3A1710499110%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Request Chain 93

• https://mc.yandex.com/watch/94345894?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D468&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A953424701217%3Ahid%3A405492347%3Az%3A60%3Ai%3A20240315113830%3Aet%3A1710499110%3Ac%3A1%3Arn%3A596357055%3Arqn%3A2%3Au%3A1710499110349905547%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A172%3Awv%3A2%3Ads%3A0%2C36%2C84%2C1%2C0%2C0%2C%2C73%2C0%2C%2C%2C%2C202%3Aco%3A0%3Acpf%3A1%3Ans%3A1710499109640%3Arqnl%3A1%3Ast%3A1710499110%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)ti(1) HTTP 302
• https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D468&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A953424701217%3Ahid%3A405492347%3Az%3A60%3Ai%3A20240315113830%3Aet%3A1710499110%3Ac%3A1%3Arn%3A596357055%3Arqn%3A2%3Au%3A1710499110349905547%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A172%3Awv%3A2%3Ads%3A0%2C36%2C84%2C1%2C0%2C0%2C%2C73%2C0%2C%2C%2C%2C202%3Aco%3A0%3Acpf%3A1%3Ans%3A1710499109640%3Arqnl%3A1%3Ast%3A1710499110%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29

Request Chain 108

• https://fcgi4.gnezdo.ru/cookie_matching/kadam/e28hksSL7dODYZlIEXIw HTTP 302
• https://fcgi4.gnezdo.ru/cookie_matching/kadam/e28hksSL7dODYZlIEXIw/?redirect=1 HTTP 302
• https://d.uuidksinc.net/match/216/?remote_uid=XV9maWX0JSaPao6xPJIBAg==

Request Chain 110

• https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https://d.uuidksinc.net/match/372/?remote_uid=${USER_ID}&cb_url=https://d.uuidksinc.net/match/354/?remote_uid=${USER_ID}& HTTP 302
• https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https://d.uuidksinc.net/match/372/?remote_uid=${USER_ID}&cb_url=https://d.uuidksinc.net/match/354/?remote_uid=${USER_ID}&&crf=1&rts=-3370939670898925283 HTTP 302
• https://d.uuidksinc.net/match/372/?remote_uid=9e3f8c75-04d3-524b-b67c-50f5d38875d2

Request Chain 114

• https://www.acint.net/rmatch?dp=192&r=https://d.uuidksinc.net/match/382/?remote_uid=${USER_ID} HTTP 302
• https://www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=192&tc=1 HTTP 302
• https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F382%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14 HTTP 302
• https://acint.net/rmatch?dp=14&euid=2C03420A2625F46521000864025257C8&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D HTTP 302
• https://d.uuidksinc.net/match/382/?remote_uid=0300007F2625F465E21BEE5302AEEDA9

Request Chain 115

• https://www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=${USER_ID} HTTP 302
• https://www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1 HTTP 302
• https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID%257D&dp=14 HTTP 302
• https://acint.net/rmatch?dp=14&euid=3F03420A2625F46523007A7102F2117D&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D HTTP 302
• https://d.uuidksinc.net/match/383/?remote_uid=0300007F2625F465E21BEE5302AEEDA9

Request Chain 116

• https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https://d.uuidksinc.net/match/444/?remote_uid=${UUID} HTTP 302
• https://d.uuidksinc.net/match/444/?remote_uid=ab5476c7-77b5-43f0-57b9-d802dddab389

Request Chain 117

• https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/e28hksSL7dODYZlIEXIw HTTP 302
• https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/e28hksSL7dODYZlIEXIw/?redirect=1 HTTP 302
• https://d.uuidksinc.net/match/493/?remote_uid=XV9maWX0JSaPao6xPJIBAg==

Request Chain 118

• https://sync.adspend.space/kadam?uid=e28hksSL7dODYZlIEXIw HTTP 302
• https://sync.adspend.space/check?r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3Da94e5d31-fb25-4315-bb10-194cc21e27ea%26i%3D7733759758077844385%26r%3Dhttps%253A%252F%252Fprodmp.ru%252Fadspend-sync.gif%253Fdsp_provider_id%253D2%2526uid%253Da94e5d31-fb25-4315-bb10-194cc21e27ea%2526r%253D HTTP 302
• https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=a94e5d31-fb25-4315-bb10-194cc21e27ea&i=7733759758077844385&r=https%3A%2F%2Fprodmp.ru%2Fadspend-sync.gif%3Fdsp_provider_id%3D2%26uid%3Da94e5d31-fb25-4315-bb10-194cc21e27ea%26r%3D HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&ts=1710499110891&a=224&e=a94e5d31-fb25-4315-bb10-194cc21e27ea&i=7733759758077844385&r=https%3A%2F%2Fprodmp.ru%2Fadspend-sync.gif%3Fdsp_provider_id%3D2%26uid%3Da94e5d31-fb25-4315-bb10-194cc21e27ea%26r%3D HTTP 307
• https://prodmp.ru/adspend-sync.gif?dsp_provider_id=2&uid=a94e5d31-fb25-4315-bb10-194cc21e27ea&r= HTTP 302
• https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=a94e5d31-fb25-4315-bb10-194cc21e27ea&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3Da94e5d31-fb25-4315-bb10-194cc21e27ea%26i%3D1710499111169%26r%3Dhttps%253A%252F%252Fan.yandex.ru%252Fmapuid%252Fdmpmediadesk%252Fa94e5d31-fb25-4315-bb10-194cc21e27ea%253Fsign%253Da25de1c3%2526location%253Dhttps%25253A%25252F%25252F1010--1662370960--a94e5d31-fb25-4315-bb10-194cc21e27ea.stbid.ru%25252F%25253Fr%25253Dhttps%252525253A%252525252F%252525252Ftop-fwz1.mail.ru%252525252Fcounter%252525253Fid%252525253D3138228&version=2.0 HTTP 302
• https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=a94e5d31-fb25-4315-bb10-194cc21e27ea&i=1710499111169&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpmediadesk%2Fa94e5d31-fb25-4315-bb10-194cc21e27ea%3Fsign%3Da25de1c3%26location%3Dhttps%253A%252F%252F1010--1662370960--a94e5d31-fb25-4315-bb10-194cc21e27ea.stbid.ru%252F%253Fr%253Dhttps%2525253A%2525252F%2525252Ftop-fwz1.mail.ru%2525252Fcounter%2525253Fid%2525253D3138228 HTTP 307
• https://an.yandex.ru/mapuid/dmpmediadesk/a94e5d31-fb25-4315-bb10-194cc21e27ea?sign=a25de1c3&location=https%3A%2F%2F1010--1662370960--a94e5d31-fb25-4315-bb10-194cc21e27ea.stbid.ru%2F%3Fr%3Dhttps%25253A%25252F%25252Ftop-fwz1.mail.ru%25252Fcounter%25253Fid%25253D3138228 HTTP 302
• https://1010--1662370960--a94e5d31-fb25-4315-bb10-194cc21e27ea.stbid.ru/?r=https%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228

Request Chain 119

• https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=e28hksSL7dODYZlIEXIw&i=0.5322812706249322 HTTP 307
• https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1710499110842&a=662&e=e28hksSL7dODYZlIEXIw&i=0.5322812706249322

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response crypto-fire.website/	17 KB 6 KB	3302ms 199ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc5a8d33941c4023dab4ab2c71d6300aea672f577457c605fb44d94bb5a986b8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 864bdfc8bdea1c82-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 15 Mar 2024 10:38:29 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txlmOHP1T6luGPMP1ZuxM5hfrsFUKlcdrw8FDFErzUH5rwyZ4M5AP%2B9vJM98yTAVMj0P7gS%2Fbl3qSxhg9SwKx5OxQAWsVSOQfpBmvPj8g1XPQE9oOBmalWAAwPSphoYwIpl%2F%2BLjPJDV2XUlH1YAbzq7g"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	font-awesome.min.css crypto-fire.website/fonts/font-awesome/css/	23 KB 6 KB	25ms 24ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/fonts/font-awesome/css/font-awesome.min.css Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 222d75918bb518d46a4d283da7de243b4409d597a8c6856070a07e96b600e6d7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Fri, 08 Oct 2021 16:00:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 146295 etag W/"61606b32-5cbe" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BkQEjZogamnISSfjW9acIFuRVxSXPmX2I53vAYRs6fQoNU43%2Fp0ymG9gWIgEX8HTwzg9inQCJZtyp%2BIRZxeeLWudvTtNfCVk5oXEa7m9QCRsIhrXFUa9zMX6kcts8FKXY%2BYoS6bDB18JWVdzSq6E3w%2B"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 864bdfc9ef471c82-AMS alt-svc h3=":443"; ma=86400 expires Wed, 20 Mar 2024 18:00:13 GMT
GET H2	200	style.css crypto-fire.website/css/	7 KB 2 KB	22ms 22ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/css/style.css Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8559c828ef9ff57ce9858747f4cee96bbef1b556d1bed76663f91211d69be09c Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Sun, 13 Feb 2022 18:11:31 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 155001 etag W/"620949d3-1d8c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdTkcF3HaB1muKJnTx0erqASOLZ7NhuSi%2BGG88vGEvGFhEugScCCH61BZuYuN1cirnYQi%2Bf9snO0%2FSBMCdI4pJvbLNw5y1dBRBs8HlIrJqueWf%2B6GueCqy9zjFG%2FN%2FYC8%2BLKRbZzpQ%2FHXhDsFCyqwhFE"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 864bdfc9ef491c82-AMS alt-svc h3=":443"; ma=86400 expires Wed, 20 Mar 2024 15:35:08 GMT
GET H2	200	jquery-3.2.1.js Show response code.jquery.com/	262 KB 78 KB	140ms 43ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.2.1.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 15696901 x-cache HIT, HIT content-length 79082 x-served-by cache-lga21928-LGA, cache-mad2200142-MAD last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1710499110.536659,VS0,VE0 etag W/"28feccc0-41707" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 1944, 15428
GET H2	200	noty.css crypto-fire.website/css/	18 KB 3 KB	23ms 23ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/css/noty.css Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7e3e1289103a8df5fe67d381fec0db46a27576a535c6981e19afb3d9de527fc Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Oct 2021 16:59:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 141407 etag W/"6172eddd-495e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXTTsALlW1iOOfMm8qHttGGSpdDfi7sdXh3LRXBzYhrbiT3cIIWDvPZ%2FZ5ADvUYYLM56aWoKikmoXmTrD0%2B8OwLx%2B0QH%2BQ03iLWfxlrhnB5JgnShPt05kWwpjcgp2VoczwPufWsLoRMnVhUeKGCbW7c%2F"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 864bdfc9ef4b1c82-AMS alt-svc h3=":443"; ma=86400 expires Wed, 20 Mar 2024 19:21:42 GMT
GET H2	200	animate.min.css crypto-fire.website/css/	52 KB 4 KB	24ms 24ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/css/animate.min.css Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Oct 2021 17:22:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 141407 etag W/"6172f361-ce35" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2Oiw4WSMLDWc4m6Vd9QOLfTgTvc4wFzzrpVumOX8UBwb9%2FuezQrSlUaPt7L6OH5AvKz5o9ywGQQM5qMqFJZw3pRuAOzdlPrlIADK3dMi%2FMn8D7TxQdNRNyO4ZL30F3Qb90PYI%2Ff%2Bdrsa%2FqxHEnjrveD"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 864bdfc9ef4d1c82-AMS alt-svc h3=":443"; ma=86400 expires Wed, 20 Mar 2024 19:21:42 GMT
GET H2	200	noty.min.js Show response crypto-fire.website/js/	30 KB 10 KB	50ms 49ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/js/noty.min.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab3c4246aa42f5d76d523162099fd39b28a648c50a865c3d71a68ea315df3616 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Oct 2021 17:24:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 150760 etag W/"6172f3c6-7909" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DQswbosZSqH9ZlEEZCpcDEMi4aGCnYbKWXm3UMsjRayZb6BYnLxep%2FBPwB1JKRKO4qwXxAJfbxrhN05q5KnNXxo4PAxIovrqri1nzGn%2F6Lnc%2BRbzMlxizdd7Dd3CqZGZcpzboaQ%2FyA2WqKsmKIe90tgk"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 864bdfc9ff741c82-AMS alt-svc h3=":443"; ma=86400 expires Wed, 20 Mar 2024 16:45:49 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 50 KB	101ms 51ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e7950470ee966bb5bcf7f0adcbd90e3fff015e5ea8c052cb99fe76757e7f0996 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50782 x-xss-protection 0 server cafe etag 13384039540579059795 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Fri, 15 Mar 2024 10:38:29 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	249 KB 87 KB	124ms 75ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-DK2BL5MDMQ Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5d58ac9a980ef5e4c8494fb265f8694ca8715a935aea5835efd82883f6a36c4e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88669 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 15 Mar 2024 10:38:29 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 50 KB	93ms 43ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2242642741687493 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6f764100eaa38cf5f13b7d91246e445fada67e081a3255023ca394160f38a3a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://crypto-fire.website/ Origin https://crypto-fire.website accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50754 x-xss-protection 0 server cafe etag 1491296902441826264 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Fri, 15 Mar 2024 10:38:29 GMT
GET H2	200	script.js Show response appsha-pnd.ctengine.io/js/	15 KB 6 KB	122ms 46ms	Script application/javascript	2a0d:da00:a:401c:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://appsha-pnd.ctengine.io/js/script.js?wkey=ZMEHaHI6UF Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash 6b084e2fea0ade4724c4a2531238684e83a3b06aed5276d35fc6594627f47153 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cross-origin-resource-policy cross-origin x-xss-protection 0 last-modified Fri, 15 Mar 2024 10:38:29 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Fri, 15 Mar 2024 10:53:29 GMT
GET H2	200	160X600.gif games-of-thrones.com/t/	755 KB 756 KB	66ms 23ms	Image image/gif	2606:4700:3034::6815:4843 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://games-of-thrones.com/t/160X600.gif Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4843 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38c8906ad9d4f470ec4849a7ae5d82f6fea6a3bbb265be39111090b47cc13206 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 59889 alt-svc h3=":443"; ma=86400 content-length 772819 last-modified Tue, 07 Nov 2023 12:51:24 GMT server cloudflare etag "654a32cc-bcad3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbOx7g8TYEcZmz7HEUdhecAi9UxnupPPFERCw%2FifCdxW%2FONUPUm3739Kt7%2FNR3ljFgswEH705ZLmCP4QQu1CDDhpA78KfLsr1Pu93lGXq7KCh0TNGUIRPzVyLlRarxTp4SorWqp40%2FRyKYlh8tt82aQNfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=86400 accept-ranges bytes cf-ray 864bdfca2e8d0a54-AMS expires Fri, 15 Mar 2024 18:00:20 GMT
GET H2	200	logo.png crypto-fire.website/img/	62 KB 63 KB	36ms 36ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/logo.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87d1b840ecfcb4410e64b8b12fc64ad943b7ce0ffb8e651764c91e1844b6bab6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 154997 alt-svc h3=":443"; ma=86400 content-length 63919 last-modified Fri, 22 Oct 2021 12:27:30 GMT server cloudflare etag "6172ae32-f9af" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eoRCCJZ9FwIOe5r8ZSSrygfUwptk%2FxeMqhUDbNNdkvngF2gcKBtBsBCUt9MepeQscHV5xmFQ8u19XfyM176sTQ9LPIrloBvn5fFltjDZdSn7XnVjdKNvxRey22yoAiI2Q%2Bzq9sLCSHa8CqUJfAvve9MY"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfc9ff771c82-AMS expires Wed, 20 Mar 2024 15:35:12 GMT
GET H3	200	st1.png crypto-fire.website/img/	4 KB 4 KB	24ms 24ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/st1.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5ec986873120c2a9b681c1c8d94d0ec03cbb49f11a70e6e1835572ed8959392f Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 141404 alt-svc h3=":443"; ma=86400 content-length 3920 last-modified Fri, 22 Oct 2021 12:55:44 GMT server cloudflare etag "6172b4d0-f50" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5aXiP5y%2F7qMQ8WlH%2FS6C4zmjNpzPQn%2BzlkvXZ7P2e3Dtxg9OWT3Ir1FdifuET8fsTJACCv6KHExoLrewiMzPXHKCNWeDby89elycPkVjZ0oZcnaqmAVcnbmJhqk2%2F6zjXGc%2BWHKBhYa0eDK9PsCaxhe"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfca3c086648-AMS expires Wed, 20 Mar 2024 19:21:45 GMT
GET H3	200	st2.png crypto-fire.website/img/	17 KB 18 KB	25ms 25ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/st2.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash add2b51573f21ced2f52bc8c0fdcfabc12b1dc44dfe3af0337d6f21b6ef90b45 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 146295 alt-svc h3=":443"; ma=86400 content-length 17444 last-modified Fri, 22 Oct 2021 12:55:44 GMT server cloudflare etag "6172b4d0-4424" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apm8OcehtEzJwymVG7R4lEaN9Gb8mnWfIdOvTiWk82e1JdV3W0Ob3MuoNgIG6TLtZ2iXVY8bY1%2BC%2FlE8I4X1pIUwqZcHO2TjFTnuRz9RJlQZPu%2FD9FQPxEnwvwRGXzBdJsuaUqy0DLlOJqIL2auwPIaU"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfca6c426648-AMS expires Wed, 20 Mar 2024 18:00:14 GMT
GET H3	200	st3.png crypto-fire.website/img/	14 KB 15 KB	23ms 23ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/st3.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2e4ec5af902fd16d7f68ce095f53bcf489ee83ea9569f9fb3ab905afdb500f7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 146295 alt-svc h3=":443"; ma=86400 content-length 14542 last-modified Fri, 22 Oct 2021 12:55:44 GMT server cloudflare etag "6172b4d0-38ce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7r9VnwsEJ%2Fb9l0XvN1f%2FLpC5mfeTEIawFVXy6Ky8FIY2vsuuVgsHH5g%2FXvyw7%2Fkuf9KgXN2aNx1BN3IwE7AyXTdS5dpHgCRam9efdqZ51bNU%2F5lARa5sn14VjzxtQizmKWXT8ajF4kukcn1zhbPDr1Q"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfcb3d3f6648-AMS expires Wed, 20 Mar 2024 18:00:14 GMT
GET H3	200	btc.png crypto-fire.website/img/	26 KB 26 KB	24ms 24ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/btc.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4cb710135307100f2c6fb1314fbf33d24ed6076fc39c8009ed70b3e561bab38 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 150807 alt-svc h3=":443"; ma=86400 content-length 26278 last-modified Fri, 22 Oct 2021 13:53:20 GMT server cloudflare etag "6172c250-66a6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BuNfThfWlCEXYZroFn91yT570H56OY3%2FHYmjk%2Ber2hPKng7TwLZeBLAZLVJ9SLRv2miSr5PUTun%2BgjqgbFFvJKgj2w1yrcj%2BJlQaZFOIFAwYKCc9fB8aC4YoAgHQmOIMWLo3oKspQ7mF%2Fn7pBguo0lC"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfcb3d406648-AMS expires Wed, 20 Mar 2024 16:45:02 GMT
GET H3	200	eth.png crypto-fire.website/img/	25 KB 25 KB	40ms 39ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/eth.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bcb18dc726fae16367b930f8754fce02b2545e68fb8f956bedff90acc23cc69 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 141404 alt-svc h3=":443"; ma=86400 content-length 25116 last-modified Fri, 22 Oct 2021 13:53:20 GMT server cloudflare etag "6172c250-621c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJ9Vo6rF3rjspctA7TFMBpWjeJ%2BxeJneZpehJTxToicslpPgAtplrTtts3YdLq0A6236wmSYpreCcYzw8ZLV%2BfdXBpUOwPAIOJ6mGNXhz9uJj8jrshnwrE8ckB18Fp3BirnPXGQqAbRfwx1w%2FIcL0YZD"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfcb3d436648-AMS expires Wed, 20 Mar 2024 19:21:45 GMT
GET H3	200	doge.png crypto-fire.website/img/	25 KB 25 KB	52ms 51ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/doge.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4fdf6d2b825d6869430ec46c51bad520f1770f6e57fa1e39a69356bbfeaa4ad4 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 146295 alt-svc h3=":443"; ma=86400 content-length 25495 last-modified Fri, 22 Oct 2021 13:53:20 GMT server cloudflare etag "6172c250-6397" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tGdOAfAqe6hZDplT3vOV%2FQrOnXj1wXHDk0qQVai%2FVHOTXfDD59wOO5DlI4FYEl6Ra0AhJaxLxsS%2FEgqdDIZkkH5S6P%2BIS4TatrPisXmfveuVXhwX2T1hZJ9WoEFbhssNNG1oECt%2BFoQHkteYRlV5RaKE"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfcb3d456648-AMS expires Wed, 20 Mar 2024 18:00:14 GMT
GET H2	200	in-page.js Show response inppmayfinder.info/	104 KB 29 KB	74ms 23ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://inppmayfinder.info/in-page.js?b=12 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aba6235ec561ec947bd8ec91d6ce5527b11f67def2a995f110cda1ba35ce293a Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Thu, 29 Feb 2024 15:05:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2243 etag W/"65e09d3c-1a01d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stfh7MFPBDPUThzlcW73kUsqA0XXlqriNQMHQrTOq6%2BdaEWPUcEn%2Fn7rRVKqVg1NqgNFd1oWYmeu%2FO1MOiScAjkTnvuYDyg7DhwGTb3aYz5J5pJofdl2si30n%2FjVAt%2FFSh47h6GVZO8Li9G%2BIxI8DNY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 864bdfcb0d804c19-AMS alt-svc h3=":443"; ma=86400
GET H2	200	d-video.js Show response video.videotouch88.info/	92 KB 13 KB	67ms 25ms	Script application/javascript	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/d-video.js?b=27 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b50253e2ef3c7a42aaa8544693349332aeba8f9caa05b0cd4652f11b46760000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:20:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3867 etag W/"654d06de-17051" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0MDuCdj7DNkSsXJ2dbPtvNzSpehDvcI1gJm87JPUwaoFCwfz%2FgdBq5glkfDZiDwGJWyNFVvZ0fvpwIN4mkbe08e%2F%2ByG%2FXHcDqrYnme0aXmClmtDNHeI2eU91omknOV4s7UhGLwdK%2BiWnCvKJ7pmh2jGqDsAKsQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 864bdfcb0b0866c8-AMS alt-svc h3=":443"; ma=86400
GET H3	200	cc.js Show response crypto-fire.website/cc/	5 KB 2 KB	21ms 20ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/cc/cc.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 431385275047b31519f18c26490fbe4fc6b4e87dad1b324d64b4305fb538191a Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Sat, 19 Feb 2022 12:09:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 146295 etag W/"6210de03-12e2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OzEVriaXw15DNcDI%2BRVmiqnShjMig8lMVeUdNwl0INz4Mthw2JH4%2BCyhhWPpLNwkl2Yak3yc%2BkuL9OFgBTy%2FKwmRRCWNUQGFYmJ5Lb4ZGtFsqeCsmbezBG1QoQDvPZ18qDv1w4iKUhVhwAmUtdgeZkLL"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 864bdfcb3d3c6648-AMS alt-svc h3=":443"; ma=86400 expires Wed, 20 Mar 2024 18:00:14 GMT
GET H3	200	ccc.js Show response crypto-fire.website/cc/	11 KB 4 KB	36ms 35ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/cc/ccc.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5558c4de200d6a8b6f13674869604ae80a90c9a921f6b6c2a8ce451d5cf07c2a Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Sat, 19 Feb 2022 07:33:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 141404 etag W/"62109d34-2b4a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0NcGSAW45bzjVvxg7DuJ%2BVw2JN0%2FE7LUZERql31nVDWJBrMbRzKCINpfO%2F1ylUmm%2B2umhMtiQpbj2XEBKcVou0GCfUTln2d9oZq%2FSvq%2BkgbK3yuxDMnXUJ5e1pTLdiUoiUYUy%2F37hfKLcWGccP7jub7F"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=604800 cf-ray 864bdfcb3d3d6648-AMS alt-svc h3=":443"; ma=86400 expires Wed, 20 Mar 2024 19:21:45 GMT
GET H3	200	cc.css crypto-fire.website/cc/	4 KB 1 KB	22ms 21ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/cc/cc.css Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb3cbb84fafcd3f03bd8a38443c6436316bf672d1ddca774140828e74cc66856 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Sat, 19 Feb 2022 12:08:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 150759 etag W/"6210ddda-10f7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xa%2BfcQZ1Tbvubv5QMvA4Av%2BwgeJ%2BbdTU5QvTw1iGL5CSZqBH0p8znz2YJ2cPOPw4qxGqSnLckSorWjOhI1RA1%2BxpckKHa0gAnJIls4b5ykBM8BPIJ%2BUQaC1%2B%2BzzVt%2FF6irM%2BTijpQAvK4kGzjA5v7ihR"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=604800 cf-ray 864bdfcb3d3e6648-AMS alt-svc h3=":443"; ma=86400 expires Wed, 20 Mar 2024 16:45:50 GMT
GET H/1.1	200 OK	14809.js Show response nadajotum.com/	42 KB 17 KB	76ms 35ms	Script application/javascript	88.208.46.50 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://nadajotum.com/14809.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.50 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash d76eb12b39f82fe73398c95c1c78e880ce7d9b703355089943839149ec9da2f7 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Pragma no-cache Date Fri, 15 Mar 2024 10:38:29 GMT Content-Encoding gzip Server nginx Accept-CH Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Expires 0
GET H2	200	show.php Show response cryptocoinsad.com/ads/ Frame 7861	2 KB 1 KB	515ms 471ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cryptocoinsad.com/ads/show.php?a=252942&b=398555 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.24-0ubuntu0.18.04.17 Resource Hash e7764909785a5b8f6ea4b9b011c1c4cdbbed12a252461b8bb25e3d764db47cfd Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 864bdfcb8dc60bae-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 15 Mar 2024 10:38:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNTQLORvV9HxsPtoMEj7qdi0Kac71WX4PxjNDpqvwtRDkt7um3QOxoSbbPTigK7%2B%2B6FP1QexTkspca%2FFiNNDaZxcVQRS0pRgxO3em6QFRpfuBl5iS73mh3TfuIQ6CdufkAoIUAs1v%2B1mviXKLBRDMw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.2.24-0ubuntu0.18.04.17
GET H2	200	2303156 Show response ad.a-ads.com/ Frame DB96	13 KB 5 KB	119ms 51ms	Document text/html	136.243.4.18 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/2303156?size=728x90 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.4.18 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.18.4.243.136.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 74227e2320aacc98c24affe97f9cf88f1a57bf94b4402bfc0c39d3cd518dac38 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-encoding gzip content-type text/html;charset=utf-8 date Fri, 15 Mar 2024 10:38:29 GMT server nginx status 200 OK vary Accept-Encoding Accept-Encoding x-content-type-options nosniff x-original-referer https://crypto-fire.website/ x-powered-by Phusion Passenger(R) x-robots-tag noindex, nofollow, nosnippet, noarchive x-xss-protection 1; mode=block
GET H2	200	show.php Show response cryptocoinsad.com/ads/ Frame EAA7	2 KB 1 KB	505ms 462ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cryptocoinsad.com/ads/show.php?a=252942&b=398013 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.24-0ubuntu0.18.04.17 Resource Hash ce587765d2464cbe80f966aa563449f22c340a3753b5347bfa7c5a1808c65cba Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 864bdfcb8dc50bae-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 15 Mar 2024 10:38:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ch08AGAmgKCon1BYZaGlfZxC%2Be8jU%2BeQDyFU7f4FEQ4SlaNSohOO%2BQMv7Q9UYdSgJu5tqDds29T%2FO8BMCsKX%2FlJFmBZEqJ3koU46ojng1yWEPszBvXq6PRNfZhvNpfPBLXIESmGsT0G%2FxV9keWruTQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.2.24-0ubuntu0.18.04.17
GET H2	200	vbanner.php Show response multiwall-ads.shop/ Frame FBC5	5 KB 2 KB	160ms 113ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=728 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e50ae1e659f8df2876206611e50242e651fdae84a427794eac756491a1556577 Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 864bdfcb88d36688-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 15 Mar 2024 10:38:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSq8B%2Br7LakWKoUl%2F3WRsiRcneoQzlemdQDA%2BE9y8L2971oUWyPdSVVnq8o9z2d%2FuAxIa3vBTLPEt25Z%2BRj33gq%2FRDdjgnMMVxaA0bSiGDctNYbQ4nNK2jrcyOI%2F2mYoTXKvKSSzwGdY5FcEcq5O1Tc%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	vbanner.php Show response multiwall-ads.shop/ Frame CACC	5 KB 2 KB	128ms 84ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=468 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b4274503937639a6fdbca9067cac04e2cf8efca563411a14f26b09bb3758596 Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 864bdfcb88d16688-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 15 Mar 2024 10:38:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkEyNR14zFHs1j77907YFmX2ggB1HNRn7qMiLnPz9zYLMT8dcF8AdJ%2BjwASFtgFHoS%2FO5x2pib8S84gZVvwv8p6SmxKfkDMgkuTGVjAjM5k8aG%2B8PndMSb4EfpH7xoLjNHRqu9vcZpzBM%2BMCq%2BY55Do%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	size=468x60 Show response free-btc.org/banner/u=Banderasss/ Frame 9348	2 KB 1 KB	219ms 172ms	Document text/html	2606:4700:3033::6815:1d16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://free-btc.org/banner/u=Banderasss/size=468x60 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 217837da73377fc75b4fa59faab0fa1da5b33d736ab007b98d9fe04bcda536c7 Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 864bdfcb9927970b-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 15 Mar 2024 10:38:29 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B9I2TvyRpk56q73UYA6Vg74KMuRcHK0r6MF7IA3aHvyJ7K6Sb%2FNQ3AFU%2BbpbW0UEgB0nPEZCHDp4kO5Y3PsGnWYvPfIgEA4Jaw5zUDqzdevpHkCXK5ZJYpXOSu6KPizDCRXDQc51F1JqkEU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	22925.js Show response bihunekus.com/	42 KB 17 KB	76ms 33ms	Script application/javascript	88.208.46.40 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://bihunekus.com/22925.js Requested by Host: crypto-fire.website URL: https://crypto-fire.website/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.40 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash a18a208307acbb555e11f137c2f59b73dee1fc4cfa7e38ad22b1fc5fe9bb33ef Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Pragma no-cache Date Fri, 15 Mar 2024 10:38:29 GMT Content-Encoding gzip Server nginx Accept-CH Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Expires 0
GET H3	200	fon.png crypto-fire.website/img/	719 KB 720 KB	48ms 48ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/img/fon.png Requested by Host: crypto-fire.website URL: https://crypto-fire.website/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bc529fcb19b19a70d19cb4f3180ca15f96c05c099fee22ea4ce15b886c8078a Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 154360 alt-svc h3=":443"; ma=86400 content-length 736337 last-modified Fri, 22 Oct 2021 11:25:12 GMT server cloudflare etag "61729f98-b3c51" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cSUXkKPE10K8twvqBf9sV%2BsaXPu%2F92ZDsL%2Bj4hBsqn90LGgyw41m5mSofqxqLvMP%2BjAFvgw8XRoGbmlvatiZpA81ic6m%2FzEMw1%2FhTLS7UW2%2FG%2BVWRekxO9nQpJWzpwLAVihzOnD%2Fe4Qtu8%2BHvjlyp6mf"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfcb4d4b6648-AMS expires Wed, 20 Mar 2024 15:45:48 GMT
GET DATA	200 OK	truncated /	326 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13ebc66288e512400e2af0b76f9d4540e429d4d94f2c5f1219276d9a5e8e1bae Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	fontawesome-webfont.woff2 crypto-fire.website/fonts/font-awesome/fonts/	55 KB 56 KB	112ms 111ms	Font font/woff2	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://crypto-fire.website/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0 Requested by Host: crypto-fire.website URL: https://crypto-fire.website/fonts/font-awesome/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c Request headers Referer https://crypto-fire.website/fonts/font-awesome/css/font-awesome.min.css Origin https://crypto-fire.website accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT last-modified Fri, 08 Oct 2021 16:00:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5063 etag "ddcc-5cdd97babb080" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iw%2Ft0LJdOZjBEtdF85Gj3aPC993Y1xyEx5z2Qw6hfXojtCxkHfOAVq2I8bohMH9FkuxDnuOWBpU4Vh%2FXAkleYcB4FpRjz%2FZxpYPB8h8qdQz128TG%2FPVgFZFWHXQMifV5EhdmUytDLOrjM5Ce%2FRoE%2FAR2"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=14400 accept-ranges bytes cf-ray 864bdfcb4d4d6648-AMS alt-svc h3=":443"; ma=86400 content-length 56780
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	389 KB 134 KB	151ms 60ms	Script text/javascript	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: video.videotouch88.info URL: https://video.videotouch88.info/d-video.js?b=27 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 291baa61da02f3fd36d3cf5e5374c7b39d516078b16a5ea0d25ad16ec73fc4c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136708 x-xss-protection 0 expires Fri, 15 Mar 2024 10:38:29 GMT
POST H/1.1	200 OK	33100 Show response nadajotum.com/	5 KB 6 KB	41ms 41ms	Fetch application/json	88.208.46.50 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://nadajotum.com/33100 Requested by Host: nadajotum.com URL: https://nadajotum.com/14809.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.50 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash c9a19eca898293c1ebaaecbf404528d8ae73a0aa4b668d9b8fb3e57724a00f3e Request headers Referer https://crypto-fire.website/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Fri, 15 Mar 2024 10:38:29 GMT Server nginx Accept-CH Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://crypto-fire.website Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Expires 0
GET H2	200	css2 fonts.googleapis.com/ Frame DB96	5 KB 1 KB	79ms 31ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/2303156?size=728x90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 15 Mar 2024 10:38:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 15 Mar 2024 09:19:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 15 Mar 2024 10:38:29 GMT
GET H2	200	728x90 static.a-ads.com/a-ads-banners/117604/ Frame DB96	124 KB 125 KB	35ms 26ms	Image image/gif	136.243.4.18 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/117604/728x90?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/2303156?size=728x90 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.4.18 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.18.4.243.136.clients.your-server.de Software nginx / Resource Hash 5d73f0bfb25671d4c211874f1119c404f911d245c8cb8fc06a3932eec503500a Request headers accept-language nl-NL,nl;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT x-amz-version-id BCwmccmvTUSKXCeAiMQBPfvl0ViRchO9 last-modified Sun, 19 Apr 2020 16:05:30 GMT server nginx x-amz-request-id 93ZGF6RRJ346GYFW etag "15e542f2a13962c78be36c2bc51e939b" content-type image/gif cache-control max-age=315360000 accept-ranges bytes content-length 127158 x-amz-id-2 hjOmgI1SYfc4dfp9J6NYLZ5dXXG68gpYiuN3DPvY6qblsrvotkJkS+HgvdH5cU8CNw6MKWsNBaE= expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	204	check ctracking.io/	0 0	113ms 41ms	Fetch	2a0d:da00:a:4019:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://ctracking.io/check Requested by Host: appsha-pnd.ctengine.io URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=ZMEHaHI6UF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:4019:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://crypto-fire.website/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json Response headers date Fri, 15 Mar 2024 10:38:29 GMT strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin x-xss-protection 0 ct-remote-token 8ff93174-816b-4475-a327-fe327dca20f3 server nginx last-modified Fri, 15 Mar 2024 10:38:29 GMT vary Accept-Encoding access-control-allow-methods GET, OPTIONS access-control-allow-origin https://crypto-fire.website accept application/json access-control-expose-headers Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token expires Fri, 15 Mar 2024 10:53:29 GMT
GET H2	200	GOT468.gif games-of-thrones.com/ Frame CACC	227 KB 228 KB	22ms 21ms	Image image/gif	2606:4700:3034::6815:4843 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://games-of-thrones.com/GOT468.gif Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=468 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4843 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bfd81bad8c339f7d2a707a502565e5b5f5c8dfd2187bebb47363543104998a1 Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 55006 alt-svc h3=":443"; ma=86400 content-length 232517 last-modified Fri, 13 Oct 2023 11:30:53 GMT server cloudflare etag "65292a6d-38c45" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUcJX727q62fQy0e3hv6%2F2K4CoI7EsHl15PF53V0YvGKCBozVpzKbQ2tZjcvItqeE6F4mcA4a8im%2FcikZJCRWSXzfOLbE5d5E3uS%2FImeJweUlynyyR0wn64tB6LkzwvBJ4RkADV1dU1NoYDGt6pNHAP%2BTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=86400 accept-ranges bytes cf-ray 864bdfcc18bb0a54-AMS expires Fri, 15 Mar 2024 19:21:43 GMT
GET H2	200	jquery.min.js Show response multiwall-ads.shop/js/ Frame CACC	87 KB 32 KB	28ms 27ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://multiwall-ads.shop/js/jquery.min.js Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=468 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=468 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Jul 2022 05:12:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 68715 etag W/"62e21ac5-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ss3CRGKB7ivxk497EsoLdPDI%2BFUyVplgvDPrKPB9J%2BccmSbxV%2BSw9R27n2MtznU9VHeNHC%2Fgh5GxnaOFbu3MjT%2BJw0gkCnjcK2F7bZZhmUmGH%2BCxHE7ncHVIYg0ESJgnOlCApTV3dwnewQ15BayFYs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 864bdfcc19896688-AMS alt-svc h3=":443"; ma=86400 expires Fri, 15 Mar 2024 15:33:14 GMT
OPTIONS H2	204	check ctracking.io/ Frame	0 0	98ms 32ms	Preflight	2a0d:da00:a:4019:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://ctracking.io/check Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:4019:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://crypto-fire.website Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers accept application/json access-control-allow-credentials true access-control-allow-headers Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token access-control-allow-methods GET, OPTIONS access-control-allow-origin https://crypto-fire.website access-control-expose-headers Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token cache-control private, max-age=900 cross-origin-resource-policy cross-origin ct-remote-token e654c174-4d0a-495f-bb3f-de5ae1f01946 date Fri, 15 Mar 2024 10:38:29 GMT expires Fri, 15 Mar 2024 10:53:29 GMT last-modified Fri, 15 Mar 2024 10:38:29 GMT server nginx strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-xss-protection 0
GET H2	200	tag.js Show response mc.yandex.ru/metrika/ Frame CACC	204 KB 71 KB	416ms 276ms	Script application/javascript	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=468 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash bfa43032d563ab661974f76827ef4d21ccadf44541439a72d0297f46d5d2ec58 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Fri, 01 Mar 2024 11:37:40 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "65e1be04-1192e" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 71982 expires Fri, 15 Mar 2024 11:38:29 GMT
GET H2	200	2310301 Show response ad.a-ads.com/ Frame BCA5	13 KB 5 KB	72ms 71ms	Document text/html	136.243.4.18 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/2310301?size=468x60 Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=468 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.4.18 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.18.4.243.136.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 176323e44c155a27e4fe37eb936acd3f281413d6600da3a1bff285107cf13c6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://multiwall-ads.shop/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-encoding gzip content-type text/html;charset=utf-8 date Fri, 15 Mar 2024 10:38:29 GMT server nginx status 200 OK vary Accept-Encoding Accept-Encoding x-content-type-options nosniff x-original-referer https://multiwall-ads.shop/ x-powered-by Phusion Passenger(R) x-robots-tag noindex, nofollow, nosnippet, noarchive x-xss-protection 1; mode=block
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/	406 KB 138 KB	57ms 57ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&aplac=true Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2242642741687493 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a9d21e3c938d41026a0875bdd561f31739feadf947b5ec721fc1c52345d287a7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140996 x-xss-protection 0 server cafe etag 15115030372024844399 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 15 Mar 2024 10:38:29 GMT
GET H3	200	GOT728.gif games-of-thrones.com/ Frame FBC5	465 KB 466 KB	22ms 22ms	Image image/gif	2606:4700:3034::6815:4843 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://games-of-thrones.com/GOT728.gif Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=728 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4843 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e45ec8c3d1a7e13eb8314469b829cf72cf5607c75ea3002014f528d491e2cc4b Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64531 alt-svc h3=":443"; ma=86400 content-length 476613 last-modified Fri, 13 Oct 2023 11:30:53 GMT server cloudflare etag "65292a6d-745c5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cdakryb6MG3JTZ2I7eOfjaIe4svtI1ZeRol1bAiDoq6H0FLo8W2NjX4HT%2F2lhuEzzprl4uD2VnZ37W88n7BHd6%2FCqaNG77qpt96SNCdW8YWyyjAPWJgxpqwtOeT%2F6bKYxCyCASqKLx3gGk8N5CF5b4pLeA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=86400 accept-ranges bytes cf-ray 864bdfcc5cc4b936-AMS expires Fri, 15 Mar 2024 16:42:58 GMT
GET H3	200	jquery.min.js Show response multiwall-ads.shop/js/ Frame FBC5	87 KB 32 KB	27ms 27ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://multiwall-ads.shop/js/jquery.min.js Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=728 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=728 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Thu, 28 Jul 2022 05:12:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 68715 etag W/"62e21ac5-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r9bCXi1eWc8%2FsnrKW4QkdSUYGk7xE82FJRmlRBZoBzHBL8oZtbAjGeERvrmoLW2k8ESqupE7TYAorNf8%2F2HgtUoOw1AVTCfyHbfddpApJTLJhYpssDjxqC5Jro%2F7mJ%2FLbk2AsUc5ede7pnKocoz8iHU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=86400 cf-ray 864bdfcc5f70b90e-AMS alt-svc h3=":443"; ma=86400 expires Fri, 15 Mar 2024 15:33:14 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/ Frame FBC5	204 KB 71 KB	287ms 185ms	Script application/javascript	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=728 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash bfa43032d563ab661974f76827ef4d21ccadf44541439a72d0297f46d5d2ec58 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Fri, 01 Mar 2024 11:37:40 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "65e1be04-1192e" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 71982 expires Fri, 15 Mar 2024 11:38:29 GMT
GET H2	200	size=728x90 Show response free-btc.org/banner/u=Banderasss/ Frame 0564	2 KB 1 KB	99ms 99ms	Document text/html	2606:4700:3033::6815:1d16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://free-btc.org/banner/u=Banderasss/size=728x90 Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=728 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06a29e70dd7a829306b1dca1a011d172c48e8ccb58cd6aa664e2401bfcca3e44 Request headers Referer https://multiwall-ads.shop/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 864bdfcc6a04970b-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 15 Mar 2024 10:38:29 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sd2P%2F5oPp0hgqDfHB6Kgc3j7tm5ateA0esp%2BLka%2FFH0%2F3yr92XXyK8RM3lDx93vbEACfp3ZVS1Ju74EnpqQu4u0DoGfEmQY%2F%2FjK%2BACgGn2NrhEG%2BrdGlPPTidPgkIlQo11PHNeNReich%2Beg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	79ms 38ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-DK2BL5MDMQ&gtm=45je43d0v887290951za200&_p=1710499109633&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1074250671.1710499110&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710499109&sct=1&seg=0&dl=https%3A%2F%2Fcrypto-fire.website%2F&dt=MINING%20CRYPTO%20FIRE&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3722 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-DK2BL5MDMQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:29 GMT server Golfe2 content-type text/plain access-control-allow-origin https://crypto-fire.website cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame BCA5	5 KB 743 B	38ms 38ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/2310301?size=468x60 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 15 Mar 2024 10:38:29 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 15 Mar 2024 09:20:29 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 15 Mar 2024 10:38:29 GMT
GET H2	200	468x60 static.a-ads.com/a-ads-banners/482543/ Frame BCA5	127 KB 128 KB	270ms 270ms	Image image/gif	136.243.4.18 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/482543/468x60?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/2310301?size=468x60 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 136.243.4.18 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.18.4.243.136.clients.your-server.de Software nginx / Resource Hash 14c546f55185593f9b9ad9e62e152f015e5de2b1d06084f3125cb73325dfc433 Request headers accept-language nl-NL,nl;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT x-amz-version-id gEDKLskRixiPgjyszYKJbhEHdhKYU3G_ last-modified Thu, 05 Oct 2023 18:09:29 GMT server nginx x-amz-request-id FHA74QJR5JX8EJY5 etag "a677e3c32c263d2451b7e47f407de118" x-amz-server-side-encryption AES256 content-type image/gif cache-control max-age=315360000 x-amz-replication-status COMPLETED accept-ranges bytes content-length 130378 x-amz-id-2 ro8JDGsnMkXi/NzS7bu23Wvu6KYiK++nA+VpVnurAhNl1bfnZRG0yzbmunOq1vE2FqhU0hupHJI= expires Thu, 31 Dec 2037 23:55:55 GMT
GET DATA	200 OK	truncated / Frame DB96	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/ Frame DB96	46 KB 46 KB	107ms 33ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ad.a-ads.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 12 Mar 2024 08:52:40 GMT x-content-type-options nosniff age 265549 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Mar 2025 08:52:40 GMT
GET H2	200	d-video.js Show response video.videotouch88.info/ Frame 9348	92 KB 13 KB	34ms 33ms	Script application/javascript	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/d-video.js?b=27 Requested by Host: free-btc.org URL: https://free-btc.org/banner/u=Banderasss/size=468x60 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b50253e2ef3c7a42aaa8544693349332aeba8f9caa05b0cd4652f11b46760000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:20:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3867 etag W/"654d06de-17051" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wutuwhZeStL6u0%2FN9Qdl1V3ZkX2vGwzIJYiwOfX9MImSVhXZINW8ILNOKa%2F926qCiyasB6XV5%2B%2FUSHhAwFpHHcMMXIPoe33%2B0XP5skJ1NnQahy2KIslS1hsE7%2Bgn3ZKAjjgTCU2M9t%2BvWn7crE4iKS0VtiSo%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 864bdfccadf866c8-AMS alt-svc h3=":443"; ma=86400
GET H2	200	bico.gif free-btc.org/img/ Frame 9348	32 KB 32 KB	39ms 38ms	Image image/gif	2606:4700:3033::6815:1d16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://free-btc.org/img/bico.gif Requested by Host: free-btc.org URL: https://free-btc.org/banner/u=Banderasss/size=468x60 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/banner/u=Banderasss/size=468x60 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64528 alt-svc h3=":443"; ma=86400 content-length 32521 last-modified Sat, 19 Feb 2022 15:54:05 GMT server cloudflare etag "6211129d-7f09" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUh9as0igXI8ygd2VEcQapqcad%2FnEgfTSaZrZsGxzkzwfY9OFDwHsY9IY5WN0L%2BBm%2B1GAxgPlSyNObPlA6hw8ZIezCxAbSgF2nUCr3qI1a5lKGafyn7X8U02p50UU7AM8Ut3%2FgeCfVqV%2B4I%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=86400 accept-ranges bytes cf-ray 864bdfccaa48970b-AMS expires Fri, 15 Mar 2024 16:43:01 GMT
GET H3	200	468.gif crypto-fire.website/ Frame 9348	242 KB 242 KB	40ms 40ms	Image image/gif	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/468.gif Requested by Host: free-btc.org URL: https://free-btc.org/banner/u=Banderasss/size=468x60 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 853c74f8049dbd5e39f02ceee62065dde6d645c89e5ec34f086fb765ce7247ca Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 146253 alt-svc h3=":443"; ma=86400 content-length 247390 last-modified Mon, 01 Nov 2021 11:03:29 GMT server cloudflare etag "617fc981-3c65e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YEHLj6m%2Bl%2FltIceM9c2nSNzq3wZ3DuDAIfr1b7zx2ltKjIlU8%2F%2FU9Hzow4RQsWba25j%2FfgAxEU0dU3n6aqnAr%2BDu2040V%2FBJp9hAVLHxZMYxLgjfeI7CpCwJMHRNFeUiWsI2JSUtP6fcm1zzss9z3az8"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfccaf0d6648-AMS expires Wed, 20 Mar 2024 18:00:55 GMT
GET H/1.1	200 OK	cs Show response nadajotum.com/js/ Frame 7129 Redirect Chain https://nadajotum.com/js/cs?uuid=56621aa3-6c56-4636-b0a2-1f05a278cf95 https://s.uuidksinc.net/match/1165/?remote_uid=56621aa3-6c56-4636-b0a2-1f05a278cf95&cb_url=https%3A%2F%2Fnadajotum.com%2Fjs%2Fcs%3Fuuid%3D56621aa3-6c56-4636-b0a2-1f05a278cf95%26oid%3D%5BUID%5D https://nadajotum.com/js/cs?uuid=56621aa3-6c56-4636-b0a2-1f05a278cf95&oid=e28hksSL7dODYZlIEXIw	43 B 491 B	43ms 43ms	Document image/gif	88.208.46.50 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://nadajotum.com/js/cs?uuid=56621aa3-6c56-4636-b0a2-1f05a278cf95&oid=e28hksSL7dODYZlIEXIw Requested by Host: nadajotum.com URL: https://nadajotum.com/14809.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.50 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Accept-CH Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Connection keep-alive Content-Type image/gif Date Fri, 15 Mar 2024 10:38:29 GMT Server nginx Transfer-Encoding chunked Redirect headers content-length 0 date Fri, 15 Mar 2024 10:38:29 GMT location https://nadajotum.com/js/cs?uuid=56621aa3-6c56-4636-b0a2-1f05a278cf95&oid=e28hksSL7dODYZlIEXIw server nginx/1.23.2
POST H/1.1	200 OK	set nadajotum.com/event/	0 0	41ms 34ms	Fetch text/html	88.208.46.50 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://nadajotum.com/event/set Requested by Host: nadajotum.com URL: https://nadajotum.com/14809.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.50 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash Request headers Referer https://crypto-fire.website/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 15 Mar 2024 10:38:29 GMT Content-Encoding gzip Server nginx Accept-CH Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Transfer-Encoding chunked Access-Control-Allow-Methods PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://crypto-fire.website Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
POST H/1.1	200 OK	set nadajotum.com/event/	0 848 B	88ms 31ms	Ping text/html	88.208.46.50 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://nadajotum.com/event/set Requested by Host: nadajotum.com URL: https://nadajotum.com/14809.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.50 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://crypto-fire.website/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 15 Mar 2024 10:38:29 GMT Content-Encoding gzip Server nginx Accept-CH Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Transfer-Encoding chunked Access-Control-Allow-Methods PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://crypto-fire.website Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
POST H/1.1	200 OK	set nadajotum.com/event/	0 0	72ms 31ms	Fetch text/html	88.208.46.50 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://nadajotum.com/event/set Requested by Host: nadajotum.com URL: https://nadajotum.com/14809.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.50 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash Request headers Referer https://crypto-fire.website/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Fri, 15 Mar 2024 10:38:29 GMT Content-Encoding gzip Server nginx Accept-CH Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version Transfer-Encoding chunked Access-Control-Allow-Methods PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://crypto-fire.website Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
GET DATA	200 OK	truncated / Frame BCA5	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/ Frame BCA5	46 KB 46 KB	116ms 80ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ad.a-ads.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 12 Mar 2024 08:52:40 GMT x-content-type-options nosniff age 265549 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Mar 2025 08:52:40 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/ Frame 9348	389 KB 134 KB	38ms 37ms	Script text/javascript	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: video.videotouch88.info URL: https://video.videotouch88.info/d-video.js?b=27 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 291baa61da02f3fd36d3cf5e5374c7b39d516078b16a5ea0d25ad16ec73fc4c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136708 x-xss-protection 0 expires Fri, 15 Mar 2024 10:38:29 GMT
GET H3	200	ads Show response pagead2.googlesyndication.com/pagead/ Frame F33F	603 B 65 B	191ms 190ms	Document text/html	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2242642741687493&output=html&adk=1812271804&adf=3025194257&lmt=1710499109&plat=8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fcrypto-fire.website%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710499109789&bpp=2&bdt=369&idt=130&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8215953726204&frm=20&pv=2&ga_vid=1074250671.1710499110&ga_sid=1710499110&ga_hid=541755339&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C95326315%2C95327951%2C95327955%2C95320378%2C95322399%2C95325785&oid=2&pvsid=458304205588478&tmod=1755064466&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=141 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 15 Mar 2024 10:38:30 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	d-video.js Show response video.videotouch88.info/ Frame 0564	92 KB 13 KB	36ms 36ms	Script application/javascript	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/d-video.js?b=27 Requested by Host: free-btc.org URL: https://free-btc.org/banner/u=Banderasss/size=728x90 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b50253e2ef3c7a42aaa8544693349332aeba8f9caa05b0cd4652f11b46760000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT content-encoding br cf-cache-status HIT last-modified Thu, 09 Nov 2023 16:20:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3867 etag W/"654d06de-17051" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tc8ojPNqwUWsYMwZrMnfD73Zp7O9oeEwf0T8MNAVUDlblGZgRkAA8uweRF3O8Q2WZwimGsRPttPciTneLx79BHMpE8a%2BlxAxnuAGwF6AA4v9IZkkxDMTZT8XbA3i7s6c8M0j1TsQkEqT4PvIur9S6nlCyFlUxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 864bdfcd1cd3417e-AMS alt-svc h3=":443"; ma=86400
GET H3	200	bico.gif free-btc.org/img/ Frame 0564	32 KB 32 KB	38ms 37ms	Image image/gif	2606:4700:3033::6815:1d16 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://free-btc.org/img/bico.gif Requested by Host: free-btc.org URL: https://free-btc.org/banner/u=Banderasss/size=728x90 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:1d16 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9 Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/banner/u=Banderasss/size=728x90 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64528 alt-svc h3=":443"; ma=86400 content-length 32521 last-modified Sat, 19 Feb 2022 15:54:05 GMT server cloudflare etag "6211129d-7f09" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWbg5IonViqJVcDhhAYTrsRoWvJBYvtGr5gXQNaqJlmIbo5KZtXFFdT2pK2Pd9%2FE0M9MnNo0tAfQpg5GYnhpJHpGY3qqzU2QQkSduH%2B7BL5LJp78wYmDzti6ZbB29Qkr5CqccRj0141FO2Y%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=86400 accept-ranges bytes cf-ray 864bdfcd1a0fb89c-AMS expires Fri, 15 Mar 2024 16:43:01 GMT
GET H3	200	GOT728.gif games-of-thrones.com/ Frame 0564	465 KB 466 KB	33ms 32ms	Image image/gif	2606:4700:3034::6815:4843 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://games-of-thrones.com/GOT728.gif Requested by Host: free-btc.org URL: https://free-btc.org/banner/u=Banderasss/size=728x90 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4843 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e45ec8c3d1a7e13eb8314469b829cf72cf5607c75ea3002014f528d491e2cc4b Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64531 alt-svc h3=":443"; ma=86400 content-length 476613 last-modified Fri, 13 Oct 2023 11:30:53 GMT server cloudflare etag "65292a6d-745c5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IfafA3F16NF%2BbfYgm0ch1OvVZgwWhSJh9wXupOOzE2HJeUFXtlAdUJ5mzuEftnxUSR8aX8DP2C0nldwbmL%2ByPfTpEvPocV%2FoS2GsredifGbtU5kNq6jXv3q1cScB9Hgmy4h%2FwynmkPJUSdsCl%2FtV6aSJ%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=86400 accept-ranges bytes cf-ray 864bdfcd1d6cb936-AMS expires Fri, 15 Mar 2024 16:42:58 GMT
GET H2	200	bridge3.627.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 50C4	758 KB 242 KB	39ms 39ms	Document text/html	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a322e589c3e2c8ece94efeb19f5de31551a64276985230f2b2c733d326580ab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 224748 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 247770 content-type text/html cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin date Tue, 12 Mar 2024 20:12:41 GMT expires Wed, 12 Mar 2025 20:12:41 GMT last-modified Wed, 06 Mar 2024 17:30:18 GMT report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	44 KB 17 KB	179ms 87ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript cache-control private, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16746 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 15 Mar 2024 10:38:30 GMT
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 82AE	40 KB 14 KB	35ms 35ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:33:25 GMT content-encoding gzip x-content-type-options nosniff age 304 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13893 x-xss-protection 0 last-modified Wed, 09 Aug 2023 15:57:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Fri, 15 Mar 2024 11:33:25 GMT
GET H3	200	bridge3.627.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 9787	758 KB 242 KB	47ms 47ms	Document text/html	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a322e589c3e2c8ece94efeb19f5de31551a64276985230f2b2c733d326580ab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-btc.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 224748 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 247770 content-type text/html cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin date Tue, 12 Mar 2024 20:12:41 GMT expires Wed, 12 Mar 2025 20:12:41 GMT last-modified Wed, 06 Mar 2024 17:30:18 GMT report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	client.js Show response s0.2mdn.net/instream/video/ Frame 9348	44 KB 16 KB	177ms 115ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript cache-control private, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16746 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 15 Mar 2024 10:38:30 GMT
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 378C	40 KB 14 KB	46ms 46ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:33:25 GMT content-encoding gzip x-content-type-options nosniff age 304 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13893 x-xss-protection 0 last-modified Wed, 09 Aug 2023 15:57:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Fri, 15 Mar 2024 11:33:25 GMT
GET H2	200	slide.js Show response appsha-pnd.ctengine.io/static/	9 KB 3 KB	142ms 33ms	XHR application/javascript	2a0d:da00:a:401c:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://appsha-pnd.ctengine.io/static/slide.js?v=1708947415871 Requested by Host: appsha-pnd.ctengine.io URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=ZMEHaHI6UF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash e85e88e3c5147dc3710c5f8213be4449a8be2b937c573539332db3d72cc80b8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cross-origin-resource-policy cross-origin x-xss-protection 0 last-modified Fri, 15 Mar 2024 10:38:30 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Fri, 15 Mar 2024 10:53:30 GMT
GET H2	200	notification.js Show response appsha-pnd.ctengine.io/static/	25 KB 8 KB	141ms 32ms	XHR application/javascript	2a0d:da00:a:401c:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://appsha-pnd.ctengine.io/static/notification.js?v=1708947415871 Requested by Host: appsha-pnd.ctengine.io URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=ZMEHaHI6UF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash c21902daae5f45f7ef58d9abba3092b76dce4ad6719a2b644fbe3bb54a48ac2d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cross-origin-resource-policy cross-origin x-xss-protection 0 last-modified Fri, 15 Mar 2024 10:38:30 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Fri, 15 Mar 2024 10:53:30 GMT
GET H2	200	inpage.js Show response appsha-pnd.ctengine.io/static/	33 KB 4 KB	141ms 33ms	XHR application/javascript	2a0d:da00:a:401c:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://appsha-pnd.ctengine.io/static/inpage.js?v=1708947415871 Requested by Host: appsha-pnd.ctengine.io URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=ZMEHaHI6UF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash e7b59de55a89dbac0583501feecd9d14bbe7008cb91a9e4ce09fd8e78ba98294 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip cross-origin-resource-policy cross-origin x-xss-protection 0 last-modified Fri, 15 Mar 2024 10:38:30 GMT server nginx vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires Fri, 15 Mar 2024 10:53:30 GMT
GET H3	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/ Frame 0564	389 KB 134 KB	139ms 139ms	Script text/javascript	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: video.videotouch88.info URL: https://video.videotouch88.info/d-video.js?b=27 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 291baa61da02f3fd36d3cf5e5374c7b39d516078b16a5ea0d25ad16ec73fc4c2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 136708 x-xss-protection 0 expires Fri, 15 Mar 2024 10:38:30 GMT
GET H3	200	tag Show response video.videotouch88.info/api/video/ Frame 50C4	42 B 865 B	33ms 33ms	XHR application/xml	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/api/video/tag?sourceId=51613&tmax=500&video-skipafter=5&count=3&tagId=32b4pb4hedl3yk8s Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxe%2BA1pAu8Q1YytCrTwbHDfg3GzXvZO7rapaD4g%2BGwa%2BJKXPLn%2Bbe9ohDAEJR0ZZqmqeE8%2BOM3hkvCAXEQoJ42Hl59cNfQxHSqJG4Oc5Uu0U9OVfGiJ%2Bq47SBuTYkwUBzSdkX1iAvRGBqpjsY0kHKC0OJgilOQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfce3db0417e-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
GET H2	200	27646.gif cryptocoinsad.com/banner/ads_banner/ Frame EAA7	257 KB 257 KB	22ms 21ms	Image image/gif	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cryptocoinsad.com/banner/ads_banner/27646.gif Requested by Host: cryptocoinsad.com URL: https://cryptocoinsad.com/ads/show.php?a=252942&b=398013 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab02416886446d80bc1d37288b219d8ffa08e2c819564de1f4095ed62e444d03 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cryptocoinsad.com/ads/show.php?a=252942&b=398013 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT cf-cache-status HIT last-modified Wed, 13 Mar 2024 19:40:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3886 etag "65f20138-40340" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RRjaU3O9AmrYIlMhV1PeUk7VR4sISmKUcBg3yKlPS3vDRHgQWSC2a2hL31pEQZLLjzjlqSRPauVcPZCW%2FZO18nGglE3F%2BGuS5h59168tymATJS306FEd67QTWpm5H5n8xCCD9YlEdCx44T5n7QaiLA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=10800 accept-ranges bytes cf-ray 864bdfce696d0bae-AMS alt-svc h3=":443"; ma=86400 content-length 262976
GET H3	200	icon.png cryptocoinsad.com/ads/show/img/ Frame EAA7	3 KB 4 KB	22ms 22ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cryptocoinsad.com/ads/show/img/icon.png Requested by Host: cryptocoinsad.com URL: https://cryptocoinsad.com/ads/show.php?a=252942&b=398013 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cryptocoinsad.com/ads/show.php?a=252942&b=398013 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT cf-cache-status HIT last-modified Sat, 29 Jan 2022 11:54:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2270 etag "61f52b0c-ced" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BaaFUs82p9dHQb3TAaB0AwRy3%2BOaCPvhj5PHBYkzaSZt7OplhnZhfxM2TCknmhuiOyfh4S9l6hrfb6mJE6x2k96IXAiycX9Yuh%2FlSwSZCYNPnxgW4uXXU2LD8VNYm60hp8BseAsjvE4eZTKc9mptyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=10800 accept-ranges bytes cf-ray 864bdfceae7a0e6c-AMS alt-svc h3=":443"; ma=86400 content-length 3309
POST H2	204	csi csi.gstatic.com/ Frame 50C4	0 234 B	183ms 60ms	Ping image/gif	2a00:1450:4003:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ltsj088x&c=8215953726204&slotId=4107976863102&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4003:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	27625.gif cryptocoinsad.com/banner/ads_banner/ Frame 7861	412 KB 412 KB	21ms 21ms	Image image/gif	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cryptocoinsad.com/banner/ads_banner/27625.gif Requested by Host: cryptocoinsad.com URL: https://cryptocoinsad.com/ads/show.php?a=252942&b=398555 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c322a8945378c8309784966f11d2c2405c9cdbdc1ff960d79c4e487c8634038f Request headers accept-language nl-NL,nl;q=0.9 Referer https://cryptocoinsad.com/ads/show.php?a=252942&b=398555 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT cf-cache-status HIT last-modified Tue, 12 Mar 2024 07:06:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 975 etag "65effefe-66e0b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4IodUk7xZrSjLIIRRQSM3l01C2XII6FJSVdGJJIsvHjQHHz0Wf9pQOXlkg0QK2dMlTUBWLzMgnRZwDggssjzdJFnCK0LQXuiw6fGo2S4F2fEhj6VALMqdIzwleTbmoPbWmGN%2FXJUWryiVp%2BUKRf7yA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=10800 accept-ranges bytes cf-ray 864bdfcebe7e0e6c-AMS alt-svc h3=":443"; ma=86400 content-length 421387
POST H2	200	tmp Show response apps-pnd.ctengine.io/	47 B 700 B	142ms 91ms	XHR text/javascript	2a0d:da00:a:4035:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://apps-pnd.ctengine.io/tmp Requested by Host: appsha-pnd.ctengine.io URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=ZMEHaHI6UF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:4035:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash 4233b4d3277e95148e3a411f0f8998351682dfb723fce350fd8c46088489a4be Request headers Referer https://crypto-fire.website/ CT-Remote-Token 8ff93174-816b-4475-a327-fe327dca20f3 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT server nginx access-control-allow-methods GET, POST, OPTIONS content-type text/javascript;charset=UTF-8 access-control-allow-origin https://crypto-fire.website access-control-expose-headers Content-Length,Content-Range,Ct-Remote-Token,CT-Apps-Referer cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Apps-Referer expires 0
OPTIONS H2	204	tmp apps-pnd.ctengine.io/ Frame	0 0	85ms 25ms	Preflight	2a0d:da00:a:4035:: LAYERSHIFT
General Check archive.org Show headers Download Go to Full URL https://apps-pnd.ctengine.io/tmp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a0d:da00:a:4035:: , United Kingdom, ASN205072 (LAYERSHIFT, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,ct-remote-token Access-Control-Request-Method POST Origin https://crypto-fire.website Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Apps-Referer access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://crypto-fire.website access-control-expose-headers Content-Length,Content-Range,Ct-Remote-Token,CT-Apps-Referer access-control-max-age 1728000 date Fri, 15 Mar 2024 10:38:30 GMT server nginx
GET H2	200	advert.gif mc.yandex.com/metrika/ Frame FBC5	43 B 661 B	106ms 106ms	Image image/gif	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=728 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT strict-transport-security max-age=31536000 last-modified Fri, 01 Mar 2024 11:37:40 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "65e1be04-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Fri, 15 Mar 2024 11:38:30 GMT
GET H2	200	1 Show response mc.yandex.com/watch/94345894/ Frame FBC5 Redirect Chain https://mc.yandex.com/watch/94345894?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D728&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=ch... https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D728&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=...	447 B 705 B	58ms 58ms	Fetch application/json	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D728&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A953424701217%3Ahid%3A779749034%3Az%3A60%3Ai%3A20240315113830%3Aet%3A1710499110%3Ac%3A1%3Arn%3A159329981%3Arqn%3A1%3Au%3A1710499110349905547%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A206%3Awv%3A2%3Ads%3A0%2C0%2C113%2C0%2C0%2C0%2C%2C68%2C0%2C%2C%2C%2C229%3Aco%3A0%3Acpf%3A1%3Ans%3A1710499109636%3Arqnl%3A1%3Ast%3A1710499110%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29 Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=728 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash facfea7088e84b163c16fe8c171144a467b93b5b2548a4d3521ffed784fb611a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Fri, 15-Mar-2024 10:38:30 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://multiwall-ads.shop cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 447 x-xss-protection 1; mode=block expires Fri, 15-Mar-2024 10:38:30 GMT Redirect headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT strict-transport-security max-age=31536000 last-modified Fri, 15-Mar-2024 10:38:30 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D728&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A953424701217%3Ahid%3A779749034%3Az%3A60%3Ai%3A20240315113830%3Aet%3A1710499110%3Ac%3A1%3Arn%3A159329981%3Arqn%3A1%3Au%3A1710499110349905547%3Aw%3A728x90%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A206%3Awv%3A2%3Ads%3A0%2C0%2C113%2C0%2C0%2C0%2C%2C68%2C0%2C%2C%2C%2C229%3Aco%3A0%3Acpf%3A1%3Ans%3A1710499109636%3Arqnl%3A1%3Ast%3A1710499110%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29 access-control-allow-origin https://multiwall-ads.shop cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Fri, 15-Mar-2024 10:38:30 GMT
GET H3	200	bridge3.627.0_en.html Show response imasdk.googleapis.com/js/core/ Frame A5A3	758 KB 242 KB	20ms 20ms	Document text/html	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a322e589c3e2c8ece94efeb19f5de31551a64276985230f2b2c733d326580ab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://free-btc.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 224749 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 247770 content-type text/html cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin date Tue, 12 Mar 2024 20:12:41 GMT expires Wed, 12 Mar 2025 20:12:41 GMT last-modified Wed, 06 Mar 2024 17:30:18 GMT report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	client.js Show response s0.2mdn.net/instream/video/ Frame 0564	44 KB 16 KB	62ms 61ms	Script text/javascript	2a00:1450:4001:813::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://free-btc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript cache-control private, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16746 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 15 Mar 2024 10:38:30 GMT
GET H3	200	omweb-v1.js Show response pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7B96	40 KB 14 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:33:25 GMT content-encoding gzip x-content-type-options nosniff age 305 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13893 x-xss-protection 0 last-modified Wed, 09 Aug 2023 15:57:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="omsdk-team-release-policy" vary Accept-Encoding report-to {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes expires Fri, 15 Mar 2024 11:33:25 GMT
GET H3	200	tag Show response video.videotouch88.info/api/video/ Frame 9787	42 B 860 B	30ms 30ms	XHR application/xml	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/api/video/tag?sourceId=51615&tmax=500&video-skipafter=5&count=3&tagId=72lnasj020wtcmbd Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOOSSqEV41DegEM%2B4YItWk33q%2BaeeeLo2SYGeEFmMSbBuZ9n48mreOEMrpbfYlvhMSxCwkzedlPNBHWCE5BJfoTMpx8oJqnhkBaV5cC7ld%2BLAsPKEZV24wpNP%2Bogttcvop2jIGpzZpU0oPpBI1t5vVzWzfQVpw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfcf0e69417e-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
GET H3	200	tag Show response video.videotouch88.info/api/video/ Frame 50C4	42 B 867 B	31ms 30ms	XHR application/xml	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/api/video/tag?sourceId=51613&tmax=500&video-skipafter=5&count=3&tagId=32b4pb4hedl3yk8s&repeat=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ciA0%2BPqxZ4w4ttWRfDdIcy7LKg2XW8T%2BGvn%2F9NmNPx9Bbehvv%2F%2BPIpbp93T61FKqNqw9%2FOn99G01nKvAMoUr8wcY2BLKehXFhsi5GjmGmYmOs4XJKcaZTDPKxk3mzDbnz%2FJKfWR%2BL8fvF3SjmzcwwtYHmABLQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfcf0e6a417e-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
GET H2	200	advert.gif mc.yandex.com/metrika/ Frame CACC	43 B 560 B	75ms 74ms	Image image/gif	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT strict-transport-security max-age=31536000 last-modified Fri, 01 Mar 2024 11:37:40 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "65e1be04-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Fri, 15 Mar 2024 11:38:30 GMT
GET H2	200	1 Show response mc.yandex.com/watch/94345894/ Frame CACC Redirect Chain https://mc.yandex.com/watch/94345894?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D468&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=ch... https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D468&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=...	447 B 479 B	59ms 59ms	Fetch application/json	2a02:6b8::1:119 TELETECH
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D468&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A953424701217%3Ahid%3A405492347%3Az%3A60%3Ai%3A20240315113830%3Aet%3A1710499110%3Ac%3A1%3Arn%3A596357055%3Arqn%3A2%3Au%3A1710499110349905547%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A172%3Awv%3A2%3Ads%3A0%2C36%2C84%2C1%2C0%2C0%2C%2C73%2C0%2C%2C%2C%2C202%3Aco%3A0%3Acpf%3A1%3Ans%3A1710499109640%3Arqnl%3A1%3Ast%3A1710499110%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29 Requested by Host: multiwall-ads.shop URL: https://multiwall-ads.shop/vbanner.php?mwbanner=583&size=468 Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN208398 (TELETECH, RS), Reverse DNS Software / Resource Hash 69905bcd5594c03db15c9f6120b0f77261ee2068426fca043900948486516e73 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://multiwall-ads.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Fri, 15-Mar-2024 10:38:30 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://multiwall-ads.shop cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 447 x-xss-protection 1; mode=block expires Fri, 15-Mar-2024 10:38:30 GMT Redirect headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT strict-transport-security max-age=31536000 last-modified Fri, 15-Mar-2024 10:38:30 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/94345894/1?wmode=7&page-url=https%3A%2F%2Fmultiwall-ads.shop%2Fvbanner.php%3Fmwbanner%3D583%26size%3D468&page-ref=https%3A%2F%2Fcrypto-fire.website%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aqfujqr3nyxpmy96xs6n0cesb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1261%3Acn%3A1%3Adp%3A0%3Als%3A953424701217%3Ahid%3A405492347%3Az%3A60%3Ai%3A20240315113830%3Aet%3A1710499110%3Ac%3A1%3Arn%3A596357055%3Arqn%3A2%3Au%3A1710499110349905547%3Aw%3A468x60%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Afp%3A172%3Awv%3A2%3Ads%3A0%2C36%2C84%2C1%2C0%2C0%2C%2C73%2C0%2C%2C%2C%2C202%3Aco%3A0%3Acpf%3A1%3Ans%3A1710499109640%3Arqnl%3A1%3Ast%3A1710499110%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29ti%281%29 access-control-allow-origin https://multiwall-ads.shop cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Fri, 15-Mar-2024 10:38:30 GMT
POST H2	204	csi csi.gstatic.com/ Frame 9787	0 45 B	89ms 61ms	Ping image/gif	2a00:1450:4003:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ltsj08bn&c=3244329332386&slotId=1622164666193&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4003:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 50C4	0 45 B	85ms 61ms	Ping image/gif	2a00:1450:4003:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ltsj08bs&c=8215953726204&slotId=4107976863102&ghmsh_eids=44731965%2C44772139%2C44777649%2C44781409%2C95321947%2C95322027%2C95323893%2C95324128%2C95326337 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4003:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	tag Show response video.videotouch88.info/api/video/ Frame 9787	42 B 856 B	31ms 31ms	XHR application/xml	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/api/video/tag?sourceId=51615&tmax=500&video-skipafter=5&count=3&tagId=72lnasj020wtcmbd&repeat=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9aSeLWXoxl60uNFECJa2xuy5Ll6h0BI3YNukApO1r4Khs16SGkcZimiZtcg0OnOy5FF36ZVYCvEdaptJliT%2F01CP1eWs2wTFq2vIqmT0llEdAzgI4gd4EvIK%2BTKDJQgtO7VnYenUpwTELzm2Eyd8WHNoameNw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfcf9edb417e-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
GET H3	200	tag Show response video.videotouch88.info/api/video/ Frame 50C4	42 B 858 B	27ms 26ms	XHR application/xml	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/api/video/tag?sourceId=51613&tmax=500&video-skipafter=5&count=3&tagId=32b4pb4hedl3yk8s&repeat=2 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yIG6T8V4tbWZ1NM5CCWVO7IDmPFUpCxTgvui3jfZgzH5UVkh3MUrELhGnuLwlfaIjLzJfUT5SJS6z41Sfxkxl8APpGwWCI9SlVvvn0lKuFd7ZtjXdhFsOy6mvBvjzWuZFaRsIob0NEOP8CYPlxtSNNoJoI1JFg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfcfaeef417e-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	68ms 67ms	XHR application/json	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&aplac=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cd9ad04889fc4ce56c7822e198613429cb0cea147d5f34a97e58b0cb2f64cd7d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12216 x-xss-protection 0
GET H3	200	tag Show response video.videotouch88.info/api/video/ Frame A5A3	42 B 865 B	29ms 29ms	XHR application/xml	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/api/video/tag?sourceId=51615&tmax=500&video-skipafter=5&count=3&tagId=lfwgzjlw82d6aj7u Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pb5GMikOtrqFnoXCY69mviFh%2FvL5ukgnIjkloXIgZ%2BgsOzMsIV9K6imC%2B8HY6bMiMhC7s64UeQpyr0xQp1%2FHRtJ6kqpUPuIut3lRUVSaEaNS%2BUPyi%2FPOWx6YJemWXGunEM2ffDPm2IlZPEp9AH6%2BXsFiuVD6zg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfcfaefc417e-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
POST H2	204	csi csi.gstatic.com/ Frame 9787	0 54 B	59ms 59ms	Ping image/gif	2a00:1450:4003:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ltsj08ee&c=3244329332386&slotId=1622164666193&ghmsh_eids=44772139%2C44777649%2C44781409%2C95321947%2C95322027%2C95323893%2C95324128%2C95324209%2C95326337 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4003:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	tag Show response video.videotouch88.info/api/video/ Frame 9787	42 B 868 B	31ms 31ms	XHR application/xml	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/api/video/tag?sourceId=51615&tmax=500&video-skipafter=5&count=3&tagId=72lnasj020wtcmbd&repeat=2 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5%2FYz%2FknPncgHiqn8BoO%2FgW35mBAAbm0lNRd1Iorq7voxvjGMjX1tvqQ8k%2BlIb5Dl%2FYV4Rwm5GjjxzF%2Fa5Fcrt87j%2B4jDfYh1K6cfGfJgKn6S9aS3b2QQSlKZ%2Br7x5KP7nzBVg74LGnOy%2Fck3Au3EU8kmKwLeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfcfcf1a417e-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
POST H2	204	csi csi.gstatic.com/ Frame A5A3	0 45 B	64ms 63ms	Ping image/gif	2a00:1450:4003:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ltsj08f9&c=1792062259664&slotId=896031129832&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4003:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	tag Show response video.videotouch88.info/api/video/ Frame A5A3	42 B 859 B	33ms 33ms	XHR application/xml	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/api/video/tag?sourceId=51615&tmax=500&video-skipafter=5&count=3&tagId=lfwgzjlw82d6aj7u&repeat=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nYj0at%2BhZCXAoW5rOq%2B4jerz9lkH49FhLg9VGjbhSzQiv98qo5i5WebLcpV%2F5iSnHRmyQkacadhU0dir4Tw%2F3gCy5e46fLhRLQiA6XMNG8K8PGO9Ww2RULGAu8Hc6bviyfFuRDMPWNfQGg04y0ubB4iosXby3g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfcfef2d417e-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
POST H2	204	csi csi.gstatic.com/ Frame A5A3	0 54 B	67ms 61ms	Ping image/gif	2a00:1450:4003:80d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ltsj08h6&c=1792062259664&slotId=896031129832&ghmsh_eids=420706098%2C44772139%2C44777649%2C44781409%2C44794282%2C95321947%2C95322027%2C95323893%2C95324128%2C95326337 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4003:80d::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	182ms 108ms	Script text/javascript	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2242642741687493&plah=crypto-fire.website&aplac=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 15 Mar 2024 10:38:30 GMT
GET H3	200	tag Show response video.videotouch88.info/api/video/ Frame A5A3	42 B 859 B	29ms 27ms	XHR application/xml	2606:4700:e4::ac40:a223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.videotouch88.info/api/video/tag?sourceId=51615&tmax=500&video-skipafter=5&count=3&tagId=lfwgzjlw82d6aj7u&repeat=2 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.627.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RgZv2hqtpykjNss8TjFcCKLho8yrYZEUWodgLyWXe%2B8sAtwXatrj9rZYKFH1l5im01snMz1n1GVx%2BLftdMAiI6pboqrrLKAYNaVVqDIr2NQm2ktbdHdv1LVnqRXfGREovSJ13LtQPAdcGb5%2FuVlkfVyyvjS6Ew%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfd02f60417e-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
GET H2	200	matchx Show response uuidksinc.net/ Frame 9F96	3 KB 2 KB	60ms 12ms	Document text/html	31.220.27.134 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://uuidksinc.net/matchx Requested by Host: nadajotum.com URL: https://nadajotum.com/14809.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash 1fb4833d89af7a4d1ee904d8940768f048e5d28ba5d801b997dfbbb2e0be1d66 Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-encoding gzip content-type text/html date Fri, 15 Mar 2024 10:38:30 GMT server nginx/1.23.2 vary Accept-Encoding
GET H2	200	/ d.uuidksinc.net/match/216/ Frame 9F96 Redirect Chain https://fcgi4.gnezdo.ru/cookie_matching/kadam/e28hksSL7dODYZlIEXIw https://fcgi4.gnezdo.ru/cookie_matching/kadam/e28hksSL7dODYZlIEXIw/?redirect=1 https://d.uuidksinc.net/match/216/?remote_uid=XV9maWX0JSaPao6xPJIBAg==	74 B 141 B	13ms 13ms	Image image/png	31.220.27.134 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://d.uuidksinc.net/match/216/?remote_uid=XV9maWX0JSaPao6xPJIBAg== Requested by Host: uuidksinc.net URL: https://uuidksinc.net/matchx Protocol H2 Server 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb Request headers accept-language nl-NL,nl;q=0.9 Referer https://uuidksinc.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT server nginx/1.23.2 content-length 74 content-type image/png Redirect headers location https://d.uuidksinc.net/match/216/?remote_uid=XV9maWX0JSaPao6xPJIBAg== access-control-allow-origin * date Fri, 15 Mar 2024 10:38:30 GMT access-control-allow-credentials true server nginx access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With access-control-allow-methods GET, POST, HEAD
GET H2	204	smc z.cdn.adtarget.me/ Frame 9F96	0 41 B	50ms 16ms	Image text/plain	81.171.9.38 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://z.cdn.adtarget.me/smc?s=22&u=e28hksSL7dODYZlIEXIw Requested by Host: uuidksinc.net URL: https://uuidksinc.net/matchx Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 81.171.9.38 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://uuidksinc.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:40:01 GMT server nginx
GET H2	200	/ d.uuidksinc.net/match/372/ Frame 9F96 Redirect Chain https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https://d.uuidksinc.net/match/372/?remote_uid=${USER_ID}&cb_url=https://d.uuidksinc.net/match/354/?remote_uid=${USER_ID}& https://ads.betweendigital.com/match?bidder_id=44509&callback_url=https://d.uuidksinc.net/match/372/?remote_uid=${USER_ID}&cb_url=https://d.uuidksinc.net/match/354/?remote_uid=${USER_ID}&&crf=1&rts... https://d.uuidksinc.net/match/372/?remote_uid=9e3f8c75-04d3-524b-b67c-50f5d38875d2	74 B 141 B	13ms 13ms	Image image/png	31.220.27.134 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://d.uuidksinc.net/match/372/?remote_uid=9e3f8c75-04d3-524b-b67c-50f5d38875d2 Requested by Host: uuidksinc.net URL: https://uuidksinc.net/matchx Protocol H2 Server 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb Request headers accept-language nl-NL,nl;q=0.9 Referer https://uuidksinc.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:31 GMT server nginx/1.23.2 content-length 74 content-type image/png Redirect headers location https://d.uuidksinc.net/match/372/?remote_uid=9e3f8c75-04d3-524b-b67c-50f5d38875d2 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0
GET		pixel.gif dmpprof.com/matching/external/ Frame 9F96	0 0
GET		pixel.gif dmpprof.com/matching/external/ Frame 9F96	0 0
GET H2	204	match dm-eu.hybrid.ai/ Frame 9F96	0 281 B	75ms 15ms	Image text/plain	37.230.131.21 HYBRID-POLAND
General Check archive.org Show headers Download Go to Show image Full URL https://dm-eu.hybrid.ai/match?id=158&vid=e28hksSL7dODYZlIEXIw Requested by Host: uuidksinc.net URL: https://uuidksinc.net/matchx Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://uuidksinc.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Fri, 15 Mar 2024 10:38:30 GMT server Hybrid Web Server p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" access-control-allow-origin https://uuidksinc.net cache-control no-cache, no-store access-control-allow-credentials true x-mode 566 x-xss-protection 1; mode=block expires -1
GET H2	200	/ d.uuidksinc.net/match/382/ Frame 9F96 Redirect Chain https://www.acint.net/rmatch?dp=192&r=https://d.uuidksinc.net/match/382/?remote_uid=${USER_ID} https://www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=192&tc=1 https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F382%252F%253Fremote_uid%253D$%257BUSER_ID... https://acint.net/rmatch?dp=14&euid=2C03420A2625F46521000864025257C8&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F382%2F%3Fremote_uid%3D$%7BUSER_ID%7D https://d.uuidksinc.net/match/382/?remote_uid=0300007F2625F465E21BEE5302AEEDA9	74 B 141 B	16ms 16ms	Image image/png	31.220.27.134 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://d.uuidksinc.net/match/382/?remote_uid=0300007F2625F465E21BEE5302AEEDA9 Requested by Host: uuidksinc.net URL: https://uuidksinc.net/matchx Protocol H2 Server 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb Request headers accept-language nl-NL,nl;q=0.9 Referer https://uuidksinc.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:31 GMT server nginx/1.23.2 content-length 74 content-type image/png Redirect headers date Fri, 15 Mar 2024 10:38:31 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" location https://d.uuidksinc.net/match/382/?remote_uid=0300007F2625F465E21BEE5302AEEDA9 content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 154 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	/ d.uuidksinc.net/match/383/ Frame 9F96 Redirect Chain https://www.acint.net/rmatch?dp=191&r=https://d.uuidksinc.net/match/383/?remote_uid=${USER_ID} https://www.acint.net/rmatch?r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D&dp=191&tc=1 https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fd.uuidksinc.net%252Fmatch%252F383%252F%253Fremote_uid%253D$%257BUSER_ID... https://acint.net/rmatch?dp=14&euid=3F03420A2625F46523007A7102F2117D&r=https%3A%2F%2Fd.uuidksinc.net%2Fmatch%2F383%2F%3Fremote_uid%3D$%7BUSER_ID%7D https://d.uuidksinc.net/match/383/?remote_uid=0300007F2625F465E21BEE5302AEEDA9	74 B 141 B	17ms 17ms	Image image/png	31.220.27.134 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://d.uuidksinc.net/match/383/?remote_uid=0300007F2625F465E21BEE5302AEEDA9 Requested by Host: uuidksinc.net URL: https://uuidksinc.net/matchx Protocol H2 Server 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb Request headers accept-language nl-NL,nl;q=0.9 Referer https://uuidksinc.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:31 GMT server nginx/1.23.2 content-length 74 content-type image/png Redirect headers date Fri, 15 Mar 2024 10:38:31 GMT server openresty p3p CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL" location https://d.uuidksinc.net/match/383/?remote_uid=0300007F2625F465E21BEE5302AEEDA9 content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 154 expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	/ d.uuidksinc.net/match/444/ Frame 9F96 Redirect Chain https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https://d.uuidksinc.net/match/444/?remote_uid=${UUID} https://d.uuidksinc.net/match/444/?remote_uid=ab5476c7-77b5-43f0-57b9-d802dddab389	74 B 141 B	24ms 14ms	Image image/png	31.220.27.134 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://d.uuidksinc.net/match/444/?remote_uid=ab5476c7-77b5-43f0-57b9-d802dddab389 Requested by Host: uuidksinc.net URL: https://uuidksinc.net/matchx Protocol H2 Server 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb Request headers accept-language nl-NL,nl;q=0.9 Referer https://uuidksinc.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT server nginx/1.23.2 content-length 74 content-type image/png Redirect headers location https://d.uuidksinc.net/match/444/?remote_uid=ab5476c7-77b5-43f0-57b9-d802dddab389 date Fri, 15 Mar 2024 10:38:30 GMT server nginx content-length 105 serverid TODO content-type text/html; charset=utf-8
GET H2	200	/ d.uuidksinc.net/match/493/ Frame 9F96 Redirect Chain https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/e28hksSL7dODYZlIEXIw https://fcgi4.gnezdo.ru/cookie_matching/kadam_resell/e28hksSL7dODYZlIEXIw/?redirect=1 https://d.uuidksinc.net/match/493/?remote_uid=XV9maWX0JSaPao6xPJIBAg==	74 B 141 B	14ms 14ms	Image image/png	31.220.27.134 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://d.uuidksinc.net/match/493/?remote_uid=XV9maWX0JSaPao6xPJIBAg== Requested by Host: uuidksinc.net URL: https://uuidksinc.net/matchx Protocol H2 Server 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.23.2 / Resource Hash 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb Request headers accept-language nl-NL,nl;q=0.9 Referer https://uuidksinc.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT server nginx/1.23.2 content-length 74 content-type image/png Redirect headers location https://d.uuidksinc.net/match/493/?remote_uid=XV9maWX0JSaPao6xPJIBAg== access-control-allow-origin * date Fri, 15 Mar 2024 10:38:30 GMT access-control-allow-credentials true server nginx access-control-allow-headers Origin, Accept, Content-Type, X-Requested-With access-control-allow-methods GET, POST, HEAD
GET		/ 1010--1662370960--a94e5d31-fb25-4315-bb10-194cc21e27ea.stbid.ru/ Frame 9F96 Redirect Chain https://sync.adspend.space/kadam?uid=e28hksSL7dODYZlIEXIw https://sync.adspend.space/check?r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3Da94e5d31-fb25-4315-bb10-194cc21e27ea%26i%3D7733759758077844385%26r%3Dhttps%253A%252F%252Fprod... https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=a94e5d31-fb25-4315-bb10-194cc21e27ea&i=7733759758077844385&r=https%3A%2F%2Fprodmp.ru%2Fadspend-sync.gif%3Fdsp_provider_id%3D2%26uid%3Da94e5d31-fb25-43... https://dmg.digitaltarget.ru/awg/custom/224/i/i?call_source=awg&ts=1710499110891&a=224&e=a94e5d31-fb25-4315-bb10-194cc21e27ea&i=7733759758077844385&r=https%3A%2F%2Fprodmp.ru%2Fadspend-sync.gif%3Fds... https://prodmp.ru/adspend-sync.gif?dsp_provider_id=2&uid=a94e5d31-fb25-4315-bb10-194cc21e27ea&r= https://counter.yadro.ru/id127/refocusdmp-id.gif?uid=a94e5d31-fb25-4315-bb10-194cc21e27ea&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3Da94e5d31-fb25-4315-bb10-194cc21e27ea... https://dmg.digitaltarget.ru/1/224/i/i?a=224&e=a94e5d31-fb25-4315-bb10-194cc21e27ea&i=1710499111169&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpmediadesk%2Fa94e5d31-fb25-4315-bb10-194cc21e27ea%3Fsig... https://an.yandex.ru/mapuid/dmpmediadesk/a94e5d31-fb25-4315-bb10-194cc21e27ea?sign=a25de1c3&location=https%3A%2F%2F1010--1662370960--a94e5d31-fb25-4315-bb10-194cc21e27ea.stbid.ru%2F%3Fr%3Dhttps%252... https://1010--1662370960--a94e5d31-fb25-4315-bb10-194cc21e27ea.stbid.ru/?r=https%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228	0 0
GET H/1.1	200 OK	i dmg.digitaltarget.ru/awg/custom/6573/i/ Frame 9F96 Redirect Chain https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=e28hksSL7dODYZlIEXIw&i=0.5322812706249322 https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1710499110842&a=662&e=e28hksSL7dODYZlIEXIw&i=0.5322812706249322	49 B 555 B	108ms 55ms	Image image/gif	185.15.175.133 SAFEDATA Uplinks
General Check archive.org Show headers Download Go to Show image Full URL https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1710499110842&a=662&e=e28hksSL7dODYZlIEXIw&i=0.5322812706249322 Requested by Host: uuidksinc.net URL: https://uuidksinc.net/matchx Protocol HTTP/1.1 Server 185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU), Reverse DNS Software nginx / Resource Hash 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language nl-NL,nl;q=0.9 Referer https://uuidksinc.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Fri, 15 Mar 2024 10:38:30 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Content-Type-Options nosniff Server nginx X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Access-Control-Max-Age 86400 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 49 X-XSS-Protection 1; mode=block Redirect headers Date Fri, 15 Mar 2024 10:38:30 GMT Referrer-Policy origin-when-cross-origin, strict-origin-when-cross-origin X-Content-Type-Options nosniff Server nginx X-Permitted-Cross-Domain-Policies master-only X-Frame-Options DENY Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Location https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&ts=1710499110842&a=662&e=e28hksSL7dODYZlIEXIw&i=0.5322812706249322 Access-Control-Max-Age 86400 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 X-XSS-Protection 1; mode=block
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC51	13 KB 5 KB	48ms 30ms	Document text/html	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://crypto-fire.website/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes age 177194 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 13 Mar 2024 09:25:16 GMT expires Thu, 13 Mar 2025 09:25:16 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	closeads.png crypto-fire.website/	1 KB 2 KB	28ms 28ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://crypto-fire.website/closeads.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b67ec35c1ab9f55d944727e00b672483e3942dc5ce350053903bc16f15f543e Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 141391 alt-svc h3=":443"; ma=86400 content-length 1222 last-modified Wed, 06 Jul 2022 13:33:46 GMT server cloudflare etag "62c58f3a-4c6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=01Sr%2F8CZu7f17VVrJeZByER9quDrGt%2Fo%2FxQ7rYtPLgHwcn%2FvLCP%2Fj8ghHJCQsDw2YLZ7CCp0V5s8euqAEFwd4NLkFTmjA%2FDgXH%2BfKdR5e0F%2F8RgvFj0ldjibv%2FwnmSUM3awd622nEe4yETAmewRh3qmY"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=604800 accept-ranges bytes cf-ray 864bdfd18c146648-AMS expires Wed, 20 Mar 2024 19:21:59 GMT
GET H3	200	icon.png cryptocoinsad.com/ads/show/img/ Frame 7861	3 KB 4 KB	26ms 26ms	Image image/png	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cryptocoinsad.com/ads/show/img/icon.png Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b14ef09e5d084f7cb785998d54d37e486619c9b9527e72776a7c9d2b7e85c828 Request headers accept-language nl-NL,nl;q=0.9 Referer https://cryptocoinsad.com/ads/show.php?a=252942&b=398555 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT cf-cache-status HIT last-modified Sat, 29 Jan 2022 11:54:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2270 etag "61f52b0c-ced" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KCfcsMPirWSxgMBleX%2BD6SzT5zlzCjiZLQjfzF2EFWRnI8GJJWsbXiXCoojI0IJsl4gBOLADCyqwXUVPTIxmu%2Bb26zwfYocGXGEDDKCV%2FPqM4eMel44fTVf06tlBOCk7CedVIsXyqS5d%2Fi%2BXZalByg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=10800 accept-ranges bytes cf-ray 864bdfd1a9650e6c-AMS alt-svc h3=":443"; ma=86400 content-length 3309
POST H3	200	message Show response burningpushing.info/api/in-page/	66 B 891 B	62ms 30ms	Fetch application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://burningpushing.info/api/in-page/message?sourceId=51920 Requested by Host: inppmayfinder.info URL: https://inppmayfinder.info/in-page.js?b=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 786f5aa91f7b597a5516bedf8d3a02399179dccace5e720e0e25c0a0dcd6ec8a Request headers Referer https://crypto-fire.website/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Fri, 15 Mar 2024 10:38:30 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jtYOX61Hu10X9gk%2B4%2BEnP4ZReAhCGBK4K6NxgThQa%2FAKMqcft8IJS9IWbLn2HH3pXgve1TjxcfEUrLpE%2FusG8Zo7T9ORd4wIVY1vYkZPoYiKpi50KkKJH1sWqfOcucfTMfQLxxyi1ANYlDwLlfxxrF8"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=UTF-8 access-control-allow-origin https://crypto-fire.website access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfd27a1c6706-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
OPTIONS H2	200	message burningpushing.info/api/in-page/ Frame	0 0	74ms 30ms	Preflight application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://burningpushing.info/api/in-page/message?sourceId=51920 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://crypto-fire.website Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-type access-control-allow-origin https://crypto-fire.website access-control-expose-headers * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 864bdfd20a421c8f-AMS content-encoding br content-type application/json; charset=UTF-8 date Fri, 15 Mar 2024 10:38:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NTRGycC9Q3AJdjEuAEJ4Nwf31pC%2FQ5aG%2B2WxHpsrbayw7aNsq2g9yk1bJvjY7eNEWfn19S%2BzA7ZYFiUw7ZpJwkWfwC374Koxs42UizCU8eHACpz4EElTB79SVkTs4fRIhhwa%2BsznQBI1oAQ9Mb%2FO4taP"}],"group":"cf-nel","max_age":604800} server cloudflare vary -: Origin
GET H3	200	J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response pagead2.googlesyndication.com/bg/ Frame EC51	40 KB 15 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 21:43:35 GMT content-encoding br x-content-type-options nosniff age 46495 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15583 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 14 Mar 2025 21:43:35 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame EC51	0 10 B	20ms 20ms	Image text/plain	2a00:1450:4001:810::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?6UwleQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 10:38:30 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	60ms 58ms	Image text/html	2a00:1450:4001:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=458304205588478&bg=!lJell9jNAAY_ejuoH3o7ADQBe5WfOCtfT8kKEbcJ9hCVTxEm80ix0GKPaIujiKfZoAf0lJxtTSsIJlQP1KPPA84t4kqfAgAAACxSAAAAAmgBBwoAgTEq9khxKP5xv7DqjONqW_4gU3uyxb1qivqwQxgT6czIdM6Hv2WqSUYIHMjKbw5PwV82nUO7c_R3I4zEjtWsbWNBhytQiytUnj5w14iygzJopgsksuJLdq9jxTyzk1nr_XWqfAfC3nVsEPEI7h0Xw7-CnICzhyut5A2WbIUw7VkdOZkC0NgsSIbByCWCVG33zl5LiC7_3yVbUw395I6aREDg5wuPk873zDh8tbWQ65a8xZjdL5ikob9TXaq0RITz92VdnOdSX8iOHV-WwAMK-NIyh3nT12ojbY1CJWnlYLko6flmMXqtBzpjF0RQM01wfX1ltY7qPtc_ltFwa6hLxRCgeF2kopqnqBEjC_oWGAbQI4jVn-Jpyf4p_6C7oZG2R6LNWlM7m4lRLWAQQuBYfapN8g0AUVLFHsreHWPZZBCxiI0u5zywg_YI3YOXqOiV0ndYKtwapM74A6DMf4eZdSPSYGlC3BIe3fyNIpwGrO0NVH3YcYSbbHpGiqHUvk2mUTAwzLzcxXYYKrw90KIs1g1ItZfhlH9ZsWX_xGxRpwbGM9gxhCpPVnzFRdtOCxwtq7An-QjrIe5afeE-0pbv553Q9zumFgnNEwJ62fP8V3hQPyTVb6J59DaZmnjfbltbl8uTrb_6AQr-oa8Ko6MH_avAcrscwTvN5aGEc02i9m5UAKH-kOvTxJ_d5wLF-RrK8tYSC5feuxK9RuNl-3CqntN-eyUrLPBiAxj85nux6m9cMuaEgzCGitoGWhrBxfg72wHkjw6r5UKiR5RTOn_e-lxe-w9NEdKNI1seToOssxarkuLQtOzVR-pCamdirQyFhil-8XjTD1E8nSR2Q_6nFxRjpSdYgKGnjJUYbw3dDUjhfn5BZsr2U7VRkkONqXzVMgB8UyxpeXPsTtaG213nduCNCBy_ftvZbyAIhD5Zp-MYUJIUh0wcZhov9HLcISaQWf4TSIINYEaJKpTZ3I155L5GpUTLNJ-h_vH1n6ZOj9XFc0AsHVt8HmtRXVW9i2c2Go0TOWvABzE4M8DDlj-RozedrD9bx_S8JetTXP4Eta1urMuYBKyYrByPpEs3HUJIhUSmW-JbbWdZHQ_MiibWAlqCngfEyQX1XRbOJIKYnzQOhwnBog Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://crypto-fire.website/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
POST H3	200	message Show response burningpushing.info/api/in-page/	66 B 852 B	35ms 35ms	Fetch application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://burningpushing.info/api/in-page/message?sourceId=51920 Requested by Host: inppmayfinder.info URL: https://inppmayfinder.info/in-page.js?b=12 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 406839356cec6c2f1b39d8ee0ca9adf2a5666561eb91a4f040af998bf4fb9a3d Request headers Referer https://crypto-fire.website/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Fri, 15 Mar 2024 10:38:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary -: Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulwy6J5wFIIubKmi95nCzThP4Har5ATtO1UgAxAnqYvaWvweTYrzr9EK26LGW8eCaKcX1Tl2Q0Ruwn0A1gd%2FBGQS4IQOHkwxRoEYPW7xH4oyhhdN2nRKtaypf%2Fviuj63blUApptnvEb1MOf%2F2DcM5KCb"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=UTF-8 access-control-allow-origin https://crypto-fire.website access-control-expose-headers * access-control-allow-credentials true cf-ray 864bdfe59e706706-AMS access-control-allow-headers Content-type alt-svc h3=":443"; ma=86400
OPTIONS H2	200	message burningpushing.info/api/in-page/ Frame	0 0	26ms 26ms	Preflight application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://burningpushing.info/api/in-page/message?sourceId=51920 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://crypto-fire.website Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-type access-control-allow-origin https://crypto-fire.website access-control-expose-headers * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 864bdfe56ff81c8f-AMS content-encoding br content-type application/json; charset=UTF-8 date Fri, 15 Mar 2024 10:38:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sky5YXk6LidHc2AvZnRdPT2J7trT3KgA7L%2BOomksxIDEBpZFstI1EvbfI6Su3IKxe8A1ysNo1rpgfz70aB7Ngc9xOzRsPvh%2Fq0KvQpAd2b%2FYOJ%2F%2BKDoZG6T0sHtY72mbyXnGcGyDwDisKTfXfajB8fp7"}],"group":"cf-nel","max_age":604800} server cloudflare vary -: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

dmpprof.com

URL

https://dmpprof.com/matching/external/pixel.gif?sid=14&uid=e28hksSL7dODYZlIEXIw

Domain

dmpprof.com

URL

https://dmpprof.com/matching/external/pixel.gif?sid=16&uid=e28hksSL7dODYZlIEXIw

Domain

1010--1662370960--a94e5d31-fb25-4315-bb10-194cc21e27ea.stbid.ru

URL

https://1010--1662370960--a94e5d31-fb25-4315-bb10-194cc21e27ea.stbid.ru/?r=https%253A%252F%252Ftop-fwz1.mail.ru%252Fcounter%253Fid%253D3138228