Submitted URL: http://manicoins.com/home?ada=0&bch=0&bcn=0&btc=0&dash=0&dgb=1&doge=1&entity=323538&etc=0&eth=0&exg=1&exs=1&kmd=0&lsk...
Effective URL: https://manicoins.com/index
Submission: On June 03 via manual from SG

Summary

This website contacted 103 IPs in 11 countries across 91 domains to perform 1101 HTTP transactions. The main IP is 2606:4700:3037::ac43:d4d0, located in United States and belongs to CLOUDFLARENET, US. The main domain is manicoins.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 11th 2020. Valid for: a year.
This is the only time manicoins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 30 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 192.243.59.20 39572 (ADVANCEDH...)
38 85.114.134.182 24961 (MYLOC-AS ...)
32 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
25 188.34.181.16 24940 (HETZNER-AS)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:4780:dea... 204915 (AWEX)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
14 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
7 192.243.59.12 39572 (ADVANCEDH...)
22 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 213.186.33.19 16276 (OVH)
21 5.9.10.165 24940 (HETZNER-AS)
30 2600:9000:21f... 16509 (AMAZON-02)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 88.151.101.1 41075 (ATW-AS)
63 38.122.162.115 174 (COGENT-174)
2 95.211.229.247 60781 (LEASEWEB-...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
19 2a02:2638::3 44788 (ASN-CRITE...)
131 146.185.142.91 14061 (DIGITALOC...)
4 2a00:1450:400... 15169 (GOOGLE)
25 25 52.29.191.126 16509 (AMAZON-02)
2 2 49.12.13.182 24940 (HETZNER-AS)
1 46.105.201.240 16276 (OVH)
3 109.206.162.83 50245 (SERVEREL-AS)
1 192.243.59.13 39572 (ADVANCEDH...)
1 192.99.13.63 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 23.95.12.219 36352 (AS-COLOCR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 185.173.160.143 49981 (WORLDSTREAM)
47 104.16.200.58 13335 (CLOUDFLAR...)
31 52.222.149.125 16509 (AMAZON-02)
2 8.253.204.110 3356 (LEVEL3)
4 5 2606:4700:303... 13335 (CLOUDFLAR...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
30 2606:4700:303... 13335 (CLOUDFLAR...)
2 88.198.68.43 24940 (HETZNER-AS)
36 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 146.59.152.166 16276 (OVH)
1 192.229.233.50 15133 (EDGECAST)
10 8.253.95.111 3356 (LEVEL3)
4 ()
8 2a00:1450:400... 15169 (GOOGLE)
1 1 67.202.114.216 32748 (STEADFAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
15 216.58.212.162 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
44 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638::1c 44788 (ASN-CRITE...)
19 2a00:1450:400... 15169 (GOOGLE)
1 104.111.239.217 16625 (AKAMAI-AS)
5 5 84.200.5.215 31400 (ACCELERAT...)
1 2001:4860:480... 15169 (GOOGLE)
2 2 46.4.41.145 24940 (HETZNER-AS)
2 82.113.101.236 6805 (TDDE-ASN1)
10 2a00:1450:400... 15169 (GOOGLE)
2 2 188.165.137.78 16276 (OVH)
7 2a00:1450:400... 15169 (GOOGLE)
3 216.239.34.21 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
74 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 146.0.227.107 20773 (GODADDY)
17 2606:4700::68... 13335 (CLOUDFLAR...)
3 46.236.13.147 24931 (DEDIPOWER)
2 2a00:1450:400... 15169 (GOOGLE)
3 198.74.54.57 63949 (LINODE-AP...)
9 2a00:1450:400... 15169 (GOOGLE)
2 52.222.149.50 16509 (AMAZON-02)
1 81.29.72.47 24931 (DEDIPOWER)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 52.209.181.46 16509 (AMAZON-02)
3 34.98.67.61 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:1b:... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.222.149.40 16509 (AMAZON-02)
2 198.27.80.143 16276 (OVH)
36 104.21.55.158 13335 (CLOUDFLAR...)
3 151.101.12.193 54113 (FASTLY)
23 52.222.158.95 16509 (AMAZON-02)
2 13.225.87.41 16509 (AMAZON-02)
16 185.33.221.11 29990 (ASN-APPNEX)
4 20 37.157.6.252 198622 (ADFORM)
16 185.184.8.65 204995 (RTB-HOUSE...)
2 2a04:4e42:400... 54113 (FASTLY)
8 52.28.167.150 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 3.123.96.39 16509 (AMAZON-02)
2 2 188.42.191.196 7979 (SERVERS-COM)
1101 103
Apex Domain
Subdomains
Transfer
162 rekmob.com
ads.rekmob.com
adimg.rekmob.com
927 KB
91 mellowads.com
mellowads.com
banners.mellowads.com
1 MB
63 adp3.net
audience.rtb.adp3.net
2 KB
55 adcryp.to
adsrv.adcryp.to
adcryp.to
2 MB
47 yabidos.com
pixel.yabidos.com
459 KB
44 gab.ag
ad.gab.ag
www.gab.ag
439 KB
38 cash-ads.com
g.cash-ads.com
268 KB
36 adhitzads.com
adhitzads.com
p3.adhitzads.com
3 MB
36 glotgrx.com
pre.glotgrx.com
4 KB
34 manicoins.com
manicoins.com
388 KB
32 bitcoadz.io
www.bitcoadz.io
2 MB
30 reklamstore.com
adserver.reklamstore.com
879 KB
29 googlesyndication.com
b5569ccd6b4252b61984ee6fa46dd364.safeframe.googlesyndication.com
ad488a54f79acdbaa437b57ffadb47a0.safeframe.googlesyndication.com
f033022d489e09a13e5d456d6de0c44c.safeframe.googlesyndication.com
30df6e5b426bbf888258c717dfaad4d7.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
128 KB
27 arc.io
arc.io
static.arc.io
core.arc.io
429 KB
25 bidswitch.net
x.bidswitch.net
8 KB
25 gstatic.com
fonts.gstatic.com
www.gstatic.com
1 MB
22 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
640 KB
21 a-ads.com
ad.a-ads.com
static.a-ads.com
1 MB
20 adform.net
adx.adform.net
10 KB
19 criteo.net
static.criteo.net
727 KB
18 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
651 KB
16 creativecdn.com
prebid-eu.creativecdn.com
3 KB
16 adnxs.com
ib.adnxs.com
12 KB
14 gonapysa.xyz
gonapysa.xyz
486 KB
13 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
87 KB
12 gitoku.com
gitoku.com
28 KB
12 runative-syndicate.com
cdn.runative-syndicate.com
lcdn.runative-syndicate.com
49 KB
11 google.com
adservice.google.com
www.google.com
17 KB
10 blogger.com
www.blogger.com
223 KB
9 youtube.com
www.youtube.com
2 MB
8 360yield.com
ice.360yield.com
3 KB
8 recaptcha.net
www.recaptcha.net
71 KB
7 bestdisplayformats.com
www.bestdisplayformats.com
6 adclerks.com
cdn.adclerks.com
swift.adclerks.com
static.adclerks.com
39 KB
6 cryptobrowser.site
get.cryptobrowser.site
tr.cryptobrowser.site
2 KB
6 cloudflare.com
cdnjs.cloudflare.com
38 KB
5 google.de
adservice.google.de
1 KB
5 ycipiwic.xyz
ycipiwic.xyz
5 KB
5 popmyads.com
popmyads.com
65 KB
4 webgains.io
analytics.webgains.io
api.webgains.io
analytics-wg.webgains.io
105 KB
4 webgains.com
track.webgains.com
diapi.webgains.com
54 KB
4 blogblog.com
resources.blogblog.com
456 KB
4 kissanime1.ml
www.kissanime1.ml
23 KB
4 blau.de
partner.blau.de
portal.blau.de
4 KB
4 histats.com
s10.histats.com
s4.histats.com
s4is.histats.com
10 KB
4 googletagmanager.com
www.googletagmanager.com
133 KB
3 imgur.com
i.imgur.com
1 KB
3 mookie1.com
odr.mookie1.com
536 B
3 nmnm.cf
www.vietnamnet.vn.nmnm.cf
30 KB
3 tntn.cf
www.www.baomoi.com.tntn.cf
27 KB
3 lead-alliance.net
www.lead-alliance.net
2 KB
3 criteo.com
gum.criteo.com
4 KB
3 blogspot.com
lovemetome123456789.blogspot.com
29 KB
3 google-analytics.com
www.google-analytics.com
ssl.google-analytics.com
53 KB
2 betweendigital.com
ads.betweendigital.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 sentry-cdn.com
browser.sentry-cdn.com
41 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com
31 KB
2 jsdelivr.net
cdn.jsdelivr.net
15 KB
2 m-t.io
w-it.m-t.io
280 B
2 googleusercontent.com
lh3.googleusercontent.com
lh6.googleusercontent.com
2 KB
2 admixer.net
inv-nets.admixer.net
1 KB
2 erne.co
green.erne.co
605 B
2 telefonica-partner.de
www.telefonica-partner.de
526 B
2 amung.us
whos.amung.us Failed
widgets.amung.us
816 B
2 run-syndicate.com
run-syndicate.com
9 KB
2 cryptobrowser.store
cdn.cryptobrowser.store
221 KB
2 ad2bitcoin.com
ad2bitcoin.com
2 KB
2 oranegfodnd.com
oranegfodnd.com
5 KB
2 splicky.com
bidswitch-eu.splicky.com
450 B
2 realsrv.com
syndication.realsrv.com
4 KB
2 drfrr.org
drfrr.org
56 KB
2 eurosptp.com
jun.eurosptp.com
9 KB
2 ad4mat.net
ad4mat.net
2 bestrevenuenetwork.com
pl15918242.bestrevenuenetwork.com
1 eon.de
htlp.eon.de
351 B
1 awin1.com
www.awin1.com
704 B
1 twimg.com
pbs.twimg.com
71 KB
1 ibb.co
i.ibb.co
997 B
1 maquiags.com
maquiags.com
659 B
1 allorigins.win
api.allorigins.win
1 KB
1 creativeformatsnetwork.com
www.creativeformatsnetwork.com
1 myolnyr5bsk18.com
myolnyr5bsk18.com
41 KB
1 interclics.com
www.interclics.com
779 B
1 cutt.ly
cutt.ly
537 B
1 consensu.org
quantcast.mgr.consensu.org
6 KB
1 cookieinfoscript.com
cookieinfoscript.com
4 KB
1 000webhostapp.com
maniexpress.000webhostapp.com
1 simplebits.io
simplebits.io
294 KB
1 fandmo.com
fandmo.com
15 KB
0 serveur-minecraft.com Failed
serveur-minecraft.com Failed
1101 91
Domain Requested by
131 ads.rekmob.com adserver.reklamstore.com
jun.eurosptp.com
g.cash-ads.com
manicoins.com
www.gab.ag
browser.sentry-cdn.com
74 mellowads.com www.vietnamnet.vn.nmnm.cf
www.www.baomoi.com.tntn.cf
mellowads.com
www.gab.ag
63 audience.rtb.adp3.net manicoins.com
jun.eurosptp.com
47 pixel.yabidos.com adserver.reklamstore.com
pixel.yabidos.com
42 www.gab.ag ad.gab.ag
www.gab.ag
38 g.cash-ads.com manicoins.com
g.cash-ads.com
jun.eurosptp.com
36 pre.glotgrx.com jun.eurosptp.com
g.cash-ads.com
manicoins.com
www.gab.ag
34 manicoins.com 2 redirects manicoins.com
fandmo.com
32 www.bitcoadz.io manicoins.com
www.bitcoadz.io
31 adimg.rekmob.com jun.eurosptp.com
adserver.reklamstore.com
www.gab.ag
30 p3.adhitzads.com adhitzads.com
p3.adhitzads.com
www.gab.ag
30 adcryp.to adsrv.adcryp.to
adcryp.to
30 adserver.reklamstore.com jun.eurosptp.com
manicoins.com
www.gab.ag
25 x.bidswitch.net 25 redirects
25 adsrv.adcryp.to manicoins.com
adsrv.adcryp.to
23 static.arc.io arc.io
static.arc.io
core.arc.io
21 www.gstatic.com www.recaptcha.net
lovemetome123456789.blogspot.com
www.vietnamnet.vn.nmnm.cf
www.www.baomoi.com.tntn.cf
www.kissanime1.ml
www.gstatic.com
www.youtube.com
20 adx.adform.net 4 redirects www.gab.ag
adserver.reklamstore.com
19 static.criteo.net adserver.reklamstore.com
17 banners.mellowads.com mellowads.com
16 prebid-eu.creativecdn.com adserver.reklamstore.com
browser.sentry-cdn.com
16 ib.adnxs.com adserver.reklamstore.com
browser.sentry-cdn.com
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
manicoins.com
15 securepubads.g.doubleclick.net adcryp.to
securepubads.g.doubleclick.net
14 gonapysa.xyz manicoins.com
fandmo.com
gonapysa.xyz
12 gitoku.com fandmo.com
gitoku.com
12 ad.a-ads.com manicoins.com
ad2bitcoin.com
www.kissanime1.ml
www.gab.ag
10 www.blogger.com lovemetome123456789.blogspot.com
www.vietnamnet.vn.nmnm.cf
www.www.baomoi.com.tntn.cf
resources.blogblog.com
www.kissanime1.ml
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
10 assets.ad4m.at as.ad4m.at
10 lcdn.runative-syndicate.com jun.eurosptp.com
run-syndicate.com
10 fonts.googleapis.com manicoins.com
popmyads.com
www.gab.ag
9 www.youtube.com www.kissanime1.ml
www.youtube.com
9 static.a-ads.com ad.a-ads.com
8 ice.360yield.com adserver.reklamstore.com
browser.sentry-cdn.com
8 www.recaptcha.net gitoku.com
www.gstatic.com
manicoins.com
8 ad4m.at g.cash-ads.com
ad4m.at
7 www.bestdisplayformats.com manicoins.com
6 adhitzads.com www.gab.ag
6 www.google.com tpc.googlesyndication.com
www.youtube.com
6 cdnjs.cloudflare.com manicoins.com
static.arc.io
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
5 ycipiwic.xyz 4 redirects fandmo.com
5 popmyads.com jun.eurosptp.com
popmyads.com
4 resources.blogblog.com lovemetome123456789.blogspot.com
www.vietnamnet.vn.nmnm.cf
www.www.baomoi.com.tntn.cf
www.kissanime1.ml
4 www.kissanime1.ml lovemetome123456789.blogspot.com
www.kissanime1.ml
www.blogger.com
4 as.ad4m.at ad4m.at
as.ad4m.at
4 tr.cryptobrowser.site get.cryptobrowser.site
4 www.googletagmanager.com adserver.reklamstore.com
drfrr.org
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 i.imgur.com www.gab.ag
3 odr.mookie1.com manicoins.com
www.gab.ag
3 cdn.adclerks.com www.kissanime1.ml
3 track.webgains.com as.ad4m.at
analytics.webgains.io
3 www.vietnamnet.vn.nmnm.cf lovemetome123456789.blogspot.com
www.vietnamnet.vn.nmnm.cf
3 www.www.baomoi.com.tntn.cf lovemetome123456789.blogspot.com
www.www.baomoi.com.tntn.cf
3 www.lead-alliance.net 3 redirects
3 gum.criteo.com static.criteo.net
3 lovemetome123456789.blogspot.com ad2bitcoin.com
lovemetome123456789.blogspot.com
3 ajax.googleapis.com manicoins.com
2 static.adclerks.com www.kissanime1.ml
2 ads.betweendigital.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 browser.sentry-cdn.com arc.io
2 core.arc.io arc.io
2 ssl.google-analytics.com www.gab.ag
2 s4is.histats.com www.gab.ag
2 arc.io www.gab.ag
2 stackpath.bootstrapcdn.com www.gab.ag
2 cdn.jsdelivr.net www.gab.ag
2 w-it.m-t.io analytics-wg.webgains.io
2 api.webgains.io analytics.webgains.io
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 inv-nets.admixer.net 2 redirects
2 green.erne.co 2 redirects
2 portal.blau.de as.ad4m.at
2 partner.blau.de 2 redirects
2 www.telefonica-partner.de 2 redirects
2 ad.gab.ag ad2bitcoin.com
2 run-syndicate.com cdn.runative-syndicate.com
2 cdn.runative-syndicate.com adserver.reklamstore.com
2 cdn.cryptobrowser.store get.cryptobrowser.site
2 get.cryptobrowser.site manicoins.com
2 ad2bitcoin.com manicoins.com
ad2bitcoin.com
2 oranegfodnd.com www.interclics.com
2 bidswitch-eu.splicky.com 2 redirects
2 syndication.realsrv.com manicoins.com
2 drfrr.org jun.eurosptp.com
drfrr.org
2 jun.eurosptp.com g.cash-ads.com
jun.eurosptp.com
2 ad4mat.net ad4m.at
2 pl15918242.bestrevenuenetwork.com manicoins.com
1 analytics-wg.webgains.io analytics.webgains.io
1 swift.adclerks.com cdn.adclerks.com
1 static.doubleclick.net www.youtube.com
1 diapi.webgains.com track.webgains.com
1 analytics.webgains.io track.webgains.com
1 lh6.googleusercontent.com resources.blogblog.com
1 lh3.googleusercontent.com www.kissanime1.ml
1 htlp.eon.de as.ad4m.at
1 www.awin1.com as.ad4m.at
1 30df6e5b426bbf888258c717dfaad4d7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 f033022d489e09a13e5d456d6de0c44c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ad488a54f79acdbaa437b57ffadb47a0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 b5569ccd6b4252b61984ee6fa46dd364.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 widgets.amung.us popmyads.com
1 pbs.twimg.com ad2bitcoin.com
1 i.ibb.co ad2bitcoin.com
1 maquiags.com 1 redirects
1 whos.amung.us jun.eurosptp.com
1 www.google-analytics.com www.googletagmanager.com
1 api.allorigins.win jun.eurosptp.com
1 s4.histats.com s10.histats.com
1 www.creativeformatsnetwork.com g.cash-ads.com
1 myolnyr5bsk18.com www.interclics.com
1 s10.histats.com jun.eurosptp.com
1 www.interclics.com manicoins.com
1 cutt.ly 1 redirects
1 quantcast.mgr.consensu.org manicoins.com
1 cookieinfoscript.com manicoins.com
1 maniexpress.000webhostapp.com manicoins.com
1 simplebits.io manicoins.com
1 fandmo.com manicoins.com
0 serveur-minecraft.com Failed jun.eurosptp.com
1101 124
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-09-11 -
2021-09-11
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
bestrevenuenetwork.com
R3
2021-04-28 -
2021-07-27
3 months crt.sh
g.cash-ads.com
R3
2021-05-17 -
2021-08-15
3 months crt.sh
adsrv.adcryp.to
R3
2021-05-30 -
2021-08-28
3 months crt.sh
*.000webhostapp.com
RapidSSL RSA CA 2018
2019-06-11 -
2021-07-10
2 years crt.sh
*.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
quantcast.mgr.consensu.org
Amazon
2021-04-24 -
2022-05-23
a year crt.sh
bestdisplayformats.com
R3
2021-05-24 -
2021-08-22
3 months crt.sh
eurosptp.com
R3
2021-05-21 -
2021-08-19
3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA
2020-12-02 -
2022-01-02
a year crt.sh
adserver2.reklamstore.com
Amazon
2021-05-20 -
2022-06-18
a year crt.sh
drfrr.org
R3
2021-05-29 -
2021-08-27
3 months crt.sh
*.rtb.adp3.net
R3
2021-04-30 -
2021-07-29
3 months crt.sh
realsrv.com
R3
2021-05-31 -
2021-08-29
3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-04-14 -
2021-07-12
3 months crt.sh
ads.rekmob.com
Sectigo RSA Domain Validation Secure Server CA
2021-04-30 -
2022-05-08
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
histats.com
R3
2021-05-21 -
2021-08-19
3 months crt.sh
myolnyr5bsk18.com
R3
2021-05-18 -
2021-08-16
3 months crt.sh
oranegfodnd.com
R3
2021-04-03 -
2021-07-02
3 months crt.sh
creativeformatsnetwork.com
R3
2021-05-27 -
2021-08-25
3 months crt.sh
ad2bitcoin.com
cPanel, Inc. Certification Authority
2021-06-03 -
2021-09-01
3 months crt.sh
tr.cryptobrowser.site
R3
2021-05-01 -
2021-07-30
3 months crt.sh
adimg.rekmob.com
Amazon
2021-05-31 -
2022-06-29
a year crt.sh
cdn.runative-syndicate.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-24 -
2021-06-24
a year crt.sh
run-syndicate.com
R3
2021-04-29 -
2021-07-28
3 months crt.sh
*.glotgrx.com
Go Daddy Secure Certificate Authority - G2
2020-12-14 -
2022-01-12
a year crt.sh
ibb.co
R3
2021-04-04 -
2021-07-03
3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-05 -
2021-11-09
a year crt.sh
lcdn.runative-syndicate.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-19 -
2021-06-19
a year crt.sh
misc.google.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA
2020-05-21 -
2022-05-21
2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
gab.ag
Cloudflare Inc ECC CA-3
2020-07-03 -
2021-07-03
a year crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2021-04-14 -
2021-07-12
3 months crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1
2020-04-21 -
2021-07-21
a year crt.sh
htlp.eon.de
GTS CA 1D4
2021-04-08 -
2021-07-07
3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1
2021-01-19 -
2022-02-19
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
www.www.baomoi.com.tntn.cf
GTS CA 1D2
2021-04-25 -
2021-07-24
3 months crt.sh
www.vietnamnet.vn.nmnm.cf
GTS CA 1D4
2021-04-27 -
2021-07-26
3 months crt.sh
www.kissanime1.ml
GTS CA 1D4
2021-04-18 -
2021-07-17
3 months crt.sh
*.blogger.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-10 -
2021-08-02
3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-20 -
2022-06-20
a year crt.sh
cdn.adclerks.com
R3
2021-04-26 -
2021-07-25
3 months crt.sh
*.webgains.io
Amazon
2021-03-12 -
2022-04-10
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-22 -
2022-03-25
a year crt.sh
w-it.m-t.io
GTS CA 1D4
2021-04-09 -
2021-07-09
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-05-18 -
2022-03-26
10 months crt.sh
arc.io
Amazon
2021-04-22 -
2022-05-21
a year crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA
2020-01-15 -
2022-03-16
2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2019-09-16 -
2021-09-20
2 years crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-30 -
2022-04-12
a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-02-22 -
2022-03-26
a year crt.sh
*.360yield.com
Amazon
2020-08-26 -
2021-09-26
a year crt.sh

This page contains 161 frames:

Primary Page: https://manicoins.com/index
Frame ID: 9A45649B650473B080809946BD3BFACE
Requests: 76 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
Frame ID: ED57817BFC338E018051354C19EFA6B5
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0A2190C55C49D2F8FCBF8A5221CD1F69
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: DB1F96F25B02D125876128C1E10FF105
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Frame ID: 761A1E8A3262E1E45BA571D39956256D
Requests: 5 HTTP requests in this frame

Frame: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Frame ID: 772A83D69BE4729A9B0D6073CF50A155
Requests: 234 HTTP requests in this frame

Frame: https://ad.a-ads.com/1483175?size=468x60
Frame ID: 98C784B4CA6F50D9D00F7931960AEF3C
Requests: 3 HTTP requests in this frame

Frame: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: C4F54A6FD36E473BB040660CAD277EFF
Requests: 7 HTTP requests in this frame

Frame: https://jun.eurosptp.com/popmyads.php
Frame ID: 4417DF7212785E70F1E4EDD242C21A9C
Requests: 3 HTTP requests in this frame

Frame: https://serveur-minecraft.com/visit/1638
Frame ID: 8087124E15C0AD85B9C3C011B71326D1
Requests: 5 HTTP requests in this frame

Frame: https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=390758&q=sex&return_url=
Frame ID: C0C2F85BE0134225BDC1483EA4C81CBB
Requests: 1 HTTP requests in this frame

Frame: https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=350536&q=sex&return_url=
Frame ID: 61E456AC32ED730222B9800F2F422AE1
Requests: 1 HTTP requests in this frame

Frame: https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=390225&q=sex&return_url=
Frame ID: 531C368D3056445CBFAF6E81A50CEEEA
Requests: 1 HTTP requests in this frame

Frame: https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=360233&q=sex&return_url=
Frame ID: 17855E54EA38C72609B748B20D2D116C
Requests: 1 HTTP requests in this frame

Frame: https://www.interclics.com/cinema.php
Frame ID: C716AE99D0FB47B19F59E9F31E5F74C9
Requests: 4 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFTsEnlAWHZu76whkco5rMtc%3D
Frame ID: A99D2FBE885558DC45A52D7ACACA03E6
Requests: 6 HTTP requests in this frame

Frame: https://syndication.realsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=3981938&2f0c2af9d35a1a2cdde21db2fe9eb7be=tsVuZ8uHLjt4dtvDnq4dfXLv658tdlTlK8E.fjzu5dPO7t03ce_HW1NZLXThmACjrgbjYlesYecz6cddUFbi781VcrEjmbDdkdckzMEbldLDrsDW5qaTXA2w3a5TXBU5Tnz6eO3LhrgbnsZjgqfcpz78OnTn01wN1QVuZ.O_Xzx8a4G8ZpXM.fnxx88_GuBtpitx6anDPrw8a4G2mJJ2IHpc.nHpw78O2uBu1imBiuCaXPp158fPTly1wNzVZ9OGuBtmma6pynPlrgbbctgacz4a4G2mKaYHKc.GuBuCqfPv0466rGc.Gu1iOxzPhu4cOHXXPYzHBU.5SvSxW5n34a57GY4Kn3KV2rKaXJWsMwUTtbTEk7ED0q7VlNLkrWGaJ4Gty9p9iV5xeuZeexmOCp9ynPhu8cunXW5e0.xK84vXMvK5XdNTFnx1sNr14TuZ8.Ot2amRivPXA3K5XdNTFnx1tTWS104LzUwPQSsR5gAo636651713ZqbmKW3G13Zqc9cDc9MzdjVa7TFbj01OGfHtrnpgagleXkmbcjz6a36656s.OupqlxyVelyqaOyuCaXPXZU5SvA3nw12UxrvsVP582mm.Hjt2dd4Otu8fLPjxw88XOfPh26M9uvjXBJPS5VVBNKvVWxXZVnw1wST0uVVQTSrwS2sRwNr0uMVTS58tdLjrlLlK9UFbi781VcrEjmcNku5yymaqeufc1NJrYbZjmaiz4a4G5nXXKc.GuBuNiVuCV5edh5zPhrcvcasrgmlXrgkcz4buHHXA22xWw05LW5Tny1wNtMU0wOUr1TWUtOZ8Ncs1TVME9efDXBK1M9LBXMvJM25nw11uVVryTNuZ8NdLj0E0q7zk0rEji8DefLz14cevfXPTNfgvVWxXZVnt464G52Ka5XKc.GtqCvBd5yaViRxeBvPl568OPXzrlcrYasgrwXnpmvwXrwnczfmqrgle1yuVsNWQV4Lz0zX4LtuVNUwT1wTS52zy62G2Y5mol7XKc9cEk9LlVUE0q7Eca8EtrEcDa9LjFU0tWfLXVYzyz4a6rGeefDXU1TBPWvXhO5nrqapgnrXlYkcz11NUwT1r2uU562aZrqnKV7XKc_HnXbTnw1wS1uUysR58NcDdLlU80tUFri8bGE1lefDXA3JZHXBjNK5nw12VOUrtMTzwSvZ8tdlTlK7TE88Ery7tLlFjkrWGfHp04a7bLIG8.Pbly78eXTry48enfry4ceHjtwZ8McPHRny627rrgkcqrYknz49uXLvx5dOvLW1NNFA41NLU5LXnxg
Frame ID: 4E2B86E069D1D188B93315740780197A
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg5Nu8vmjovgBg34epUAupck%3D
Frame ID: 1C28A8DF2053EF2045C3F78F948F5510
Requests: 7 HTTP requests in this frame

Frame: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: 9961DADAE37503CAFADCD738AA1657F2
Requests: 7 HTTP requests in this frame

Frame: https://ad.a-ads.com/1483177?size=300x250
Frame ID: EF977F026D68DE3A15BB9FAD546F64FE
Requests: 3 HTTP requests in this frame

Frame: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: 33FA32827AF813972E99411CFCE6A384
Requests: 7 HTTP requests in this frame

Frame: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: 8374585713121076C9707B0948978E17
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 58631E5A13587FFD2A28281597489B4F
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: EBED898672A3735B4F88E1E12E2C2E1C
Requests: 1 HTTP requests in this frame

Frame: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: 10873CD635280E5C8EC6369BFB639F8A
Requests: 5 HTTP requests in this frame

Frame: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: 0D6711A5805CC3CBA0572A3CF8E24D55
Requests: 6 HTTP requests in this frame

Frame: https://ad.a-ads.com/1483175?size=468x60
Frame ID: 1B18F46A33896098CA0C07124982603A
Requests: 3 HTTP requests in this frame

Frame: https://ad2bitcoin.com/ad.php?ref=treckg&width=468
Frame ID: B86888E2E4F25F56865ADED6BD15EE6C
Requests: 3 HTTP requests in this frame

Frame: https://get.cryptobrowser.site/pb/4/21321262/634/?t=simple,text,pro,mobile&l=en
Frame ID: EFF526346FB50C4D0026F0916EFFD7B4
Requests: 3 HTTP requests in this frame

Frame: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: 2A4553AF26A7AD5F175E93246EE28E1D
Requests: 7 HTTP requests in this frame

Frame: https://ad.a-ads.com/1483177?size=300x250
Frame ID: C8B489E9DD35C1FBC72C3FD13D92B330
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: 0995466CBB9AE57CE64C015E93E83C44
Requests: 2 HTTP requests in this frame

Frame: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Frame ID: DAFD44D1046D866A86A46E07DE9BE1E5
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1483177?size=300x250
Frame ID: 72493B20F1C782A3867EDC00EB3E5BDC
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
Frame ID: 54B2BFFA05E608C3740C3FCB4FD5BC59
Requests: 6 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
Frame ID: 539C5216E0AD15C19DCD2B69070C9967
Requests: 5 HTTP requests in this frame

Frame: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: 59752FA6134CF6BC9A70750BD912CDC9
Requests: 5 HTTP requests in this frame

Frame: https://get.cryptobrowser.site/pb/6/21321262/337/?t=simple,text,pro,mobile&l=en
Frame ID: B7F1311D229636FA70941DF1735E5652
Requests: 3 HTTP requests in this frame

Frame: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: 86277C9A24121C8CB7C4817A2DAF8484
Requests: 7 HTTP requests in this frame

Frame: https://gitoku.com/register/_fa7cdd4c68507744/alTW65lU3KHNbsyG74sOj_GLMQM22g/HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
Frame ID: E5E34A915B3D54A587326A394B1E38CB
Requests: 1 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: 95B125FE1267A4E6EEC32053E46DBE4D
Requests: 2 HTTP requests in this frame

Frame: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Frame ID: 2CBF919662EB95691F273EB6AA9C95E9
Requests: 6 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Frame ID: 2FB4427E9E483EDE93AC5D720751B108
Requests: 2 HTTP requests in this frame

Frame: https://popmyads.com/404?dsc6123
Frame ID: AD3DDF100F52AFBFD8BA92F46FBFB679
Requests: 7 HTTP requests in this frame

Frame: https://ad2bitcoin.com/adqlt.php?ref=treckg&keycode=1628
Frame ID: D2672C104BE7D92E5198951C34B33040
Requests: 1 HTTP requests in this frame

Frame: https://adcryp.to/?utm_medium=cpc_f9745d3ab5f5df1bade9944dd59c6277
Frame ID: C304B3D9CDF44200DAF150BCF6B03C99
Requests: 11 HTTP requests in this frame

Frame: https://gitoku.com/re/daf781982c3153056d2eb27362147e19/6b1df04a.html
Frame ID: 1BF962A5AC89386467DD01BA38A6BD25
Requests: 4 HTTP requests in this frame

Frame: https://gitoku.com/fg/daf781982c3153056d2eb27362147e19/cf67e77d.html
Frame ID: 5001E9E0953915F81C48BBFF4133CC23
Requests: 3 HTTP requests in this frame

Frame: https://adcryp.to/?utm_medium=cpc_e980f5893d154b97eb8baa36a3c01331
Frame ID: 5B257900B6E938AA7E82E2A2CAEAC715
Requests: 12 HTTP requests in this frame

Frame: https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
Frame ID: 2B66CE6E8DC2600160BE59DF68C0CAD1
Requests: 12 HTTP requests in this frame

Frame: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Frame ID: 275CD0069E7EE0109FAF1B0CA17CC29D
Requests: 12 HTTP requests in this frame

Frame: blob://https://manicoins.com/a6a7231f-ebfd-4a3a-97c1-b5bbfb911cf9
Frame ID: EFFD22D2DC5B07AAE33100F1BCBE03B6
Requests: 1 HTTP requests in this frame

Frame: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Frame ID: B7DDF20E94C0E131F7298B9F3E4BC623
Requests: 5 HTTP requests in this frame

Frame: blob://https://manicoins.com/fa52acc4-5ee0-4ab5-b0bb-d6cf4431e74b
Frame ID: 8D6D47C06AEB5CB366FC3686BF33F60C
Requests: 8 HTTP requests in this frame

Frame: https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
Frame ID: E794AFBE968CE95EE49C8FFBCB010EB3
Requests: 11 HTTP requests in this frame

Frame: https://www.gab.ag/index.php?view=register
Frame ID: 36591C81009C6A0C5B7FE0FBE356388E
Requests: 120 HTTP requests in this frame

Frame: https://lovemetome123456789.blogspot.com/
Frame ID: 8BCAA73338CBAA15A6CF92DB8D77E6D0
Requests: 7 HTTP requests in this frame

Frame: https://www.gab.ag/index.php?view=register
Frame ID: CF4C1E6404FF17D1B7447D170D4F7009
Requests: 110 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=buqr1ueee1g7
Frame ID: 1059547005F7683A095F76902CADC554
Requests: 5 HTTP requests in this frame

Frame: https://f033022d489e09a13e5d456d6de0c44c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 4DB46FD39154D052FEBA17CA27A7FB25
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Frame ID: CD343BD633AA88B5B9A587CFE8DBBEC9
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manicoins.com
Frame ID: 7253B71C59220D6383871B7D666A3301
Requests: 1 HTTP requests in this frame

Frame: https://gonapysa.xyz/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=5c9e8c45736ae807509a288de6f33402&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Frame ID: 648923FF2B12C6B2C8538412DEC76280
Requests: 3 HTTP requests in this frame

Frame: https://www.www.baomoi.com.tntn.cf/
Frame ID: F20921057C4C43647A5493F7696E333A
Requests: 8 HTTP requests in this frame

Frame: https://www.vietnamnet.vn.nmnm.cf/
Frame ID: AC6A38CD7DD4D58B0A1E651DC5DE8DF7
Requests: 8 HTTP requests in this frame

Frame: https://www.kissanime1.ml/2020/11/amv_25.html
Frame ID: F5322A180A8541ECABF12013CF37EC64
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7C5FE352568E8F4CB390386069A46025
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 36016AE86548123FF028A80541BB3823
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 868D41155ECA5723C4D2FB93DFF9133D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55C01F6919217FFBD3EA63F52EEC158C
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1110727?size=728x90
Frame ID: 744465BED5C4DFCC1653D40960F41B8A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 613BFC49F35E5DDE3CCFBE4109AE968D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ADC1FE81096F3A4621EBF50A342E7BEB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: A901E625BB5EB8275D598D99BCF5DCFE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EEC805C949B0732BAB53D0AB24FB3E0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5915E0AE43137C0369ED24D3D7F544EA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CE72F12DDEF0361FA172FCE663AA528
Requests: 1 HTTP requests in this frame

Frame: https://mellowads.com/view/F153A28D15CE
Frame ID: 72DE85B63969BEA2B34B8760EA7E2102
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/FA91F4BB821F
Frame ID: 608A5D7027EB8D3380E1DDB071EBE33A
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/335D3A8A3007
Frame ID: 2C7D3243F4E126D91064BFAAA433C699
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/0538B66CECD2
Frame ID: DD316D4F66BFF47D04270CB4E2DAC528
Requests: 3 HTTP requests in this frame

Frame: https://mellowads.com/view/FD623390B1FD
Frame ID: F2E213322263F4C27D388BC38D2EEA31
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Frame ID: BD5619ECA7D36D65A815D2CE2C405EF7
Requests: 16 HTTP requests in this frame

Frame: https://gitoku.com/register/xc449bad4854773ff/VGOe3fHAGuZBRODvqzJivzbs-VLOwA/HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
Frame ID: 9F5C497C499F43F0B59C132478AD8E95
Requests: 1 HTTP requests in this frame

Frame: https://mellowads.com/view/E3ED2177086A
Frame ID: 0012754BAEE43BC7EF4E1C1E939ACB95
Requests: 3 HTTP requests in this frame

Frame: https://mellowads.com/view/70C484EDA031
Frame ID: C45BFCAB382228E85FD828CDFBE63A2B
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/C44DA330A4A4
Frame ID: 810A31FBDA02BC968084A63B3E24408B
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/260544E8445E
Frame ID: FB7164BF4E7CEBE5C9D62CFCBB8C87D8
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/D422DDD74C99
Frame ID: 63DE5565B564B63594899E1E6CEF994C
Requests: 4 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Frame ID: 948AF0A801DD3D3F421BFD74CA1B6935
Requests: 2 HTTP requests in this frame

Frame: https://gitoku.com/re/684486db7b6a0bb2d2198d524ab85989/16a932fa.html
Frame ID: 628E4A02D3F8737EE213CCEDCDB9EEC4
Requests: 4 HTTP requests in this frame

Frame: https://gitoku.com/fg/684486db7b6a0bb2d2198d524ab85989/e3cd8146.html
Frame ID: 0796BB3DCF2F1FF332B0E6833441FE2A
Requests: 3 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: 6FC1F411DBC39D72478F6A754CE38CDF
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/962757?size=468x60
Frame ID: 47218CFD41606D70F6576EF858B624E3
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/962758?size=728x90
Frame ID: DDDCB566C3021AA6844D1379B18C0513
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/4SXG17wiPzQ
Frame ID: 4ABEB44A7F32CE0E8EF6B4EFC4E21AF3
Requests: 14 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: 12C3858E86AFA3C78115095126184665
Requests: 2 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=u31bif2gtaj
Frame ID: A061EADE0BBB7533343FBB8F9B0EF785
Requests: 5 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Frame ID: 1994D3CF9058D62AABA72DBE0C99D109
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/3e98d504e9b649c4b90348dbd73ebf0a
Frame ID: D661CDA411C8DCDC9A02E31F7F40F749
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: BB795CDEEA0A22B98C2567D01AECE2A0
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/860840?size=468x60
Frame ID: 3DCE909A740115EA5C4E56883A58FCB2
Requests: 2 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: 757A76675BA0331C3F4C60541B3291CC
Requests: 4 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?c6b0387
Frame ID: D41C467DF731C1D5F2E9496CE1F47DCD
Requests: 6 HTTP requests in this frame

Frame: https://p3.adhitzads.com/60b8a08aee920744201190ggab.ag186931
Frame ID: 474941746B2B3327A482DC87994415E5
Requests: 2 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: 1AE5ABCA2A7913FFD0EAA7EEEE162A36
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: B5C75E98F109E8E0C2970DB98097567D
Requests: 3 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: 289AE5AD6F105B326678126FDA24E52B
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/B8AE533AA3BB
Frame ID: 9493EBE1FAC92DC3FC8DA703DB0322AD
Requests: 4 HTTP requests in this frame

Frame: https://p3.adhitzads.com/60b8a08b1175c382537204ggab.ag186931
Frame ID: 2CEBF17078BCDD439BBD83E9A1211352
Requests: 2 HTTP requests in this frame

Frame: https://mellowads.com/view/B8AE533AA3BB
Frame ID: F366F70392B80C738C791C4C9C78857E
Requests: 4 HTTP requests in this frame

Frame: https://ad.a-ads.com/1410164?size=728x90
Frame ID: 38126F01A7378ED5CF3C047027ECED4B
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: BBF014C257137A7F8B3DBBF8E3F2FB90
Requests: 2 HTTP requests in this frame

Frame: https://p3.adhitzads.com/60b8a08b38990907263349ggab.ag186931
Frame ID: 88413782B85277455450D3BD2C72382F
Requests: 2 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: 88FFFB43FA103D1CB51E46B49ED8A217
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manicoins.com
Frame ID: 1C39C1202F7957B152FD393317876746
Requests: 1 HTTP requests in this frame

Frame: https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Frame ID: 0C011F05D6899C2C362C9ADD8B857B21
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Frame ID: 89EE3B45374CCB9E8DD531FF2BC3CEA1
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/1639873e3dee4c7592212204b62bbbf4
Frame ID: BA876261474219F69B4CF4E56ED6F015
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/0a6ae0abcb30465ab37c829b201d09a1
Frame ID: 6A15D59EF0578C723062828D9F8AAF00
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Frame ID: B1D65B54F84BDD4FDB1260139CC54371
Requests: 2 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?c6b0387
Frame ID: ADECB086AEB285DE12AA839F8C369F4D
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?c6b0387
Frame ID: 7E1FDF85D49DDD38D37BCAF74EF2C0CB
Requests: 9 HTTP requests in this frame

Frame: https://ad.a-ads.com/860840?size=468x60
Frame ID: F1E6D03B3B831F6B437D6F2CF43D7DB9
Requests: 1 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: 30C6325315B932ECB6F79C1561C76959
Requests: 3 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?c6b0387
Frame ID: A4B0C1959007E285136ABAF6772241D5
Requests: 5 HTTP requests in this frame

Frame: https://p3.adhitzads.com/60b8a08ce6b0a297933852ggab.ag186931
Frame ID: C39A297E67613FCC273CB5E05F51675A
Requests: 2 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: D5057F35E8814EE533599BCF5D238AB6
Requests: 3 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: 0E70C6999A485C500B48A890C109B35F
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: A8EA68B561A355BFDED7C41D2BE1D0A6
Requests: 4 HTTP requests in this frame

Frame: https://mellowads.com/view/B8AE533AA3BB
Frame ID: 46639803A29B8D225790058E1957AA6E
Requests: 4 HTTP requests in this frame

Frame: https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Frame ID: 2B36C564F4A2512300C7E95C756252E2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Frame ID: 4658FBDC1229391940BADCC321303DF7
Requests: 2 HTTP requests in this frame

Frame: https://p3.adhitzads.com/60b8a08d0621b957325805ggab.ag186931
Frame ID: 23F90079431E94A1464F5F027F0B3E71
Requests: 2 HTTP requests in this frame

Frame: https://mellowads.com/view/B8AE533AA3BB
Frame ID: 24FAB08B624EE93331FDCE59EE542621
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1410164?size=728x90
Frame ID: D97CB3F33151FAA3A149EBF3EB96EC6F
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: C85267C13DDD4574D172C7938E7BFD10
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: AA28297B892E9EE59434C785DBB33826
Requests: 2 HTTP requests in this frame

Frame: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Frame ID: E444401D0B3E3CA8D33A2CC45FCE5201
Requests: 6 HTTP requests in this frame

Frame: https://p3.adhitzads.com/60b8a08d256e1252912765ggab.ag186931
Frame ID: AD279171AACDB3223A4D86218CCC827C
Requests: 2 HTTP requests in this frame

Frame: https://mellowads.com/view/A860A4556C60
Frame ID: BC7B73E8E502ADC48931CE1E7686D872
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manicoins.com
Frame ID: 980D537F0CF692DB90B8DFCDBA0A7303
Requests: 1 HTTP requests in this frame

Frame: https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Frame ID: 19BFE8683CC37D75800A81C6FF1F10C9
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Frame ID: 2E48BD522017E94DA254E23E360C9A89
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Frame ID: 5553EDB6C20510FCEC9B9F8DB28DB091
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/1639873e3dee4c7592212204b62bbbf4
Frame ID: 48A0F8CB239FC6E40DD58D5C81F80760
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/0a6ae0abcb30465ab37c829b201d09a1
Frame ID: EB2CFF7ABD5A2CB14E61EBC447896940
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/0a6ae0abcb30465ab37c829b201d09a1
Frame ID: E4C867F46237C05F5EBFA5480F888A40
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/1639873e3dee4c7592212204b62bbbf4
Frame ID: BF605B145F210220A986D52F3247C487
Requests: 2 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?c6b0387
Frame ID: A511197769EFA3DC94860ECB67A6D54A
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?c6b0387
Frame ID: 9DA60E80E9F243D67618674ED833B299
Requests: 9 HTTP requests in this frame

Frame: https://adimg.rekmob.com/2e630aeb4a40478e989c620cb82e8065
Frame ID: 9B433D5968E6A0A7C3E18736BF681BC9
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Frame ID: 85AEF0FD29D55B3B9F5EBC18A8E914EB
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: 22CA60280014892BEC625C05B6317064
Requests: 2 HTTP requests in this frame

Frame: blob://https://manicoins.com/07db0740-1104-4ab9-a3a3-62b6491ee753
Frame ID: 57D68AAC33E783129A32EFC5F5D2F468
Requests: 1 HTTP requests in this frame

Frame: blob://https://manicoins.com/3d766c20-d94e-41c6-9d88-6c7d03725ebd
Frame ID: 5E4FA88C54356F7B9FD5DBC0621F45DA
Requests: 8 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Frame ID: 5DAF624EDA2B293AB752C7AD94D4A28C
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Frame ID: D329A836B6FF95ED1D6F5F0AFD754011
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Frame ID: D5AE58CBC176519DFFD8AF5974F97758
Requests: 2 HTTP requests in this frame

Frame: https://gonapysa.xyz/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=372b40753430073abe9596a0e2b1de02&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Frame ID: 8B237F3D57776D36EF8E05FC6AC473EF
Requests: 3 HTTP requests in this frame

Frame: https://gonapysa.xyz/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=f68bc2b2a54247eff7b4a69fb33db602&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Frame ID: D241D131987D1B95D2AC93C975E29EE7
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://manicoins.com/home?ada=0&bch=0&bcn=0&btc=0&dash=0&dgb=1&doge=1&entity=323538&etc=0&eth=0&e... HTTP 301
    https://manicoins.com/home?ada=0&bch=0&bcn=0&btc=0&dash=0&dgb=1&doge=1&entity=323538&etc=0&eth=0&e... HTTP 302
    https://manicoins.com/index Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

1101
Requests

100 %
HTTPS

54 %
IPv6

91
Domains

124
Subdomains

103
IPs

11
Countries

20507 kB
Transfer

35451 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://manicoins.com/home?ada=0&bch=0&bcn=0&btc=0&dash=0&dgb=1&doge=1&entity=323538&etc=0&eth=0&exg=1&exs=1&kmd=0&lsk=0&ltc=0&neo=0&pivx=1&pot=0&ppc=0&rdd=1&strat=0&trx=1&vtc=0&waves=0&xmr=0&xrp=0&xtz=0&zec=0 HTTP 301
    https://manicoins.com/home?ada=0&bch=0&bcn=0&btc=0&dash=0&dgb=1&doge=1&entity=323538&etc=0&eth=0&exg=1&exs=1&kmd=0&lsk=0&ltc=0&neo=0&pivx=1&pot=0&ppc=0&rdd=1&strat=0&trx=1&vtc=0&waves=0&xmr=0&xrp=0&xtz=0&zec=0 HTTP 302
    https://manicoins.com/index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://cutt.ly/traficboost10 HTTP 301
  • https://drfrr.org/?https://serveur-minecraft.com/visit/1638
Request Chain 157
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=4c8f462f-cf96-42da-859f-dbce3cb7587f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=reklamstore&expires=10&bsw_param=4c8f462f-cf96-42da-859f-dbce3cb7587f HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=4c8f462f-cf96-42da-859f-dbce3cb7587f&d=1
Request Chain 223
  • https://ycipiwic.xyz/supply/register?iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg HTTP 302
  • https://gitoku.com/register/_fa7cdd4c68507744/alTW65lU3KHNbsyG74sOj_GLMQM22g/HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
Request Chain 252
  • https://maquiags.com/gget HTTP 302
  • https://popmyads.com/404?dsc6123
Request Chain 297
  • https://whos.amung.us/swidget/popmyads404.png HTTP 307
  • https://widgets.amung.us/small/10/1098.png
Request Chain 316
  • https://drfrr.org/r?https://serveur-minecraft.com/visit/1638 HTTP 302
  • https://serveur-minecraft.com/visit/1638
Request Chain 386
  • https://www.lead-alliance.net/tpv.php?t=112510V1336136824M&subid=oneidBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2eoneid__cash_ads_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://htlp.eon.de/htlp?mc=0112012000&clid=2021060311273451046878069X112510V1336136824MSoneidBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2eoneid__cash_ads_advancedad_300x250
Request Chain 389
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1oneid__cash_ads_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1oneid__cash_ads_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021060311273451046878141X117663V1225131106MSoneidpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1oneid__cash_ads_advancedad_300x250 HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021060311273451046878141X117663V1225131106MSoneidpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1oneid__cash_ads_advancedad_300x250&wfid=117663
Request Chain 399
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=fBAjqPoryOd3DvlZHVzVW6gX&ssp=reklamstore HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=1aab0b59-f95d-47fd-85d8-253da203c330&d=1
Request Chain 405
  • https://ycipiwic.xyz/l/n/view/3a2db37268054d83a824c574304f2432?r=aHR0cHM6Ly9nb25hcHlzYS54eXovdmlldy9kZmI5ZTc0Y2MwZTI0NTJkYjYxMzBjMjliZmNlMmM0MA&cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg HTTP 302
  • https://gonapysa.xyz/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=5c9e8c45736ae807509a288de6f33402&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Request Chain 455
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dreklamstore%26bsw_param%3D1aab0b59-f95d-47fd-85d8-253da203c330%26gdpr%3D%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=3e28662e6a904fde87a622e0ec4467b3&ssp=reklamstore&bsw_param=1aab0b59-f95d-47fd-85d8-253da203c330&gdpr=&consent=&gdpr_pd= HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=1aab0b59-f95d-47fd-85d8-253da203c330&d=1
Request Chain 486
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwkoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwkoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021060311273551046878685X117663V1225131106MSoneidZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwkoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60 HTTP 302
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021060311273551046878685X117663V1225131106MSoneidZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwkoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&wfid=117663
Request Chain 569
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 593
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=fBAjqPoryOd3DvlZHVzVW6gX&ssp=reklamstore HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Request Chain 610
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
Request Chain 665
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=0ebff9c7-3916-4d23-97e4-11820ec31688 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=reklamstore&expires=10&bsw_param=0ebff9c7-3916-4d23-97e4-11820ec31688 HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Request Chain 707
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dreklamstore%26bsw_param%3D0ebff9c7-3916-4d23-97e4-11820ec31688%26gdpr%3D%26consent%3D%26gdpr_pd%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=46edafa990074ca6a70337ac1c3a1934&ssp=reklamstore&bsw_param=0ebff9c7-3916-4d23-97e4-11820ec31688&gdpr=&consent=&gdpr_pd= HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Request Chain 717
  • https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__mM7yJ5IJrKB2NAQjHURZ HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__mM7yJ5IJrKB2NAQjHURZ
Request Chain 722
  • https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__NrSMjgQM1PBgMfk38alt HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__NrSMjgQM1PBgMfk38alt
Request Chain 726
  • https://adx.adform.net/adx/?rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__YUjeXDyHBoY1Dr8ZTJiS HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__YUjeXDyHBoY1Dr8ZTJiS
Request Chain 730
  • https://adx.adform.net/adx/?rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__0CX7zWehZwTJIDEev1mU HTTP 302
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__0CX7zWehZwTJIDEev1mU
Request Chain 758
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
Request Chain 862
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=0ebff9c7-3916-4d23-97e4-11820ec31688 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=0ebff9c7-3916-4d23-97e4-11820ec31688 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=feea779a-7ac3-4b45-b72b-b332681875a7&ssp=reklamstore&expires=30&user_group=5&bsw_param=0ebff9c7-3916-4d23-97e4-11820ec31688 HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Request Chain 911
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Request Chain 1052
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Request Chain 1064
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
Request Chain 1089
  • https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dreklamstore%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dreklamstore%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4c9b14e6-e8b4-529a-ad5c-6efecde4ce6e&ssp=reklamstore&expires=30&user_group=1 HTTP 302
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=c512b3ac-7992-45ba-8538-0c578ecfdd2c&d=1
Request Chain 1132
  • https://ycipiwic.xyz/l/n/view/0141d608cacb483e96fdc1acef2fe047?r=aHR0cHM6Ly9nb25hcHlzYS54eXovdmlldy9kYWMyNjJlNWVlZjQ0MGIzYTY4ZGY0ODA0ZDlkYjVhNg&cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg HTTP 302
  • https://gonapysa.xyz/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=372b40753430073abe9596a0e2b1de02&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Request Chain 1133
  • https://ycipiwic.xyz/l/n/view/838b9f75666b4d6da49e83f4096f9bdb?r=aHR0cHM6Ly9nb25hcHlzYS54eXovdmlldy8xNGE0MTNlYTE3Yjg0MDZjOWM5YTQ5MzhhY2JiMzc2Yw&cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg HTTP 302
  • https://gonapysa.xyz/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=f68bc2b2a54247eff7b4a69fb33db602&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg

1101 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index
manicoins.com/
Redirect Chain
  • http://manicoins.com/home?ada=0&bch=0&bcn=0&btc=0&dash=0&dgb=1&doge=1&entity=323538&etc=0&eth=0&exg=1&exs=1&kmd=0&lsk=0&ltc=0&neo=0&pivx=1&pot=0&ppc=0&rdd=1&strat=0&trx=1&vtc=0&waves=0&xmr=0&xrp=0&...
  • https://manicoins.com/home?ada=0&bch=0&bcn=0&btc=0&dash=0&dgb=1&doge=1&entity=323538&etc=0&eth=0&exg=1&exs=1&kmd=0&lsk=0&ltc=0&neo=0&pivx=1&pot=0&ppc=0&rdd=1&strat=0&trx=1&vtc=0&waves=0&xmr=0&xrp=0...
  • https://manicoins.com/index
49 KB
16 KB
Document
General
Full URL
https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
fbdddb5e70d9800200b82335264d5cb47635b4938c9a6a8e2d8a0711e7bd9756

Request headers

:method
GET
:authority
manicoins.com
:scheme
https
:path
/index
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
0a72cc16c600006431dd341000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VNFgRqm%2BTyXHUXqtcg7QOReQt%2Bk3SL4WabylU4aBKCnF1HCvwAi9xtr%2F5xv0HEMLuwNTnhR5K2fB0yJTGFDWkxkrp%2FL2XwBoJ3RT3Ycpt2KhtdCoqL8KviLb8dwouRwHHi4gJyHcKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2d138a66431-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 03 Jun 2021 09:27:30 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34
set-cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
location
index
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
cf-request-id
0a72cc14af0000d6b91d015000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vdy4eDGJC4gLFbs4Ep7UbSVINxMeR4PBJEsLM3%2BbHpR4CDutYU88opjzZrqGMLfh4lIuyJF7Nxs20PFZd7Z39d2d76I74y2pN5oVuhNVDDDTznM7nVK%2Fn72iZqej5npWL0D7sIVXOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2cdd898d6b9-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bootstrap.min.css
manicoins.com/assets/css/
118 KB
18 KB
Stylesheet
General
Full URL
https://manicoins.com/assets/css/bootstrap.min.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Request headers

:path
/assets/css/bootstrap.min.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
365095
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d400006431d39de000000001
last-modified
Fri, 27 Nov 2020 05:45:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gb%2BI0MTQQfDgloqRCOG2%2FvuJhb1jUYk4MCMYoWAQc6jWFs2XEhCn6x2oRR8rraC8%2FObLhnDZ1ewQrfMKlKHOI%2FQft926S75vMAhXZNeWHhz8SiemqeH6L0lNxol9PIPiosO%2BW7azpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a116431-FRA
expires
Sun, 06 Jun 2021 04:02:36 GMT
bootstrap.min.css
manicoins.com/css/
111 KB
17 KB
Stylesheet
General
Full URL
https://manicoins.com/css/bootstrap.min.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a

Request headers

:path
/css/bootstrap.min.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
484698
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d50000643198aa3000000001
last-modified
Fri, 27 Nov 2020 05:42:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N7BjAB3YWcCAWJsYwcNa6KBJvuq5ECv1P0DIDQZ21CTmGJiXtlgb0jWE%2Bi74k58ixMWpgdfqk5mtfonUp8bcNsyUCs1pOJyHTGbJArIYq7PLkUJqPYer0Mjn7XAqsR749s6RcqnsPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a126431-FRA
expires
Fri, 04 Jun 2021 18:49:13 GMT
font-awesome.min.css
manicoins.com/css/
21 KB
5 KB
Stylesheet
General
Full URL
https://manicoins.com/css/font-awesome.min.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Request headers

:path
/css/font-awesome.min.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
496831
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d70000643198aa4000000001
last-modified
Fri, 27 Nov 2020 05:43:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w%2FPfUon55USr2jg69GBUP9GQA5lkW1RJ9d2TYnO8YDRlKL4R%2BUk26ovhNVP%2F4YlMKFDXckdM3f3%2FS5VocPbDgmr9kNqWougtLc8MD31c1Q6MTVgJPGt8lJsejhPHRgMpbxFmsOimTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a136431-FRA
expires
Fri, 04 Jun 2021 15:27:00 GMT
main.css
manicoins.com/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://manicoins.com/css/main.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f0d2b1936c5afce74ffb140ba5329a616fee931c9d2df3cb2d02ce56bbf684d

Request headers

:path
/css/main.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
484697
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d500006431d7bd8000000001
last-modified
Fri, 27 Nov 2020 06:09:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ThHeIMGLg340DXxq%2B4OcX0UjwF2fBWkQ5BJRaYMLABSToB1%2F9Z2V8jNTIcuZRYf3zNVGR%2BUoqHbYLVJiQE%2BIstH5PpPY99KBWQxpp5aspK%2FWlW3efYYXmAYvRIW0Wn31VNa438iCFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a146431-FRA
expires
Fri, 04 Jun 2021 18:49:13 GMT
popup.css
manicoins.com/css/
916 B
1018 B
Stylesheet
General
Full URL
https://manicoins.com/css/popup.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc2bf3176d5baae32050259740e7b87a874d51fb3d03bb6e5a8d22af849b369

Request headers

:path
/css/popup.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
496831
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d600006431dd359000000001
last-modified
Fri, 27 Nov 2020 05:43:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=waOcMluCFHTngsUY1IO1CsbYFqsfqbqjr3jzwKYp%2B0bh9GnYEcF1h%2Fl0Yr1ixjXEUl%2BnPG3fe2ow0KchJwrXI%2F1eA2p5l6aNhvyAGarjQBZUci5iJkgMSA9A%2BufbU1NDenYWxeqL9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a166431-FRA
expires
Fri, 04 Jun 2021 15:27:00 GMT
animate.css
manicoins.com/css/
56 KB
5 KB
Stylesheet
General
Full URL
https://manicoins.com/css/animate.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

:path
/css/animate.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
484621
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d700006431a80ce000000001
last-modified
Fri, 27 Nov 2020 05:42:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f7FKGHyd%2BDHqSuCmgB6W%2F0k6cOJt2v5uB%2FDscZbq5fn0AViP8g5ROi2uOZdp%2FbAi8PwokKXEInrNtBWn6y3NT8XctNust%2FeyUmVmmu9%2FeNfRZDthubhKbjHufLXaw19AbuugfhYg9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a186431-FRA
expires
Fri, 04 Jun 2021 18:50:29 GMT
toastr.css
manicoins.com/toastr/
7 KB
3 KB
Stylesheet
General
Full URL
https://manicoins.com/toastr/toastr.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d9c805252fa0bbf1054ce303e51d18933af8abb6a5f4ee01fc436e7ee62387

Request headers

:path
/toastr/toastr.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
496831
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d700006431a03f8000000001
last-modified
Fri, 27 Nov 2020 05:47:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8ZaoNPeYsRyy5zg%2BIZ1w4xxu80WKcUgy9m9uurzg0%2BNg0f3WSZ0Yzs7wPvpSe4rd0CJISkwvd1Wi%2BZJ6Ls10Xf6EXqJQLy1tPc27UmwTxAUWUpBhWGqZ9DD8DwQZpQfx96PACAYf%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a196431-FRA
expires
Fri, 04 Jun 2021 15:27:00 GMT
responsive.css
manicoins.com/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://manicoins.com/css/responsive.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b8b894d36c2d240d6b6927d211f791c38c7b714ff685cbf404e34212e5c7da9

Request headers

:path
/css/responsive.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
391750
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d800006431c315a000000001
last-modified
Fri, 27 Nov 2020 05:43:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iTg7dTYdVTh3lI7Ug382dEQJFtWxNyGlys3gO5UxiAHkVguqUDntMm%2FEgC4t%2BZOVdVg54rgjnW8UxiStynvKRxSpOMMIeBRO08zVUdNZmIeJXtqjUpDFMx0SO8aMSBKuEiLTvLbGMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a1a6431-FRA
expires
Sat, 05 Jun 2021 20:38:21 GMT
style.css
manicoins.com/css/
507 B
898 B
Stylesheet
General
Full URL
https://manicoins.com/css/style.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d366d5bb5d9bbd289e658f041c8411594dfcedd78f228060ebe3d923a42e41df

Request headers

:path
/css/style.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
391750
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d800006431df2c0000000001
last-modified
Fri, 27 Nov 2020 05:43:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hUBrh5916E%2Fq5ljy%2Bm%2B470BlUMUStjq7Oe8x%2FkV%2Bbd9zjlDimiFZLCcUCjYaAN0QzWMutAFQTWdxs6vnv4MwwWQ%2BuzcHPWnabQ8teXkUbZzYuGTz8Z0zTwq0Sh17n7CkbWYfaEQfZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a1b6431-FRA
expires
Sat, 05 Jun 2021 20:38:21 GMT
buttons.css
manicoins.com/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://manicoins.com/css/buttons.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcc725208dc3c2e0b0c012a0b8b5506158727158b0277a6b2e2b6d9dbc102816

Request headers

:path
/css/buttons.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
496830
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d900006431ae08d000000001
last-modified
Fri, 27 Nov 2020 05:42:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qHmH7GKwBiDOp8Z17WmZfvp9oQVMZKE%2BdEVRjyRVDqIOX%2B%2BNUYymn36VXoBZiHJwxC29WuGETryTQ%2BjZyQxCiNN5BqwaDPyhLff3HLn6HWe%2FbdiaaHDlKvw3S2jwCvwmcV6%2F37o5ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a1c6431-FRA
expires
Fri, 04 Jun 2021 15:27:01 GMT
flipclock.css
manicoins.com/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://manicoins.com/css/flipclock.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb562efb939b9e7454851c32bb14f578d8f9895c7fcc1352ef9b58973735cfb5

Request headers

:path
/css/flipclock.css
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
391750
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18d900006431c9b35000000001
last-modified
Fri, 27 Nov 2020 05:42:53 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=awoD0P22ARPPLgiGMVKexPw%2FDzUsQgGKtNiT6XqeB3BFjjlcQJtg5DiWcS%2B1j1CWkAFKl9rbBypwqrT3CRQMNHUEDYzz6K8%2FhyuyqsESzLY8ut8xY0QnrVZWk9KOmq3jVkDbsPzvJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a1d6431-FRA
expires
Sat, 05 Jun 2021 20:38:21 GMT
floatclick.css
manicoins.com/css/
0
0

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/
91 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 05:20:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jun 2022 05:20:25 GMT
toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/
7 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/css/toastr.min.css
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3601249
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2672
cf-request-id
0a72cc18da00002c2ab5b24000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1a55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c4SmoOoIRHs93f45GXfoBJxZb7cdlFURqubhgHQ2yox6zPaShaU3siIdIHaC7t6lFoXvPOHMGFGTXX4UlsT5LqcCdEZheFZMX8ba6tSdUSs3mpd64%2FYWDfZYWiScu514%2BHzrTwZYYyHWLDYRQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6597e2d48fc32c2a-FRA
expires
Tue, 24 May 2022 09:27:31 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.3.0/
54 KB
19 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.3.0/jquery.min.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
900191a443115d8b48a9d68d3062e8b3d7129727951b8617465b485baf253006
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 05:32:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186892
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19212
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jun 2022 05:32:39 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.0/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:48:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110363
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30211
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 02 Jun 2022 02:48:08 GMT
modernizr-2.6.2.min.js
manicoins.com/js/vendor/
15 KB
6 KB
Script
General
Full URL
https://manicoins.com/js/vendor/modernizr-2.6.2.min.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

:path
/js/vendor/modernizr-2.6.2.min.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
360879
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18da00006431b6a39000000001
last-modified
Sun, 02 Jun 2019 04:13:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YjTJtGDVDu5nXEuTqCRr8362rGUWNGOK%2BIF6ujb1nZ0rgn0mL2AgCRfefbPCbGwnpdpM7ApZPhowgRKjeOg1cF1iVC3q4k324Pr919qwB8by3c1a5Z59jJ60lJVOAykrpO7dZtRNrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a1f6431-FRA
expires
Sun, 06 Jun 2021 05:12:52 GMT
bootstrap.min.js
manicoins.com/js/
28 KB
8 KB
Script
General
Full URL
https://manicoins.com/js/bootstrap.min.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399

Request headers

:path
/js/bootstrap.min.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
496427
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18db00006431e6275000000001
last-modified
Sun, 02 Jun 2019 04:13:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EkluVXMKcg9KLgBKvxQtoxlxx%2FwSEjV%2BuGxepWLKxVXV6b9p8b4rTa6J7D9cb1MjEppdqBmcrj3BG6ffpXXx%2BzQhw5PNjQNp6KLOi%2FsAJ5L4evhNxS4NjB17X2Amq618tM%2BqS7pMiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a206431-FRA
expires
Fri, 04 Jun 2021 15:33:44 GMT
plugins.js
manicoins.com/js/
733 B
959 B
Script
General
Full URL
https://manicoins.com/js/plugins.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
267f86b986829cb9a3c46b9fcdbc56783bb923005ba5ef5b27efce504e72ecfa

Request headers

:path
/js/plugins.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10686
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18db00006431a80cf000000001
last-modified
Sun, 02 Jun 2019 04:13:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TCy9nYv5Jh9dEsYbBz%2FJKyy87mYOow2bA7dii6U3O%2BR1Xd8cfTYV5aAW5fmtkK1xOg7chSa2tFanNDHGsNDzcYyU0f4nn%2Fe%2B%2FcCwYlppxJ0qiI3NF5NUHFSQdA2YFF8pI7TyFu6lRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a226431-FRA
expires
Thu, 10 Jun 2021 06:29:25 GMT
main.js
manicoins.com/js/
462 B
847 B
Script
General
Full URL
https://manicoins.com/js/main.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759bcbbf2058d0a33948eab23c35c499523a2d7fe779f3746fc40afe72020e7a

Request headers

:path
/js/main.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
496427
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18db00006431d39df000000001
last-modified
Fri, 27 Nov 2020 05:50:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2IdZFT%2BWY9J0dRBzHqcDTAlckXoCivEiC31S2%2B9xES8rSeJf1bWGh58h%2B1ZPm1BaRBFDOcP2ub9PmZI74HIyuzqEa0CX7GN7ZYyjLIRW1wBP72LKD9m9hDuaYUpxSiPTWFfDkMEn5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a236431-FRA
expires
Fri, 04 Jun 2021 15:33:44 GMT
wow.min.js
manicoins.com/js/
7 KB
3 KB
Script
General
Full URL
https://manicoins.com/js/wow.min.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a88df037dc6c940450a9e251a34c9321d76d894d3d1734ee8cede45028d84c

Request headers

:path
/js/wow.min.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
496427
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc18dc0000643198aa5000000001
last-modified
Sun, 02 Jun 2019 04:13:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HYaOgkFFg3B5j8No4uCa7KGGQxdmwL6xyEqg9WZQGPWFPxThrzIUsliWWRZDxgQwYBjYTlULY6glL7RQZ0lkN66uq5P4rdverOaqgIBhfbqEBbCPLac2Mh2E202bujgQDBiJWskzvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d48a246431-FRA
expires
Fri, 04 Jun 2021 15:33:44 GMT
alert.js
manicoins.com/js/
0
0

main.js
fandmo.com/
45 KB
15 KB
Script
General
Full URL
https://fandmo.com/main.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2ab0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db03c8c6967dc9e1d996bd573afc75a2acd997d25fa5c7b1f047bbc2e8ff62d7

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Jun 2021 05:18:54 GMT
server
cloudflare
age
14917
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ccNMPk6%2BgEk4FJi2hjnvKcvkr%2BRETP87bDj1B%2FxCeNeidPM5IUy9%2Bkc%2BbmSePKiZEeYeaH89ldvFQ0DOitR%2FxC7vzFMdukYI2ZrcxLWxcHTheQzHeZmlyXsZBpLctXFfw281Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400, s-maxage=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e2d859e2176e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b350000176e6c91b000000001
d0603f27046dbde52d7ac261cc53a243.js
pl15918242.bestrevenuenetwork.com/d0/60/3f/
0
0
Script
General
Full URL
https://pl15918242.bestrevenuenetwork.com/d0/60/3f/d0603f27046dbde52d7ac261cc53a243.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:31 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
api.js
manicoins.com/cdn-cgi/bm/cv/669835187/
35 KB
9 KB
Script
General
Full URL
https://manicoins.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/bm/cv/669835187/api.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Hv1LUd2pi%2F9XhIScXX%2F%2BpvyZYWBJG%2FFJXFsZHtjUgA8Fcoj26PDsYHNpI2eC0HhY2Epc3S%2F3Fu57vjdJ9klTLKZPBP6eLNgmtuttRyH7ipzwo786akt2Z%2FFk4F1Zodmz49Gxj2cY6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6597e2d82bbf6431-FRA
cf-request-id
0a72cc1b2000006431dd381000000001
lago1.png
manicoins.com/images/
25 KB
26 KB
Image
General
Full URL
https://manicoins.com/images/lago1.png
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32505e96c69bdbf22da20c6eebc54a63f5881c108afbfa63e50ca9723b4b9ab

Request headers

:path
/images/lago1.png
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
14323
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
25622
cf-request-id
0a72cc1b2000006431a2816000000001
last-modified
Mon, 01 Jun 2020 19:20:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DXzW%2FqvuKomuLQ8iQv1r1V5TWvfaCCIaM3xF88eD%2FnJAyp4fKG49Izn2LzoIx6uOH3PCd5C9UpXLUMnD0O90yQwsw%2BdqFhr2P87oI2ZthVVI4CbXym6CMZ73a8h0YY00pKfdj2C8ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6597e2d82bc06431-FRA
expires
Thu, 10 Jun 2021 05:28:48 GMT
banner.php
g.cash-ads.com/
209 B
380 B
Script
General
Full URL
https://g.cash-ads.com/banner.php?uid=4107&size=2
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
19fc11f3da5d728114937792c42b8233fceff304c637de18e7e5ec6d6abcd65e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
items.php
www.bitcoadz.io/display/
44 KB
7 KB
Script
General
Full URL
https://www.bitcoadz.io/display/items.php?45697&76087&728&90&1&0&0&0&0
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec6327763a39ecd11f082ad9e489b9f20c8e29ecf74f0da2f4e2879225cc6490

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b350000175e39153000000001
pragma
no-cache
last-modified
Thu, 03 Jun 2021 09:27:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jMmIDhLQku24dGT0DNiJWcWv8v8L3Z%2FIB0g7%2B6FAuj6pTxFEQ33jZngmj88AK1o8T343TGUlOjB%2F%2B7YxLKrw%2FWg8pGgZ%2BV%2F4Esi8I0T1Tld1c2JTXc6LVm3W6bWsFdbixXQwlr8zxkBy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e2d85c21175e-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
700.gif
simplebits.io/banners/
294 KB
294 KB
Image
General
Full URL
https://simplebits.io/banners/700.gif
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:48e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
884b26d045b731e2f4b4bab4b1a1b03d677631b13b122e560f08efde52dc1349

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4068
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
300558
cf-request-id
0a72cc1b3b000096e6dc808000000001
last-modified
Sat, 15 May 2021 21:01:07 GMT
server
cloudflare
etag
"60a03693-4960e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=11dgT%2BsgjjPIbwg38xE9iFpMx6pruUOuHBKR0BEFHtuRUp6LT3i7ViObXyjIntF0tlL%2BH8YCQd3Gz3QjKAMd%2BNcyjdVAODQwX8pVvUlZaR2NjizNRUv9dJGMd7q5c39PvQ%2FzaWoVuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6597e2d858b096e6-FRA
items.php
adsrv.adcryp.to/display/
64 KB
65 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/items.php?1741&1823&728&90&4&0&0
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
62c3d6ce8b5de89f01e123b5b90d24bdb26181e6a329a4262fd9d5d8e9f94ffa

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:31 GMT
Last-Modified
Thu, 03 Jun 2021 09:27:31 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
items.php
www.bitcoadz.io/display/
44 KB
7 KB
Script
General
Full URL
https://www.bitcoadz.io/display/items.php?45698&76087&728&90&4&0&0&0&0
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63a526682af9747eb0b22846c24e42e6438c1b87fd96230332d0823258d57361

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b370000175ee99d7000000001
pragma
no-cache
last-modified
Thu, 03 Jun 2021 09:27:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yBbQ%2Btc112u%2FhFp9kYZWoz9qFxN4ZTF1xy%2F0EkY0kgj%2FLufGO1UJZ5Tc173gQIgmJe3A1imrJ5UP0Pf4%2FwMs%2FUeYjDuzqOPMnpchQ7Dvf75yBeWsnrSlPLkVseZN5Mq4zLSSKxloa5pi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e2d85c25175e-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
banner.php
g.cash-ads.com/
209 B
381 B
Script
General
Full URL
https://g.cash-ads.com/banner.php?uid=4107&size=1
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
37120c7c1dc6b2588840c2a80f3a30e3f1063ff0bc016141cafadd965abe3e30
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
items.php
adsrv.adcryp.to/display/
64 KB
65 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/items.php?1740&1823&468&60&4&0&0
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
62c3d6ce8b5de89f01e123b5b90d24bdb26181e6a329a4262fd9d5d8e9f94ffa

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:31 GMT
Last-Modified
Thu, 03 Jun 2021 09:27:31 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
items.php
www.bitcoadz.io/display/
44 KB
7 KB
Script
General
Full URL
https://www.bitcoadz.io/display/items.php?45696&76087&160&600&1&0&0&0&0
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec6327763a39ecd11f082ad9e489b9f20c8e29ecf74f0da2f4e2879225cc6490

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b360000175e199f9000000001
pragma
no-cache
last-modified
Thu, 03 Jun 2021 09:27:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bgTM1rEoRQhi0gpqLXmYtJCp9juZFm5PnR5PPoiJ%2BB79iRxFRYDdmq5YIOx%2BP1c%2BmKVT1DZQorkDHsmqi1ZhXox2uHzlwfWXq%2Fh2pgATY09rbucsmRFFZDEz9%2Fe1wxO8psCU7IO5Tm7N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e2d85c2a175e-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
netbox.png
manicoins.com/images/
129 KB
130 KB
Image
General
Full URL
https://manicoins.com/images/netbox.png
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21245765a4f16ff69c28d8b20b06af5f3f3bf4dfd198292b6dcfc7628c7560e2

Request headers

:path
/images/netbox.png
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
496760
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
132202
cf-request-id
0a72cc1b210000643198aca000000001
last-modified
Mon, 05 Apr 2021 06:40:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z1rkLhIlNfU%2FLLOL%2BiCEDyeAyVBj4pXytIebf4rhFfA8beo3MtIKeZgR9UFAWQx4DNG4vnEOtcXd%2FHbIPWXGdxwtp0oA%2Bb7%2BD3kQUobb60UIrjaRGf8nhO4HDprXgwmXbdv9IvHl1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6597e2d82bc16431-FRA
expires
Fri, 04 Jun 2021 15:28:11 GMT
items.php
adsrv.adcryp.to/display/
64 KB
65 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/items.php?1737&1823&160&600&4&0&0
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
62c3d6ce8b5de89f01e123b5b90d24bdb26181e6a329a4262fd9d5d8e9f94ffa

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:31 GMT
Last-Modified
Thu, 03 Jun 2021 09:27:31 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
legit.png
manicoins.com/images/
39 KB
39 KB
Image
General
Full URL
https://manicoins.com/images/legit.png
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f7266e5f4028c94356469932f4823ce9c89e065fbc60833e9e37b7dd6e6cd88

Request headers

:path
/images/legit.png
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
491644
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39680
cf-request-id
0a72cc1b2100006431e6292000000001
last-modified
Sat, 01 Jun 2019 19:41:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LLXlktZs6kdb2ybNsFwSzmvom7cpN4GzZ5AJpt2xQX9WmVMyyMTfZNNwlnM0nwjnRdRqG83lHUnwTcY7tcRh3vP54pRzOtyG53%2F3VcRFTAjNVcd6L3ZFhXgtZnSOXlUisk%2BzCyV1Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6597e2d82bc26431-FRA
expires
Fri, 04 Jun 2021 16:53:27 GMT
items.php
www.bitcoadz.io/display/
44 KB
8 KB
Script
General
Full URL
https://www.bitcoadz.io/display/items.php?48796&76087&468&60&4&0&0&0&23
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec6327763a39ecd11f082ad9e489b9f20c8e29ecf74f0da2f4e2879225cc6490

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b370000175edabb3000000001
pragma
no-cache
last-modified
Thu, 03 Jun 2021 09:27:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0STGZPl1LOuldnAmKYu5WJCUjRw1Oti6UmkfDbGCm%2BWYfdfM8Z9wajrgm1nSTO5DEC0%2FWMGNpUeMnS4dcWachTmjZuU%2BU5qGthIcIsgpp5DOjaZGvDwgNAMvN4aG6Hlx%2FVGlrC82xY26"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e2d85c2b175e-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
items.php
adsrv.adcryp.to/display/
64 KB
65 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/items.php?1739&1823&300&250&4&0&0
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
62c3d6ce8b5de89f01e123b5b90d24bdb26181e6a329a4262fd9d5d8e9f94ffa

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:31 GMT
Last-Modified
Thu, 03 Jun 2021 09:27:31 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
banner.php
g.cash-ads.com/
216 B
384 B
Script
General
Full URL
https://g.cash-ads.com/banner.php?uid=4107&size=3
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
67980f10ea12e1c623901625ae00c51e8f7860d72741bd1cf75fe16a8d76f9be
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
items.php
www.bitcoadz.io/display/
44 KB
7 KB
Script
General
Full URL
https://www.bitcoadz.io/display/items.php?45700&76087&160&600&1&0&0&0&0
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec6327763a39ecd11f082ad9e489b9f20c8e29ecf74f0da2f4e2879225cc6490

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b4a0000175ee99d8000000001
pragma
no-cache
last-modified
Thu, 03 Jun 2021 09:27:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eKzIYro7GoFYhaVDjb6ItNadB7CXnenhFGAf0Vj%2F3R0ZdYt3XLLb6Wkxx%2BNhulNl6hyA4dAzlVrz68lIM8nDY7tXdgI2teKq7j1ZpjENkX8UOMpzC9NclppzK06PwWzW1TtMKGSWanG0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e2d87c58175e-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
items.php
adsrv.adcryp.to/display/
64 KB
65 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/items.php?1738&1823&160&600&4&0&0
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
62c3d6ce8b5de89f01e123b5b90d24bdb26181e6a329a4262fd9d5d8e9f94ffa

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:31 GMT
Last-Modified
Thu, 03 Jun 2021 09:27:31 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/
7 KB
764 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,300italic
Requested by
Host: manicoins.com
URL: https://manicoins.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5552dc4fcd9717dd52e84906a5fafe2af02d28768feff85b0dd74621f63ca05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:16:15 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:31 GMT
css
fonts.googleapis.com/
2 KB
619 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: manicoins.com
URL: https://manicoins.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:24:17 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:31 GMT
css
fonts.googleapis.com/
11 KB
861 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700
Requested by
Host: manicoins.com
URL: https://manicoins.com/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db38c6a8c5f7a567a809b00ac06e130668df0aadb8191c0667d1e335870ca86a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:12:15 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:31 GMT
frbtc.png
maniexpress.000webhostapp.com/images/
0
0
Image
General
Full URL
https://maniexpress.000webhostapp.com/images/frbtc.png
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:116e::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

calendar.png
manicoins.com/images/
17 KB
17 KB
Image
General
Full URL
https://manicoins.com/images/calendar.png
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cf2d38d6801232d390e0642b511c0363180fac8bc7a270a4d832604cb5acf1

Request headers

:path
/images/calendar.png
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
484617
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17149
cf-request-id
0a72cc1b22000064319b8ed000000001
last-modified
Sat, 01 Jun 2019 19:41:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NPl282h0XwIX4Sp2iojN8yhLIY8Hf7d6sN7bP36BuOGm%2BAiO5F%2BAvEBB9EctZAbBOSDLQxk6wvhFmxZwWXXUqSOEaL1DOWjjGyoeGYp1gcDvDGtZaEZ2%2BW57lJYc4IwUld0DpQRk7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6597e2d82bc36431-FRA
expires
Fri, 04 Jun 2021 18:50:34 GMT
email-decode.min.js
manicoins.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://manicoins.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
0a72cc1b1e00006431b6a58000000001
last-modified
Fri, 28 May 2021 10:23:11 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60b0c48f-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ieRZpBoq6OiObLeyiuSn4DsLt%2FnTCL5p8pL3UTv%2FkzAPw0jXdCAIBheNaekLlgP0dIx0reti4TFkhClpddld0XrRfdzg0yc7Wh5grngMHavVonEeqH5Av%2BIGKcS6J66Gxncc8F4cgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
cf-ray
6597e2d82bba6431-FRA
expires
Sat, 05 Jun 2021 09:27:31 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/
94 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1060097
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
29929
cf-request-id
0a72cc1b12000063a1ef8c1000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-176f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2bFndZMar55EXUKuY8KAaGpWezTG%2FYNj%2Bsi8R2IT7mgwpm%2FR0B5jIP09hMkpeqm6mZ5w%2B9IozGp2uLqrLEWibwVD1kT%2BfXvifOEozKE2SYOnluihcxiocDueOKsAV2aITI3yzDnaY49bZ5m53Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6597e2d81d0163a1-FRA
expires
Tue, 24 May 2022 09:27:31 GMT
adblock.js
manicoins.com/js/
7 KB
2 KB
Script
General
Full URL
https://manicoins.com/js/adblock.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ea14e481c971f10b980c574ded902d2f5caa7cc15d962f655a24ddfd9cb5527

Request headers

:path
/js/adblock.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
351603
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b2000006431b6a59000000001
last-modified
Sun, 02 Jun 2019 04:13:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vz4Lh9T3y2CLcFB7e8p773tRdk2pXdjkDKUdYHVD1l2BNFfo2cIT%2BkU2zXm8Zg7rO3564%2BkG2NsOL5IHDkwD5C28tZ1wDfMFeklCsO2SAgJbNN4LwviqLEpKvidjEtCJXO9WVbPa8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d82bbb6431-FRA
expires
Sun, 06 Jun 2021 07:47:28 GMT
plugRot.js
manicoins.com/js/
999 B
994 B
Script
General
Full URL
https://manicoins.com/js/plugRot.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
303efdbe23ca1d49284f639b27a700b3e17cda31859d5ac7e807fb3f17d3115e

Request headers

:path
/js/plugRot.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
496829
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b1f00006431bc33b000000001
last-modified
Sun, 02 Jun 2019 04:13:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tUE68HrIf5Ba6%2BGC3cOv0lSDxoEZwW7%2F%2Bax72sFzpBZIel%2FaL2Pso4g8RrsTnJ3D%2FIUXadHeEp5xSSDOPDSx5t3uaiUFmx8En4y7BZUcIBlly38JI%2BUn3bINZVZME8iPHjsX4Zi38g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d82bbc6431-FRA
expires
Fri, 04 Jun 2021 15:27:02 GMT
cookieinfo.min.js
cookieinfoscript.com/js/
7 KB
4 KB
Script
General
Full URL
https://cookieinfoscript.com/js/cookieinfo.min.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:992e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4956
x-amz-meta-cb-modifiedtime
Wed, 07 Apr 2021 11:38:58 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
6FZAM1364E2BV84G
x-amz-id-2
+Uhlf5OUoVQ5xFl26ru3QJIN8Q2TaB/GZHt1NWs2sCynlXAyIfWOeCU/H17Ts5pLUVeqfjdmw+o=
last-modified
Wed, 07 Apr 2021 11:39:17 GMT
server
cloudflare
etag
W/"d15d93068c1121f63008407d339bd819"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BLCWZOnKEs7ZNLvyuuyZtk6qGnNIiLVih9hnbl%2FABACPTlC3DR%2B1PQsd%2BTRq%2F%2F29us3HpPy4C%2BteXOUYNu%2FKOI1kxFyfiw7agvWfq1Tiri0hBEm0M3ADgjIrBvrDl2AcyLC2eN65khoQ3X8G03U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-request-id
0a72cc1b35000006013daf5000000001
cf-ray
6597e2d859f10601-FRA
toastr.js
manicoins.com/toastr/
17 KB
4 KB
Script
General
Full URL
https://manicoins.com/toastr/toastr.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f98cfd8031682e7e94e64edfd3f280790195aedb30de7d99a322bafbabc81040

Request headers

:path
/toastr/toastr.js
pragma
no-cache
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
388387
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b1f00006431a0017000000001
last-modified
Sat, 01 Jun 2019 19:41:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gm24rnSdgbt8VYX2DksVtbqj5RWuZttITSkvAYlymSSfs1GdhCIV0TA%2BpAEgYRIv25zbQKeGAEjegG2niOmKxOUNajHk39OtgTEMUUmkGo4lyvIgGmG1TnSfiiDj7UugaP3j5658Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6597e2d82bbd6431-FRA
expires
Sat, 05 Jun 2021 21:34:24 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://manicoins.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:05:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
age
120123
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
expires
Thu, 02 Jun 2022 00:05:28 GMT
cmp.js
quantcast.mgr.consensu.org/
16 KB
6 KB
Script
General
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218e:fe00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:17:48 GMT
content-encoding
gzip
etag
W/"51870ee6d5cb32ca5311356b296af21f"
last-modified
Tue, 09 Mar 2021 20:17:06 GMT
server
AmazonS3
age
1163
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 468eeec33a1dbb9d71a79cbde5838d78.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG52-P1
x-amz-cf-id
ZjgBeQL-IhL_YlicyDeIrZt4ts_9omN_FvWa0mvZXvqkEAyjn0jojA==
d0603f27046dbde52d7ac261cc53a243.js
pl15918242.bestrevenuenetwork.com/d0/60/3f/
0
0
Script
General
Full URL
https://pl15918242.bestrevenuenetwork.com/d0/60/3f/d0603f27046dbde52d7ac261cc53a243.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:31 GMT
server
nginx/1.17.9
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
main.js
gonapysa.xyz/
45 KB
15 KB
Script
General
Full URL
https://gonapysa.xyz/main.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5336c7209eaed75cbcd0f5e6685abc0671eddc7bcc474eeeb7b04e78aa1b003

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 17:19:35 GMT
server
cloudflare
age
58076
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DPwmZTS%2BsMzcnB6x9HRbV4jOBcnvWaLz295XnMNznupPlI7AWYmC3DxrTTJF20jamOJYGzzRFl2QPiSM9q4RitCj0OFpS7jOPyfF6Xa9TqLMYSY5ol%2B%2FbcAiO0x7liS0pON13q0d"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400, s-maxage=86400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e2d8ec0596bc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1b96000096bc2fbae000000001
fontawesome-webfont.woff
manicoins.com/fonts/
64 KB
65 KB
Font
General
Full URL
https://manicoins.com/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: manicoins.com
URL: https://manicoins.com/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

sec-fetch-mode
cors
origin
https://manicoins.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
:path
/fonts/fontawesome-webfont.woff?v=4.2.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
manicoins.com
referer
https://manicoins.com/css/font-awesome.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://manicoins.com
Referer
https://manicoins.com/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
487510
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
65452
cf-request-id
0a72cc1b8100006431a001b000000001
last-modified
Sat, 01 Jun 2019 19:41:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a97zftLTSDsHeHL989u8b9wreyFYdk7IP36c9vyd2vkIFIpaiT%2BELr%2BDF5tcewRl6A%2BYqvBAzvzfkaAn4U87jSrUW0qt4IBOZHHj3tF6Lbjd1So880%2Bf8hq1DuIQqogV%2F50ymMg9uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6597e2d8cbfa6431-FRA
expires
Fri, 04 Jun 2021 18:02:21 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://manicoins.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:36:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
age
118252
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
expires
Thu, 02 Jun 2022 00:36:39 GMT
/
g.cash-ads.com/ Frame ED57
498 B
507 B
Document
General
Full URL
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner.php?uid=4107&size=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
c4b05d5e9cc86bd922808a5bcc27fe805d19a424ae2c929fba7f60ecaee82698
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
invoke.js
www.bestdisplayformats.com/93fff020384f83528ccfdc354b1a8b10/
0
0
Script
General
Full URL
https://www.bestdisplayformats.com/93fff020384f83528ccfdc354b1a8b10/invoke.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:32 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
lds.gif
g.cash-ads.com/img/ Frame ED57
5 KB
5 KB
Image
General
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
5311
x-xss-protection
1; mode=block
/
g.cash-ads.com/ Frame ED57
2 KB
1 KB
Document
General
Full URL
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
3c50473b14b373ffba7f11fa44835301c4ccbb84579d9a60c634b484df97d1ba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
r38oxwat.js
ad4m.at/ Frame ED57
36 KB
12 KB
Script
General
Full URL
https://ad4m.at/r38oxwat.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34021da19a421b1a1ca6dc54d5db69e246cfacf9a3572fdbef78eb6b85b31c59

Request headers

Referer
https://g.cash-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=blXP7A==, md5=0R3EtjItLivZ0VRUEvKCKA==
date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
20491
x-guploader-uploadid
ABg5-UxKsJ3-fYCjN4WtUEKWukxnMUFARYI0IqqfpDSkuLIJV8N0aXpH7VyPbk99179ZCxRFl3HGuua446IIu7aku0E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1be000004a988ba83000000001
last-modified
Thu, 06 May 2021 17:28:22 GMT
server
cloudflare
etag
W/"d11dc4b6322d2e2bd9d1545412f28228"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pM1ltuc6mszRKpVqdT6gXoF43mqzb7el7sjasUfQztf7y%2BNHwBgctJJufFiBSRxeaJLvAyl0Yy%2FW%2FB6Min6gOee3b%2FDDqryu%2FCdzvXC7TbKdiOVpeLBVVnRyroHY21T1"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620322101984123
content-type
application/javascript; charset=utf-8
expires
Thu, 03 Jun 2021 03:46:01 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12047
cf-ray
6597e2d969094a98-FRA
cf-bgj
minify
bovl1.gif
g.cash-ads.com/img/ Frame ED57
1 KB
1 KB
Image
General
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
jquery.min.js
g.cash-ads.com/int/ Frame ED57
84 KB
34 KB
Script
General
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
W/"5fa0ee93-14e08"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
b2.gif
g.cash-ads.com/img/ Frame ED57
7 KB
7 KB
Image
General
Full URL
https://g.cash-ads.com/img/b2.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
36ba7545f1bd869f5d3abcc2e0c4e1072a33be1da4934214011a8c4399438e0f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkAjuqQyBlisQhsH0vQEvqCg%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
last-modified
Fri, 11 Sep 2020 22:38:47 GMT
server
nginx
etag
"5f5bfc77-1cf3"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
7411
x-xss-protection
1; mode=block
frame.html
ad4m.at/ Frame 0A21
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 03 Jun 2021 10:27:32 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
909096
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a72cc1c1d000005bbbf14e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KLbxq0ltPouLr6%2BVJdhxgrZAooiT6fXSACiwKImIMZQLign8H5RGQLv%2BuBQP%2FjL31HUn3kvS1%2B%2Ba2TITgSF%2BVN13JJQTO8umhE6K0e0C6R0fQfvUiKaC2wPc3Ow4rerF"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6597e2d9be0405bb-FRA
content-encoding
br
frame.html
ad4mat.net/ Frame DB1F
0
0
Document
General
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=502:6597e2da4feb4e9d:FRA; path=/; expires=Thu, 03-Jun-21 09:28:02 GMT cf_use_ob=443; path=/; expires=Thu, 03-Jun-21 09:28:02 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
6597e2da4feb4e9d-FRA
server
cloudflare
/
g.cash-ads.com/ Frame 761A
494 B
502 B
Document
General
Full URL
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner.php?uid=4107&size=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
c3cace2c917f8eb837dfe0f117e7bfb97b3048d827496ec9183739985d671807
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
invoke.js
www.bestdisplayformats.com/c60538d7c0f3058b9246c4e2c9796fde/
0
0
Script
General
Full URL
https://www.bestdisplayformats.com/c60538d7c0f3058b9246c4e2c9796fde/invoke.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:32 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
lds.gif
g.cash-ads.com/img/ Frame 761A
5 KB
5 KB
Image
General
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
5311
x-xss-protection
1; mode=block
/
g.cash-ads.com/ Frame 761A
1 KB
965 B
Document
General
Full URL
https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
b54a40b1b280f8117a5864639b2213d139db2f7057e5b9a1b687c37e5e03ec90
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkPLtNCOFaStbG8e5FN626k0%3D

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
bovl1.gif
g.cash-ads.com/img/ Frame 761A
1 KB
1 KB
Image
General
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
jquery.min.js
g.cash-ads.com/int/ Frame 761A
84 KB
34 KB
Script
General
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
W/"5fa0ee93-14e08"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
page.php
jun.eurosptp.com/ Frame 772A
17 KB
6 KB
Document
General
Full URL
https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.hosting.ovh.net
Software
Apache / PHP/5.4
Resource Hash
1423a3365ac47d78aaf716d5eb408349991db9574544e9a5e8e6ad89c8a4adad

Request headers

:method
GET
:authority
jun.eurosptp.com
:scheme
https
:path
/page.php?fr&ban&format=728x90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-powered-by
PHP/5.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
cache-control
no-cache, must-revalidate
referrer-policy
origin
set-cookie
visbl=1; expires=Thu, 03-Jun-2021 09:28:02 GMT; path=/; SameSite=None;secure; domain=eurosptp.com visite24=1; expires=Fri, 04-Jun-2021 09:27:32 GMT; path=/; SameSite=None;secure; domain=eurosptp.com visite=24h; expires=Thu, 03-Jun-2021 21:27:32 GMT; path=/; SameSite=None;secure; domain=eurosptp.com
vary
Accept-Encoding
content-encoding
gzip
x-robots-tag
noindex
1483175
ad.a-ads.com/ Frame 98C7
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1483175?size=468x60
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
c57e1e41e41bb07d79ca40e5d590f30fc8d99da722e152b05cc58fabd3b5aaeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:32 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://manicoins.com/
Content-Encoding
gzip
invoke.js
www.bestdisplayformats.com/d6e9970f4bc4157172826b56a55dc071/
0
0
Script
General
Full URL
https://www.bestdisplayformats.com/d6e9970f4bc4157172826b56a55dc071/invoke.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:32 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
index.php
adsrv.adcryp.to/display/ Frame C4F5
10 KB
4 KB
Document
General
Full URL
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/items.php?1741&1823&728&90&4&0&0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
cbc5ba43f72e5546360a82c34fc013c03ea293387040e79109f89dc515920a6d

Request headers

Host
adsrv.adcryp.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 09:27:33 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
/
g.cash-ads.com/banner/ Frame 772A
215 B
379 B
Script
General
Full URL
https://g.cash-ads.com/banner/?code=fcUxxfaC4tUKD%2F0BY9mTluUw%2B8ORBwU%2FPN0nAZqA9Tc%3D
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
06dbd31cf93212a75a4247578cab00646fedb933f1fab3bd6f3d91be854e811d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33556
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
Bql8DAV_zFaZhXa-iWoyhY0ONBfaFLAivdC_Bz9rQk94wZL3R7h96A==
popmyads.php
jun.eurosptp.com/ Frame 4417
9 KB
4 KB
Document
General
Full URL
https://jun.eurosptp.com/popmyads.php
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.hosting.ovh.net
Software
Apache / PHP/5.4
Resource Hash
f42f982d3cf93053a71b4b69f1e3e576ee87e829ac9d7df7e641cee7f6dd142e

Request headers

:method
GET
:authority
jun.eurosptp.com
:scheme
https
:path
/popmyads.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jun.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visbl=1; visite24=1; visite=24h
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jun.eurosptp.com/

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-powered-by
PHP/5.4
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
cache-control
no-cache, must-revalidate
referrer-policy
origin
vary
Accept-Encoding
content-encoding
gzip
Cookie set /
drfrr.org/ Frame 8087
Redirect Chain
  • https://cutt.ly/traficboost10
  • https://drfrr.org/?https://serveur-minecraft.com/visit/1638
2 KB
1 KB
Document
General
Full URL
https://drfrr.org/?https://serveur-minecraft.com/visit/1638
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.151.101.1 Budapest, Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
fe8e5a4c5d188829f690f080f9c755664edd121e599431b8b999a62b8dbfe185

Request headers

Host
drfrr.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
Server
Apache/2.4.29 (Ubuntu)
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Set-Cookie
PHPSESSID=1g4n3fl16lsur8m7utrtt44ip8; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
967
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=2fqq5t250c9ug5grhh2q8sb2u4; path=/; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
location
https://drfrr.org/?https://serveur-minecraft.com/visit/1638
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
0a72cc1e7b0000979c33278000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6597e2dd9861979c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
direct
audience.rtb.adp3.net/ Frame C0C2
0
26 B
Document
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=390758&q=sex&return_url=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
audience.rtb.adp3.net
:scheme
https
:path
/direct?pubid=88796&subid=paifl&feedid=390758&q=sex&return_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
0
location
direct
audience.rtb.adp3.net/ Frame 61E4
0
27 B
Document
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=350536&q=sex&return_url=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
audience.rtb.adp3.net
:scheme
https
:path
/direct?pubid=88796&subid=paifl&feedid=350536&q=sex&return_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
0
location
direct
audience.rtb.adp3.net/ Frame 531C
0
26 B
Document
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=390225&q=sex&return_url=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
audience.rtb.adp3.net
:scheme
https
:path
/direct?pubid=88796&subid=paifl&feedid=390225&q=sex&return_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
0
location
direct
audience.rtb.adp3.net/ Frame 1785
0
26 B
Document
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paifl&feedid=360233&q=sex&return_url=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
audience.rtb.adp3.net
:scheme
https
:path
/direct?pubid=88796&subid=paifl&feedid=360233&q=sex&return_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
0
location
splash.php
syndication.realsrv.com/ Frame 772A
4 KB
3 KB
XHR
General
Full URL
https://syndication.realsrv.com/splash.php?idzone=3981938
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d1583072c56f1b6e180434fffd53b8c8778b7ffe277af4bb2465b62333f3bbf1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
https://jun.eurosptp.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
cinema.php
www.interclics.com/ Frame C716
1 KB
779 B
Document
General
Full URL
https://www.interclics.com/cinema.php
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.19 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster010.hosting.ovh.net
Software
Apache / PHP/7.3
Resource Hash
e09210314eb842aa78fda7f7bfbf7d24127459773fa36e1b9e65cdc4e3119930

Request headers

:method
GET
:authority
www.interclics.com
:scheme
https
:path
/cinema.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jun.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jun.eurosptp.com/

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=iso-8859-1
server
Apache
x-powered-by
PHP/7.3
vary
Accept-Encoding
content-encoding
gzip
pragma
no-cache
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=451470&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=352251&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=308124&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=306587&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=384660&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=329494&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=417507&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=404440&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=310504&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=497396&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=449267&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=391876&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=364466&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=440732&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=376912&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=373302&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=394233&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=302123&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=316942&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=389403&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=374486&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=318695&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=494788&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=399708&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=338715&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=309314&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=452629&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=399354&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=464098&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=342973&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=485473&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=400230&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=365563&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=381993&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=355883&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=396184&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=427853&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=404580&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=493515&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=395775&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=394867&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=328197&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=428113&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=484115&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=312561&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=447240&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=339789&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=307317&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=437338&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=363194&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=422981&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=376397&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=466762&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=463426&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=423626&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=324127&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=344688&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=479033&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
direct
audience.rtb.adp3.net/ Frame 772A
0
26 B
Image
General
Full URL
https://audience.rtb.adp3.net/direct?pubid=88796&subid=paiml&feedid=362630&q=sex&return_url=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.122.162.115 Memphis, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

location
content-length
0
/
g.cash-ads.com/ Frame 772A
0
0
Image
General
Full URL
https://g.cash-ads.com/?nc=9e1gMrTRYdeeio%2Fy6khd8kLsdEH5O9qC0%2FpixD3HpyQ%3D
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
g.cash-ads.com/ Frame 772A
0
0
Image
General
Full URL
https://g.cash-ads.com/?nc=1AkXkjykmotsLdLDJdlmN6mMS3rkfkeXH9R8i%2B6bDP4%3D
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

/
g.cash-ads.com/ Frame A99D
494 B
503 B
Document
General
Full URL
https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFT6RdbgmNZf5IhAelU9WJtM%3D
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
b18b9428451ffe5dd6082f6d4dc39f56cf645b712af0a42c92a5c6896f263435
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=q9R0zm104H3w7rzE7fOqFT6RdbgmNZf5IhAelU9WJtM%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jun.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jun.eurosptp.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
pma
popmyads.com/x/ Frame 4417
88 KB
32 KB
Script
General
Full URL
https://popmyads.com/x/pma
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/popmyads.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bbbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
f73eb854ba041fae2c2ff7bae977b44e7849ce7988bc965d7d5861d32c969011

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PsIflocXJj%2BKhfuxDCFLdi2hop39OfBVS4YjZz1aO4IVXp5ZTIhjy0EYYedn8T28%2BKnApttaazwpWvqaqE9j4g0jiFZ3OrJwOT0B8fQsWNxhWaWeVJeRTn30qmWKh0qdr3c8urff"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
6597e2ddcd5b1776-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1e9900001776d291d000000001
lds.gif
g.cash-ads.com/img/ Frame A99D
5 KB
5 KB
Image
General
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFT6RdbgmNZf5IhAelU9WJtM%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFT6RdbgmNZf5IhAelU9WJtM%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
5311
x-xss-protection
1; mode=block
/
g.cash-ads.com/ Frame A99D
2 KB
1 KB
Document
General
Full URL
https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFTsEnlAWHZu76whkco5rMtc%3D
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
e209da557420e3913b6b87a1b911e84a08b39cc6de8f9e7928edbf0f0f770ff8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=q9R0zm104H3w7rzE7fOqFTsEnlAWHZu76whkco5rMtc%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFT6RdbgmNZf5IhAelU9WJtM%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFT6RdbgmNZf5IhAelU9WJtM%3D

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:32 GMT
/
ads.rekmob.com/m/props/ Frame 772A
271 B
590 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
7206d4ee81cb225774079752a1bf40d6163d7f8cabbfcd79c3f103889a497742

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:51:59 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
gtm.js
www.googletagmanager.com/ Frame 772A
82 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
abbb15e7aaa3601686c511996de4b8f18f33e18e3510cdd70e1874ecbf45f856
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33171
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Jun 2021 09:27:32 GMT
pix
ads.rekmob.com/retarget/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=4c8f462f-cf96-42da-859f-dbce3cb7587f
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=reklamstore&expires=10&bsw_param=4c8f462f-cf96-42da-859f-dbce3cb7587f
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=4c8f462f-cf96-42da-859f-dbce3cb7587f&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=4c8f462f-cf96-42da-859f-dbce3cb7587f&d=1
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:51:59 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=4c8f462f-cf96-42da-859f-dbce3cb7587f&d=1
date
Thu, 03 Jun 2021 09:27:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
270 B
592 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9c7cf1ffffab38fd0849a66dc32136a0677370a18c1613bf390f68133ac52730

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:51:59 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 772A
272 B
589 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5d66b2361b1910b9139fd827bad6bde30c2fa0112451dc995047f05929227311

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:51:59 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 772A
270 B
594 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fa3b732f98185a709919fde825ac9539c580c02d1516e9ebe9ca2312e8512f88

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:51:59 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
js15_as.js
s10.histats.com/ Frame 772A
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:23:01 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
51.254.41.128/26
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
599270196
Cookie set vregister.php
syndication.realsrv.com/ Frame 4E2B
0
773 B
Document
General
Full URL
https://syndication.realsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=3981938&2f0c2af9d35a1a2cdde21db2fe9eb7be=tsVuZ8uHLjt4dtvDnq4dfXLv658tdlTlK8E.fjzu5dPO7t03ce_HW1NZLXThmACjrgbjYlesYecz6cddUFbi781VcrEjmbDdkdckzMEbldLDrsDW5qaTXA2w3a5TXBU5Tnz6eO3LhrgbnsZjgqfcpz78OnTn01wN1QVuZ.O_Xzx8a4G8ZpXM.fnxx88_GuBtpitx6anDPrw8a4G2mJJ2IHpc.nHpw78O2uBu1imBiuCaXPp158fPTly1wNzVZ9OGuBtmma6pynPlrgbbctgacz4a4G2mKaYHKc.GuBuCqfPv0466rGc.Gu1iOxzPhu4cOHXXPYzHBU.5SvSxW5n34a57GY4Kn3KV2rKaXJWsMwUTtbTEk7ED0q7VlNLkrWGaJ4Gty9p9iV5xeuZeexmOCp9ynPhu8cunXW5e0.xK84vXMvK5XdNTFnx1sNr14TuZ8.Ot2amRivPXA3K5XdNTFnx1tTWS104LzUwPQSsR5gAo636651713ZqbmKW3G13Zqc9cDc9MzdjVa7TFbj01OGfHtrnpgagleXkmbcjz6a36656s.OupqlxyVelyqaOyuCaXPXZU5SvA3nw12UxrvsVP582mm.Hjt2dd4Otu8fLPjxw88XOfPh26M9uvjXBJPS5VVBNKvVWxXZVnw1wST0uVVQTSrwS2sRwNr0uMVTS58tdLjrlLlK9UFbi781VcrEjmcNku5yymaqeufc1NJrYbZjmaiz4a4G5nXXKc.GuBuNiVuCV5edh5zPhrcvcasrgmlXrgkcz4buHHXA22xWw05LW5Tny1wNtMU0wOUr1TWUtOZ8Ncs1TVME9efDXBK1M9LBXMvJM25nw11uVVryTNuZ8NdLj0E0q7zk0rEji8DefLz14cevfXPTNfgvVWxXZVnt464G52Ka5XKc.GtqCvBd5yaViRxeBvPl568OPXzrlcrYasgrwXnpmvwXrwnczfmqrgle1yuVsNWQV4Lz0zX4LtuVNUwT1wTS52zy62G2Y5mol7XKc9cEk9LlVUE0q7Eca8EtrEcDa9LjFU0tWfLXVYzyz4a6rGeefDXU1TBPWvXhO5nrqapgnrXlYkcz11NUwT1r2uU562aZrqnKV7XKc_HnXbTnw1wS1uUysR58NcDdLlU80tUFri8bGE1lefDXA3JZHXBjNK5nw12VOUrtMTzwSvZ8tdlTlK7TE88Ery7tLlFjkrWGfHp04a7bLIG8.Pbly78eXTry48enfry4ceHjtwZ8McPHRny627rrgkcqrYknz49uXLvx5dOvLW1NNFA41NLU5LXnxg
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
syndication.realsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://jun.eurosptp.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jun.eurosptp.com/

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 09:27:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Set-Cookie
impressions=x%9C%5D%CFA%8A%031%0CD%D1%BB%F4%DA%0DURI%96%E6%2ACN%12r%F7%B8%09%A4M%D6%7E%D4%97%9F%87%8CA%D5%A9%09t%19%8E%BF%7F%0E%A6Y%BA%99%D58%28%E1x%8C%05%CB%DB%EDT%85%93U7%14%139.w1%B4%A2%17S%94%CA7%96%CC%EC%7B%CF%1B%D7%FB%A9%90%1337h%98%DA%C3%ED%9AZ%E1%99%A8%B4_x%87%1B%B1%F6%94jN%7D%D9%FA%98%82%DB%9E%08%04%CE%B0%82%B2vH%0B%DF+%85%89%5C%17%3A%5Bv%87%27Ma%9F%F0%EB%0D%92%BFA%C0; expires=Fri, 04 Jun 2021 09:27:32 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Content-Encoding
gzip
code.js
myolnyr5bsk18.com/lv/esnk/1845135/ Frame C716
98 KB
41 KB
Script
General
Full URL
https://myolnyr5bsk18.com/lv/esnk/1845135/code.js
Requested by
Host: www.interclics.com
URL: https://www.interclics.com/cinema.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cee6ac6bead150d908b8a00a65f48630a72ba6e4215385fad324365bda7dc238
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.interclics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 28 May 2021 09:53:15 GMT
Server
nginx
ETag
W/"60b0bd8b-188e5"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
1817041
oranegfodnd.com/get/ Frame C716
7 KB
5 KB
Script
General
Full URL
https://oranegfodnd.com/get/1817041?zoneid=1817041&jp=_clfwtpj6cu0laggr7m8g1b&nojs=0&ix=0&t=1&x=801&y=801&wcks=1&wgl=1&cnvs=1
Requested by
Host: www.interclics.com
URL: https://www.interclics.com/cinema.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b7b7934292cac229ce7cc79023bcbb0ac961d8ac5c521f9d34444254b8196dc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.interclics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
468x60
static.a-ads.com/a-ads-banners/175087/ Frame 98C7
22 KB
22 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/175087/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1483175?size=468x60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7bde0242f3ee9309bbe3dbcf8ceac69c1c2e89644b0d228cd562113f4556452e

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
Last-Modified
Thu, 03 Jun 2021 05:41:19 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
8S16DNQBGMAT1K5J
ETag
"a722cb45652607018de8b729b191149c"
Content-Type
image/png
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
22139
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
R85B6cJyD0jEjZdwEbV2bNC2A8l4f_NE
x-amz-id-2
RPfoKUqDbHeR8LZ3FOIfzVbqrESLP1j0/rxYF9dBV9ePNj4pn19FYwxF51xDSVMo+flnp5+2IWA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 98C7
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bovl1.gif
g.cash-ads.com/img/ Frame A99D
1 KB
1 KB
Image
General
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFTsEnlAWHZu76whkco5rMtc%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFTsEnlAWHZu76whkco5rMtc%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
jquery.min.js
g.cash-ads.com/int/ Frame A99D
84 KB
34 KB
Script
General
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFTsEnlAWHZu76whkco5rMtc%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFTsEnlAWHZu76whkco5rMtc%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
W/"5fa0ee93-14e08"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
invoke.js
www.creativeformatsnetwork.com/3bc4e0b7be4ef8814dcd61a1cd13fb62/ Frame A99D
0
0
Script
General
Full URL
https://www.creativeformatsnetwork.com/3bc4e0b7be4ef8814dcd61a1cd13fb62/invoke.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=q9R0zm104H3w7rzE7fOqFTsEnlAWHZu76whkco5rMtc%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://g.cash-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:33 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
g.cash-ads.com/ Frame 1C28
494 B
501 B
Document
General
Full URL
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkJ0slhg8HE9WSY8rBSeLmEo%3D
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner.php?uid=4107&size=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
f841ce5a7a84bcc22c449754839561462ae30432456d86b4c876d9f7e4755a93
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=iOIO30QOBtP%2FXgO9jH8%2BkJ0slhg8HE9WSY8rBSeLmEo%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
invoke.js
www.bestdisplayformats.com/b2d3438a0cffb0492845f58dd6e1d59b/
0
0
Script
General
Full URL
https://www.bestdisplayformats.com/b2d3438a0cffb0492845f58dd6e1d59b/invoke.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:32 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
index.php
adsrv.adcryp.to/display/ Frame 9961
10 KB
4 KB
Document
General
Full URL
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/items.php?1740&1823&468&60&4&0&0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
f39fac5c0aafcf4b242ecfafd5e7c57baf65e82527f30bf2d4abc213258d21be

Request headers

Host
adsrv.adcryp.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 09:27:33 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
lds.gif
g.cash-ads.com/img/ Frame 1C28
5 KB
5 KB
Image
General
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkJ0slhg8HE9WSY8rBSeLmEo%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkJ0slhg8HE9WSY8rBSeLmEo%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
5311
x-xss-protection
1; mode=block
0.php
s4.histats.com/stats/ Frame 772A
68 B
202 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?2577526&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m&@n0&@ohttps%3A%2F%2Fg.cash-ads.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-74894398&@b3:1622712453&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fjun.eurosptp.com%2Fpage.php%3Ffr%26ban%26format%3D728x90&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.13.63 Villa Park, United States, ASN16276 (OVH, FR),
Reverse DNS
ns504751.ip-192-99-13.net
Software
/
Resource Hash
4dec5c79a9b66b4a5e0021e63281f06132ec4b035f8a9c201cfa77c8e32a2b5f

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:33 GMT
Connection
close
Content-Length
68
Content-Type
text/html;charset=UTF-8
/
g.cash-ads.com/ Frame 1C28
2 KB
1 KB
Document
General
Full URL
https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg5Nu8vmjovgBg34epUAupck%3D
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
244d98b726490f85a532b4fa63a08a70d354e7c8c928a5e967b9f30330a3cc7d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=qdMC6kAgbkypHArj1Q7Vg5Nu8vmjovgBg34epUAupck%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkJ0slhg8HE9WSY8rBSeLmEo%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkJ0slhg8HE9WSY8rBSeLmEo%3D

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
raw
api.allorigins.win/ Frame 4417
2 KB
1 KB
Fetch
General
Full URL
https://api.allorigins.win/raw?url=https://maquiags.com/serve/6123/4832/MG9wbXk4ZDR2OTYyYzBiMjIxZmY=/aHR0cHM6Ly9qdW4uZXVyb3NwdHAuY29tL3BvcG15YWRzLnBocA==/1/1600x1200/0
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/popmyads.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683f0bbe7bd7d3b4cd85115e2c621933646ccd1f1930920ee6852de9a368ec82

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
via
allOrigins v2.5.1
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET, POST, PATCH, PUT, DELETE
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1f0a00004ee5e1b2a000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lz6bdg0wJ4RWZWJJK%2BLGCt5Z3fi9bLrYQNEY0ywV0btYmUV3AOQ0u3J3TmqEg1Uas9wwEtnyqirJF831FkIxMT%2FNUGY195EzeCZlM31mXaHg6ue6ulv9hRmlyQHf1LiUFgE4i3sIaIVj7bQn"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://jun.eurosptp.com
cache-control
public, max-age=3600, stale-if-error=600
access-control-allow-credentials
true
cf-ray
6597e2de7e7b4ee5-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Encoding, Accept
r38oxwat.js
ad4m.at/ Frame 1C28
36 KB
12 KB
Script
General
Full URL
https://ad4m.at/r38oxwat.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg5Nu8vmjovgBg34epUAupck%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34021da19a421b1a1ca6dc54d5db69e246cfacf9a3572fdbef78eb6b85b31c59

Request headers

Referer
https://g.cash-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=blXP7A==, md5=0R3EtjItLivZ0VRUEvKCKA==
date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
20491
x-guploader-uploadid
ABg5-UxKsJ3-fYCjN4WtUEKWukxnMUFARYI0IqqfpDSkuLIJV8N0aXpH7VyPbk99179ZCxRFl3HGuua446IIu7aku0E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc1efe000005bb9dbfa000000001
last-modified
Thu, 06 May 2021 17:28:22 GMT
server
cloudflare
etag
W/"d11dc4b6322d2e2bd9d1545412f28228"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qoEsmKrq4B4d8mqiWfL%2BSCSTw6LMuSUrV8BbOq8W7viYuub38apqzDntwZZAgjFJ1g4G%2F7%2Boq9mX5VQsWLHsJDWfwk986KTCZZwJZt5eOqgRovFYVacYPBxyIYd2EyKV"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620322101984123
content-type
application/javascript; charset=utf-8
expires
Thu, 03 Jun 2021 03:46:01 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12047
cf-ray
6597e2de6ac905bb-FRA
cf-bgj
minify
bovl1.gif
g.cash-ads.com/img/ Frame 1C28
1 KB
1 KB
Image
General
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg5Nu8vmjovgBg34epUAupck%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg5Nu8vmjovgBg34epUAupck%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
jquery.min.js
g.cash-ads.com/int/ Frame 1C28
84 KB
34 KB
Script
General
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg5Nu8vmjovgBg34epUAupck%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg5Nu8vmjovgBg34epUAupck%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
W/"5fa0ee93-14e08"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
chicken.gif
oranegfodnd.com/ Frame C716
43 B
353 B
Image
General
Full URL
https://oranegfodnd.com/chicken.gif?z=1817041&pb=1a3c1ab887c31592bab843d568303f021622719652&psp=tYXTCVGZfCjQUtmwinu2q6UpLzGXR7GAkKOjfXJ0glZHnUmfrCCu-VzY0-0XEE0OBl6MfH83fYL2vhsVIMA2BfqIJGg-RMXe4qIAo5B_e0DWPMmoKX7KGRSu-WO8p5QgsRte_2HDdwkZyuMl0C8t1rdspZqmiUQB3_2_2oTfO9oFcftW53z9qBr_hUIjdg3QDdpo9_QT1uw5bOtrMpJISLgNmyLNkHQ0fwvjT7nrGm_zt8hkT90R7QSForO1BfruUdF8N3BiPrg3l_e-1P_hCMNiSWV1ET6-LSoYsUviiNgvPy4a8Ac36hKfyo67026S1ZhsnatUABL0gpKsnEZacSAWxMtwicTF7fKadJckCiIp65z1mlYqTCjaeGlVa8SZhXiCKAyCV36vF20pN5mmKeTdeOT4-E5Re6FqwpSuGY3D8u4XWfCwcRv9ffm7zAJrcjdli9vHx5yM3MZvEjOy2MQyFOwIZC0bVxzsiCbhK13oB65u9l_iQsfP2iAudz3EaBBAvmmghEYGmyzwLvCdiPvnDXKJkpkpxJC0X0CuupnGwY1sotX7ktD898SrTvH9HWM5bbnghSZGDj7ugSypRs56Ck7Vnqs_uiosGHFAXaBK7qQqCY5SgLQ78h8nXFjCyMwaNoFcTg1CCISdi1kqhYYm2t866IzSnwmUqjrlukh-Tb-F1yWYT6DIkOwkmH8-DEMWBgCIp8E2cuajY5yL1x5m0SlddcGb1jMRXwE8SLSrzIVhD36JQawvOFLdG_3-0OiEBP__e6R_YI3Vnm4pc9QvSKevxfUUVCb0IhbdmgmgjZ8vounkF0pd7YcaHoLCtjo1QdKve8LdLQMLYlY3ZTfp1sOYLANFt4KX-o8v2n_HIdwcEu-bOf2WBPkSd-TmheCSdGLOMNxZJliH4FUNuzipXB__44WZQZwPTAp-lhgJJaR1LxdPsM_g8J4JLkaVnw9KZFmKagABjTvOR1tDMjIYbAVZRH_Ynv55wLTxula1HE0IDBt0IaAhEu2cjz1eK0iWvjLYVslgfzDdFIMkjjl1HHs8umeA8z60Ia_s-kgG1rpL5JP6dfkdYnizoYTvspFw_aLIusGHA3ipkaKBN09qeahLDcpFqr6fqhPEfq_BAT1nk6O8Piw3OwvooL8-1bKA3bd6UbfwrbO5NwYyffhgKcYTbOpVnBffscqV4E5V5Okzq62PgSZjvOGGQ7LD
Requested by
Host: www.interclics.com
URL: https://www.interclics.com/cinema.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.interclics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
1483177
ad.a-ads.com/ Frame EF97
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1483177?size=300x250
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
dd18d22d732ff5aa9eb7a11d7096a072f02c77035f9fb9c8d8a3c03a981b435f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:32 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://manicoins.com/
Content-Encoding
gzip
index.php
adsrv.adcryp.to/display/ Frame 33FA
10 KB
4 KB
Document
General
Full URL
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/items.php?1737&1823&160&600&4&0&0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
8341ee466685f34d429e537dcafc6cf17b0134410b708b021bda8d90e7eb97d1

Request headers

Host
adsrv.adcryp.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 09:27:33 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
invoke.js
www.bestdisplayformats.com/93fff020384f83528ccfdc354b1a8b10/
0
0
Script
General
Full URL
https://www.bestdisplayformats.com/93fff020384f83528ccfdc354b1a8b10/invoke.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:32 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
index.php
www.bitcoadz.io/display/ Frame 8374
5 KB
2 KB
Document
General
Full URL
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/items.php?48796&76087&468&60&4&0&0&0&23
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9951fae8e289706db41b427f800b8cfaa831ce3262eeb4c679a14141cd8d199

Request headers

:method
GET
:authority
www.bitcoadz.io
:scheme
https
:path
/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=a360b50f397d3bdb04acef67348dd3bcf17e1b4f-1622712452-1800-AY+HXMQ7nNe26YqK1KEss1oFUNpVbNwkJ5CDt2RzuR1Euyql6iA8uMQFSr28jlBW+bTVisY5lLLFPglRVTou8Yw=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0a72cc1f3e00004e08aa36c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ywA7xb31E1wOIljqm8jhJvT30s1d37aQbQQ%2BosG9QZ9SjS4isihfXrCPulMANvPUHmaaE4O2pBfw0%2FDget4UQpOygVGY9%2BpTPGYp39lfKqU%2FJ8oyNzWtCa8MhRo4AlqBiLKe%2FlGe1IAu"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2decd3a4e08-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=jXosa01SrmSIAdQxMfu2&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__jXosa01SrmSIAdQxMfu2&ref=g.cash-ads.com&_=1622712452927&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9b48f1ecae307ce86f1f18099265f6088cff41c781f2ded265f25890c5a845ea

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:00 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
frame.html
ad4m.at/ Frame 5863
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Thu, 03 Jun 2021 10:27:32 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
909096
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
0a72cc1f45000005bbd1abd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=M2fJw3eFQkhzZmIrJfP0WbVQFbj6oW8znwFYCUEJim6hzFChesIJM%2FpI0nQ%2BB4QLaTAjlOm%2BvpGfLby%2BptwRdbk%2BUYpn8xA289v9YdFux9OQZVjFhZXDkRFp%2Bxdi4V4V"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6597e2dedc2705bb-FRA
content-encoding
br
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=FocLdSjJ4UwUOGV6tKoV&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__FocLdSjJ4UwUOGV6tKoV&ref=g.cash-ads.com&_=1622712452934&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
8183a474a84a5e546806849e9d5e5dd4a1f388c7000a4b519c9f0bf6474f87f1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:00 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=OiqfV2JEEc4Dfs8qC824&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__OiqfV2JEEc4Dfs8qC824&ref=g.cash-ads.com&_=1622712452935&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
060f20635860e1747b0d6d7ee2b2d85f93cdee9d09788f3b8a15fd9843549e90

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:00 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
300x250
static.a-ads.com/a-ads-banners/118285/ Frame EF97
666 KB
667 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/118285/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1483177?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
33f132344c07603b4137dcecec032052b3e0a5e40aa9ea4bfab3bbce0d686647

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
Last-Modified
Sun, 26 Apr 2020 08:04:42 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
650D18EB8FD389CC
ETag
"0928c229ef74afbb5c1ababaf1c7df23"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
682314
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Qd0IKHgRh6Tqu1J2cmfu4RCBMgCUtlxa
x-amz-id-2
Q/1UJG2L//RiMJWIaMB6vZ/e+F5FDPhJNPaWlzAD3cWAD3Kuxy2m9fnIsAklqgBoVQz0zqTOqWU=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=HV7nUPrKDTGwOSXuUCY7&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__HV7nUPrKDTGwOSXuUCY7&ref=g.cash-ads.com&_=1622712452941&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a10d401210e1b8125e258472f0b0a547b34c155721112a05b96fe47d1ee1e256

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:00 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
truncated
/ Frame EF97
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cat.gif
drfrr.org/ Frame 8087
55 KB
55 KB
Image
General
Full URL
https://drfrr.org/cat.gif
Requested by
Host: drfrr.org
URL: https://drfrr.org/?https://serveur-minecraft.com/visit/1638
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.151.101.1 Budapest, Hungary, ASN41075 (ATW-AS, HU),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d8efca1437a843aa5a01948f379004c8d3dbb0549556179e7dee2f6c1c0865b3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
Last-Modified
Thu, 12 Apr 2018 10:58:08 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"da4e-569a4a17a2056"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
55886
js
www.googletagmanager.com/gtag/ Frame 8087
89 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117556225-1
Requested by
Host: drfrr.org
URL: https://drfrr.org/?https://serveur-minecraft.com/visit/1638
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95c7ef477fd065e822bb6bbeba61af793731390649881826432daced1e3894b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35939
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Jun 2021 09:27:32 GMT
frame.html
ad4mat.net/ Frame EBED
0
0
Document
General
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Thu, 03 Jun 2021 09:27:32 GMT
content-type
text/html; charset=UTF-8
set-cookie
cf_ob_info=502:6597e2df0d334e9d:FRA; path=/; expires=Thu, 03-Jun-21 09:28:02 GMT cf_use_ob=443; path=/; expires=Thu, 03-Jun-21 09:28:02 GMT
x-frame-options
SAMEORIGIN
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
cf-ray
6597e2df0d334e9d-FRA
server
cloudflare
index.php
www.bitcoadz.io/display/ Frame 1087
6 KB
2 KB
Document
General
Full URL
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/items.php?45697&76087&728&90&1&0&0&0&0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9708a6251d2c936cebe877aa73d94832c9b41dfab9934dcbcbd00cb8a3f90e47

Request headers

:method
GET
:authority
www.bitcoadz.io
:scheme
https
:path
/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=3ec7b2d4f75351bd81e6f05a541c32785ba43176-1622712452-1800-AQ/ltM9nTx7OOOH/B64QjUUcBskgh63u0pUlEbbINqGu3pVATjew3o5h0uKgqWnaPc9FJMRjhjOMPgwP1XkiNq0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0a72cc1f6700004e08e8a00000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vZGOkIzGCt6E3Eu6B4OjvAjioZT44Q80qG4Bh5cAmPPAAaC1KmnIyN2I7Q%2Beb9Pyx4P7tEOAqcIFxXWSE3pvYGsa4oklmYDk9NqH90zxpAScKENOES2mpN0Pwz7iNVgfkW0qiWmUymX4"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2df0de34e08-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
index.php
www.bitcoadz.io/display/ Frame 0D67
5 KB
2 KB
Document
General
Full URL
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/items.php?45696&76087&160&600&1&0&0&0&0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c8ec53a7e6693e4546889e76c3a619f6ee83c983c448f0274754f4bc25028f

Request headers

:method
GET
:authority
www.bitcoadz.io
:scheme
https
:path
/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=3ec7b2d4f75351bd81e6f05a541c32785ba43176-1622712452-1800-AQ/ltM9nTx7OOOH/B64QjUUcBskgh63u0pUlEbbINqGu3pVATjew3o5h0uKgqWnaPc9FJMRjhjOMPgwP1XkiNq0=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0a72cc1f6e00004e08aa809000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=x8UGnDHUm%2BuRBCUmC5P3Q9sNjFTpmDOlMA%2B8YuH4%2FVFqGcBMKkYapfOw4ZYC053YWVlCqqgfITsYynyzO7mzv7WCPSxTWsOk9GewrnCofJ8TujZ7JOh2lUjnyaICLxYX2s3UhPwu8EUq"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2df1e004e08-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
analytics.js
www.google-analytics.com/ Frame 8087
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117556225-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
970
date
Thu, 03 Jun 2021 09:11:23 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 03 Jun 2021 11:11:23 GMT
1483175
ad.a-ads.com/ Frame 1B18
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1483175?size=468x60
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
c57e1e41e41bb07d79ca40e5d590f30fc8d99da722e152b05cc58fabd3b5aaeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:33 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://manicoins.com/
Content-Encoding
gzip
ad.php
ad2bitcoin.com/ Frame B868
1 KB
1 KB
Document
General
Full URL
https://ad2bitcoin.com/ad.php?ref=treckg&width=468
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.95.12.219 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
Software
Apache /
Resource Hash
c1270649e41f47bedb005117d1f60756afbd7485bc0154f17a3ba6ff0e6753e5

Request headers

Host
ad2bitcoin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
Server
Apache
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
/
get.cryptobrowser.site/pb/4/21321262/634/ Frame EFF5
1 KB
1 KB
Document
General
Full URL
https://get.cryptobrowser.site/pb/4/21321262/634/?t=simple,text,pro,mobile&l=en
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:470d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af436b3ab42a7b46c383a451abef69c5776f2451dfb4df9172dee3ca2b8efe9
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
get.cryptobrowser.site
:scheme
https
:path
/pb/4/21321262/634/?t=simple,text,pro,mobile&l=en
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=utf-8
content-language
de
vary
Accept-Language, Cookie, Accept-Encoding
strict-transport-security
max-age=15768000
cache-control
max-age=3600
cf-cache-status
HIT
age
1005
cf-request-id
0a72cc1fb80000dff733812000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DCIa9HFWTgiPqOHTLET%2BmaF%2BlZ4pVStRi%2B6H2%2FR%2FnKvlQm8T5fIf8jks7rBhQ3IkwQ9IT3MApTJSHq8RPb%2FWS7%2FSgPUHjgReCebT7y2GE8WYoEaWh%2Fqod6XYG%2B0z3TNq%2F25kSRiejXp9zS2dpfqe"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2df8bd0dff7-FRA
content-encoding
br
invoke.js
www.bestdisplayformats.com/1cfa5addf91aaaac7706418a78536189/
0
0
Script
General
Full URL
https://www.bestdisplayformats.com/1cfa5addf91aaaac7706418a78536189/invoke.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:33 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
index.php
adsrv.adcryp.to/display/ Frame 2A45
10 KB
4 KB
Document
General
Full URL
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/items.php?1739&1823&300&250&4&0&0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
50797246e8a6431e60bcf89283d3a47b4ba5cd25f3dae4f881e3a6689a6794db

Request headers

Host
adsrv.adcryp.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 09:27:33 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
468x60
static.a-ads.com/a-ads-banners/175087/ Frame 1B18
22 KB
22 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/175087/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1483175?size=468x60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7bde0242f3ee9309bbe3dbcf8ceac69c1c2e89644b0d228cd562113f4556452e

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:33 GMT
Last-Modified
Thu, 03 Jun 2021 05:41:19 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
8S16DNQBGMAT1K5J
ETag
"a722cb45652607018de8b729b191149c"
Content-Type
image/png
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
22139
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
R85B6cJyD0jEjZdwEbV2bNC2A8l4f_NE
x-amz-id-2
RPfoKUqDbHeR8LZ3FOIfzVbqrESLP1j0/rxYF9dBV9ePNj4pn19FYwxF51xDSVMo+flnp5+2IWA=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
f7a69306e676490684e005c1b4163999.gif
cdn.cryptobrowser.store/media/pb/634/ Frame EFF5
191 KB
192 KB
Image
General
Full URL
https://cdn.cryptobrowser.store/media/pb/634/f7a69306e676490684e005c1b4163999.gif
Requested by
Host: get.cryptobrowser.site
URL: https://get.cryptobrowser.site/pb/4/21321262/634/?t=simple,text,pro,mobile&l=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:31b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd0c1c2fd13406f7b50220149cca46a504ff9a4b76b5d638c6a58009ada59fbf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://get.cryptobrowser.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
358
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
196033
cf-request-id
0a72cc1fe4000016ea2a133000000001
last-modified
Fri, 22 Nov 2019 14:27:38 GMT
server
cloudflare
etag
"5dd7f05a-2fdc1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lMzRoVENHPwSutNhJrNvOLfvNHjeceFI7VSbRbINXOdF20McR6WMTquza6Zz9bKyhOqfxUwNtgqhH7MUiJwDS5HRGonD6xPUSDzNqyalBmxn%2FQOPPXubQJv26zYBd7PNExifCFVmanS8uaTIy2PgWkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6597e2dfd8e716ea-FRA
/
tr.cryptobrowser.site/api/v2/an/bn/ Frame
0
0
Preflight
General
Full URL
https://tr.cryptobrowser.site/api/v2/an/bn/
Protocol
H2
Server
185.173.160.143 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://get.cryptobrowser.site
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:33 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,X-CB-Data
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://get.cryptobrowser.site
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=15768000
/
tr.cryptobrowser.site/api/v2/an/bn/ Frame EFF5
0
177 B
XHR
General
Full URL
https://tr.cryptobrowser.site/api/v2/an/bn/
Requested by
Host: get.cryptobrowser.site
URL: https://get.cryptobrowser.site/pb/4/21321262/634/?t=simple,text,pro,mobile&l=en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.173.160.143 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://get.cryptobrowser.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://get.cryptobrowser.site
date
Thu, 03 Jun 2021 09:27:33 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin, Accept-Encoding
content-length
0
strict-transport-security
max-age=15768000
1483177
ad.a-ads.com/ Frame C8B4
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1483177?size=300x250
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
3e5c00893aa1d99af20756a1a9e34a4711f2487e9235fa9c9c21fa16f6007067
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:33 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://manicoins.com/
Content-Encoding
gzip
invoke.js
www.bestdisplayformats.com/1cfa5addf91aaaac7706418a78536189/
0
0
Script
General
Full URL
https://www.bestdisplayformats.com/1cfa5addf91aaaac7706418a78536189/invoke.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

access-control-allow-origin
*
date
Thu, 03 Jun 2021 09:27:33 GMT
server
nginx/1.17.6
content-type
application/javascript
content-length
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://manicoins.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 23:39:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
age
208094
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
expires
Tue, 31 May 2022 23:39:19 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4224
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e0ad28a8c1-CDG
content-length
1146
cf-request-id
0a72cc20690000a8c154826000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame 0995
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 18:54:12 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
59465
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
kRmFyii-c9CnZwKFp__HY7gK88oyRsxDJRcbDmyNxdOm2wSpagIOPA==
imp
ads.rekmob.com/m/ Frame 0995
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=eab80fa7b2764f44973c4daf560dc0f6&rid=NjBiOGEwODUwY2YyMTQ1ZTQyZTk5YTYx&adId=MTM2OA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:00 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
300x250
static.a-ads.com/a-ads-banners/117610/ Frame C8B4
174 KB
174 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/117610/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1483177?size=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
59e054acacbce0cfc6b7329639eb4ad898676b507b93a2b8a843ec7b5bd61202

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:33 GMT
Last-Modified
Sun, 19 Apr 2020 16:06:32 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
4D6F6A7C1A947989
ETag
"2a6b36df9c728e02224e7ba4bdbf0d0b"
Content-Type
image/gif
Cache-Control
max-age=315360000
Content-Length
177867
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
jFCVeEcNUb1I4XrWAG0_SW45Q7ZsGNjK
x-amz-id-2
10nQRrBer8vY7PHqJwfjAEnOkIxYNYXsajxwwvlD9TfgyjZsPuR85AcU9cR1a/5bhdRnvM4cE8o=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4224
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e0cd40a8c1-CDG
content-length
1146
cf-request-id
0a72cc207d0000a8c138b20000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
bi.js
cdn.runative-syndicate.com/sdk/v1/ Frame DAFD
6 KB
3 KB
Script
General
Full URL
https://cdn.runative-syndicate.com/sdk/v1/bi.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.110 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
c54b644fd5c4c94f49cc8bde286802266cbb733d557d4fed43cc705b95d1de3d

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 13:10:31 GMT
server
nginx
age
9140944
etag
W/"602d15c7-1931"
vary
Accept-Encoding
content-type
application/javascript
x-robots-tag
noindex, nofollow
imp
ads.rekmob.com/m/ Frame DAFD
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=5e5c74d9d40d494f9d1e794c8a7956af&rid=NjBiOGEwODUwY2YyYWIzNTdjNTExNWQ3&adId=MTQ3Mw==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:00 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
1483177
ad.a-ads.com/ Frame 7249
0
128 B
Document
General
Full URL
https://ad.a-ads.com/1483177?size=300x250
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:33 GMT
Content-Length
0
Connection
keep-alive
/
g.cash-ads.com/ Frame 54B2
494 B
503 B
Document
General
Full URL
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner.php?uid=4107&size=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
df81f81974fe7f716a8f70b9dae7c6addf069bdffa9dd60a0222211a6cedef37
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
/
g.cash-ads.com/ Frame 539C
494 B
503 B
Document
General
Full URL
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner.php?uid=4107&size=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
df81f81974fe7f716a8f70b9dae7c6addf069bdffa9dd60a0222211a6cedef37
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
index.php
www.bitcoadz.io/display/ Frame 5975
6 KB
2 KB
Document
General
Full URL
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/items.php?45700&76087&160&600&1&0&0&0&0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c94cb01bf1135f20df8d37a9a5371e6779938858dc4e29813ed09b3644e23018

Request headers

:method
GET
:authority
www.bitcoadz.io
:scheme
https
:path
/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=e0b85843e5a706628fdbaa1704460bb07000c080-1622712452-1800-AW6oJ5+yFrMHHy4naR9J5Db8IRzhYWbxpwVFi7kyRDsasyGROddiqEtJ0vUFf8TnkmDfKx+JTFNhA3fHiuywAVQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0a72cc20a100004e0897190000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Io2XV51%2Fp5RNEwMbVFgtAknDQROJmyzXE3JVesOJLBgvhKmYbwVqOJV%2FQld5O2i%2BtRKT3rhzD8Kx7nxpz90hP%2F5Rbr5Mm%2BWxr88ap3cukpA0RNXH1%2FatsobXWtwq1WyDQcLhgihTM6k1"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e10ae04e08-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
get.cryptobrowser.site/pb/6/21321262/337/ Frame B7F1
1 KB
842 B
Document
General
Full URL
https://get.cryptobrowser.site/pb/6/21321262/337/?t=simple,text,pro,mobile&l=en
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:470d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e88b43766561caea6dfdaeca7e8282b23e14a2fd29e7133708aa6fcafd9e47e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
get.cryptobrowser.site
:scheme
https
:path
/pb/6/21321262/337/?t=simple,text,pro,mobile&l=en
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=utf-8
content-language
de
vary
Accept-Language, Cookie, Accept-Encoding
strict-transport-security
max-age=15768000
cache-control
max-age=3600
cf-cache-status
HIT
age
1004
cf-request-id
0a72cc20a20000dff73a1b1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ijfeYPJpCIfdQcDj3nUHugtl3IcxBy%2BBFHb04vfoTuGyvFOnC5RdEeJD6Io1zm5EjLtmLXPUYyO23ZFED4C8hVrN3T49DgA%2B347q0aAL8S5XywiiSp%2BZIcqf07RWR6%2BnFpVePbwe1ofWMxt%2FOLB%2B"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e10f00dff7-FRA
content-encoding
br
index.php
adsrv.adcryp.to/display/ Frame 8627
10 KB
4 KB
Document
General
Full URL
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/items.php?1738&1823&160&600&4&0&0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
24fc807e6f299bd67750cd231aba96727a9f3c4ac2ba111171b7ede93a5c2af5

Request headers

Host
adsrv.adcryp.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://manicoins.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

Server
nginx
Date
Thu, 03 Jun 2021 09:27:33 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
gitoku.com/register/_fa7cdd4c68507744/alTW65lU3KHNbsyG74sOj_GLMQM22g/ Frame E5E3
Redirect Chain
  • https://ycipiwic.xyz/supply/register?iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
  • https://gitoku.com/register/_fa7cdd4c68507744/alTW65lU3KHNbsyG74sOj_GLMQM22g/HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
389 B
1 KB
Document
General
Full URL
https://gitoku.com/register/_fa7cdd4c68507744/alTW65lU3KHNbsyG74sOj_GLMQM22g/HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc59793c854590b485e1f4e9aa386eaf03ccd59e7436ef98ca040e04a1a19b1

Request headers

:method
GET
:authority
gitoku.com
:scheme
https
:path
/register/_fa7cdd4c68507744/alTW65lU3KHNbsyG74sOj_GLMQM22g/HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=0, private, s-maxage=0
set-cookie
__au=2veBmCwxUwVtLrJzYhR%2BGQ%3D%3D; expires=Fri, 03-Jun-2022 09:27:33 GMT; Max-Age=31536000; path=/; secure; httponly; samesite=none __cf_bm=131b7affd910d87f152eb4ddc508b16cc383430b-1622712453-1800-AWVtmi4GKt6rbDVYIdRhqB/2MOehBEYCwuvCvogDgpFzBNU142VLo7ncuFOlFtAOkJiSd9dAmsDBdpOqndGifzM=; path=/; expires=Thu, 03-Jun-21 09:57:33 GMT; domain=.gitoku.com; HttpOnly; Secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0a72cc223400004e5c44225000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TvjqAMvPHsMtPrrsVxnjDnJ06s40OnH8lmyerI9%2B3J%2BiejeGEjxL1zLdCwP%2BWEf4%2Fu7Tg9aFGpauxHGpiXAO3aov9PmyHufkKCrwtKzz7J0IGzM%2FX5hlZDkrfoGxZf%2BQKxREvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e38bd24e5c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-transform, private
p3p
CP="CAO PSA OUR"
etag
"2jYDMYvxjw6L74bMbs2h3FSZ69ZUag"
last-modified
Thu, 03 Jun 2021 09:27:33 GMT
location
https://gitoku.com/register/_fa7cdd4c68507744/alTW65lU3KHNbsyG74sOj_GLMQM22g/HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
set-cookie
tid=alTW65lU3KHNbsyG74sOj_GLMQM22g; expires=Sat, 03-Jul-2021 09:27:33 GMT; Max-Age=2592000; path=/; domain=ycipiwic.xyz; secure; httponly; samesite=none
cf-cache-status
DYNAMIC
cf-request-id
0a72cc20c700002b7d353bb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YnlIl5sPiIYgOZkAkBl1QYQB23gJHtRpGRZDStaKsQW7YsbJBxVP%2F3yOh6zsUZx3vofwjlR1CSVp8JtUgoDfQ%2BawPsnX%2BAWQWJWXGTbCYzAGNGThb89WwL2HS6X6eePsXzJoqQOy"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e13b002b7d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
truncated
/
37 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4224
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e13d92a8c1-CDG
content-length
1146
cf-request-id
0a72cc20c20000a8c16299f000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame 95B1
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:16:11 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
75042
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
_yR4UPIIgSMISwV4ozvsuwhLsb_OwrrRBWe14b7V5mTjJ4oJuKrC3Q==
imp
ads.rekmob.com/m/ Frame 95B1
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=325df01e0eff4147907ea371a23413a8&rid=NjBiOGEwODUwY2YyMTQ1ZTQyZTk5YTY1&adId=MTM3Mg==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:00 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
find
ycipiwic.xyz/supply/
3 KB
1 KB
XHR
General
Full URL
https://ycipiwic.xyz/supply/find
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b0d7e674e14e65084a9f51ce67adcd02a414a84f995bc3da73421de848a77c1

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cvq9QPKuJP%2B6BDohO9flwW4wpjpTVkVDKNF4FXTL2nZJomTH8MdFyPNWEzLVyPOBbeoh%2FA%2Fsphydj6vxRme%2FrEn9S4UGhGwW28BXlTMLuWomkpXyhJbbmGXCP2IJ7IT6GTp0C5t1"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://manicoins.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
6597e2e15b382b7d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc20d700002b7d7b19d000000001
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712453312&ver1=2.2.3&qid=230383f5530383f5434353&rnd=7f4bspe9akfc&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4224
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e16db8a8c1-CDG
content-length
23972
cf-request-id
0a72cc20e20000a8c15535b000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
lds.gif
g.cash-ads.com/img/ Frame 539C
5 KB
5 KB
Image
General
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
5311
x-xss-protection
1; mode=block
lds.gif
g.cash-ads.com/img/ Frame 54B2
5 KB
5 KB
Image
General
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
5311
x-xss-protection
1; mode=block
c607371f63ea4651832870689b549bc1.jpg
cdn.cryptobrowser.store/media/pb/337/ Frame B7F1
28 KB
28 KB
Image
General
Full URL
https://cdn.cryptobrowser.store/media/pb/337/c607371f63ea4651832870689b549bc1.jpg
Requested by
Host: get.cryptobrowser.site
URL: https://get.cryptobrowser.site/pb/6/21321262/337/?t=simple,text,pro,mobile&l=en
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:31b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0bcce85846f02d425a7f569ab6f77f74b8b1381d50af605d108f57c42d0db8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://get.cryptobrowser.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4182
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
28417
cf-request-id
0a72cc221d00004ec70b13d000000001
last-modified
Fri, 22 Nov 2019 14:27:38 GMT
server
cloudflare
etag
"5dd7f05a-6f01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zaUP4VpxwrCBoty3%2FCszUBgk1mWVUPUzC1Iwjjl9mnv9CSaMQqZ2h6WK72fGJAsHPN4LNsNduXOWkpwwdekIfgk0w10hsyz2OwnesvpTptCyZZUIzYBEG6Y%2F6u0Kx0b3M19ur2fdEAYw7jVtNoYarTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6597e2e36b794ec7-FRA
/
tr.cryptobrowser.site/api/v2/an/bn/ Frame B7F1
0
176 B
XHR
General
Full URL
https://tr.cryptobrowser.site/api/v2/an/bn/
Requested by
Host: get.cryptobrowser.site
URL: https://get.cryptobrowser.site/pb/6/21321262/337/?t=simple,text,pro,mobile&l=en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.173.160.143 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://get.cryptobrowser.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://get.cryptobrowser.site
date
Thu, 03 Jun 2021 09:27:33 GMT
access-control-allow-credentials
true
server
nginx
vary
Origin, Accept-Encoding
content-length
0
strict-transport-security
max-age=15768000
jquery.min.js
adsrv.adcryp.to/display/js/ Frame C4F5
243 KB
244 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/js/jquery.min.js
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:33 GMT
Last-Modified
Mon, 01 Feb 2021 03:21:38 GMT
Server
nginx
ETag
"601773c2-3cd47"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249159
data.png
adcryp.to/images/ Frame C4F5
931 B
1 KB
Image
General
Full URL
https://adcryp.to/images/data.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
931
cf-request-id
0a72cc222c00000eabbe82f000000001
last-modified
Tue, 08 Dec 2020 05:01:21 GMT
server
cloudflare
etag
"5fcf08a1-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YxUKpwjpt4SdvaLk5PQztUXmaWOlw93V7316%2Fir7uknoW2LJWJrup5aG3ZOuYjSi4wXWv7ijMWYClMqsHJWz4zgd4TfH9R0W0P4LtHN9t5FCk7rjNmfk%2BEYHikI385f9pCtH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e37acc0eab-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-icon-1608319564.png
adcryp.to/upload/credit/ Frame C4F5
658 B
998 B
Image
General
Full URL
https://adcryp.to/upload/credit/2-icon-1608319564.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56433dd803d523690979ccabb62f994561e71abdef50befdd4158150d7e910de

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4224685
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
658
cf-request-id
0a72cc222e00000eabb31b4000000001
last-modified
Fri, 18 Dec 2020 19:26:04 GMT
server
cloudflare
etag
"5fdd024c-292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FOf9YXeIWh1Qdo%2B6vcA%2Fn9qbqj2fNcmVsf1bnGy%2FefwgB%2BENKoWqO3wwjaDjyPgTY748ohsreo5NaIpc3Gt08ADXTos7lPcCLfqXIt7Qom4Xi0JRpImqz3V0blmDGPsvaBHK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e37ad90eab-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-1608315204.jpg
adcryp.to/upload/credit/ Frame C4F5
2 KB
2 KB
Image
General
Full URL
https://adcryp.to/upload/credit/2-1608315204.jpg
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50a51f56ae3a8194fd3e1d8b86d8a5d0efdf921296bffeaac46fbe240c529ec

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1805
cf-request-id
0a72cc223400000eabc9a63000000001
last-modified
Fri, 18 Dec 2020 18:13:24 GMT
server
cloudflare
etag
"5fdcf144-70d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QZ6IYfrQvQBJ4jGCuhhAgJbbx7K7t5i5SebRTpkhrvvpOD5fIvlMl7OqIDDZMgD4OZ36uMUgIPP579qv25oTfoF1DT96xtTUSiIXQH3PWd%2Bc46TS7J8jgK8dpfDQMnbzKzqa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e38af10eab-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
result
manicoins.com/cdn-cgi/bm/cv/
0
693 B
XHR
General
Full URL
https://manicoins.com/cdn-cgi/bm/cv/result?req_id=6597e2d138a66431
Requested by
Host: manicoins.com
URL: https://manicoins.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:d4d0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
cors
origin
https://manicoins.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
PHPSESSID=d2ab0caf10b89634a94b74eb7fba16a5
content-length
424
:path
/cdn-cgi/bm/cv/result?req_id=6597e2d138a66431
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
manicoins.com
referer
https://manicoins.com/index
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://manicoins.com/index
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DWR7adih%2Bmd6AG8Ixm%2F%2BtqtfZYkWMvdjZOZIFMHyAkeJkZlsUi%2Bhly5JQb59XnsXbiOwqo2BpMmUxWdoozbEUKOHZ3KuQ4RrK44J0QW7UuZnILoXEaQMprlfvIpSQkO%2BWW3nYLgGOg%3D%3D"}],"group":"cf-nel","max_age":604800}
set-cookie
__cf_bm=4062e4c35d2f2bcc8dad119805ddf22271c0f988-1622712453-1800-ARPkMZZwmu4qg3cozc7moZ+cNB8RnqwWUNrb05+OBV7R8dOK87iD1EldEvQwTb9Lr6pR1GxHv4dsBgoPCntDmIlLUAU2t6iYMrzXozgxegMbdgkCN05sI2f1pmARSh9pxLxikqHBxx3QC9o6PEGfJ4s=; path=/; expires=Thu, 03-Jun-21 09:57:33 GMT; domain=.manicoins.com; HttpOnly; Secure; SameSite=None
cf-ray
6597e2e1cf426431-FRA
cf-request-id
0a72cc211900006431ae0e8000000001
7a59f4ee8243465197d99ee2959f6ef7.html
run-syndicate.com/iframes2/ Frame 2CBF
10 KB
5 KB
Document
General
Full URL
https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Requested by
Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.198.68.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
d04adb94dc02ab091627b1aa2e6c7db5328df243e2cde934eeceb2b32c9089e4

Request headers

:method
GET
:authority
run-syndicate.com
:scheme
https
:path
/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jun.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jun.eurosptp.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding *
cache-control
no-cache, no-store, no-transform, must-revalidate no-transform
pragma
no-cache
expires
0
x-api-version
2
link
<https://lcdn.runative-syndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.runative-syndicate.com/images/a/3/b693d51c926a34048d1f87170f27164633dd01/300x250.jpg>; rel=preload; as=image
x-request-id
b0ebfcb84407c884
set-cookie
ts_uid=6c501063-3a93-49b1-9ebd-bf77d063eb9a; expires=Fri, 03 Dec 2021 09:27:33 GMT; domain=.run-syndicate.com; path=/; HttpOnly; secure; SameSite=None bfq=e0SIEaFjSxcWIsYUPJiwDMMufRQE; expires=Fri, 04 Jun 2021 09:27:33 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
x-robots-tag
none noindex, nofollow
report-to
{ "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding
gzip
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4224
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e1de12a8c1-CDG
content-length
1146
cf-request-id
0a72cc21240000a8c13bb85000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
5a1b9c9bcd394786b925816e44cc87a0
adimg.rekmob.com/ Frame 2FB4
27 KB
28 KB
Image
General
Full URL
https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd8d37964d54dedc218e5346e5442830ac85a24fec916f3f3a540d0f08037c33

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 15:53:43 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:22:03 GMT
Server
AmazonS3
Age
74729
ETag
"8bf981578b0ec356244ea5b3376c955c"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
27977
X-Amz-Cf-Id
xRCQz9DgKaqk1L-H8b9z8iM1lT7v9E5BlueJt5s8r-MWOt9AV1Gepw==
imp
ads.rekmob.com/m/ Frame 2FB4
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=ab4dfa37ef0b485e918ffc87ef556e99&rid=NjBiOGEwODUwY2YyN2IyMzZiM2I3OWNh&adId=MTM3MA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:00 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
/
g.cash-ads.com/ Frame 539C
1 KB
740 B
Document
General
Full URL
https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
1beac21d3234ad00e8e65b281f6debe51509c1ae13c5b60887bc4b0ba155bfba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
/
g.cash-ads.com/ Frame 54B2
1 KB
740 B
Document
General
Full URL
https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
1beac21d3234ad00e8e65b281f6debe51509c1ae13c5b60887bc4b0ba155bfba
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/?nc=iOIO30QOBtP%2FXgO9jH8%2BkKuciFx5HtV6O%2F%2BVHHcZW%2Fw%3D

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
content-encoding
gzip
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712453427&rnd=7f4bspe9akfc&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4965
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e37f054ec1-FRA
content-length
26
cf-request-id
0a72cc222c00004ec179a0c000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
338 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712453422253&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=7f4bspe9akfc&impid=&tps=28&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=9
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4965
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e37f0d4ec1-FRA
content-length
26
cf-request-id
0a72cc222d00004ec1fb89c000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
xdfb9e74cc0e2452db6130c29bfce2c40.doc
gonapysa.xyz/serve/
269 KB
200 KB
XHR
General
Full URL
https://gonapysa.xyz/serve/xdfb9e74cc0e2452db6130c29bfce2c40.doc?v=da6f
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7cf2bdaa84a8fee1ff732b1db43228512e832458b727e8b8bf06ca8ccbd7953

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
638173
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
204145
cf-request-id
0a72cc222e00000eb79e050000000001
last-modified
Mon, 27 Jan 2020 12:53:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=92gcwyXgAxOXyAJba2ZP0l6FQViTxUTNcscxmFjw%2FfPI02DgoAC9StuMHtnZRf27Z5zXEDNWnb8uUcB%2FiMHwnn0ovNmRfykiBhZdSWK4sINkOfs%2BTkqbsIieV5fz0GnfKYwX7zY4"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges
bytes
cf-ray
6597e2e37b330eb7-FRA
xdac262e5eef440b3a68df4804d9db5a6.doc
gonapysa.xyz/serve/
269 KB
200 KB
XHR
General
Full URL
https://gonapysa.xyz/serve/xdac262e5eef440b3a68df4804d9db5a6.doc?v=4664
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e524f6e6e8a604f4c89568d9312ccd75e217fc22b970ea9500cbb85f79fa60

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
585866
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
204127
cf-request-id
0a72cc222b00000eb788246000000001
last-modified
Mon, 16 Dec 2019 14:06:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NiWchtXXmUvH2Vjxssu8OBvzsiEXF2jTwH%2BGoHtxNELJIFAbUnjL5PvUzUWRRGZUbQzzqr9JEJciqS4%2BABULuXkPf9I%2BLpaWYtuBBidYk7qFTvXjsFiaQY6Iwch46QN%2FYVjUubIz"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges
bytes
cf-ray
6597e2e37b3a0eb7-FRA
x14a413ea17b8406c9c9a4938acbb376c.doc
gonapysa.xyz/serve/
39 KB
39 KB
XHR
General
Full URL
https://gonapysa.xyz/serve/x14a413ea17b8406c9c9a4938acbb376c.doc?v=9cce
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5bba8c74a9cbc2746fa5f0babe8d4b593338b694f3d49ba8c038cff35104e7

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
575467
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39046
cf-request-id
0a72cc222c00000eb7513cb000000001
last-modified
Mon, 29 Mar 2021 11:15:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FWKtQPV5h10N6aGXKoSzR7r7Evt2fjQ3WXJ8tv2L4UCjHJj8fVzSOHThCU7gsUfYmF70i%2BQD4q2jWFi8q%2F09rH63FSayRia8r0f7xUc6oSt6GC3FywOUOVuYi5NW4I6Apy7q39Rh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges
bytes
cf-ray
6597e2e37b3b0eb7-FRA
x2c24312a56cc48a997241341a302cac9.doc
gonapysa.xyz/serve/
23 KB
23 KB
XHR
General
Full URL
https://gonapysa.xyz/serve/x2c24312a56cc48a997241341a302cac9.doc?v=c470
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e20ed24a339b107a6c14e6b6b92adf226f5237fb2ef20226ee978a75dc5706

Request headers

Referer
https://manicoins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
630262
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
22964
cf-request-id
0a72cc222b00000eb74ebcb000000001
last-modified
Mon, 29 Mar 2021 11:15:33 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Uhr5uHPA9PkvmzonKgMZjNgfYMVg333CTbzKKsYH7toE%2BlQGeeJl6pT1dqk6qRTGVh3hXh68Tnlvt0olQ8KSM5KfVU7G%2FKB3w4amYW8hkWvu%2F0pUQfZamvVssipyNE9J4rJ1EQYv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, no-transform, s-maxage=2592000
accept-ranges
bytes
cf-ray
6597e2e37b360eb7-FRA
popmyads.png
whos.amung.us/swidget/ Frame AD3D
0
0

404
popmyads.com/ Frame AD3D
Redirect Chain
  • https://maquiags.com/gget
  • https://popmyads.com/404?dsc6123
837 B
824 B
Document
General
Full URL
https://popmyads.com/404?dsc6123
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bbbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
ee753ae9bc8a63c26a8cfad53c2beb154512129a84273a655ebd4c5d3602c6b1

Request headers

:method
GET
:authority
popmyads.com
:scheme
https
:path
/404?dsc6123
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jun.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://jun.eurosptp.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jun.eurosptp.com/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
cf-cache-status
DYNAMIC
cf-request-id
0a72cc22860000177646826000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=d559846a155d2d690c2b0d92e32cf3b41d1e6544-1622712453-1800-Ad+4cwuZ5QaFz+eEnPKr9bJdDq0hNzpOrWsQ9tNJnXk42PslbPyKcIN2HkAq/hkiL7JF/BpCMedHsd4zGY1j3Is=; path=/; expires=Thu, 03-Jun-21 09:57:33 GMT; domain=.popmyads.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KRGEuWi9xAsCsdBXzGEYkqnqMUx1YlaB0jov4Df3QHN474YP6F%2FZ7K8nLavEQQrLnBk%2Fcd1HBu2CHE0VZuHdVVgyARlv%2FYBfdWEGIVIPUkY%2B8b8dcmmsO58dYVPg6K4ddzlZVMro"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e40a311776-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.1.33
set-cookie
wGprrBLT=2; expires=Thu, 03-Jun-2021 09:27:35 GMT; Max-Age=2; path=/
location
https://popmyads.com/404?dsc6123
cf-cache-status
DYNAMIC
cf-request-id
0a72cc224100002b41449ce000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1RMoLM72CD6acFfvbddou0Ae2EDzZQ7UEnST3mhVtXK9g8HtrEnZqVGwbIu9FjGnW0fVM8mlGiB%2Bl0vDrj0G3w%2B76vg2aOd%2FAPYENrXAmwPjZ28Xb8xrFIERtD2D4ZaA9EqGuZIS"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e398162b41-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
ic.png
i.ibb.co/F0R59B6/ Frame B868
754 B
997 B
Image
General
Full URL
https://i.ibb.co/F0R59B6/ic.png
Requested by
Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=treckg&width=468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
9c4964adac0e09cf0af35a2c9599e7d46af59dac499fd45643e38773818a7e97

Request headers

Referer
https://ad2bitcoin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Mon, 26 Apr 2021 06:36:29 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
754
expires
Thu, 31 Dec 2037 23:55:55 GMT
1500x500
pbs.twimg.com/profile_banners/1078455682360397831/1552679614/ Frame B868
70 KB
71 KB
Image
General
Full URL
https://pbs.twimg.com/profile_banners/1078455682360397831/1552679614/1500x500
Requested by
Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=treckg&width=468
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
593bc804002feeb8575c72e8812098c94da49a345acb0586bf941c6ed7869c44
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://ad2bitcoin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
x-content-type-options
nosniff
age
530795
x-cache
HIT
content-length
72018
surrogate-key
profile_banners profile_banners/bucket/2 profile_banners/1078455682360397831
last-modified
Fri, 15 Mar 2019 19:51:34 GMT
server
ECS (frb/67A7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
0d57b56cd9798492527d28ab40fe630fe34029b70eb6b250a14cfebb238a883e
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
adqlt.php
ad2bitcoin.com/ Frame D267
764 B
941 B
Document
General
Full URL
https://ad2bitcoin.com/adqlt.php?ref=treckg&keycode=1628
Requested by
Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=treckg&width=468
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.95.12.219 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
Software
Apache /
Resource Hash
5f6d001a0863007f948f68066a291ed0e7126fce8b4e26733f2d1f48c4762c3f

Request headers

Host
ad2bitcoin.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ad2bitcoin.com/ad.php?ref=treckg&width=468
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad2bitcoin.com/ad.php?ref=treckg&width=468

Response headers

Date
Thu, 03 Jun 2021 09:27:32 GMT
Server
Apache
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery.min.js
adsrv.adcryp.to/display/js/ Frame 9961
243 KB
244 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/js/jquery.min.js
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:33 GMT
Last-Modified
Mon, 01 Feb 2021 03:21:38 GMT
Server
nginx
ETag
"601773c2-3cd47"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249159
data.png
adcryp.to/images/ Frame 9961
931 B
1 KB
Image
General
Full URL
https://adcryp.to/images/data.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
931
cf-request-id
0a72cc222d00000eab259e9000000001
last-modified
Tue, 08 Dec 2020 05:01:21 GMT
server
cloudflare
etag
"5fcf08a1-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hfj4dfNoFO1xZxmgSz1n4GbJjx4D78cr85zb6O3KW6oh1V4SbAOXrh4R%2FOCkGF3Kp5Wxi6dXo70N1PTzr%2FmH6t3HGMmtaI4Gt4v%2FnXYeISEM9PYzOzz8qKqqcbo49TNUDu1I"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e37ad00eab-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-icon-1608319564.png
adcryp.to/upload/credit/ Frame 9961
658 B
1 KB
Image
General
Full URL
https://adcryp.to/upload/credit/2-icon-1608319564.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56433dd803d523690979ccabb62f994561e71abdef50befdd4158150d7e910de

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4224685
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
658
cf-request-id
0a72cc225300009716c92f2000000001
last-modified
Fri, 18 Dec 2020 19:26:04 GMT
server
cloudflare
etag
"5fdd024c-292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VxZQvW4zIsOsbMycPJI4w%2FcrE9wXrt08baPsdIbA%2BdwEehmNRXJFtk6mPASU8yS92sgJrmLzJIHN0DoqomhDjRvTKoH0tsEoCXy2uD3SBVI0bmMk3rexcj2zbY56Kc8JqgxT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e3bd0a9716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-1608315204.jpg
adcryp.to/upload/credit/ Frame 9961
2 KB
2 KB
Image
General
Full URL
https://adcryp.to/upload/credit/2-1608315204.jpg
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50a51f56ae3a8194fd3e1d8b86d8a5d0efdf921296bffeaac46fbe240c529ec

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1805
cf-request-id
0a72cc228800009716aa367000000001
last-modified
Fri, 18 Dec 2020 18:13:24 GMT
server
cloudflare
etag
"5fdcf144-70d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=K%2BbY0%2FsTga8XolrBxQMX67woQirH9wIHlxEt0JaKQrg43k02%2Bs4aaJFHsLtykqP%2B3yf17t2nbpEovRrjIoJhNJuVKJzixvOBr5tKvQrGWp%2BwQSGYFS66st586tmepkxzuPsD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e40d349716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
tr.cryptobrowser.site/api/v2/an/bn/ Frame
0
0
Preflight
General
Full URL
https://tr.cryptobrowser.site/api/v2/an/bn/
Protocol
H2
Server
185.173.160.143 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://get.cryptobrowser.site
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:33 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Type,Accept,X-CB-Data
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://get.cryptobrowser.site
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security
max-age=15768000
jquery.min.js
www.bitcoadz.io/common/js/ Frame 8374
243 KB
68 KB
Script
General
Full URL
https://www.bitcoadz.io/common/js/jquery.min.js
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1445742
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc222d00004e08fda72000000001
last-modified
Fri, 11 Aug 2017 05:50:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xKAjAG0T0aMcUiqjpjuUOcWLYwBVv10aD5IjkdoJBDozA%2FNk6P7GITALXHRm2demCL%2F9dQI7eyizWcmGBN8wx3g%2BxdMVXhEcNcPlklyDYu8ngjeRnDnlBDWmxQqt7whwlePCileCNJIt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6597e2e379954e08-FRA
expires
Wed, 16 Jun 2021 15:51:51 GMT
logo-small.png
www.bitcoadz.io/common/images/ Frame 8374
696 B
1 KB
Image
General
Full URL
https://www.bitcoadz.io/common/images/logo-small.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b234cd4e547010429dc55b3eb30a4de01674978c6a57e7837f873e6ab28f3a5d

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4271747
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
696
cf-request-id
0a72cc222d00004e08cd3ee000000001
last-modified
Mon, 18 Sep 2017 13:48:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eqRbF53P6kgNTgCqjzK8zZx3IHh9meojvmMDXXdzgmbSc%2BeAHTY8ouKViTMjPl%2BTXGOEioffmNvr7YzCcLy0YEOE3RHTKX%2FzpGOCCZx3ZjobSbnTTg%2FFpzdRmKMQtum63Mfm1uoWkSpo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e379974e08-FRA
expires
Thu, 14 Apr 2022 22:51:46 GMT
4_small-logo2.png
www.bitcoadz.io/upload/credit/ Frame 8374
2 KB
2 KB
Image
General
Full URL
https://www.bitcoadz.io/upload/credit/4_small-logo2.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab3e21eb90fa5bc4468ff647d2b29a7e56f344d8db1ffbb40defff15be12613

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264974
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1740
cf-request-id
0a72cc224100004e08d204f000000001
last-modified
Mon, 18 Sep 2017 16:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H%2FZ66tMyekxNN3spwKPYfqEe68%2Be054vSIxNlmFpVVKaiyuNjjikTtOb9ambJzuO%2BR76mJ1%2BIF%2Fmogswyk1vgMGnB7F2hBlpDWaCSGRox5DpjF0Ljamub6oIzWT1XZUT%2BQie11pB6IXv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e399d44e08-FRA
expires
Tue, 22 Mar 2022 21:11:19 GMT
data.png
www.bitcoadz.io/images/ Frame 8374
931 B
2 KB
Image
General
Full URL
https://www.bitcoadz.io/images/data.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3963511
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
931
cf-request-id
0a72cc22a10000175ed5076000000001
last-modified
Fri, 11 Aug 2017 05:48:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oqy890kXVaUZhrKbR6tA2%2BwttFqSWAO%2FL3UfgbST3qTgIp30xRX4bbiFudXKeZR7xceOKBFYfciIUlAG5Qlzfuz5VMluoHsoZasMNHDph7tZB7cTJhJifxQo%2FbgLr9bWdnNcEr%2FEQrTA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e439f5175e-FRA
expires
Mon, 18 Apr 2022 12:29:02 GMT
20423_468x60a.gif
www.bitcoadz.io/upload/ Frame 8374
987 KB
988 KB
Image
General
Full URL
https://www.bitcoadz.io/upload/20423_468x60a.gif
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
209f0917a5187e8f8e105606d0c7158e24447c9f9045628a98bd5e8c7068cf01

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=48796&height=60&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=23&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3732583
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1010289
cf-request-id
0a72cc22a60000175ec91a7000000001
last-modified
Fri, 22 Jan 2021 13:07:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1nZNyf3uYplqW0nUTy2mm%2FYUuI977T84cH3PIwHp291Id1MDVJp1Bs6oSigJu9sW3aGIgWZ2%2Fa4S747OameNctT2RvL3PV60BaZjuQTXxHB654P3pMyqFRUaNSYnlIwNlMMfc1Ijct%2Fn"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e439f8175e-FRA
expires
Thu, 21 Apr 2022 04:37:50 GMT
jquery.min.js
adsrv.adcryp.to/display/js/ Frame 33FA
243 KB
244 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/js/jquery.min.js
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:33 GMT
Last-Modified
Mon, 01 Feb 2021 03:21:38 GMT
Server
nginx
ETag
"601773c2-3cd47"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249159
data.png
adcryp.to/images/ Frame 33FA
931 B
2 KB
Image
General
Full URL
https://adcryp.to/images/data.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
931
cf-request-id
0a72cc222f00000eab0f0ba000000001
last-modified
Tue, 08 Dec 2020 05:01:21 GMT
server
cloudflare
etag
"5fcf08a1-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t5uVO1VJXIymOBspOqVe11%2BG1yEsU4uiEehPRk6ErNbAHoivqEktfdJKEmEnzFDfvI2LtXBXtagjMnuMD5zPwjinK4Xc2p0R%2B0ak5Tx%2BMQXrUjxi4pTrAib1H39dcU8kxG3N"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e37ad50eab-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-icon-1608319564.png
adcryp.to/upload/credit/ Frame 33FA
658 B
1 KB
Image
General
Full URL
https://adcryp.to/upload/credit/2-icon-1608319564.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56433dd803d523690979ccabb62f994561e71abdef50befdd4158150d7e910de

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4224685
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
658
cf-request-id
0a72cc225300009716aa364000000001
last-modified
Fri, 18 Dec 2020 19:26:04 GMT
server
cloudflare
etag
"5fdd024c-292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7y%2BOoO9DxV%2BIwq%2FXe9DEKsogMfuMjYwJsuHKOk8hCuzAxn%2F0tm%2FmUPgvtrtWf3LmwIW5b%2BzOxgP06Hx09w6Arfi3DwR%2Fxil3qM2iDHTXmugqYiQ5ISR1eQ2Fdp1R9Y%2BfMfgl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e3bd0c9716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-1608315204.jpg
adcryp.to/upload/credit/ Frame 33FA
2 KB
2 KB
Image
General
Full URL
https://adcryp.to/upload/credit/2-1608315204.jpg
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50a51f56ae3a8194fd3e1d8b86d8a5d0efdf921296bffeaac46fbe240c529ec

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1805
cf-request-id
0a72cc229100009716db818000000001
last-modified
Fri, 18 Dec 2020 18:13:24 GMT
server
cloudflare
etag
"5fdcf144-70d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FzL%2BwlDfd8ZuXhj2uWXbIQvCr7Pp59qXtnyaGOpZo1684jZakqTsmlzTFxfSoVrawKJ56EntvYPOFx6FFpzFr0aoh3BY3ggTMYzct4gN8eq5WX7GPvkh7tkQ88WPyTzUh8AW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e41d3b9716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
adcryp.to/ Frame C304
1 KB
1 KB
Document
General
Full URL
https://adcryp.to/?utm_medium=cpc_f9745d3ab5f5df1bade9944dd59c6277
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
6996d03e94d90ec8b599c31a46fc41c18facd93107afdbfe238c8a940d3ae7ae

Request headers

:method
GET
:authority
adcryp.to
:scheme
https
:path
/?utm_medium=cpc_f9745d3ab5f5df1bade9944dd59c6277
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsrv.adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsrv.adcryp.to/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.25
cf-cache-status
DYNAMIC
cf-request-id
0a72cc225200009716d7a74000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eFHQY96q0OD0c%2FoyTYkwuarN9%2BYVaUR4VTZeEfXuJcrAAGVJMmZvjhsYdx13sp4JisY4axVM569%2Bg7nmUE8DUf%2B6E8MXv%2Bi0zMqbSqQ%2BOweQfm6CLAfBhFLGJRKeWFbMhuB4"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e3bd099716-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712453666&ver1=2.2.3&qid=230383f5530383f5434353&rnd=1b6ol2mr14v3&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4224
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e39f7ea8c1-CDG
content-length
23972
cf-request-id
0a72cc22440000a8c155377000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
jquery.min.js
adsrv.adcryp.to/display/js/ Frame 2A45
243 KB
244 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/js/jquery.min.js
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:33 GMT
Last-Modified
Mon, 01 Feb 2021 03:21:38 GMT
Server
nginx
ETag
"601773c2-3cd47"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249159
data.png
adcryp.to/images/ Frame 2A45
931 B
2 KB
Image
General
Full URL
https://adcryp.to/images/data.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
931
cf-request-id
0a72cc225200009716e1946000000001
last-modified
Tue, 08 Dec 2020 05:01:21 GMT
server
cloudflare
etag
"5fcf08a1-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6DkVFiwE8Igu6j4JII1Ts263J63aW9k8Mo9qGsqqCHvkY5ine5FAMJDtiWvQSddA284Br29crZsg5gM3x2Bmumk6S6JG2V%2FrOzkz4HzuJNVR54ZfR0bUmLz6z%2FBhog3WkdMh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e3bd089716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-icon-1608319564.png
adcryp.to/upload/credit/ Frame 2A45
658 B
1 KB
Image
General
Full URL
https://adcryp.to/upload/credit/2-icon-1608319564.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56433dd803d523690979ccabb62f994561e71abdef50befdd4158150d7e910de

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4224685
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
658
cf-request-id
0a72cc22a700009716df2d8000000001
last-modified
Fri, 18 Dec 2020 19:26:04 GMT
server
cloudflare
etag
"5fdd024c-292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QS%2F%2FxLEZwgIkeJ%2FkP0AKs5sqc2ahxP5Y5ewXFBJgb%2Fe3H1igakD1vJ%2FL4Dw0XvWqb8tFLbXTZI3FCXxyoOFfggmYaDhT79gyc1%2FFNUzMSZoEQWdryZEAaG6ZTgWAAGuGmoYH"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e43d459716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-1608315204.jpg
adcryp.to/upload/credit/ Frame 2A45
2 KB
2 KB
Image
General
Full URL
https://adcryp.to/upload/credit/2-1608315204.jpg
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50a51f56ae3a8194fd3e1d8b86d8a5d0efdf921296bffeaac46fbe240c529ec

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1805
cf-request-id
0a72cc22b400009716d490a000000001
last-modified
Fri, 18 Dec 2020 18:13:24 GMT
server
cloudflare
etag
"5fdcf144-70d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UvddCGZzxZSo4Fuz0yUGN%2F6Py4lOPrMJf8eZF2HYH%2BYgcf0siwFohVPb4sGBKc%2BvGhjN2L8vjiC%2B2X0dJBoUr7CIINHjc7GygSCIxi6A8nXjlX62LBcN1Mk2cgoRmv%2FJ9uyC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e45d559716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
bovl1.gif
g.cash-ads.com/img/ Frame 539C
1 KB
1 KB
Image
General
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
jquery.min.js
g.cash-ads.com/int/ Frame 539C
84 KB
34 KB
Script
General
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
W/"5fa0ee93-14e08"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
bovl1.gif
g.cash-ads.com/img/ Frame 54B2
1 KB
1 KB
Image
General
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
1055
x-xss-protection
1; mode=block
jquery.min.js
g.cash-ads.com/int/ Frame 54B2
84 KB
34 KB
Script
General
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
W/"5fa0ee93-14e08"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
b3.gif
g.cash-ads.com/img/ Frame 54B2
6 KB
6 KB
Image
General
Full URL
https://g.cash-ads.com/img/b3.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.114.134.182 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
051fba127f6a21e116bbda80f25abdd56d33b5935957fae87efff06db99a59fb
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g.cash-ads.com/?nc=m5H8sJUiVAgRWtp84rHAGMj01WSuJwSL5a5RuxhzdRM%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Fri, 11 Sep 2020 22:41:35 GMT
server
nginx
etag
"5f5bfd1f-17a6"
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/gif
accept-ranges
bytes
content-length
6054
x-xss-protection
1; mode=block
6b1df04a.html
gitoku.com/re/daf781982c3153056d2eb27362147e19/ Frame 1BF9
440 B
736 B
Document
General
Full URL
https://gitoku.com/re/daf781982c3153056d2eb27362147e19/6b1df04a.html
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b3da87ef3fc88bcd2944526305eb486ed0403b4e75513f7a7646f3a46ce40b

Request headers

:method
GET
:authority
gitoku.com
:scheme
https
:path
/re/daf781982c3153056d2eb27362147e19/6b1df04a.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
cf-cache-status
DYNAMIC
cf-request-id
0a72cc228500004e5c5da05000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=bd99c59cb902ebe75d39c87f46a64d0648e3c7ce-1622712453-1800-AXcuu3GOr9e54nq8wFa/+Rc0uqRqzEd8XPjT5uZArKyR4CevWtPbu3QP04VGYYhSdHL1CvvlZtk8DEVfXnLvkC8=; path=/; expires=Thu, 03-Jun-21 09:57:33 GMT; domain=.gitoku.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Gyx8U0rNQp%2FCCfW5cZep6rm9fWghUeYtZ8Utf1y1%2B13SkVK0FI2AwyvJkf35Zjq7nw7pApoEbpRM8TS6gJf3SPClA4XxVwUIW76MtgTbzHqYda5xJLl86ipAva3IPE1qtmk0cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e40d654e5c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf67e77d.html
gitoku.com/fg/daf781982c3153056d2eb27362147e19/ Frame 5001
564 B
760 B
Document
General
Full URL
https://gitoku.com/fg/daf781982c3153056d2eb27362147e19/cf67e77d.html
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f5d61df483affbf71518b4a3cabec346f0de818a2f6c4bfeb2e704f922832d

Request headers

:method
GET
:authority
gitoku.com
:scheme
https
:path
/fg/daf781982c3153056d2eb27362147e19/cf67e77d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
cf-cache-status
DYNAMIC
cf-request-id
0a72cc228d00004e5c57343000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=92c265f198f376b33c75cf806408689e634df1f9-1622712453-1800-AaJ4B3EEoITEflPyyGiPRrIErc9ZZJGfthg8AEJ6DL9oSBqKkNP7U5OW2i6j73/QxyAycpCNUQigEijva9BuC9g=; path=/; expires=Thu, 03-Jun-21 09:57:33 GMT; domain=.gitoku.com; HttpOnly; Secure; SameSite=None
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G%2F6g0Tfe0DN%2FYDSRio1vo9nbg2VwNesQJfq8Hw5gaVKBhdEqFXnPCbmgNTMGhOtT7drflFtwqnRuIWxkezQ1epTXvFhhhvcD5FdhijK1Ff%2F%2Btow8Np6iSehKJlBmy1Cee9wgGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e41d824e5c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
adcryp.to/ Frame 5B25
1 KB
1 KB
Document
General
Full URL
https://adcryp.to/?utm_medium=cpc_e980f5893d154b97eb8baa36a3c01331
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
fd2bb69a43dc488727886c1fad9b29556f6b20c8ac2a8397d6c0d0e5b8568575

Request headers

:method
GET
:authority
adcryp.to
:scheme
https
:path
/?utm_medium=cpc_e980f5893d154b97eb8baa36a3c01331
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsrv.adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsrv.adcryp.to/

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.25
cf-cache-status
DYNAMIC
cf-request-id
0a72cc229000009716b293e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4REoDYul7ASN6o4vc9%2Faj%2BdA9s9QS8rh9va1EJgAl0HnyhO7fnKHNL4gtvTnTzn%2FaHq5%2Fz9q0EGNBxGGYQuF6B%2FEaaWigzMyRbmMH3NtuTyVlUFYoF2HDGL77%2BgDV%2Bb%2FDRDy"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e41d3a9716-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
adcryp.to/ Frame 2B66
1 KB
1 KB
Document
General
Full URL
https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
dbcaad6a5f820771676f4317ff8609f252dfabd61272c1237aee0905339deafb

Request headers

:method
GET
:authority
adcryp.to
:scheme
https
:path
/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsrv.adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsrv.adcryp.to/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.25
cf-cache-status
DYNAMIC
cf-request-id
0a72cc22a100009716b5ade000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iYzGeFlhL6zoz8ZnAfj7Ppuzmto7D3OpNLQCN8doFXoLV4SwP5VTw8TZMyPr3aqrla91H3UkaZTX9ecxxZftPQL5Nza9fm42h5xJGuZYGnC3ExQ8f4Redem08ryY2YRnhKgk"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e43d439716-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
adcryp.to/ Frame 275C
1 KB
1 KB
Document
General
Full URL
https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
b52f125528ddc7a91dfa45e6f31412c74e3f92972321497fdee9637dca669ecc

Request headers

:method
GET
:authority
adcryp.to
:scheme
https
:path
/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsrv.adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsrv.adcryp.to/

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.25
cf-cache-status
DYNAMIC
cf-request-id
0a72cc22ba00009716df2da000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pgDprsX8KI00b%2BvtxYGfatpVlz0Pw1eNyDhWs01cu0OHrf52%2FzEkeup1qAOP0viSHqMlMuPr%2BKQ1MvmjrF2U3HdxReFg6d2vO5YUPGNreubLVl2hW%2FONU4%2FTlSgXjnmh8SOr"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e45d5b9716-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712453864&rnd=1b6ol2mr14v3&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4965
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e4b9fc4ec1-FRA
content-length
26
cf-request-id
0a72cc22f400004ec153a82000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712453860671&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=1b6ol2mr14v3&impid=&tps=29&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=15
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4965
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2e4b9ff4ec1-FRA
content-length
26
cf-request-id
0a72cc22f400004ec174a11000000001
expires
Thu, 03 Jun 2021 11:27:33 GMT
b.b.js
lcdn.runative-syndicate.com/sdk/v1/ Frame 2CBF
4 KB
4 KB
Script
General
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/b.b.js
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d7d6b4ac1019f487f26ab37a8eef1c80be8d6c213a98d875d8847e99288802c6

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Mon, 01 Jun 2020 09:16:15 GMT
server
nginx
age
29535615
etag
"5ed4c75f-100b"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
4107
300x250.jpg
lcdn.runative-syndicate.com/images/a/3/b693d51c926a34048d1f87170f27164633dd01/ Frame 2CBF
8 KB
8 KB
Image
General
Full URL
https://lcdn.runative-syndicate.com/images/a/3/b693d51c926a34048d1f87170f27164633dd01/300x250.jpg
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
0d2800042520c1606a2ebb7a01f21b0ba0c09ebcf83f2f471a6e2d69d5f0ef63

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Wed, 30 Sep 2020 05:02:35 GMT
server
nginx
age
10522097
etag
"5f74116b-1f38"
content-type
image/jpeg
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
7992
a6a7231f-ebfd-4a3a-97c1-b5bbfb911cf9
https://manicoins.com/ Frame EFFD
2 KB
0
Document
General
Full URL
blob:https://manicoins.com/a6a7231f-ebfd-4a3a-97c1-b5bbfb911cf9
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7bf321a20371d1ca123ce16a52b366eaf61ebd5135b3519287d84443cb47e44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1896
Content-Type
text/html
api.js
www.recaptcha.net/recaptcha/ Frame 1BF9
887 B
1006 B
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf
Requested by
Host: gitoku.com
URL: https://gitoku.com/re/daf781982c3153056d2eb27362147e19/6b1df04a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd2120d54005f0252a416b7b8bfdc5925d0f25f6fb9d583c40bdab2c7bb3fd72
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gitoku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
589
x-xss-protection
1; mode=block
expires
Thu, 03 Jun 2021 09:27:34 GMT
fgp2.min.js
gitoku.com/js/ Frame 5001
29 KB
11 KB
Script
General
Full URL
https://gitoku.com/js/fgp2.min.js
Requested by
Host: gitoku.com
URL: https://gitoku.com/fg/daf781982c3153056d2eb27362147e19/cf67e77d.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74c53b83275539f5180de251e4746b8626971a9d6929def61a8fe4bc2ad29a0

Request headers

Referer
https://gitoku.com/fg/daf781982c3153056d2eb27362147e19/cf67e77d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6419
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc235d00004abca1006000000001
last-modified
Thu, 22 Aug 2019 14:59:16 GMT
server
cloudflare
etag
W/"5d5eadc4-7240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wpih%2FohM%2BsFgHx9koroWC8DhUvRp5joRMQXZV96pLc12BR9Q4UOPvYMm3mUgdGdr0A2tjDr5%2Bwf%2BRen0fUlkiocGtkxuQp4tu5bFh76J8pML7j4DdArAeuUY%2FzHyQJz%2FJBWXFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6597e2e55a534abc-FRA
bootstrap.min.css
popmyads.com/dashboard/bootstrap/css/ Frame AD3D
104 KB
16 KB
Stylesheet
General
Full URL
https://popmyads.com/dashboard/bootstrap/css/bootstrap.min.css
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bbbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f61350bc40d801c8fa2b14d71dec2b79a720ac264c71b807ddb73d378af9850

Request headers

Referer
https://popmyads.com/404?dsc6123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4641
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc235c00002c2a97ac5000000001
last-modified
Thu, 07 Sep 2017 01:18:58 GMT
server
cloudflare
etag
W/"1a046-5588f3ea32480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FWqQHNo2E2X%2BmhqVqwaKcPxCVoGC7kAuDA0EXpBFt0vq6EQYP8mD9VgZ4aVjHUYzeaoIEtpz2ftGVID4kPuJ0gFqgwB0oZqARw9nERqLfZ2UXxTtaGVMVOqpC%2BOhmRSqN7KfrHc3"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6597e2e55bab2c2a-FRA
bootstrap-responsive.min.css
popmyads.com/dashboard/bootstrap/css/ Frame AD3D
16 KB
4 KB
Stylesheet
General
Full URL
https://popmyads.com/dashboard/bootstrap/css/bootstrap-responsive.min.css
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bbbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4289c63fd2b0ae5926316028943355967883265d9907d35e3c3effe4c3a09cd4

Request headers

Referer
https://popmyads.com/404?dsc6123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4614
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc235b00002c2ae89cd000000001
last-modified
Thu, 07 Sep 2017 01:18:58 GMT
server
cloudflare
etag
W/"41ab-5588f3ea32480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=a3CWh5PQfM74ioK0TlkY%2BNoGK0m5mtub%2FDuSd%2FisUhC%2BBC%2BercFU7IFx2ZluLDCt0pQ5KfS73l8cIuazHaWkgpWHUv%2FOHHB9zlkRKaePDAlHiX0hpP8sMNYk2EY5lB1hgWHDcqA5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6597e2e55baa2c2a-FRA
style.css
popmyads.com/dashboard/css/ Frame AD3D
55 KB
12 KB
Stylesheet
General
Full URL
https://popmyads.com/dashboard/css/style.css
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bbbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bc4a8c6d724075c74427caf23af8f977bb340c649a9d64b6613ba4b92e695c0

Request headers

Referer
https://popmyads.com/404?dsc6123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4572
cf-polished
origSize=64686
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc235b00002c2a992b5000000001
last-modified
Tue, 10 Oct 2017 12:00:14 GMT
server
cloudflare
etag
W/"fcae-55b300cbfaf80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=R9bmZdn4H%2F1Q3mgaWvjE5Hja1rqfGQKOOcQtr%2Bsgi2f2v23l80Gb4gbJrLpuCNcOh1TU7jNK7T1tT%2B8OKBtcMBjSeM1%2Bx0Rc4LODPyXc1qVS65dGZ04Nu9ix4b4iu2hSrIRyc5WY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6597e2e55ba42c2a-FRA
cf-bgj
minify
css
fonts.googleapis.com/ Frame AD3D
702 B
466 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Jockey+One
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
faa8b66c1a42db56dc217f07c7e1cb9a00f9235c425f165e800f515d2891af95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 08:02:38 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:33 GMT
1098.png
widgets.amung.us/small/10/ Frame AD3D
Redirect Chain
  • https://whos.amung.us/swidget/popmyads404.png
  • https://widgets.amung.us/small/10/1098.png
338 B
664 B
Image
General
Full URL
https://widgets.amung.us/small/10/1098.png
Requested by
Host: popmyads.com
URL: https://popmyads.com/404?dsc6123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f8f6bdafa97167b264c7ca87a009e1652d5c9f765a44249e0bf0908e5f5e378

Request headers

Referer
https://popmyads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
age
61761
content-length
338
cf-request-id
0a72cc24ea000005fd4096f000000001
last-modified
Sun, 13 Jun 2010 09:48:30 GMT
server
cloudflare
etag
"4c14a96e-152"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
6597e2e7dda505fd-FRA
expires
Thu, 03 Jun 2021 16:18:13 GMT

Redirect headers

location
https://widgets.amung.us/small/10/1098.png
date
Thu, 03 Jun 2021 09:27:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
bannerNativeTrackImpression.js
lcdn.runative-syndicate.com/sdk/v1/ Frame 2CBF
655 B
837 B
Script
General
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/bannerNativeTrackImpression.js
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
f870e36f1d8c5188723dd872a87705dfad89cabaf1c99ddd8ea7e0350fb48842

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Mon, 31 Aug 2020 07:23:11 GMT
server
nginx
age
23853414
etag
"5f4ca55f-28f"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
655
n.css
lcdn.runative-syndicate.com/sdk/v1/ Frame 2CBF
8 KB
8 KB
Stylesheet
General
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/n.css
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Wed, 17 Feb 2021 15:07:12 GMT
server
nginx
age
9135957
etag
"602d3120-2055"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8277
native-banner-default.css
lcdn.runative-syndicate.com/sdk/v1/ Frame 2CBF
251 B
422 B
Stylesheet
General
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/native-banner-default.css
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff9150f84253841e2097c26de1611c67aad46c758b1899c75800af0016e5c446

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
last-modified
Mon, 31 Aug 2020 07:23:11 GMT
server
nginx
age
23853413
etag
"5f4ca55f-fb"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
251
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C304
61 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_f9745d3ab5f5df1bade9944dd59c6277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
a603eac48b2a94338eb03a6909eea4cfe5d4ae62ccd2aee92f77163ca6fbe36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"891 / 628 of 1000 / last-modified: 1622672029"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21317
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
api.js
adcryp.to/cdn-cgi/bm/cv/669835187/ Frame C304
35 KB
9 KB
Script
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_f9745d3ab5f5df1bade9944dd59c6277
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_f9745d3ab5f5df1bade9944dd59c6277
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6K0KmCpb%2BRKCmRNWqAgsUWjLaXoyjwG%2B3JI7nnLgwX3tJPxMkehlg5hO0wzdXIUzj0pYOm1BwJOBzAe0XrSfDo5AmPq8gL6XfcQWWA6AWF9lIQxE7MbamXH7bJyAoKRy8cEH"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6597e2e55db89716-FRA
cf-request-id
0a72cc235600009716c6080000000001
jquery.min.js
adsrv.adcryp.to/display/js/ Frame 8627
243 KB
244 KB
Script
General
Full URL
https://adsrv.adcryp.to/display/js/jquery.min.js
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:33 GMT
Last-Modified
Mon, 01 Feb 2021 03:21:38 GMT
Server
nginx
ETag
"601773c2-3cd47"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
249159
data.png
adcryp.to/images/ Frame 8627
931 B
2 KB
Image
General
Full URL
https://adcryp.to/images/data.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264148
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
931
cf-request-id
0a72cc235700009716aa36d000000001
last-modified
Tue, 08 Dec 2020 05:01:21 GMT
server
cloudflare
etag
"5fcf08a1-3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=leIsE%2BLM%2FSFPlz9%2B1Kw3foHW7wajH3W4INalRiAGwJa9Aq18EQgTDtLpieGG%2FXtv2jwlJim84pEIsa4YUjDx%2FDMRK1v8edyr7F9NUd4gXMtwkDcDpTAUNX516QoKmYhma2Ze"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e55db99716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-icon-1608319564.png
adcryp.to/upload/credit/ Frame 8627
658 B
1 KB
Image
General
Full URL
https://adcryp.to/upload/credit/2-icon-1608319564.png
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56433dd803d523690979ccabb62f994561e71abdef50befdd4158150d7e910de

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4224686
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
658
cf-request-id
0a72cc238a00009716b2947000000001
last-modified
Fri, 18 Dec 2020 19:26:04 GMT
server
cloudflare
etag
"5fdd024c-292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pR%2BunJFVGrj3IdB%2FyWkXre%2BJNaUiu1OuJEsJNabknFudp4WekiS87YHe2W76pGWzYvXNMg7%2Fxdb3GVMOQuW9DoZ0Oe1Uq1GHcUwI2kJabxoKa5GvC%2BPu9VShCYbTP9J7HOWn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e5ade89716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
2-1608315204.jpg
adcryp.to/upload/credit/ Frame 8627
2 KB
2 KB
Image
General
Full URL
https://adcryp.to/upload/credit/2-1608315204.jpg
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a50a51f56ae3a8194fd3e1d8b86d8a5d0efdf921296bffeaac46fbe240c529ec

Request headers

Referer
https://adsrv.adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264149
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1805
cf-request-id
0a72cc239100009716c6084000000001
last-modified
Fri, 18 Dec 2020 18:13:24 GMT
server
cloudflare
etag
"5fdcf144-70d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZKYQIyJqu5r9RK4fhrCJDtBBD1WX6FZG7EfXuBGOl0nuGU3f%2BhVIK3SFtiAVAGJEWpcCQpksGfBUdiirPyixsKyTezXmXq8OlxDGn9lMcaH0%2BwcCrHwImeiLRycks5CsnWV8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6597e2e5bdee9716-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2B66
61 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
a603eac48b2a94338eb03a6909eea4cfe5d4ae62ccd2aee92f77163ca6fbe36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"891 / 713 of 1000 / last-modified: 1622672029"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21317
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
api.js
adcryp.to/cdn-cgi/bm/cv/669835187/ Frame 2B66
35 KB
9 KB
Script
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FTXo2J4pNhU5G2X6cER%2BADbglU%2B14wrMaqh2ADT7Fc1g0zCbliBJ1zF%2BVeJnHZ8EjhWBolxasDHF5C6U07xhG1faWqzmf49WAgi7hEtMz%2FB00ew7iUFweRTvIN%2Ba2rR7J36r"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6597e2e55dc89716-FRA
cf-request-id
0a72cc235b00009716b5ae4000000001
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 275C
61 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
a603eac48b2a94338eb03a6909eea4cfe5d4ae62ccd2aee92f77163ca6fbe36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"891 / 83 of 1000 / last-modified: 1622672029"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21317
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
api.js
adcryp.to/cdn-cgi/bm/cv/669835187/ Frame 275C
35 KB
9 KB
Script
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZcfGhGNOJmWsXXyDnjuDQumcxJ9R%2F3ba8GTFuZEilXUvTdthL%2BMsFeJ8l0CfoGpIK8V20ypJpcFf7ruzOXhJ9XaOGTj%2BXcjmFfz7JtCs%2Fjpvmf%2BPkhJKM4EHG4cJ1Wttlgsj"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6597e2e56dca9716-FRA
cf-request-id
0a72cc235c00009716d0b41000000001
index.php
www.bitcoadz.io/display/ Frame B7DD
8 KB
2 KB
Document
General
Full URL
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/items.php?45698&76087&728&90&4&0&0&0&0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be9ff7007c39a65cbbc80caaaefcabfd721aa61892669ef0189b42bafaab3b2

Request headers

:method
GET
:authority
www.bitcoadz.io
:scheme
https
:path
/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=767707637974b742a46de62bcefe9f29a8bd535c-1622712453-1800-AebkAknkarU0evxqrNZNBYJTGF278+9Ea3CTqptmPZMDOcRsNyIfvYvuM75kKudIG0q7uQRAmJGUAqZaA54oMak=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
cf-request-id
0a72cc236500004e080b87f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q%2FXUhXg89kZ7qEhqhavmo4%2Bj5jLq9RvIcJ0vujGBVF0nkn9RUWgknwWU1Kl%2FaUpxi0bfe3OzY8NvNO9ZVn6ynSlNGH1EqRSzzYcjrVHK%2BBg71gm94DSUZ8jL6ymc9VkiNbTV20wZtyws"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e56f514e08-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
fa52acc4-5ee0-4ab5-b0bb-d6cf4431e74b
https://manicoins.com/ Frame 8D6D
269 KB
0
Document
General
Full URL
blob:https://manicoins.com/fa52acc4-5ee0-4ab5-b0bb-d6cf4431e74b
Requested by
Host: manicoins.com
URL: blob:https://manicoins.com/a6a7231f-ebfd-4a3a-97c1-b5bbfb911cf9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7cf2bdaa84a8fee1ff732b1db43228512e832458b727e8b8bf06ca8ccbd7953

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
275331
Content-Type
text/html
/
adcryp.to/ Frame E794
1 KB
1 KB
Document
General
Full URL
https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash
49d87b26761d7028c67332aedd5999cc608981088ce5217ad5ba3fd7970a2e5c

Request headers

:method
GET
:authority
adcryp.to
:scheme
https
:path
/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adsrv.adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adsrv.adcryp.to/

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.25
cf-cache-status
DYNAMIC
cf-request-id
0a72cc23a600009716d0b44000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Pm0FXJnLtkOQs35WH5UPLs5RKvjV1nVWByQWlqm9T7E5A1J71o9xbGB3ujRH32Y8YjIH6Xer2exk1pJWBN4HYAo6FP%2BDzeZ41ClCBfWgIpxaqYA1nqzEjI3NePnFKwwgv5p5"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e5cdf69716-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
truncated
/ Frame 8D6D
19 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c5a6f309c4afc5e58f370123b2acb7e1fe3fe7d0a54a0b356acead178ca556b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8D6D
987 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38523b2d48c5fa225dfa133f0eb534667b8acdf44f6ede0079aa06c49fa28565

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
1638
serveur-minecraft.com/visit/ Frame 8087
Redirect Chain
  • https://drfrr.org/r?https://serveur-minecraft.com/visit/1638
  • https://serveur-minecraft.com/visit/1638
0
0

recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 1BF9
342 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gitoku.com
Referer
https://gitoku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3855
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136431
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 08:23:19 GMT
/
ad.gab.ag/ Frame 3659
2 KB
504 B
Document
General
Full URL
https://ad.gab.ag/
Requested by
Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=treckg&keycode=1628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff70aa440a18a5cf392af513624b8ac4fa2bb4fd158c0747afbbcde79bef625

Request headers

:method
GET
:authority
ad.gab.ag
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad2bitcoin.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad2bitcoin.com/

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 02 Jun 2021 07:46:37 GMT
cf-cache-status
DYNAMIC
cf-request-id
0a72cc250b00002c2ea7056000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AW4lc%2B%2BNKCtU42qLgWB7Q0r%2Fshl%2Bo32%2BDA5PTq6opej5EemjCyS1qhCeSv7PJ2H1cd0osomsVB%2FyQMYvrdIblvcPLe0ZJ%2BRVAnkQAa0KUwptXlwg6ByBr7RNZrUA%2FqbCpEU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e80b212c2e-FRA
content-encoding
br
/
lovemetome123456789.blogspot.com/ Frame 8BCA
183 KB
25 KB
Document
General
Full URL
https://lovemetome123456789.blogspot.com/
Requested by
Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=treckg&keycode=1628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8e0a98f7e51096a75f19419275aed91f110e27b3b7d8464d5620addd1a1817d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
lovemetome123456789.blogspot.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad2bitcoin.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad2bitcoin.com/

Response headers

content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:27:34 GMT
date
Thu, 03 Jun 2021 09:27:34 GMT
cache-control
private, max-age=0
last-modified
Thu, 17 Dec 2020 15:10:34 GMT
etag
W/"46fdcbe2d7c49681f846348cdfb068e010d64efa8e8a99988c9ebb74fca6bbd4"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
25247
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ad.gab.ag/ Frame CF4C
2 KB
707 B
Document
General
Full URL
https://ad.gab.ag/
Requested by
Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/adqlt.php?ref=treckg&keycode=1628
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff70aa440a18a5cf392af513624b8ac4fa2bb4fd158c0747afbbcde79bef625

Request headers

:method
GET
:authority
ad.gab.ag
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad2bitcoin.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad2bitcoin.com/

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-type
text/html; charset=utf-8
last-modified
Wed, 02 Jun 2021 07:46:37 GMT
cf-cache-status
DYNAMIC
cf-request-id
0a72cc250a00002c2e728f6000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kDYRY3%2FvWuqXnq9lSPmCzV07Rtd5PMHnyuXDPfE1k4qBmh1ArlFIxHW82xk9W3sdM34wbaXM6UtP6T07lVidCAFTYdLUojO03yYdfN9ep7nF3BQqLfrK%2Fs%2ByQWxW0WWSeN8%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e81b252c2e-FRA
content-encoding
br
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 5B25
61 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_e980f5893d154b97eb8baa36a3c01331
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
a603eac48b2a94338eb03a6909eea4cfe5d4ae62ccd2aee92f77163ca6fbe36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"891 / 466 of 1000 / last-modified: 1622672029"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21317
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
api.js
adcryp.to/cdn-cgi/bm/cv/669835187/ Frame 5B25
35 KB
9 KB
Script
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_e980f5893d154b97eb8baa36a3c01331
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_e980f5893d154b97eb8baa36a3c01331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nJP%2B7lpddQQUQrQFXYw47b5hZGi44V3IySSOI3JtI0LcPTmftzSkqTnbCcn1sZ7I0j9NHhhaZFapSiWZNG1IqWaFLh%2BX5FheDnHtN5cZryct0BZ7wKP%2FU%2F%2B4Ib04BJuaaO%2BD"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6597e2e68e429716-FRA
cf-request-id
0a72cc241800009716c7129000000001
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ Frame C304
311 KB
109 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ Frame 275C
311 KB
109 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ Frame 2B66
311 KB
109 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
truncated
/ Frame 8D6D
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e0cca6263416fa107cca916db5742b3e46aeb2dca4359e4051407d2cd3c6d4b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8D6D
63 KB
63 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0275679ffb2b6abe28f7636402008ed24426c8d84fdfca5aa7803ae407170356

Request headers

Origin
null
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ Frame 8D6D
68 KB
68 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2013945e077d5287e02dd14e8a29ceb880db9ff2aab1ae5c3f3f17d08fe5d6cd

Request headers

Origin
null
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ Frame 8D6D
36 KB
36 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcd3f9ed8cc9687012ed230fcea0a5de7066fbc95eb00919e37ce730efb1d26a

Request headers

Origin
null
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ Frame 8D6D
821 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec40036f822e2e0ad3bf8bdbb03a25a73a15612c1008c6527dc3759b777b0c10

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
result
adcryp.to/cdn-cgi/bm/cv/ Frame C304
0
678 B
XHR
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/result?req_id=6597e2e3bd099716
Requested by
Host: adcryp.to
URL: https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_f9745d3ab5f5df1bade9944dd59c6277
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DYX%2BNgDTXXMct%2BxYWytUGqHEnuVTkrJnoXnHJ5ZgIWHLzj6XKgqBOM5f4doRrM0vXM1YF6Yh9HtqipnR3qUDLKgNjknZwtjSHdMy3bJi4Y5DB7xp4qiCfuzwxMRjidpXsWdD"}],"group":"cf-nel","max_age":604800}
cf-ray
6597e2e6ee659716-FRA
cf-request-id
0a72cc244f00009716e62ae000000001
result
adcryp.to/cdn-cgi/bm/cv/ Frame 2B66
0
679 B
XHR
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/result?req_id=6597e2e43d439716
Requested by
Host: adcryp.to
URL: https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sWRdO0SgAYjFdhw2kk8JocqccvQZaP445WaRkCdsJEj2c1AMBMlRVl802oRBPfSIagDo0Hq%2BFIgksqa%2B8FdWZ6M1vZWxLP9PYar7xmxLAy6R1o1BHgan3HIXf%2BmEOsyX9TV%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
6597e2e72e839716-FRA
cf-request-id
0a72cc247d00009716c712c000000001
result
adcryp.to/cdn-cgi/bm/cv/ Frame 275C
0
686 B
XHR
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/result?req_id=6597e2e45d5b9716
Requested by
Host: adcryp.to
URL: https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_83680fcb93d0eb939642c5bbb47ffc54
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QD31%2Bu0WrZVryN5xnXAKO7cG3Yk5czrrzx5b0MPbTNuExJt36Qy0HAZv5%2BM%2B%2F3rGSzKND7oWhSThQjmi58HpsSrguhKuOZuPH%2B9d0vwr5bRlWJEX6hxGfqHovurPfl3su2Px"}],"group":"cf-nel","max_age":604800}
cf-ray
6597e2e74e8c9716-FRA
cf-request-id
0a72cc248e00009716bf38b000000001
cf67e77d.html
gitoku.com/fg/daf781982c3153056d2eb27362147e19/ Frame 5001
0
566 B
XHR
General
Full URL
https://gitoku.com/fg/daf781982c3153056d2eb27362147e19/cf67e77d.html
Requested by
Host: gitoku.com
URL: https://gitoku.com/fg/daf781982c3153056d2eb27362147e19/cf67e77d.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gitoku.com/fg/daf781982c3153056d2eb27362147e19/cf67e77d.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryAcYzlRyyARy6uebd

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s2bPvlU3cURWRvDaoJ3lVTrw2ki1WXCEgd1qpcxLPyDpR%2BXu81yk7V2%2FYYj25VyKZqoriFZBs0kJOeSezC7x9RqbPs7mVRt7%2FqptKRNlz5vROUQf%2FzEzCiDGj3xwV%2B1CiVDNPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, must-revalidate
cf-ray
6597e2e7c8c74abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc24e200004abcddaf7000000001
expires
-1
jquery.min.js
www.bitcoadz.io/common/js/ Frame 1087
243 KB
68 KB
Script
General
Full URL
https://www.bitcoadz.io/common/js/jquery.min.js
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1445743
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc250400004e08aa3dc000000001
last-modified
Fri, 11 Aug 2017 05:50:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jDS3xuyCZZEPCG99sMbKL%2BLctcX9Xn%2FXJeDJlEanMg56xV3OgwnDfFQfFODPBeY2Gywmmv2O%2F5HpvHJDsIQU7fUqq2a5oR96EeKem8BQqy3yJMbyyvHvRa420HDNg9xJKoc7BXEVz0fy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6597e2e80f494e08-FRA
expires
Wed, 16 Jun 2021 15:51:51 GMT
logo-small.png
www.bitcoadz.io/common/images/ Frame 1087
696 B
1 KB
Image
General
Full URL
https://www.bitcoadz.io/common/images/logo-small.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b234cd4e547010429dc55b3eb30a4de01674978c6a57e7837f873e6ab28f3a5d

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4271748
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
696
cf-request-id
0a72cc250400004e0802b2c000000001
last-modified
Mon, 18 Sep 2017 13:48:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7T%2FV6wE5YyxZta20CtP2QZAFWDRPg3if8arAiCX6xTzu7Rv4CaDqS6%2F%2F0ETM1OpgIAAuZNV%2B3MqkvM2vD8oB%2BN%2FswZlPcTpPeH49fn2Wzw4byhwbulME2KyT%2B%2B3BygGInw5SdNRUe0rQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e80f4d4e08-FRA
expires
Thu, 14 Apr 2022 22:51:46 GMT
4_small-logo2.png
www.bitcoadz.io/upload/credit/ Frame 1087
2 KB
2 KB
Image
General
Full URL
https://www.bitcoadz.io/upload/credit/4_small-logo2.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab3e21eb90fa5bc4468ff647d2b29a7e56f344d8db1ffbb40defff15be12613

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264975
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1740
cf-request-id
0a72cc253c00004e08aa8ba000000001
last-modified
Mon, 18 Sep 2017 16:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hQN%2B2%2FoMGN7oLIrs2CEz%2BvSW2E9UY07g%2F4xNcOjllCZxb%2F1mtcMYhspgc7PK7KnqxR4hoksbaoPBQ3CiW7CZ8TdK3Go9Wa4SoWccE8o3Apyc2ynyz22bw8ObGGKWuNDXvuf7UR8x8jne"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e858344e08-FRA
expires
Tue, 22 Mar 2022 21:11:19 GMT
20349_728x90_anonimous.gif
www.bitcoadz.io/upload/ Frame 1087
27 KB
27 KB
Image
General
Full URL
https://www.bitcoadz.io/upload/20349_728x90_anonimous.gif
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e643c54ee8007344044f356b79763be016a4158971326c59b9ba64cb41fbd1a

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45697&height=90&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3722161
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27463
cf-request-id
0a72cc25a400004e08e6237000000001
last-modified
Fri, 11 Dec 2020 08:16:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gtmQCoNJGi6F%2BtS0d%2FEy9rLRQtF%2Fo4aeL5sQxWcMdjsr0is%2F6zjg66cynapp5%2FxQjDwbMHsXu0C4LsIlrmPsNUeP7epKDsO26OMWVm3h7c5Xj8qZTXmtVGU%2B%2BA73pHpcLXnhDisGwC9J"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e90a114e08-FRA
expires
Thu, 21 Apr 2022 07:31:33 GMT
jquery.min.js
www.bitcoadz.io/common/js/ Frame 0D67
243 KB
68 KB
Script
General
Full URL
https://www.bitcoadz.io/common/js/jquery.min.js
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1445743
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc250400004e08e8aa0000000001
last-modified
Fri, 11 Aug 2017 05:50:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JKYLb6Vf3AUChjoNVfE8hoegj8wX8raVNrW%2BMB6Ab%2FUy4V9bpSOyQpbw72QCpkb6fMKZMHHaTW%2Fova9si46PFdIUUeLd8u9FeL38G%2BPYsvxfS%2FvaaU%2BVpNEZNbrTXW5a1c1KF91l5QUG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6597e2e80f4b4e08-FRA
expires
Wed, 16 Jun 2021 15:51:51 GMT
logo-small.png
www.bitcoadz.io/common/images/ Frame 0D67
696 B
1 KB
Image
General
Full URL
https://www.bitcoadz.io/common/images/logo-small.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b234cd4e547010429dc55b3eb30a4de01674978c6a57e7837f873e6ab28f3a5d

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4271748
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
696
cf-request-id
0a72cc250900004e08d1180000000001
last-modified
Mon, 18 Sep 2017 13:48:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=N%2Flk4UT0c%2FPzhrlEzDEdfhMcIgT8sRp2F1wS1Gt66STSyL8RCp2HmY3Xd9cJrIBDxno1E4YEgJgEDSiw4oylJDiV98lhjOj3PqOyAGua9%2F7KlI%2F1Y2ATQZ1Z6%2FoFm0PwW7qW7SgE1S5b"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e80f504e08-FRA
expires
Thu, 14 Apr 2022 22:51:46 GMT
4_small-logo2.png
www.bitcoadz.io/upload/credit/ Frame 0D67
2 KB
2 KB
Image
General
Full URL
https://www.bitcoadz.io/upload/credit/4_small-logo2.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab3e21eb90fa5bc4468ff647d2b29a7e56f344d8db1ffbb40defff15be12613

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264975
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1740
cf-request-id
0a72cc253c00004e08f5162000000001
last-modified
Mon, 18 Sep 2017 16:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iUZDgXWBT8BeqOLeMK5Ri5O82RwUfcWxivku%2Fa2dFnumMKLiNklT5ydwVPucN0oFaODJ5DJV24T9YlQRVNJ1FS9O5PtPVPdpHbgjBt9CFTHIQ5DA6zbJRLJuoeDlPGUw%2BmMpURVq5u3Z"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e858394e08-FRA
expires
Tue, 22 Mar 2022 21:11:19 GMT
data.png
www.bitcoadz.io/images/ Frame 0D67
931 B
2 KB
Image
General
Full URL
https://www.bitcoadz.io/images/data.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3963512
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
931
cf-request-id
0a72cc259800004e0895805000000001
last-modified
Fri, 11 Aug 2017 05:48:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P0fAWsepM544t8cGwDn8Llxx5zxIa1QyO37WuhJERN2cr5sIig%2Bw02vc%2FvEire6OlzZ4x2LoD93BEmz4hFhwYXyxbN7HH0Ghahpdt52XNTVqcOx%2F8f59GLz2LzixHIqnHE5z6ddwUJEe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e8f9d14e08-FRA
expires
Mon, 18 Apr 2022 12:29:02 GMT
20420_exo160x600.png
www.bitcoadz.io/upload/ Frame 0D67
91 KB
92 KB
Image
General
Full URL
https://www.bitcoadz.io/upload/20420_exo160x600.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb9939aaed3ac10f7398430da7d361529b2e4ccdb4f1f75a531ca26f3f42bfa

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45696&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3633159
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
93207
cf-request-id
0a72cc25a300004e08aa3ee000000001
last-modified
Thu, 31 Dec 2020 09:45:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HE77bB1itrDZfX%2FfNv0OVIZzS%2B4%2Ff7LotxyYg7HBlgzMolfoHMtDB0Du9vJ%2B6w6cjaJ9F7wcbNhvGnYpj%2BgzY6%2FVrU70t4I7fYpcQfKWvwN%2BxCABYan6OjP%2F3rL0Uv3UvCk9ONlRWl1%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2e8f9fa4e08-FRA
expires
Fri, 22 Apr 2022 08:14:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E794
61 KB
21 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
a603eac48b2a94338eb03a6909eea4cfe5d4ae62ccd2aee92f77163ca6fbe36c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"891 / 687 of 1000 / last-modified: 1622672029"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21317
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
api.js
adcryp.to/cdn-cgi/bm/cv/669835187/ Frame E794
35 KB
9 KB
Script
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: adcryp.to
URL: https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s3mJKIuDK8RBSsAuBnrThGTSIoRgrgQFINjqlnwCiDxY6GrXtDZK%2FRFUQVJbqbaJR%2Fks5YDFKrN4gej2BTq%2FGMvWuFeGnDsmrCLlji5p3YRracLrmv5JOelfqE6NzwBbpewd"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
6597e2e80ee09716-FRA
cf-request-id
0a72cc250300009716c9305000000001
rs
ad4m.at/ Frame ED57
426 B
944 B
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed49fcb630a629684b9bf5d169bed9b98ac95aebba979c01c7a3f6324bdc2ca5

Request headers

Referer
https://g.cash-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6597e2e8693e4e0d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9e%2Fpf36RycnImUMf106WCRCTnuQ3YbhX1uJJtocX0zWUJsF5m9kuAKmrAl7tuGlmqTke3QxEwlQlR1wiCwOgtVxvQXjWEQhEoc0OeS9sdYACEH%2FSs15eurQPKDZp0LyA"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://g.cash-ads.com
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
rs-v23g
cf-request-id
0a72cc254500004e0dcf926000000001
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ Frame 5B25
311 KB
109 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H2
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://g.cash-ads.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://g.cash-ads.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
rs-v23g
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a72cc25110000c2e5453aa000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wl3LpH6SO8fFi%2BALlLeNP7ZPuIcxDhwXowGz7o%2FqxzR43zch%2F0e%2FGL69zDOxoy26owjbf3xlI4%2FsBOI%2BOUPjiBL%2FZp9WudleWC4tcAsDYqjmnDGX5q68ReHnKh8IsCHF"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2e81c00c2e5-FRA
anchor
www.recaptcha.net/recaptcha/api2/ Frame 1059
38 KB
19 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=buqr1ueee1g7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dc1ff50f6295aee3cece758dcad886ac0faff1a0e15ecd77458d6c6cdac38ba6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mr9uIqmbXQJRpM6NCebHjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.recaptcha.net
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=buqr1ueee1g7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gitoku.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gitoku.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 03 Jun 2021 09:27:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-mr9uIqmbXQJRpM6NCebHjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
19381
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 275C
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 275C
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 275C
335 B
169 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3210641154075121&correlator=669791997017293&output=ldjh&impl=fifs&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210603&iu_parts=360613911%2Cadcryp&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cdm=adcryp.to&bc=31&abxe=1&lmt=1622712454&dt=1622712454515&dlt=1622712453953&idt=535&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=3874784279&ucis=t09p47n09iws&ifi=1&ifk=3230127270&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fadcryp.to%2F%3Futm_medium%3Dcpc_83680fcb93d0eb939642c5bbb47ffc54&ref=https%3A%2F%2Fadsrv.adcryp.to%2F&top=https%3A%2F%2Fadsrv.adcryp.to%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1413515166.1622712455&ga_sid=1622712455&ga_hid=1728561563&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
3e5eda4fcc980e9bead8afef643527559f4d505089d8937d9f2ee5154fe69be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adcryp.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b5569ccd6b4252b61984ee6fa46dd364.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 275C
0
0
Other
General
Full URL
https://b5569ccd6b4252b61984ee6fa46dd364.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

integrator.js
adservice.google.de/adsid/ Frame 2B66
107 B
799 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2B66
107 B
553 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2B66
335 B
169 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4468882557211422&correlator=2057757527179561&output=ldjh&impl=fifs&eid=31061224%2C31061004%2C21065725&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210603&iu_parts=360613911%2Cadcryp&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cdm=adcryp.to&bc=31&abxe=1&lmt=1622712454&dt=1622712454535&dlt=1622712453940&idt=587&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=955305365&ucis=4ul2zcuq09py&ifi=1&ifk=129866101&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fadcryp.to%2F%3Futm_medium%3Dcpc_1e33ebe08af607b9d3a28a5f50539e0e&ref=https%3A%2F%2Fadsrv.adcryp.to%2F&top=https%3A%2F%2Fadsrv.adcryp.to%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=756399079.1622712455&ga_sid=1622712455&ga_hid=1045107107&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
7933c11d58e32c20939355d001cd36fd70284d2045f5a7c01d9765784cb13001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adcryp.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ad488a54f79acdbaa437b57ffadb47a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B66
0
0
Other
General
Full URL
https://ad488a54f79acdbaa437b57ffadb47a0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

integrator.js
adservice.google.de/adsid/ Frame C304
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C304
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame C304
334 B
166 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2976159897700327&correlator=4388639174027910&output=ldjh&impl=fifs&eid=31061340%2C31061003%2C31061150&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210603&iu_parts=360613911%2Cadcryp&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cdm=adcryp.to&bc=31&abxe=1&lmt=1622712454&dt=1622712454547&dlt=1622712453884&idt=656&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=3896722288&ucis=kde2ud770g8i&ifi=1&ifk=913013049&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fadcryp.to%2F%3Futm_medium%3Dcpc_f9745d3ab5f5df1bade9944dd59c6277&ref=https%3A%2F%2Fadsrv.adcryp.to%2F&top=https%3A%2F%2Fadsrv.adcryp.to%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1976418059.1622712455&ga_sid=1622712455&ga_hid=857650151&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
43ec7168b5ef08cf980cf15b864d4ff460b74556fc9f8ca7a9555e1ae54a1d89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adcryp.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f033022d489e09a13e5d456d6de0c44c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DB4
6 KB
3 KB
Document
General
Full URL
https://f033022d489e09a13e5d456d6de0c44c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f033022d489e09a13e5d456d6de0c44c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 03 Jun 2021 09:27:34 GMT
expires
Fri, 03 Jun 2022 09:27:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rar
as.ad4m.at/ad/ Frame CD34
6 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2619297718ae9d9623cf2959fd41a2d57d5baee732ef13c1a59ffa078b3c5c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a72cc25b600004a989c327000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6597e2e91d594a98-FRA
content-encoding
br
pubads_impl_2021052601.js
securepubads.g.doubleclick.net/gpt/ Frame E794
311 KB
109 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 May 2021 08:37:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111649
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
integrator.js
adservice.google.de/adsid/ Frame 5B25
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5B25
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 5B25
333 B
165 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2461021072483490&correlator=2357437181195154&output=ldjh&impl=fifs&eid=31060989%2C31061224%2C31061341%2C31061301%2C31060839&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210603&iu_parts=360613911%2Cadcryp&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&cdm=adcryp.to&bc=31&abxe=1&lmt=1622712454&dt=1622712454654&dlt=1622712454049&idt=594&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=1287434124&ucis=e4pvvx6t2qe&ifi=1&ifk=2098143108&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fadcryp.to%2F%3Futm_medium%3Dcpc_e980f5893d154b97eb8baa36a3c01331&ref=https%3A%2F%2Fadsrv.adcryp.to%2F&top=https%3A%2F%2Fadsrv.adcryp.to%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1612898158.1622712455&ga_sid=1622712455&ga_hid=2144030855&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8d4ffbbd9b6f88eefb0066afc035ea66f142f6aff014652e222ad6e8926c28de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adcryp.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
30df6e5b426bbf888258c717dfaad4d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5B25
0
0
Other
General
Full URL
https://30df6e5b426bbf888258c717dfaad4d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

result
adcryp.to/cdn-cgi/bm/cv/ Frame 5B25
0
686 B
XHR
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/result?req_id=6597e2e41d3a9716
Requested by
Host: adcryp.to
URL: https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_e980f5893d154b97eb8baa36a3c01331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=miscPkhOfJlu%2B4DgZDh3550kbEm2hqGP%2FzJ2gxRTpNtqTirwifvBUXyr6sDMoBlDLLooFhyEYvgeehgFwfNM9%2B3EWQVpR%2FzzdksDI5nW4tD%2F3wyCP%2Bv%2FFqyBc5CVdO8lFN6y"}],"group":"cf-nel","max_age":604800}
cf-ray
6597e2e9cf909716-FRA
cf-request-id
0a72cc261800009716aa87b000000001
syncframe
gum.criteo.com/ Frame 7253
2 KB
1 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manicoins.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=manicoins.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jun.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jun.eurosptp.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1553
set-cookie
uid=8cd20545-916f-47e0-8d92-35129619b9e7; expires=Fri, 03 Jun 2022 09:27:33 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 03 Jun 2021 09:27:34 GMT
content-length
1129
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2B66
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56820271eeef561b351a0251e3bc0b8c2859dfdcc12324ae0c1fea3148bb08e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7808
x-xss-protection
0
jquery.min.js
www.bitcoadz.io/common/js/ Frame 5975
243 KB
68 KB
Script
General
Full URL
https://www.bitcoadz.io/common/js/jquery.min.js
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1445743
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc266800004e08d63eb000000001
last-modified
Fri, 11 Aug 2017 05:50:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QQJzqgg6ygMvlPjYIm7tBshcOif%2FVtjnoFQplth4NlFBE3pDIaZ6aOpQBgiM7U4oL%2FSn8TFlboes4CPUvh18MvIpvYeVWCQ5xaHeGIWuuOyS7oS1QKvUnl6A3NQxuv3c%2FLrfCiSy%2Bust"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6597e2ea3d024e08-FRA
expires
Wed, 16 Jun 2021 15:51:51 GMT
logo-small.png
www.bitcoadz.io/common/images/ Frame 5975
696 B
1 KB
Image
General
Full URL
https://www.bitcoadz.io/common/images/logo-small.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b234cd4e547010429dc55b3eb30a4de01674978c6a57e7837f873e6ab28f3a5d

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4271748
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
696
cf-request-id
0a72cc266800004e08e624f000000001
last-modified
Mon, 18 Sep 2017 13:48:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MLhHAexBA%2BRLgY%2FIpWL5erWdrm8a37bfSTYGypgFOgOUMi6n9RnQRDCJXapBz%2Fs9LlpvUg6Gi7KmGRA2%2FONCduWeJF1SHWNKAHlwJxrxWzYtbarNy6HmRGTTsgm%2BQtHHTPRd9a%2BfyyO6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2ea3d034e08-FRA
expires
Thu, 14 Apr 2022 22:51:46 GMT
4_small-logo2.png
www.bitcoadz.io/upload/credit/ Frame 5975
2 KB
2 KB
Image
General
Full URL
https://www.bitcoadz.io/upload/credit/4_small-logo2.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab3e21eb90fa5bc4468ff647d2b29a7e56f344d8db1ffbb40defff15be12613

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264975
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1740
cf-request-id
0a72cc26a900004e08ee39a000000001
last-modified
Mon, 18 Sep 2017 16:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XpXpmZPUcyV8blP5wHlJFIJdBLuvxFQH2%2BtCd539R8IS18IFG9N3sxrwx%2FIoRkRqekmWUaao4XG9iMlRSd2U5AmjDnZcV%2BwPDmbDcHe6H2TukjAwPPxSgyyBnYVMpU%2FAiaqn976KtMhz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2eaadef4e08-FRA
expires
Tue, 22 Mar 2022 21:11:19 GMT
20819_160_600.gif
www.bitcoadz.io/upload/ Frame 5975
56 KB
56 KB
Image
General
Full URL
https://www.bitcoadz.io/upload/20819_160_600.gif
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1887b7c36b2abe1bdd4e2dbd493124d5962590513099c5c8815a758fad2f715d

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45700&height=600&device_type=large_dev_adblock&displaytype=1&native=0&stickysupport=0&block_id=0&responsive=1&page_data=70365af4613ace2f0f496d775985aa37&time=1622712452&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2720798
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
57116
cf-request-id
0a72cc26db0000175e4923e000000001
last-modified
Sun, 02 May 2021 21:15:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4poXG9LwRt1arGWOflBc9O%2F%2Bg4IcgQ%2BqJQqJ5uRSnUgjgdplhUo90civr50loNeTHpVPBP9%2F8McFpRbfyzKtwJERGkA%2F9oz89aF%2BSciXNzOAUQ989MweHeVKb5uGT2r%2FWmf%2B2tOZDwNK"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2eaf814175e-FRA
expires
Mon, 02 May 2022 21:40:56 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 1059
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=buqr1ueee1g7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 08:22:32 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 1059
342 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=buqr1ueee1g7
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136431
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 07:00:40 GMT
index.php
www.gab.ag/ Frame CF4C
14 KB
3 KB
Document
General
Full URL
https://www.gab.ag/index.php?view=register
Requested by
Host: ad.gab.ag
URL: https://ad.gab.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78abb70b85eb301e978660326b8b2ee8922f9ec67ac80d6ede17cb267e4e181f

Request headers

:method
GET
:authority
www.gab.ag
:scheme
https
:path
/index.php?view=register
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.gab.ag/

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-type
text/html; charset=UTF-8
set-cookie
evo_session=lk7dct9uft9ndfe9jmsqgdj4c88ds4hc; expires=Thu, 03-Jun-2021 11:27:38 GMT; Max-Age=7200; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a72cc266c00002c2ea7080000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ioK28j7oF9ePS63GtOivrXPbvUlezxcRuIOqBg2dhFeLaIlaPI1z%2Fp9LCqkZSSA0%2FF25lVu3dRYMz82O3tnn66O2Qu2NgM0%2BI3z%2BuiUZHamfZ1lbjFD4iSRopSlx7bicqOzw"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2ea48e62c2e-FRA
content-encoding
br
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33558
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
_N4tg0isWBGzvBzbTPKPuPmdizQIXIMKJtLmrRdzrxd3Yz6DhHrVTQ==
sodar
pagead2.googlesyndication.com/getconfig/ Frame 275C
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f72a1e6a0ba386125a35e7d5ee0a14038f1d2d8837605242cfa16e28e50f756b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8285
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame CD34
59 KB
7 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83385
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a72cc267a000005bbaab3f000000001
cf-ray
6597e2ea5b6705bb-FRA
expires
Thu, 03 Jun 2021 10:27:34 GMT
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame CD34
38 KB
39 KB
Image
General
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
655825
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UwWzV8Vi9wwWB9_t92BZ3hXsqxnGcNPAW0LaVCSpyGkAeICaRXs_LpZzjWYyirMRzo7C0cmfApc-NiuzLQfsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
39202
cf-request-id
0a72cc267c00004a98d732e000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Nk5GK4q5iNOSAhvzmmssoVX5cAMOVx2Qx55TiXut5SfETHelokHMfsZaVIOg9ia3ps4UyMvLyYwaQp54K7qSN5AqryZylOZKwXlQ1IbNmShPDP%2F8Bz8e9SLGpJbwi%2B2yKkyAyBtWDA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:34 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
6597e2ea58f94a98-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame CD34
113 KB
113 KB
Image
General
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
656471
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UwkjW7D1NIP-SGMO0-kZ76TtZfUKrCHcFefqvfPhPmPd2kUA2JGX59C6myv_SM-svP_Kdq_okuTD9MVCpFHug
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
115268
cf-request-id
0a72cc267d00004a9893878000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HKpBlUK5r9zsP3u3fhAVHfUhkroFMsucic941KeR%2BvsGRFVnThdST8A5xuVFzyh9M6mFlJOEUiEwuYv2uJr%2F33EaMcN5hRaP%2BSlPboXtubmfsuIRoCaNAqGebkWB3jes2ItDH7YBtg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:34 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
6597e2ea58fc4a98-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame CD34
43 B
704 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidmQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4oneid__cash_ads_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:34 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
5FB9B3427737FDA312C6FA4E0849313711F7F26054777D6C81D6202E7D98AE8802F064B73B30A04B546FBF8A548520015DCC69D22E7BF9FF52BC602A1018F899
assets.ad4m.at/logo/ Frame CD34
5 KB
6 KB
Image
General
Full URL
https://assets.ad4m.at/logo/5FB9B3427737FDA312C6FA4E0849313711F7F26054777D6C81D6202E7D98AE8802F064B73B30A04B546FBF8A548520015DCC69D22E7BF9FF52BC602A1018F899
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9901541a27c605a0d7425964091d5e39ad8d0b088be795c5392e1d1dd0de3d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=CrsIJw==, md5=UgNxXQ9V0Tr1kOnyjYeV6w==
date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
652732
cf-polished
origFmt=gif, origSize=8558
x-guploader-uploadid
ABg5-Ux96OKSfM_4EUcPx8camXavChbOcHvAftSXdtFE2U5hIkbgRGExeFQ3U-zzhx0lZVkqengh_oILNG7eye4jDz7PZk4BDg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5460
cf-request-id
0a72cc268300004a9896a67000000001
last-modified
Wed, 22 Jan 2020 13:10:18 GMT
server
cloudflare
etag
"5203715d0f55d13af590e9f28d8795eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NpspJc3XhjOZDj7wxAhNwFRAV45C95tQcccbyDzdMBYkCb%2Feldp7rUlpqihgbMisO%2FS5eoWi1rj3k91%2BYfd%2BrbF8S2fsf6BnWIYv2YnWbBWMpjv4pSf2mceK%2FkNV21LJLdNGCUcsbw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698618749512
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:34 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
8558
accept-ranges
bytes
cf-ray
6597e2ea59044a98-FRA
cf-bgj
imgq:85,h2pri
A130FC0FEEF33979EEF792B44985AC6A778AC413D7779586356DF65FC9898C6946F34C947F59B3144AC7D8DC8636373267F8B621E706861AADA471D98D4FEB31.
assets.ad4m.at/product_image/ Frame CD34
39 KB
40 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/A130FC0FEEF33979EEF792B44985AC6A778AC413D7779586356DF65FC9898C6946F34C947F59B3144AC7D8DC8636373267F8B621E706861AADA471D98D4FEB31.
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
454f94ac71b595e0e5a07e6040b2ca749b3bd937a598d2baff4f83408b50de5d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=0RTw6w==, md5=Nr2foN+pTDPYEEMgKAGbHg==
date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1254813
cf-polished
qual=85, origFmt=jpeg, origSize=137867
x-guploader-uploadid
ABg5-UyVSYmLE_cDdQEWbu-xhJ1wbTa9EaMF_O-boDVZXn529NFOGU2Zygni874oQXlKLDr05tHhCT9_qNlYgcntan5xiZVSxA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="A130FC0FEEF33979EEF792B44985AC6A778AC413D7779586356DF65FC9898C6946F34C947F59B3144AC7D8DC8636373267F8B621E706861AADA471D98D4FEB31.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
40270
cf-request-id
0a72cc267e00004a98d2398000000001
last-modified
Tue, 18 May 2021 12:37:19 GMT
server
cloudflare
etag
"36bd9fa0dfa94c33d810432028019b1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1V7H0FcAvt%2FudmzwTv1060slRuvdTnn26%2Bc2kXGwxi6i%2F6JXjmJSQlMjUNcp%2Bt8ylZfmGxgiCM10O00AMp5Pwu0KY0D%2BxIRCxl7kMJ7SmVlbQENartdpLLoLUr%2BJyh61kWT%2B1uQISg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1621341439543998
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:34 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
137867
accept-ranges
bytes
cf-ray
6597e2ea59004a98-FRA
cf-bgj
imgq:85,h2pri
htlp
htlp.eon.de/ Frame CD34
Redirect Chain
  • https://www.lead-alliance.net/tpv.php?t=112510V1336136824M&subid=oneidBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2eoneid__cash_ads_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://htlp.eon.de/htlp?mc=0112012000&clid=2021060311273451046878069X112510V1336136824MSoneidBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2eoneid__cash_ads_advancedad_300x250
0
351 B
Image
General
Full URL
https://htlp.eon.de/htlp?mc=0112012000&clid=2021060311273451046878069X112510V1336136824MSoneidBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2eoneid__cash_ads_advancedad_300x250
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
server
Google Frontend
x-powered-by
Express
vary
Origin
content-type
text/html
x-cloud-trace-context
f2896ab63bd29f92489dad8ea16cfa76
cache-control
private
access-control-allow-credentials
true
content-length
0
expires
Thu, 03 Jun 2021 09:27:34 GMT

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:34 GMT
x-content-type-options
nosniff
server
nginx
content-type
text/html; charset=UTF-8
location
https://htlp.eon.de/htlp?mc=0112012000&clid=2021060311273451046878069X112510V1336136824MSoneidBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2eoneid__cash_ads_advancedad_300x250
cache-control
no-store, no-cache, must-revalidate
x-xss-protection
1; mode=block
expires
Thu, 19 Nov 1981 08:52:00 GMT
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame CD34
9 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
656123
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ABg5-Ux35StMGFparBu0Phx6_2hJnXLvtBT9mYnrbO4ZdpC4-O-Zq5hx5QjagLvTsY6IyBW0zHITwgeINGVkq57zDlY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9258
cf-request-id
0a72cc267d00004a988e33b000000001
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HPz%2BTTjSe0Jn3MlrMRRYuneYU%2B0h8MGfalQpmeQdAnVpDilYD%2BxRwNyzYaDT0ccd998EpklXBEkiPK1AbU9qbLc%2B2rba6%2BhXRpE5tjcx89H%2FWdbeLDEqK5KUYL7OhnYPQBrjk7bHMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:34 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6597e2ea58ff4a98-FRA
cf-bgj
imgq:85,h2pri
9F8480D91FC90CEC937B7FF94C307232BDE28C4F8D6CC43D5B1B0B57541ECD5622E54A9DE7BDF62469D14A7839BF40A1B33366BEA2926BBB62C8E4AE5BD7F13B
assets.ad4m.at/product_image/ Frame CD34
17 KB
17 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/9F8480D91FC90CEC937B7FF94C307232BDE28C4F8D6CC43D5B1B0B57541ECD5622E54A9DE7BDF62469D14A7839BF40A1B33366BEA2926BBB62C8E4AE5BD7F13B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4acc7be68530c88688a069775a856107c5a32ca9f5582123860913e21f613b5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=ZlUNKw==, md5=ac5yEgPd5TfDmMe6ou0UDg==
date
Thu, 03 Jun 2021 09:27:34 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1138460
cf-polished
qual=85, origFmt=jpeg, origSize=92320
x-guploader-uploadid
ABg5-UzMIkavLh7WWqSaUbFFkNYHG9U_cyXqcMHugjjnmgUTExiUhg0pmjj_YFsaDHjtUVEGjqRAPOVmK-UTkG2lwVhdzkNq4w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17214
cf-request-id
0a72cc267d00004a987192f000000001
last-modified
Mon, 08 Mar 2021 11:52:25 GMT
server
cloudflare
etag
"69ce721203dde537c398c7baa2ed140e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8PE1PEcGranGyHvVshrxqEkEpHK9pQYTQhKllRbi90sNnKSUTi9MnJoMa3UmR0umLY5hHId6TSW9R0aViUGQK58HcHm84VMhSDd%2BxFf2lTWedRtK%2BigXsb46l%2BPNrWlrRbzB08mOPg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615204345005772
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:34 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
92320
accept-ranges
bytes
cf-ray
6597e2ea58fe4a98-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame CD34
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1oneid__cash_ads_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1oneid__cash_ads_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021060311273451046878141X117663V1225131106MSoneidpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1oneid__cash_ads_advanc...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20210603112734510468781...
43 B
736 B
Image
General
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021060311273451046878141X117663V1225131106MSoneidpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1oneid__cash_ads_advancedad_300x250&wfid=117663
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=823%2C120285%2C37798&b=mQJJcefGfPjFmHZHZtzt5ZBsjtJtXB4%2CBdqqfgfPfr64AcxH6H3t9tbrDCbtdtm2e%2CpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1&f=7AqqHqfzf2JCrHXHgtECGAxCztgtrVM%2CjemmsEfGfg5XQtYHEH2tWCEM7sAtDtD9A%2CJmrrczf5fjWjuBH6H7tqCppVfjtdtbxr&c=300&d=250&e=&g=dbe95b97c5eb1ddaa8ea764608e7621c%2F294542683030367862&i=9719%2C20194%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_300x250&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.236 Giessen, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021060311273451046878141X117663V1225131106MSoneidpqGGS1fgfAZAukH4HmtztQQKhbt7tEe1oneid__cash_ads_advancedad_300x250&wfid=117663
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
result
adcryp.to/cdn-cgi/bm/cv/ Frame E794
0
678 B
XHR
General
Full URL
https://adcryp.to/cdn-cgi/bm/cv/result?req_id=6597e2e5cdf69716
Requested by
Host: adcryp.to
URL: https://adcryp.to/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b6bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://adcryp.to/?utm_medium=cpc_1e33ebe08af607b9d3a28a5f50539e0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sHGtrrLjz%2BsAWa%2FG7hZUXsFBDxEqM0R98Ml3htLNc5dYOf328g52UMEE5zMAJn6fpUDm%2FiE7yhX0O3OvMMWCCv3TyE4bwSImDhRGt7se%2FGD5by2b6fS0yjIVob1o74pzrwka"}],"group":"cf-nel","max_age":604800}
cf-ray
6597e2ea7ff19716-FRA
cf-request-id
0a72cc268a00009716db841000000001
integrator.js
adservice.google.de/adsid/ Frame E794
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E794
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adcryp.to
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E794
335 B
170 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=479889386847318&correlator=1024947711621718&output=ldjh&impl=fifs&eid=31061039%2C31061289%2C31061151&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210603&iu_parts=360613911%2Cadcryp&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&cdm=adcryp.to&bc=31&abxe=1&lmt=1622712454&dt=1622712454806&dlt=1622712454376&idt=421&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=955305365&ucis=5pdz8e4q2x0j&ifi=1&ifk=129866101&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fadcryp.to%2F%3Futm_medium%3Dcpc_1e33ebe08af607b9d3a28a5f50539e0e&ref=https%3A%2F%2Fadsrv.adcryp.to%2F&top=https%3A%2F%2Fadsrv.adcryp.to%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=221366864.1622712455&ga_sid=1622712455&ga_hid=572334885&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
70219d2484b8750386a905c72cf606ad56e1d637b53c41ecd1d8c93a590d09ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adcryp.to
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2B66
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5B25
10 KB
7 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da8b3eaa730106aa068069e97668646978e29f71d8aca97b720db0f0ab8a13ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7633
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 275C
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C304
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a283edc3c64a60d86823ec0747cf7886c3736749bd1ec88188b97ff530167b49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8171
x-xss-protection
0
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:34 GMT
pix
ads.rekmob.com/retarget/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=fBAjqPoryOd3DvlZHVzVW6gX&ssp=reklamstore
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=1aab0b59-f95d-47fd-85d8-253da203c330&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=1aab0b59-f95d-47fd-85d8-253da203c330&d=1
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=1aab0b59-f95d-47fd-85d8-253da203c330&d=1
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
271 B
590 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
7206d4ee81cb225774079752a1bf40d6163d7f8cabbfcd79c3f103889a497742

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:01 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33558
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
dfaP2Qm97JHjhnKemGsVjic4ZgCaFz8OlDpUiRck168iUsWiiHQwuw==
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ Frame 8BCA
12 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: lovemetome123456789.blogspot.com
URL: https://lovemetome123456789.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovemetome123456789.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 19:28:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3475
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:34 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5B25
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:35 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 1059
102 B
179 B
Other
General
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6eff65f2a8eb488e25dbca7a506949b599a8f05b522ee54edab296459f8efbcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=buqr1ueee1g7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 03 Jun 2021 09:27:34 GMT
dfb9e74cc0e2452db6130c29bfce2c40
gonapysa.xyz/view/ Frame 6489
Redirect Chain
  • https://ycipiwic.xyz/l/n/view/3a2db37268054d83a824c574304f2432?r=aHR0cHM6Ly9nb25hcHlzYS54eXovdmlldy9kZmI5ZTc0Y2MwZTI0NTJkYjYxMzBjMjliZmNlMmM0MA&cid=5c9e8c45736ae807509a288de6f33400&pto=0001-0000002...
  • https://gonapysa.xyz/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmV...
571 B
919 B
Document
General
Full URL
https://gonapysa.xyz/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=5c9e8c45736ae807509a288de6f33402&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985658a40096b972ebd99ff108164d69b190ea06508758ff978a6d751cc5e4fe

Request headers

:method
GET
:authority
gonapysa.xyz
:scheme
https
:path
/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=5c9e8c45736ae807509a288de6f33402&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-transform, private
p3p
CP="CAO PSA OUR"
etag
W/"wM5S-ew2v2Iyq-_gREHmGsDx3Z5jVA"
last-modified
Thu, 03 Jun 2021 09:27:35 GMT
set-cookie
tid=VGOe3fHAGuZBRODvqzJivzbs-VLOwA; expires=Sat, 03-Jul-2021 09:27:35 GMT; Max-Age=2592000; path=/; domain=gonapysa.xyz; secure; httponly; samesite=none
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-request-id
0a72cc2771000096bcf09a9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9j6ugXbYXSy4BEbIWnxbo%2BYxYYDGlBb2Q807kRijqtwwVIHNAIzgMII1UqEqyakttnjZSBfepMUR5ZDsyZOVe9z7foCJdkO1b7MuhJYB%2FpSBPtknnGoNgoyy4wYk7xpwf1FJaVvr"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2ebed9096bc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
location
https://gonapysa.xyz/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=5c9e8c45736ae807509a288de6f33402&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
cf-cache-status
DYNAMIC
cf-request-id
0a72cc274e00002b7d29363000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UnwL6soh7X6HWjLKqQnYFk5skAUcCa7WR%2FvRSQNPZNCSTQrh8GgPkjVh4VsFzq%2FeUXIuev1ntI8G51wa7SUhldw1hjWfuO0t0noC%2F8rgM3cLvGkKFI9EMfmVDawP5GeSNMTsURhx"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2ebacfa2b7d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
sprite_v1_6.css.svg
lovemetome123456789.blogspot.com/responsive/ Frame 8BCA
7 KB
2 KB
Other
General
Full URL
https://lovemetome123456789.blogspot.com/responsive/sprite_v1_6.css.svg
Requested by
Host: lovemetome123456789.blogspot.com
URL: https://lovemetome123456789.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovemetome123456789.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:47:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 17:00:12 GMT
server
sffe
age
117626
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2244
x-xss-protection
0
expires
Wed, 09 Jun 2021 00:47:09 GMT
/
www.www.baomoi.com.tntn.cf/ Frame F209
148 KB
23 KB
Document
General
Full URL
https://www.www.baomoi.com.tntn.cf/
Requested by
Host: lovemetome123456789.blogspot.com
URL: https://lovemetome123456789.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2b2d4c5dd00ac4338c4c2ab2a085298d0e1185c2e1d58af9cf9100748d5f8d97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.www.baomoi.com.tntn.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lovemetome123456789.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://lovemetome123456789.blogspot.com/

Response headers

content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:27:35 GMT
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
private, max-age=0
last-modified
Wed, 30 Dec 2020 11:46:28 GMT
etag
W/"c8bce86ef2d93104b9ccac863bdc8000736acc6195bd0c11ff484b62f668500b"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
22964
server
GSE
/
www.vietnamnet.vn.nmnm.cf/ Frame AC6A
182 KB
26 KB
Document
General
Full URL
https://www.vietnamnet.vn.nmnm.cf/
Requested by
Host: lovemetome123456789.blogspot.com
URL: https://lovemetome123456789.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
GSE /
Resource Hash
39c7236869f6294ac1bc4334b31d70129c3aca4086785267acfea7a0a59bee11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.vietnamnet.vn.nmnm.cf
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lovemetome123456789.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://lovemetome123456789.blogspot.com/

Response headers

content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:27:35 GMT
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
private, max-age=0
last-modified
Wed, 30 Dec 2020 11:44:05 GMT
etag
W/"eca2e015703d41fa0c786cdc4ec9153c26dbf8c7035e2bd4b795379d467ebab3"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
25992
server
GSE
amv_25.html
www.kissanime1.ml/2020/11/ Frame F532
96 KB
18 KB
Document
General
Full URL
https://www.kissanime1.ml/2020/11/amv_25.html
Requested by
Host: lovemetome123456789.blogspot.com
URL: https://lovemetome123456789.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dbcef181283c990b4e3dea3fb909c519d9aa986f8b76924f171912d02acc0120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.kissanime1.ml
:scheme
https
:path
/2020/11/amv_25.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lovemetome123456789.blogspot.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://lovemetome123456789.blogspot.com/

Response headers

content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:27:35 GMT
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
private, max-age=0
last-modified
Tue, 25 May 2021 09:00:08 GMT
etag
W/"44b75f5ce3b239de64318e7091dbd0e63e50fd0c8a929339a7308ff243d90daf"
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
18248
server
GSE
4003784900-vegeclub_compiled.js
resources.blogblog.com/blogblog/data/res/ Frame 8BCA
136 KB
137 KB
Script
General
Full URL
https://resources.blogblog.com/blogblog/data/res/4003784900-vegeclub_compiled.js
Requested by
Host: lovemetome123456789.blogspot.com
URL: https://lovemetome123456789.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48f25742fadbefad97a1d50d11611efc83249e83c4bf967fa0f36b6105a906d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovemetome123456789.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 06:09:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 21:59:31 GMT
server
sffe
age
98282
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139556
x-xss-protection
0
expires
Wed, 09 Jun 2021 06:09:33 GMT
cookienotice.js
lovemetome123456789.blogspot.com/js/ Frame 8BCA
6 KB
2 KB
Script
General
Full URL
https://lovemetome123456789.blogspot.com/js/cookienotice.js
Requested by
Host: lovemetome123456789.blogspot.com
URL: https://lovemetome123456789.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovemetome123456789.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 06:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 Jun 2021 05:57:54 GMT
server
sffe
age
95953
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2026
x-xss-protection
0
expires
Wed, 09 Jun 2021 06:48:22 GMT
4154767893-widgets.js
www.blogger.com/static/v1/widgets/ Frame 8BCA
146 KB
53 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/4154767893-widgets.js
Requested by
Host: lovemetome123456789.blogspot.com
URL: https://lovemetome123456789.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fa997e09f206cb872e70d94837c6c32a5438f86a1c962886db3497b8af26d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovemetome123456789.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 19:10:10 GMT
server
sffe
age
214684
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54286
x-xss-protection
0
expires
Tue, 31 May 2022 21:49:31 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C304
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E794
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
617c6ac911930407b6d6b4a6fd266f5c7b67bb74b0fbf118ce457a77b7dacd1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7668
x-xss-protection
0
adp
ads.rekmob.com/m/ Frame 772A
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=xTvFxzpUL3Q1zNx5f0YI&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__xTvFxzpUL3Q1zNx5f0YI&ref=g.cash-ads.com&_=1622712455116&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
d71a79e64f9caf89a9fd7ac123fabe6d5049c00db4a807e46fbee65ac0624bfc

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7C5F
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 09:16:09 GMT
expires
Fri, 03 Jun 2022 09:16:09 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
686
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3601
783 B
779 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6719aedef2d721f0cc35af4fc6d65fe90bb1ce53e3f846d1b83e2976335cc8ba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cRO8+/GcgzMBIdHtDbZO+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

expires
Thu, 03 Jun 2021 09:27:35 GMT
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-cRO8+/GcgzMBIdHtDbZO+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 868D
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 09:16:09 GMT
expires
Fri, 03 Jun 2022 09:16:09 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
686
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 55C0
783 B
739 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3bcb085e15f3fd7e95440c92531fa82f913f2847ff74d5dfea6ea9e7fabc9442
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8/5f26KCXxMySmTgrsjUUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

expires
Thu, 03 Jun 2021 09:27:35 GMT
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-8/5f26KCXxMySmTgrsjUUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:35 GMT
/
ads.rekmob.com/m/props/ Frame 772A
270 B
592 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9c7cf1ffffab38fd0849a66dc32136a0677370a18c1613bf390f68133ac52730

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33559
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
156v-gdAv255zhucmRXWmEEqnkBqOvGKk3N7mELlx6QULY0Okivc5w==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E794
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:35 GMT
1110727
ad.a-ads.com/ Frame 7444
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1110727?size=728x90
Requested by
Host: ad2bitcoin.com
URL: https://ad2bitcoin.com/ad.php?ref=treckg&width=468
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
06b82202b476b4e7170d35bc674c22c9202967fed93495d0c121591e11d4cbe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ad2bitcoin.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad2bitcoin.com/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://ad2bitcoin.com/
Content-Encoding
gzip
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 613B
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 09:16:09 GMT
expires
Fri, 03 Jun 2022 09:16:09 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
686
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame ADC1
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3507fb25bf9f5f4a36a714f7b17510963093a3fe2e0ad450a3a80e8e11e9d8d1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-07sPNXMMfL6CchFty4FxMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

expires
Thu, 03 Jun 2021 09:27:35 GMT
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-07sPNXMMfL6CchFty4FxMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
reload
www.recaptcha.net/recaptcha/api2/ Frame 1059
28 KB
15 KB
XHR
General
Full URL
https://www.recaptcha.net/recaptcha/api2/reload?k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6d24a3c22d30be4245f1f5bfafaa66b15b72dc37538060632004fb3cf2d3fbf3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=buqr1ueee1g7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15800
x-xss-protection
1; mode=block
expires
Thu, 03 Jun 2021 09:27:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame A901
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 09:16:09 GMT
expires
Fri, 03 Jun 2022 09:16:09 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
686
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0EEC
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
250a184709ed324116d49e9658ba8a4fbd8aacb61a97c3b4a1bac0a7b908b435
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4a48CMNQbZn+uAWXEpEXOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

expires
Thu, 03 Jun 2021 09:27:35 GMT
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-4a48CMNQbZn+uAWXEpEXOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
blogger_logo_round_35.png
www.blogger.com/img/ Frame 8BCA
2 KB
2 KB
Image
General
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: lovemetome123456789.blogspot.com
URL: https://lovemetome123456789.blogspot.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lovemetome123456789.blogspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:43:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 15:15:07 GMT
server
sffe
age
117851
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2531
x-xss-protection
0
expires
Wed, 09 Jun 2021 00:43:24 GMT
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=j1OjoNycVmfLcTYT6Q80&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__j1OjoNycVmfLcTYT6Q80&ref=g.cash-ads.com&_=1622712455315&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
ecab71d3bed0cb52ab56495da8378e889e74ab6f5771d423d382c63b71f0948f

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
view.js
gonapysa.xyz/-/ Frame 6489
2 KB
2 KB
Script
General
Full URL
https://gonapysa.xyz/-/view.js
Requested by
Host: gonapysa.xyz
URL: https://gonapysa.xyz/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=5c9e8c45736ae807509a288de6f33402&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
532f2b8eaeac84111b882e6b1fbb8bf9623abccfd714ea87ec55045edb9c2255

Request headers

Referer
https://gonapysa.xyz/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=5c9e8c45736ae807509a288de6f33402&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5082
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc28a10000d6e5f70eb000000001
last-modified
Thu, 27 May 2021 11:02:29 GMT
server
cloudflare
etag
W/"60af7c45-9e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lvhG93kVX8YuFfVNQh3BGnOnO09d6M%2Bl33UwsMDJuhQKukVe0THNSKnsQ%2F0bN5Ni0G2z5W2lvUWd4W0tEiKCAHTPh4nW%2FFiDf8s5MwSgUScSKHkohZr2GU0mxtz%2FK3tsMqgybUOq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6597e2edc887d6e5-FRA
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:35 GMT
/
ads.rekmob.com/m/props/ Frame 772A
272 B
589 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5d66b2361b1910b9139fd827bad6bde30c2fa0112451dc995047f05929227311

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33559
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
rXS8yi3ciNCKedYMYfADCbDb9LdH6R7-MOxj4zxdXtTSRB020cd0Wg==
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5915
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 03 Jun 2021 09:16:09 GMT
expires
Fri, 03 Jun 2022 09:16:09 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
686
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6CE7
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
46d5a8dc8dfbdd7894d8f66feb7109189ef391575541c63725fa0044686b7b9b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TXtdE4HhqnfdnZVFNnbM+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adcryp.to/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adcryp.to/

Response headers

expires
Thu, 03 Jun 2021 09:27:35 GMT
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TXtdE4HhqnfdnZVFNnbM+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ Frame AC6A
12 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vietnamnet.vn.nmnm.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 19:28:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3475
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:35 GMT
rs
ad4m.at/ Frame 1C28
370 B
876 B
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7848aab1733bc0564e8c9c51a66477253dfb298dccfdf3f93a05b159ea7efe6

Request headers

Referer
https://g.cash-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6597e2ee3f124e0d-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rEantlQNUWIxr8rDjH4A18xnt%2BXt5UxUb5a7osQBxGwp6efXrevNMcFgWaBEWK3MugxSfHFJDEdDmjdWqdnVJdG6iMM%2B3UfrTN6aPgxqgMb%2BbUaxpWSH4WXuvv1aH3fy"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://g.cash-ads.com
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
rs-v23g
cf-request-id
0a72cc28e700004e0dcf3ea000000001
jquery.min.js
www.bitcoadz.io/common/js/ Frame B7DD
243 KB
68 KB
Script
General
Full URL
https://www.bitcoadz.io/common/js/jquery.min.js
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1445744
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc28cd00004e08f439b000000001
last-modified
Fri, 11 Aug 2017 05:50:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BscPx2fcJ8NXVk1gIeQ3hTF41YZ80wGN%2FF4teRv%2F1UqU82vveBXKlk7YYrnRAjSAuVFsVkfji%2Fa95z8Sc54bwG27pXJrrwCgR3qEKC1s0VKo7tL%2BvJoZKoKEzSE%2BOKYDqX8ogXiE%2Fy3R"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6597e2ee1f2d4e08-FRA
expires
Wed, 16 Jun 2021 15:51:51 GMT
logo-small.png
www.bitcoadz.io/common/images/ Frame B7DD
696 B
1 KB
Image
General
Full URL
https://www.bitcoadz.io/common/images/logo-small.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b234cd4e547010429dc55b3eb30a4de01674978c6a57e7837f873e6ab28f3a5d

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4271749
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
696
cf-request-id
0a72cc28ce00004e08e628b000000001
last-modified
Mon, 18 Sep 2017 13:48:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hmWGWCmjYBCDTu1suNHCsEAY%2FUMc4DT4pZtUPMpX%2B6APkbg8gd8pRyOHSxCfZyRqWlce5rigDwvTH55xfTtiukVUuA1J7OmeIqEVOm2jHqDYmmIgZsGw4VV3Ce%2BJMdqJo68vSun2%2F9r3"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2ee1f354e08-FRA
expires
Thu, 14 Apr 2022 22:51:46 GMT
4_small-logo2.png
www.bitcoadz.io/upload/credit/ Frame B7DD
2 KB
2 KB
Image
General
Full URL
https://www.bitcoadz.io/upload/credit/4_small-logo2.png
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab3e21eb90fa5bc4468ff647d2b29a7e56f344d8db1ffbb40defff15be12613

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6264976
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1740
cf-request-id
0a72cc294a00004e08e6299000000001
last-modified
Mon, 18 Sep 2017 16:11:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GK0Ss6nl%2BQjz6AThp7qP1TxLaZM92UOuWxyKBHIgdlr%2BeVgg%2F%2FfopGDoMH7SR9%2BH4QOCsBOMgNn8sRrMn9g9FV733kDXEu8XQ2BRH6buUo%2FoX1W5MmcivSYFY1g8V9SgixMvDHT1h0dQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
6597e2eed9294e08-FRA
expires
Tue, 22 Mar 2022 21:11:19 GMT
sprite_v1_6.css.svg
www.vietnamnet.vn.nmnm.cf/responsive/ Frame AC6A
7 KB
2 KB
Other
General
Full URL
https://www.vietnamnet.vn.nmnm.cf/responsive/sprite_v1_6.css.svg
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vietnamnet.vn.nmnm.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 08:55:46 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2244
x-xss-protection
0
expires
Thu, 10 Jun 2021 09:27:35 GMT
Cookie set F153A28D15CE
mellowads.com/view/ Frame 72DE
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/F153A28D15CE
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11021c30663759ca8c3f5a67849cf3cd580b8f8bbe9fb88f98b01d24cf774e32

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.vietnamnet.vn.nmnm.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.vietnamnet.vn.nmnm.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:40 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc28ec0000d6c526128000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2ee4b2fd6c5-FRA
Content-Encoding
gzip
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H2
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://g.cash-ads.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://g.cash-ads.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
rs-v23g
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a72cc28ca0000c2e533885000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3GkxHdU1DrXKvCd2nZMLgPfe15Nfd5QZYD7VpLEvc3yUYxx6j177dkT4YhzQTBNQFLU9BY6dPM57qS2SMrRGV6F%2Fuf5XqLlHdXZrJUvaeOx%2BcOxlpoFfPxhaqIkNo5JK"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2ee08ebc2e5-FRA
Cookie set FA91F4BB821F
mellowads.com/view/ Frame 608A
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/FA91F4BB821F
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875c56f3f89c0bed24f5383f995706baacb399150bea1466801fd93ad07c2677

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.vietnamnet.vn.nmnm.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.vietnamnet.vn.nmnm.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:49 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc29020000beba5a08c000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2ee4a22beba-FRA
Content-Encoding
gzip
Cookie set 335D3A8A3007
mellowads.com/view/ Frame 2C7D
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/335D3A8A3007
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08112594a094b208a4415fce2acffac973304326ef87507fbb31e6c938a66fc2

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.vietnamnet.vn.nmnm.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.vietnamnet.vn.nmnm.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:35 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc28eb00002bc2dfa3d000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2ee4c082bc2-FRA
Content-Encoding
gzip
close.png
mellowads.com/img/ Frame AC6A
399 B
1009 B
Image
General
Full URL
https://mellowads.com/img/close.png
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
317a4b3c77269258fbf082d910a099adcd8873cb9c037b42c9b6468ce8d7101d

Request headers

Referer
https://www.vietnamnet.vn.nmnm.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
1076524
Cf-Polished
origSize=1422
Connection
keep-alive
Content-Length
399
cf-request-id
0a72cc28f200002b710db07000000001
Last-Modified
Wed, 15 Nov 2017 09:57:37 GMT
Server
cloudflare
ETag
"967d12af85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2ee5db52b71-FRA
Cf-Bgj
imgq:100,h2pri
4003784900-vegeclub_compiled.js
resources.blogblog.com/blogblog/data/res/ Frame AC6A
136 KB
136 KB
Script
General
Full URL
https://resources.blogblog.com/blogblog/data/res/4003784900-vegeclub_compiled.js
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48f25742fadbefad97a1d50d11611efc83249e83c4bf967fa0f36b6105a906d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vietnamnet.vn.nmnm.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 06:09:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 21:59:31 GMT
server
sffe
age
98282
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139556
x-xss-protection
0
expires
Wed, 09 Jun 2021 06:09:33 GMT
cookienotice.js
www.vietnamnet.vn.nmnm.cf/js/ Frame AC6A
6 KB
2 KB
Script
General
Full URL
https://www.vietnamnet.vn.nmnm.cf/js/cookienotice.js
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
any-in-2215.1e100.net
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vietnamnet.vn.nmnm.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 08:55:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Thu, 10 Jun 2021 09:27:35 GMT
4154767893-widgets.js
www.blogger.com/static/v1/widgets/ Frame AC6A
146 KB
53 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/4154767893-widgets.js
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fa997e09f206cb872e70d94837c6c32a5438f86a1c962886db3497b8af26d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vietnamnet.vn.nmnm.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 19:10:10 GMT
server
sffe
age
214684
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54286
x-xss-protection
0
expires
Tue, 31 May 2022 21:49:31 GMT
728x90
static.a-ads.com/a-ads-banners/175090/ Frame 7444
41 KB
42 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/175090/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1110727?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c582d21e47fdd55c868b22e15e5e4799eec9ff4184c6fc6f10ad47cb5f80017c

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Last-Modified
Thu, 03 Jun 2021 05:41:19 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
8S15J864E6VRSDYN
ETag
"cf2cd796b336549e3bbd0a7d24629960"
Content-Type
image/png
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
42296
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
6mbRQDVflYZoQnVM7qqGsyDTzGRGR9f6
x-amz-id-2
XfndAM4qBe04nURjmjWjugccAhjLbWawKSUYTblmLNtYP2jNBcgrArrQ6A7Eo4EfswL+65fm06o=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cookie set 0538B66CECD2
mellowads.com/view/ Frame DD31
3 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/0538B66CECD2
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3861d539d004333e92fdf9891613b4bc72fd05e0bfa5ab6105b6da1edad3bf

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.vietnamnet.vn.nmnm.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.vietnamnet.vn.nmnm.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:40 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc293200002b71e53b1000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2eebe962b71-FRA
Content-Encoding
gzip
Cookie set FD623390B1FD
mellowads.com/view/ Frame F2E2
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/FD623390B1FD
Requested by
Host: www.vietnamnet.vn.nmnm.cf
URL: https://www.vietnamnet.vn.nmnm.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7967da0f4254751c0301d688cffe377e97419ac9322895f0d06a3bf5c63f4b

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.vietnamnet.vn.nmnm.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.vietnamnet.vn.nmnm.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:28 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc294a00004ddca19a3000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2eedca74ddc-FRA
Content-Encoding
gzip
pix
ads.rekmob.com/retarget/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dreklamstore%26bsw_pa...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=3e28662e6a904fde87a622e0ec4467b3&ssp=reklamstore&bsw_param=1aab0b59-f95d-47fd-85d8-253da203c330&gdpr=&consent=&gdpr_pd=
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=1aab0b59-f95d-47fd-85d8-253da203c330&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=1aab0b59-f95d-47fd-85d8-253da203c330&d=1
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=1aab0b59-f95d-47fd-85d8-253da203c330&d=1
date
Thu, 03 Jun 2021 09:27:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
270 B
594 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fa3b732f98185a709919fde825ac9539c580c02d1516e9ebe9ca2312e8512f88

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=7W2dyN1aoodTiP2dNckv&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__7W2dyN1aoodTiP2dNckv&ref=g.cash-ads.com&_=1622712455530&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
125291a1043b461f3b3cd1384c5384faa2bf2b7cc9054a9f726758407ced10ff

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
5c9e8c45736ae807509a288de6f33402
gonapysa.xyz/context/ Frame 6489
43 B
589 B
Image
General
Full URL
https://gonapysa.xyz/context/5c9e8c45736ae807509a288de6f33402?k=eyJmcmFtZSI6MCwid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMCwidXJsIjoiaHR0cHM6Ly9tYW5pY29pbnMuY29tLyIsInBvcCI6MH0
Requested by
Host: gonapysa.xyz
URL: https://gonapysa.xyz/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=5c9e8c45736ae807509a288de6f33402&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://gonapysa.xyz/view/dfb9e74cc0e2452db6130c29bfce2c40?cid=5c9e8c45736ae807509a288de6f33400&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=5c9e8c45736ae807509a288de6f33402&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c4lk7mgdLQUrxXEApIizvwSSDXbOOnuMc6E7Xc%2B0mEzcgu4FJNWHWjEg8SjbcYk7R3GsLwWi5P85%2FExh%2BNKIJaxvNnPSvxdBTbCnEb%2B3%2FUpZjudrrT%2F%2F0DXzYLf43gD7%2BBHiV%2FON"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, private
cf-ray
6597e2ef1b3ad6e5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc296c0000d6e51abcc000000001
rar
as.ad4m.at/ad/ Frame BD56
5 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r38oxwat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d0e1445c328585c9666a273ae2bb14b98f85dda4583abdb223d7e29b9c08557
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://g.cash-ads.com/

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a72cc298c00004a98e6007000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6597e2ef3ed24a98-FRA
content-encoding
br
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ Frame F209
12 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.www.baomoi.com.tntn.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 19:28:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3475
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:35 GMT
close.png
mellowads.com/img/ Frame F209
399 B
1009 B
Image
General
Full URL
https://mellowads.com/img/close.png
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
317a4b3c77269258fbf082d910a099adcd8873cb9c037b42c9b6468ce8d7101d

Request headers

Referer
https://www.www.baomoi.com.tntn.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
1076524
Cf-Polished
origSize=1422
Connection
keep-alive
Content-Length
399
cf-request-id
0a72cc298e000032601d317000000001
Last-Modified
Wed, 15 Nov 2017 09:57:37 GMT
Server
cloudflare
ETag
"967d12af85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2ef4e5f3260-FRA
Cf-Bgj
imgq:100,h2pri
6b1df04a.html
gitoku.com/re/daf781982c3153056d2eb27362147e19/ Frame 1BF9
0
472 B
XHR
General
Full URL
https://gitoku.com/re/daf781982c3153056d2eb27362147e19/6b1df04a.html
Requested by
Host: gitoku.com
URL: https://gitoku.com/re/daf781982c3153056d2eb27362147e19/6b1df04a.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gitoku.com/re/daf781982c3153056d2eb27362147e19/6b1df04a.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarymgYJF8guTSJ4GhAF

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:35 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w026PugOLoWpZrgB8ZDzDf1%2BbeeoVWoaaiswtBri992P6EmL79MLRaYDAv6hJcTdR%2Btad%2FCs%2FVRAGMc4vFe1MyCwZ3E2VPCeBweYdLHyNG4cDmoqmj2SbGhuLzn1jV5d37dxKw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, must-revalidate
cf-ray
6597e2ef4a874e5c-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc298900004e5c0f9d1000000001
expires
-1
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 7C5F
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 18:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
55125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 18:08:50 GMT
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 868D
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 18:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
55125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 18:08:50 GMT
HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
gitoku.com/register/xc449bad4854773ff/VGOe3fHAGuZBRODvqzJivzbs-VLOwA/ Frame 9F5C
389 B
788 B
Document
General
Full URL
https://gitoku.com/register/xc449bad4854773ff/VGOe3fHAGuZBRODvqzJivzbs-VLOwA/HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089235661a668bb50fe8219681157f56c90876102a6fb39213c07e6ba207a534

Request headers

:method
GET
:authority
gitoku.com
:scheme
https
:path
/register/xc449bad4854773ff/VGOe3fHAGuZBRODvqzJivzbs-VLOwA/HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
max-age=0, private, s-maxage=0
set-cookie
__au=aESG23tqC7LSGY1SSrhZiQ%3D%3D; expires=Fri, 03-Jun-2022 09:27:35 GMT; Max-Age=31536000; path=/; secure; httponly; samesite=none __cf_bm=eb90c35f6deebb021b6c66e5b1f1c4b376621b11-1622712455-1800-AbjGI2JjmBITeOk9vHRWIsdAisobFFCMJSCkKU5xZZn8QCZZczdLmdD2SDax0TiHhx/KPUHAa/kRx4o/WEAkWMg=; path=/; expires=Thu, 03-Jun-21 09:57:35 GMT; domain=.gitoku.com; HttpOnly; Secure; SameSite=None
cf-cache-status
DYNAMIC
cf-request-id
0a72cc29a200004e5c4c806000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uoL%2FibwpR%2BUy2YtKWBWNJpDD0Wnl%2FaZV1wwl%2B%2Bv310WxwL26h%2FqjmugSNjQYVo2P7HUFNrqiga%2FiqGMKgvyF5rnu5Fk5uuK2305v6lUmJBo%2BR7tofeUfYrQ4SL8%2BKUoRL2ybqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2ef6ad24e5c-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
sprite_v1_6.css.svg
www.www.baomoi.com.tntn.cf/responsive/ Frame F209
7 KB
2 KB
Other
General
Full URL
https://www.www.baomoi.com.tntn.cf/responsive/sprite_v1_6.css.svg
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.www.baomoi.com.tntn.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 Jun 2021 17:57:45 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2244
x-xss-protection
0
expires
Thu, 10 Jun 2021 09:27:35 GMT
Cookie set E3ED2177086A
mellowads.com/view/ Frame 0012
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/E3ED2177086A
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294292dad3c8ff6b2b062c326b224622b975a45173627b86544338a767c9a3f2

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.www.baomoi.com.tntn.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.www.baomoi.com.tntn.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:35 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc29af000032600db48000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2ef7ed13260-FRA
Content-Encoding
gzip
Cookie set 70C484EDA031
mellowads.com/view/ Frame C45B
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/70C484EDA031
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03623d6100facad0445a642c07be0d3e23ec0c8f458e4c7ced8d4e5a87907aa8

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.www.baomoi.com.tntn.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.www.baomoi.com.tntn.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:28 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc29ea0000d6c5a1a56000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2efde33d6c5-FRA
Content-Encoding
gzip
Cookie set C44DA330A4A4
mellowads.com/view/ Frame 810A
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/C44DA330A4A4
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60e5c35a0c418b3b6e1bb6e16c9fcf7413aea5648ec9a1a123fb49a90443c053

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.www.baomoi.com.tntn.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.www.baomoi.com.tntn.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:30 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc29ed00002bc2cfa7b000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2efefe52bc2-FRA
Content-Encoding
gzip
4003784900-vegeclub_compiled.js
resources.blogblog.com/blogblog/data/res/ Frame F209
136 KB
136 KB
Script
General
Full URL
https://resources.blogblog.com/blogblog/data/res/4003784900-vegeclub_compiled.js
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d48f25742fadbefad97a1d50d11611efc83249e83c4bf967fa0f36b6105a906d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.www.baomoi.com.tntn.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 06:09:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 21:59:31 GMT
server
sffe
age
98282
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139556
x-xss-protection
0
expires
Wed, 09 Jun 2021 06:09:33 GMT
cookienotice.js
www.www.baomoi.com.tntn.cf/js/ Frame F209
6 KB
2 KB
Script
General
Full URL
https://www.www.baomoi.com.tntn.cf/js/cookienotice.js
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.www.baomoi.com.tntn.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 06:57:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Thu, 10 Jun 2021 09:27:35 GMT
4154767893-widgets.js
www.blogger.com/static/v1/widgets/ Frame F209
146 KB
53 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/4154767893-widgets.js
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fa997e09f206cb872e70d94837c6c32a5438f86a1c962886db3497b8af26d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.www.baomoi.com.tntn.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 19:10:10 GMT
server
sffe
age
214684
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54286
x-xss-protection
0
expires
Tue, 31 May 2022 21:49:31 GMT
blogger_logo_round_35.png
www.blogger.com/img/ Frame AC6A
2 KB
2 KB
Image
General
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: resources.blogblog.com
URL: https://resources.blogblog.com/blogblog/data/res/4003784900-vegeclub_compiled.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.vietnamnet.vn.nmnm.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:43:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 15:15:07 GMT
server
sffe
age
117851
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2531
x-xss-protection
0
expires
Wed, 09 Jun 2021 00:43:24 GMT
Cookie set 260544E8445E
mellowads.com/view/ Frame FB71
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/260544E8445E
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba5aad9708f59f3a458c5415628bc5e647dfcc01577a42cf7cebd383f52ad4d

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.www.baomoi.com.tntn.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.www.baomoi.com.tntn.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:35 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc2a2f0000beba511e6000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2f04b97beba-FRA
Content-Encoding
gzip
Cookie set D422DDD74C99
mellowads.com/view/ Frame 63DE
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/D422DDD74C99
Requested by
Host: www.www.baomoi.com.tntn.cf
URL: https://www.www.baomoi.com.tntn.cf/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2903b25f4c546b29db8e65b43d8b9de9435b97be7dcb9a9f13a0d6b6941f1fcc

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.www.baomoi.com.tntn.cf/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.www.baomoi.com.tntn.cf/

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:30 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc2a5600002b71b1931000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e2f08b262b71-FRA
Content-Encoding
gzip
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=eNIyHrrlIstFzPfldsbN&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__eNIyHrrlIstFzPfldsbN&ref=g.cash-ads.com&_=1622712455683&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fc2fcd486a4b62c9cb8defc598d71be80ba779e914d1294446187b051a2f3cc8

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 613B
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 18:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
55125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 18:08:50 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4226
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2f0387da8c1-CDG
content-length
1146
cf-request-id
0a72cc2a250000a8c14c079000000001
expires
Thu, 03 Jun 2021 11:27:35 GMT
5a1b9c9bcd394786b925816e44cc87a0
adimg.rekmob.com/ Frame 948A
27 KB
28 KB
Image
General
Full URL
https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd8d37964d54dedc218e5346e5442830ac85a24fec916f3f3a540d0f08037c33

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 15:53:43 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:22:03 GMT
Server
AmazonS3
Age
74731
ETag
"8bf981578b0ec356244ea5b3376c955c"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
27977
X-Amz-Cf-Id
UdOZ6EYhxpj-HdJzj3k8F6SBr04rdltErxEaQptYTVsR1pHAGVNddg==
imp
ads.rekmob.com/m/ Frame 948A
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=9149d2d059084fa797c278c9932b96f2&rid=NjBiOGEwODcwY2YyYmVmMTBkNWFhYmU5&adId=MTM3MA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame A901
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 18:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
55125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 18:08:50 GMT
blogger_logo_round_35.png
www.blogger.com/img/ Frame F209
2 KB
2 KB
Image
General
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: resources.blogblog.com
URL: https://resources.blogblog.com/blogblog/data/res/4003784900-vegeclub_compiled.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.www.baomoi.com.tntn.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:43:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 15:15:07 GMT
server
sffe
age
117851
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2531
x-xss-protection
0
expires
Wed, 09 Jun 2021 00:43:24 GMT
default.css
as.ad4m.at/ad/style/0.1.6/one-ad/ Frame BD56
59 KB
7 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.6/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
83386
cf-polished
origSize=60706
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-request-id
0a72cc2a85000005bb53b08000000001
cf-ray
6597e2f0ddbb05bb-FRA
expires
Thu, 03 Jun 2021 10:27:35 GMT
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame BD56
9 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Thu, 03 Jun 2021 09:27:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
656124
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ABg5-Ux35StMGFparBu0Phx6_2hJnXLvtBT9mYnrbO4ZdpC4-O-Zq5hx5QjagLvTsY6IyBW0zHITwgeINGVkq57zDlY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9258
cf-request-id
0a72cc2a8500004a9896ad5000000001
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=S6P%2FJ%2Bz0heNEtdeVVkGo8C9Eo2tRqfI1ahi8oPYqMKvoT6keX3jwOYp6CfQMWvtp2nqakO6LlXyXtmHkURNDyZuUQIRAXeCZOi6YHrHSAfYSEzyyvTPgMatr1zNv3JXhFgsHKAViQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:35 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
6597e2f0dab34a98-FRA
cf-bgj
imgq:85,h2pri
D40B4F66BD4219576C8C9E89A63DA4ACC28C6961A9A7F4D8A67DB91C82EB85BE94F3E4B085BAF63069402A059B2D3D760D4614035F69169503D6F74C9FF5ED34
assets.ad4m.at/product_image/ Frame BD56
17 KB
18 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/D40B4F66BD4219576C8C9E89A63DA4ACC28C6961A9A7F4D8A67DB91C82EB85BE94F3E4B085BAF63069402A059B2D3D760D4614035F69169503D6F74C9FF5ED34
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82e13aad36401dc233dd2dd24a7ffd7ef38527a1d8251e96aa4ca755ee2efa2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=LzfaNA==, md5=nytXJGS7cbUvUjFIkZkKyA==
date
Thu, 03 Jun 2021 09:27:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
653195
cf-polished
qual=85, origFmt=jpeg, origSize=82116
x-guploader-uploadid
ABg5-UxUHmPDSU1-tTAde3fY4v9Yh7hfp77uMg2P1irYe8M9F3pr7UJmB95gn2-PoQnAFF7wKdS0P4Rx6tidXB4alCABWPHvqw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
17242
cf-request-id
0a72cc2a8600004a98ad358000000001
last-modified
Fri, 02 Apr 2021 16:28:36 GMT
server
cloudflare
etag
"9f2b572464bb71b52f52314891990ac8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=49sGIM3cXHOZzXXbo87aDS9LsD5mkGLawsSLt%2BpTMhKLV3GEexkN%2BOqgD6TUqgBjfWkfJ8cVcYapY%2BjAfAhBc%2Fj8DDyeoWRnceT7Lbb4ZzrvWJg6%2B7%2FtHWwSiLWcgtmYlFxMq7bl9w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1617380916009378
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:35 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
82116
accept-ranges
bytes
cf-ray
6597e2f0dab94a98-FRA
cf-bgj
imgq:85,h2pri
postview.gif
portal.blau.de/nws/img/ Frame BD56
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=oneidZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwkoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&gdpr_consent=...
  • https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=oneidZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwkoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&gdpr_consent=&gdp...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2021060311273551046878685X117663V1225131106MSoneidZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwkoneid__asuidGhLACcik64...
  • https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=20210603112735510468786...
43 B
779 B
Image
General
Full URL
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021060311273551046878685X117663V1225131106MSoneidZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwkoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&wfid=117663
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.236 Giessen, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Location
https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_117663_-HTLP&utm_term=AFF_la_117663_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2021060311273551046878685X117663V1225131106MSoneidZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwkoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&wfid=117663
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=10
DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
assets.ad4m.at/logo/ Frame BD56
46 KB
47 KB
Image
General
Full URL
https://assets.ad4m.at/logo/DE7723A3AFDAF019578E8DC48EFCA5260074D3BD31078DAB30E39934BDB537A7756DE8A298EFEBC96FD918DCFB3DF6E8EFF3AA5A7830C15D1026723FEFAFAC4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=PRHAtQ==, md5=UfPUXNWo6kuI6N0malNepA==
date
Thu, 03 Jun 2021 09:27:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
655845
cf-polished
origFmt=png, origSize=74333
x-guploader-uploadid
ABg5-UxWR0XkqdyjO5jOcqzZmyysZKJ6xjYI-S0Q3e6jtctmJnW4ovqH3MwVcF5jvfUxbMoPeHSBNuRvIaYoUZP1bqQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
47320
cf-request-id
0a72cc2a8600004a988636c000000001
last-modified
Mon, 11 May 2020 10:44:44 GMT
server
cloudflare
etag
"51f3d45cd5a8ea4b88e8dd266a535ea4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Aio8W9hTROGzxQYHR1FiJfb9rMr8Bg6Qqj4NICnj1qKW%2FgxvJSN9X%2BWMaJwI6FRe7LMxSvtQqKII9PktAmC%2FGLzAPwNBqUeXX3EPTfU02auQciiRG6zFUmQFf5m75S54ZgfKsZ1adg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589193884048730
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:35 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
74333
accept-ranges
bytes
cf-ray
6597e2f0dabc4a98-FRA
cf-bgj
imgq:85,h2pri
E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
assets.ad4m.at/product_image/ Frame BD56
290 KB
291 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/E158872B571029E3E20F7B79790588A099EC8F077F856868794A4EA52ED013FC9129FAD340A51F8CD7B6A46733F8D275D86DF117AF4AF8DD766F13FB8A4CAA9A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=PFtpQA==, md5=489woOXoZ5LkJrzz2r1hBQ==
date
Thu, 03 Jun 2021 09:27:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
651690
cf-polished
origFmt=png, origSize=489686
x-guploader-uploadid
ABg5-Uz_Q_ILhGJt7-MFbJ-UE90BshuSmZ9I3SAH_LI58SCCoxke-stHQCHm4GG87M2VrhvJ7TeYeSQVlDObNX0RHhE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
296674
cf-request-id
0a72cc2a8700004a988e3ae000000001
last-modified
Tue, 17 Nov 2020 11:24:27 GMT
server
cloudflare
etag
"e3cf70a0e5e86792e426bcf3dabd6105"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H9fN8jHU62wTG0NU8LFV4XrZ0Q0oCDfnhmlFS8RzTV0WqEgVPWIPvbIrh2GLxi9l%2BQf7pPJ4lF%2BxSQqhMoutwv99jEyYy0qRx54dr3FSKaT0GM%2BNjwqM%2BGQrMoqyVeZhgv1yWDQpyw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1605612267020757
content-type
image/webp
expires
Fri, 04 Jun 2021 09:27:35 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
489686
accept-ranges
bytes
cf-ray
6597e2f0dabd4a98-FRA
cf-bgj
imgq:85,h2pri
size0.css
mellowads.com/css/ Frame 72DE
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/F153A28D15CE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/F153A28D15CE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4717
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2a9f00004ddca19c8000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f0fa0c4ddc-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 72DE
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/F153A28D15CE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/F153A28D15CE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
1081809
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2aac00004ddcb1a40000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f11a344ddc-FRA
Cf-Bgj
imgq:100,h2pri
A4BA65D9C200.jpg
banners.mellowads.com/ads/ Frame 72DE
9 KB
9 KB
Image
General
Full URL
https://banners.mellowads.com/ads/A4BA65D9C200.jpg
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/F153A28D15CE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ca7443c786849c10624effa8693e82f74dbb5ecb4210691ca64deb151a7160

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
657318
Cf-Polished
origSize=10089
Connection
keep-alive
Content-Length
8818
cf-request-id
0a72cc2ab30000178e669be000000001
Last-Modified
Mon, 29 Mar 2021 18:57:52 GMT
Server
cloudflare
ETag
"ea2eb06bcd24d71:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/jpeg
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f11cec178e-FRA
Cf-Bgj
imgq:100,h2pri
size4.css
mellowads.com/css/ Frame 2C7D
1 KB
1003 B
Stylesheet
General
Full URL
https://mellowads.com/css/size4.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/335D3A8A3007
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5

Request headers

Referer
https://mellowads.com/view/335D3A8A3007
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4769
Cf-Polished
origSize=1482
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2aab00003260ffa31000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"b5b87228f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f119d23260-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 2C7D
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/335D3A8A3007
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/335D3A8A3007
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
1081809
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2ab90000326099ba4000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f12a023260-FRA
Cf-Bgj
imgq:100,h2pri
593DA2A4C8CE.jpg
banners.mellowads.com/ads/ Frame 2C7D
19 KB
20 KB
Image
General
Full URL
https://banners.mellowads.com/ads/593DA2A4C8CE.jpg
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/335D3A8A3007
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85abfdce7bf4946ef6a310830b3a3419ae040e1a407b561253a006c9a94c522

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
417401
Cf-Polished
origSize=22958
Connection
keep-alive
Content-Length
19915
cf-request-id
0a72cc2ab500004e430e287000000001
Last-Modified
Mon, 29 Mar 2021 19:29:05 GMT
Server
cloudflare
ETag
"9b8edec7d124d71:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/jpeg
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f128884e43-FRA
Cf-Bgj
imgq:100,h2pri
16a932fa.html
gitoku.com/re/684486db7b6a0bb2d2198d524ab85989/ Frame 628E
440 B
815 B
Document
General
Full URL
https://gitoku.com/re/684486db7b6a0bb2d2198d524ab85989/16a932fa.html
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5b3da87ef3fc88bcd2944526305eb486ed0403b4e75513f7a7646f3a46ce40b

Request headers

:method
GET
:authority
gitoku.com
:scheme
https
:path
/re/684486db7b6a0bb2d2198d524ab85989/16a932fa.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__au=aESG23tqC7LSGY1SSrhZiQ%3D%3D; __cf_bm=ad1c4293e636a45c68742711ce2a262af481999b-1622712455-1800-AVU+0AEGFzIYsyymD+JFbN4vh4a7uUFO+CwG//Ds+56pLpCjaLK3n2So8Rx9/HustHvhAfPl7sf5diWguIQ4gSg=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
cf-cache-status
DYNAMIC
cf-request-id
0a72cc2aa300004abc9f820000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tiDlJZ2igHn5rYNMpWsPXJzTcQILtFzKevmafxFh7xxFujqJTqWLUfFdu4vfKi8UMcXFR%2B9tCbctkr%2BLcNMhiBWtPICM6wMiSWuQp0XvHRP%2FamtGnfvFRjAN7WrLa06p6L3aBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2f108714abc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
e3cd8146.html
gitoku.com/fg/684486db7b6a0bb2d2198d524ab85989/ Frame 0796
564 B
867 B
Document
General
Full URL
https://gitoku.com/fg/684486db7b6a0bb2d2198d524ab85989/e3cd8146.html
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f5d61df483affbf71518b4a3cabec346f0de818a2f6c4bfeb2e704f922832d

Request headers

:method
GET
:authority
gitoku.com
:scheme
https
:path
/fg/684486db7b6a0bb2d2198d524ab85989/e3cd8146.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__au=aESG23tqC7LSGY1SSrhZiQ%3D%3D; __cf_bm=ad1c4293e636a45c68742711ce2a262af481999b-1622712455-1800-AVU+0AEGFzIYsyymD+JFbN4vh4a7uUFO+CwG//Ds+56pLpCjaLK3n2So8Rx9/HustHvhAfPl7sf5diWguIQ4gSg=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
cf-cache-status
DYNAMIC
cf-request-id
0a72cc2aa600004abcfc3da000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eqf5pnRLdAl1MOQ1Y2qBspg7wsTZQ3d93Sm47E0OCg98krYVSrJzJUsuj%2BljR34qkcLEAmlm5ioh3uTMYCPrJAn4mzcY9WNG1eoxU8Bnw8EKiJwUmq1wQeLxofKgyZ6Scjivpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2f1087f4abc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
pagead2.googlesyndication.com/bg/ Frame 5915
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 18:08:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
55125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5712
x-xss-protection
0
last-modified
Mon, 17 May 2021 11:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jun 2022 18:08:50 GMT
size1.css
mellowads.com/css/ Frame 608A
1 KB
1009 B
Stylesheet
General
Full URL
https://mellowads.com/css/size1.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/FA91F4BB821F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d4af139311c81555211be2e79cf4fe27b40ef7c9242efd2f04aaaa1ab90bfb1

Request headers

Referer
https://mellowads.com/view/FA91F4BB821F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4690
Cf-Polished
origSize=1553
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2ae20000326096b95000000001
Last-Modified
Thu, 21 May 2020 00:52:49 GMT
Server
cloudflare
ETag
W/"a41e6926a2fd61:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f16a9a3260-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 608A
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/FA91F4BB821F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/FA91F4BB821F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
1081809
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2ae200004ddcb53e4000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f16b3b4ddc-FRA
Cf-Bgj
imgq:100,h2pri
2E1D44D9F826.gif
banners.mellowads.com/ads/ Frame 608A
120 KB
121 KB
Image
General
Full URL
https://banners.mellowads.com/ads/2E1D44D9F826.gif
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/FA91F4BB821F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ab31cee6337c40015a912b36898a1afc203bf25def5b0607f59c1bee905907

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
981931
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
123378
cf-request-id
0a72cc2ae200004e43c2100000000001
Last-Modified
Wed, 20 May 2020 12:13:38 GMT
Server
cloudflare
ETag
"c92ae617a02ed61:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f169484e43-FRA
Cf-Bgj
imgq:100,h2pri
link.html
track.webgains.com/ Frame BD56
12 KB
12 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grfre4abx4ek15h6qdy2zgkpmnnxdnh3b8ffrm6kj7y2j599dyq3w4bwc9bt2gav4g2cdy3r1rfyqc1pbjt4ym1a6rv0ysxw7xzd34jcac6py3gbgjn9wengx49fksa1g2ex7n53b2nbhanfz5r96r99vgwe7vgr65w7bdyaxxsqcmwc8hnpezh3jyg1x137jvypy9dys9pahx4mysr8ar6fd4h1sb5cwy6rv7pnw3dvef9870sef9105w4zb7nft9qnmkqc3rmzs0aa6ss35qbmbd7c%26a%3D&clickref=oneidK744SRfZf77KXf5HMHktzCZxdSKtrtwRZoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&viewref=oneiddpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRroneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
5c3c6e3ed7b2047b6c440af5d104597a82ec8fc4a73c3adfe06a4ba2bdcab0d9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:36 GMT
Last-Modified
Thu, 03 Jun 2021 09:27:36 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4227
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2f20a23a8c1-CDG
content-length
1146
cf-request-id
0a72cc2b470000a8c155000000000001
expires
Thu, 03 Jun 2021 11:27:36 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame 6FC1
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:16:11 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
75044
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
PSLTRoe0Mrhza4wWYNhAO0KmM3DK8V1e9GbmJrqqm_v24C3uyABeFA==
imp
ads.rekmob.com/m/ Frame 6FC1
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=2ee948b1b49b48f7884929ece31ba5a9&rid=NjBiOGEwODcwY2YyOGVjZTM3NjM5NmY3&adId=MTM3Mg==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:02 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
imagesloaded-3.1.8.min.js
www.gstatic.com/external_hosted/imagesloaded/ Frame F532
7 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/imagesloaded/imagesloaded-3.1.8.min.js
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c0ddd5f84226a630de4cfacb523cc1a0821f50434466a8898d0ef6aecad3dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2314
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:35 GMT
masonry.pkgd.min.js
www.gstatic.com/external_hosted/vanillamasonry-v3_1_5/ Frame F532
25 KB
7 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/vanillamasonry-v3_1_5/masonry.pkgd.min.js
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6942bbecde948a8e032fc1204e9fc6a8d6508a2c095785d3f68e2726dc2f1d13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7630
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:35 GMT
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ Frame F532
12 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 14 Apr 2021 19:28:00 GMT
server
sffe
age
0
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3475
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:35 GMT
authorization.css
www.blogger.com/dyn-css/ Frame F532
1 B
43 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1359023690256536622&zx=5644e971-7457-4262-91e0-0ce1b43c2741
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 09:27:36 GMT
server
GSE
date
Thu, 03 Jun 2021 09:27:36 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
sprite_v1_6.css.svg
www.kissanime1.ml/responsive/ Frame F532
7 KB
2 KB
Other
General
Full URL
https://www.kissanime1.ml/responsive/sprite_v1_6.css.svg
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/2020/11/amv_25.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 02 Jun 2021 17:57:45 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2244
x-xss-protection
0
expires
Thu, 10 Jun 2021 09:27:35 GMT
r7mQZt3uAoUpe35grFuImX0WljeZ4Sb5qFmSJV4G--g9uxQ-HYUOr7TOmYnFy8lAcs8sN849PmXAwIf8l2F0B1nXBMI=w320
lh3.googleusercontent.com/proxy/ Frame F532
1 KB
1 KB
Image
General
Full URL
https://lh3.googleusercontent.com/proxy/r7mQZt3uAoUpe35grFuImX0WljeZ4Sb5qFmSJV4G--g9uxQ-HYUOr7TOmYnFy8lAcs8sN849PmXAwIf8l2F0B1nXBMI=w320
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6ae6e24695d3d6a959b3ccd0b3db48abb33d798d485f160c5bef9a82264076b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
x-content-type-options
nosniff
server
fife
content-type
image/jpeg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1207
x-xss-protection
0
loader.js
www.gstatic.com/charts/ Frame F532
65 KB
20 KB
Script
General
Full URL
https://www.gstatic.com/charts/loader.js
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efdde317b774ed03a69918bb931553608881c84987ce79e68c7f9d32d6138a96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:54:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1962
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20151
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 17:45:29 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 03 Jun 2021 09:54:53 GMT
1276047657-fancy_compiled.js
resources.blogblog.com/blogblog/data/res/ Frame F532
138 KB
47 KB
Script
General
Full URL
https://resources.blogblog.com/blogblog/data/res/1276047657-fancy_compiled.js
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7afc4980d9737a172d72d5a6a2f6edeebf8a0da85a2c3425258bafea15b889dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 02:06:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 21:59:31 GMT
server
sffe
age
112854
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48150
x-xss-protection
0
expires
Wed, 09 Jun 2021 02:06:41 GMT
cookienotice.js
www.kissanime1.ml/js/ Frame F532
6 KB
2 KB
Script
General
Full URL
https://www.kissanime1.ml/js/cookienotice.js
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/2020/11/amv_25.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 06:57:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Thu, 10 Jun 2021 09:27:35 GMT
4154767893-widgets.js
www.blogger.com/static/v1/widgets/ Frame F532
146 KB
53 KB
Script
General
Full URL
https://www.blogger.com/static/v1/widgets/4154767893-widgets.js
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fa997e09f206cb872e70d94837c6c32a5438f86a1c962886db3497b8af26d2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 31 May 2021 21:49:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 31 May 2021 19:10:10 GMT
server
sffe
age
214684
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54286
x-xss-protection
0
expires
Tue, 31 May 2022 21:49:31 GMT
size6.css
mellowads.com/css/ Frame DD31
1 KB
1003 B
Stylesheet
General
Full URL
https://mellowads.com/css/size6.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/0538B66CECD2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e95f43a10a17150009cf32b5db9fd77945784fc5b20913577180bf2ecb5925

Request headers

Referer
https://mellowads.com/view/0538B66CECD2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4981
Cf-Polished
origSize=1468
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2b1e00002bc2b48a8000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"1daa9628f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f1cc2f2bc2-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame DD31
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/0538B66CECD2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/0538B66CECD2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
1081809
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2b1e00003260dc838000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f1cb333260-FRA
Cf-Bgj
imgq:100,h2pri
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712455898&ver1=2.2.3&qid=230383f5530383f5434353&rnd=zu1qs7cz7u08&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4227
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2f20a24a8c1-CDG
content-length
23972
cf-request-id
0a72cc2b450000a8c14c966000000001
expires
Thu, 03 Jun 2021 11:27:36 GMT
size2.css
mellowads.com/css/ Frame F2E2
1 KB
1020 B
Stylesheet
General
Full URL
https://mellowads.com/css/size2.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/FD623390B1FD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d252b095e3be279781e80a6c6b785735e56dfa5cc77c1d68f5b95b74d9cb6a0b

Request headers

Referer
https://mellowads.com/view/FD623390B1FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4830
Cf-Polished
origSize=1583
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2b2d0000d6c5a13a9000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"33854928f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f1ea09d6c5-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame F2E2
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/FD623390B1FD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/FD623390B1FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:35 GMT
CF-Cache-Status
HIT
Age
1081809
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2b2c00004ddca19d7000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f1ec794ddc-FRA
Cf-Bgj
imgq:100,h2pri
EE8301602332.jpg
banners.mellowads.com/ads/ Frame F2E2
12 KB
12 KB
Image
General
Full URL
https://banners.mellowads.com/ads/EE8301602332.jpg
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/FD623390B1FD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bdea4a919a4200dd6f8b4772e7d33607a78b9bd445ccfdcf1bc16581cb78553

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
417319
Cf-Polished
origSize=14345
Connection
keep-alive
Content-Length
11989
cf-request-id
0a72cc2b2d00004e43fa291000000001
Last-Modified
Mon, 29 Mar 2021 19:39:43 GMT
Server
cloudflare
ETag
"e9bb5744d324d71:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/jpeg
Expires
Sun, 04 Jul 2021 09:27:35 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f1ea4e4e43-FRA
Cf-Bgj
imgq:100,h2pri
5759
cdn.adclerks.com/core/ad2/24667/ Frame F532
1008 B
1 KB
Script
General
Full URL
https://cdn.adclerks.com/core/ad2/24667/5759?r=55497
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.74.54.57 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
16e1a946f09747536cdca6771d61648aa863c9042f82f1d47de42163af52b5a1

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, max-age=604800, post-check=0, pre-check=0
Connection
close
Content-Length
1008
Expires
Thu, 10 Jun 2021 09:27:36 GMT
962757
ad.a-ads.com/ Frame 4721
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/962757?size=468x60
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
ccfdf09a3a205c1ae5f97e70d0627a43d0271314f548e9edc42e306046785c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.kissanime1.ml/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kissanime1.ml/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:36 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.kissanime1.ml/
Content-Encoding
gzip
5761
cdn.adclerks.com/core/ad2/24667/ Frame F532
1 KB
1 KB
Script
General
Full URL
https://cdn.adclerks.com/core/ad2/24667/5761?r=73280
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.74.54.57 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
e47b019304a48fd59d5f1aa95745babcf1e19c7a5c917e6a1ff088aaca37280a

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, max-age=604800, post-check=0, pre-check=0
Connection
close
Content-Length
1024
Expires
Thu, 10 Jun 2021 09:27:36 GMT
962758
ad.a-ads.com/ Frame DDDC
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/962758?size=728x90
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
0f38e7ebb4ccc81d8a6102e4ed9904f5d2bf439ef0c92489ea30798aa3832e4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.kissanime1.ml/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kissanime1.ml/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:36 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.kissanime1.ml/
Content-Encoding
gzip
4SXG17wiPzQ
www.youtube.com/embed/ Frame 4ABE
53 KB
22 KB
Document
General
Full URL
https://www.youtube.com/embed/4SXG17wiPzQ
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b03f93a74104be128cc8f74b4faf9b6eba7cb2fa77fb05d7dcd255a81861c5ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/4SXG17wiPzQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.kissanime1.ml/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.kissanime1.ml/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 03 Jun 2021 09:27:36 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=IIHu5MAuRKM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=0U62JAFTZWc; Domain=.youtube.com; Expires=Tue, 30-Nov-2021 09:27:36 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+461; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5760
cdn.adclerks.com/core/ad2/24667/ Frame F532
979 B
1 KB
Script
General
Full URL
https://cdn.adclerks.com/core/ad2/24667/5760?r=94143
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.74.54.57 Atlanta, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16
Resource Hash
0310007ae0a9de97eb6bb834803407ebb847f0ad77a85c340837963619a513fa

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, max-age=604800, post-check=0, pre-check=0
Connection
close
Content-Length
979
Expires
Thu, 10 Jun 2021 09:27:36 GMT
size0.css
mellowads.com/css/ Frame 0012
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/E3ED2177086A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/E3ED2177086A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4718
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2b9000002b711cb37000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f27f9b2b71-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 0012
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/E3ED2177086A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/E3ED2177086A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
1081810
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2b8e0000beba86044000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f27cf6beba-FRA
Cf-Bgj
imgq:100,h2pri
fgp2.min.js
gitoku.com/js/ Frame 0796
29 KB
10 KB
Script
General
Full URL
https://gitoku.com/js/fgp2.min.js
Requested by
Host: gitoku.com
URL: https://gitoku.com/fg/684486db7b6a0bb2d2198d524ab85989/e3cd8146.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b74c53b83275539f5180de251e4746b8626971a9d6929def61a8fe4bc2ad29a0

Request headers

Referer
https://gitoku.com/fg/684486db7b6a0bb2d2198d524ab85989/e3cd8146.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6422
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc2b9000004abcd71e4000000001
last-modified
Thu, 22 Aug 2019 14:59:16 GMT
server
cloudflare
etag
W/"5d5eadc4-7240"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mdZxcfUviNbKxUS2sxUC8%2FWJzY0yJFww5R9afTiwEQNbl%2FyQJPOWlmhG3Wog2OLcWzSVEJtfSlX%2F8Bp0AOJeHwK%2FDtA1rDP%2BQlCNs%2BssLoNSTbHD1aa8QdKEF72dMtMAdj4nsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6597e2f27c7f4abc-FRA
stats
www.kissanime1.ml/b/ Frame F532
404 B
495 B
XHR
General
Full URL
https://www.kissanime1.ml/b/stats?style=WHITE_TRANSPARENT&timeRange=LAST_MONTH&token=APq4FmDw0ISAUTJgtwnRxnmuCNfP-cQVKYubVrC-f_5Yz6RbgKoJXBeAxpU4_fsGxHF2h9_eXisEEfgKCi8NFJi5FymL4ux4oQ
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/4154767893-widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2ee31115d41fd8113b7c5ff8907a7b275262c9af4e89bc13790d9f9b16e02aed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kissanime1.ml/2020/11/amv_25.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
date
Thu, 03 Jun 2021 09:27:36 GMT
content-security-policy-report-only
default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0
content-length
263
x-xss-protection
1; mode=block
expires
Thu, 03 Jun 2021 09:27:36 GMT
api.js
www.recaptcha.net/recaptcha/ Frame 628E
887 B
677 B
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js?render=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf
Requested by
Host: gitoku.com
URL: https://gitoku.com/re/684486db7b6a0bb2d2198d524ab85989/16a932fa.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd2120d54005f0252a416b7b8bfdc5925d0f25f6fb9d583c40bdab2c7bb3fd72
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gitoku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
589
x-xss-protection
1; mode=block
expires
Thu, 03 Jun 2021 09:27:36 GMT
size1.css
mellowads.com/css/ Frame C45B
1 KB
1009 B
Stylesheet
General
Full URL
https://mellowads.com/css/size1.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/70C484EDA031
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d4af139311c81555211be2e79cf4fe27b40ef7c9242efd2f04aaaa1ab90bfb1

Request headers

Referer
https://mellowads.com/view/70C484EDA031
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4691
Cf-Polished
origSize=1553
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2bd000002b71c68b5000000001
Last-Modified
Thu, 21 May 2020 00:52:49 GMT
Server
cloudflare
ETag
W/"a41e6926a2fd61:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f2e86b2b71-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame C45B
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/70C484EDA031
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/70C484EDA031
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
1081810
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2bd10000beba5d280000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f2ed2fbeba-FRA
Cf-Bgj
imgq:100,h2pri
E7B486E18B5F.png
banners.mellowads.com/ads/ Frame C45B
54 KB
54 KB
Image
General
Full URL
https://banners.mellowads.com/ads/E7B486E18B5F.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/70C484EDA031
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c7b1d3f8f1b32f68c5a75830af9ecdeb5f92657e256ad88f1c38a1507c8603

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
1053680
Cf-Polished
origSize=80301
Connection
keep-alive
Content-Length
54973
cf-request-id
0a72cc2bd000004e431834d000000001
Last-Modified
Fri, 01 Jun 2018 07:47:35 GMT
Server
cloudflare
ETag
"18142dce7cf9d31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f2ecef4e43-FRA
Cf-Bgj
imgq:100,h2pri
BxXysMs1CGC0HQF_XCe4qb6lcGP42dAxXBVK7ri1xNPY-2hVhIf2AdRdhXuOL9SN34p2rYhXgDcG-_zo1XgDjoOEgok75x_-=w1152-h864-pd
lh6.googleusercontent.com/proxy/ Frame F532
0
261 B
XHR
General
Full URL
https://lh6.googleusercontent.com/proxy/BxXysMs1CGC0HQF_XCe4qb6lcGP42dAxXBVK7ri1xNPY-2hVhIf2AdRdhXuOL9SN34p2rYhXgDcG-_zo1XgDjoOEgok75x_-=w1152-h864-pd
Requested by
Host: resources.blogblog.com
URL: https://resources.blogblog.com/blogblog/data/res/1276047657-fancy_compiled.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
x-content-type-options
nosniff
server
fife
content-type
image/jpeg
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21149
x-xss-protection
0
blogger_logo_round_35.png
www.blogger.com/img/ Frame F532
2 KB
3 KB
Image
General
Full URL
https://www.blogger.com/img/blogger_logo_round_35.png
Requested by
Host: resources.blogblog.com
URL: https://resources.blogblog.com/blogblog/data/res/1276047657-fancy_compiled.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 00:43:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 15:15:07 GMT
server
sffe
age
117852
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2531
x-xss-protection
0
expires
Wed, 09 Jun 2021 00:43:24 GMT
size3.css
mellowads.com/css/ Frame 810A
397 B
869 B
Stylesheet
General
Full URL
https://mellowads.com/css/size3.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/C44DA330A4A4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8706ae696503e418edcb9696da1ae9b19436ed262c5bf54e259e45b9f49c4ac5

Request headers

Referer
https://mellowads.com/view/C44DA330A4A4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4759
Cf-Polished
origSize=597
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2c040000beba49ad6000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"ddda6828f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f33d54beba-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 810A
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/C44DA330A4A4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/C44DA330A4A4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
1081810
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2c0900002b71ca8b6000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f3393e2b71-FRA
Cf-Bgj
imgq:100,h2pri
D45A4C243E18.jpg
banners.mellowads.com/ads/ Frame 810A
9 KB
9 KB
Image
General
Full URL
https://banners.mellowads.com/ads/D45A4C243E18.jpg
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/C44DA330A4A4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200e27015c697b8c7f0b22cb698f5dc61be69b9e0cdbe3c26e1a5667d5986ebb

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
417169
Cf-Polished
origSize=10461
Connection
keep-alive
Content-Length
9095
cf-request-id
0a72cc2c0500004e430c819000000001
Last-Modified
Mon, 29 Mar 2021 19:12:57 GMT
Server
cloudflare
ETag
"f3cc2587cf24d71:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/jpeg
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f33dfa4e43-FRA
Cf-Bgj
imgq:100,h2pri
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4227
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2f34b24a8c1-CDG
content-length
1146
cf-request-id
0a72cc2c110000a8c168bb5000000001
expires
Thu, 03 Jun 2021 11:27:36 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame 12C3
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 18:54:12 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
59468
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
kvMcqkrVh0uhnTPHMdqwaA64QrhK0hcnzgPyqqgX_rK5DGTHzSyzVw==
imp
ads.rekmob.com/m/ Frame 12C3
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=dff8fda030f640a191316f1726b0a00c&rid=NjBiOGEwODcwY2YyODE1NmUxY2U5MmU4&adId=MTM2OA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:03 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
authorization.css
www.blogger.com/dyn-css/ Frame F532
1 B
43 B
Stylesheet
General
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1359023690256536622&zx=5644e971-7457-4262-91e0-0ce1b43c2741
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Jun 2021 09:27:36 GMT
server
GSE
date
Thu, 03 Jun 2021 09:27:36 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712456253&rnd=zu1qs7cz7u08&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4968
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2f3995e4ec1-FRA
content-length
26
cf-request-id
0a72cc2c4300004ec130135000000001
expires
Thu, 03 Jun 2021 11:27:36 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
158 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712456247794&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=zu1qs7cz7u08&impid=&tps=37&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=11
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4968
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2f3995f4ec1-FRA
content-length
26
cf-request-id
0a72cc2c4300004ec16a0ef000000001
expires
Thu, 03 Jun 2021 11:27:36 GMT
size6.css
mellowads.com/css/ Frame FB71
1 KB
1003 B
Stylesheet
General
Full URL
https://mellowads.com/css/size6.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/260544E8445E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3e95f43a10a17150009cf32b5db9fd77945784fc5b20913577180bf2ecb5925

Request headers

Referer
https://mellowads.com/view/260544E8445E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4982
Cf-Polished
origSize=1468
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2c4800002b71d3087000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"1daa9628f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f3aa292b71-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame FB71
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/260544E8445E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/260544E8445E
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
1081810
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2c490000beba7398a000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f3ad93beba-FRA
Cf-Bgj
imgq:100,h2pri
12633DE6C31B.png
banners.mellowads.com/ads/ Frame FB71
70 KB
71 KB
Image
General
Full URL
https://banners.mellowads.com/ads/12633DE6C31B.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/260544E8445E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5059b43707f745f854f77216b1690d26863da2b069a5cdf26edb1b16e8685d9e

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
591660
Cf-Polished
origSize=102972
Connection
keep-alive
Content-Length
71986
cf-request-id
0a72cc2c4900004e43d085e000000001
Last-Modified
Mon, 22 Jun 2020 07:09:16 GMT
Server
cloudflare
ETag
"8dbaaaa6448d61:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f3af004e43-FRA
Cf-Bgj
imgq:100,h2pri
size2.css
mellowads.com/css/ Frame 63DE
1 KB
1020 B
Stylesheet
General
Full URL
https://mellowads.com/css/size2.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/D422DDD74C99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d252b095e3be279781e80a6c6b785735e56dfa5cc77c1d68f5b95b74d9cb6a0b

Request headers

Referer
https://mellowads.com/view/D422DDD74C99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4831
Cf-Polished
origSize=1583
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc2c4900004ddc6f049000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"33854928f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e2f3a9e94ddc-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 63DE
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/D422DDD74C99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/D422DDD74C99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
1081810
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc2c490000d6c5d398d000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f3ad9ed6c5-FRA
Cf-Bgj
imgq:100,h2pri
68ED4AB78CB3.gif
banners.mellowads.com/ads/ Frame 63DE
165 KB
166 KB
Image
General
Full URL
https://banners.mellowads.com/ads/68ED4AB78CB3.gif
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/D422DDD74C99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b80af3e84a876b357bb3d20267b148ba34b296985d5d612c6d3e9c7dff734e3

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
CF-Cache-Status
HIT
Age
965612
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
169204
cf-request-id
0a72cc2c4b0000178e72085000000001
Last-Modified
Wed, 20 May 2020 12:04:46 GMT
Server
cloudflare
ETag
"61be91da9e2ed61:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Expires
Sun, 04 Jul 2021 09:27:36 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e2f3aa62178e-FRA
Cf-Bgj
imgq:100,h2pri
pvClk.min.js
analytics.webgains.io/ Frame BD56
60 KB
60 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grfre4abx4ek15h6qdy2zgkpmnnxdnh3b8ffrm6kj7y2j599dyq3w4bwc9bt2gav4g2cdy3r1rfyqc1pbjt4ym1a6rv0ysxw7xzd34jcac6py3gbgjn9wengx49fksa1g2ex7n53b2nbhanfz5r96r99vgwe7vgr65w7bdyaxxsqcmwc8hnpezh3jyg1x137jvypy9dys9pahx4mysr8ar6fd4h1sb5cwy6rv7pnw3dvef9870sef9105w4zb7nft9qnmkqc3rmzs0aa6ss35qbmbd7c%26a%3D&clickref=oneidK744SRfZf77KXf5HMHktzCZxdSKtrtwRZoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&viewref=oneiddpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRroneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-50.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 15:58:20 GMT
via
1.1 bfe6539ddfc76c3ba5ee5e95acacd26e.cloudfront.net (CloudFront)
last-modified
Mon, 24 May 2021 16:27:08 GMT
server
AmazonS3
age
66647
etag
"4f1db9fdf90b4f2a5576501528dc54bc"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
61124
x-amz-cf-id
zZ93gHMj2-hGkWF-SzgXnGtEvJ9dMDtS7DLdYqU_dDRKvebl_NJiJg==
hit
diapi.webgains.com/2.0/ Frame BD56
79 B
374 B
Script
General
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=c0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_H_J3k4HaiLs2dI_AIQjvEodUW2vqCRc7L1eLY6SKw.5B0KB.DHRe4GSr_9zK9zH2sZPuVr914VecL57GY5BNvgKw.15W&wgcookie=%7B%22wgifp10475%22%3A%5B%22205795%22%2C%2210475%22%2C%222647615%22%2C%22%22%2C%221622712456%22%2C%22%22%2C%22%22%2C%22%22%2C%221630488456%22%2C%22oneiddpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRroneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60%22%5D%7D&wgchecksum=16be44a2700fbde7a766e001b0712d97&userIP=89.249.64.171&doAffectv=1&wgtime=1622712456
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2647615&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1grfre4abx4ek15h6qdy2zgkpmnnxdnh3b8ffrm6kj7y2j599dyq3w4bwc9bt2gav4g2cdy3r1rfyqc1pbjt4ym1a6rv0ysxw7xzd34jcac6py3gbgjn9wengx49fksa1g2ex7n53b2nbhanfz5r96r99vgwe7vgr65w7bdyaxxsqcmwc8hnpezh3jyg1x137jvypy9dys9pahx4mysr8ar6fd4h1sb5cwy6rv7pnw3dvef9870sef9105w4zb7nft9qnmkqc3rmzs0aa6ss35qbmbd7c%26a%3D&clickref=oneidK744SRfZf77KXf5HMHktzCZxdSKtrtwRZoneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60&viewref=oneiddpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRroneid__asuidGhLACcik64_dajm8k1YT9p3-If8S1ZpSasuid__cash_ads_advancedad_468x60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Croydon, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 09:27:36 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame BD56
40 KB
40 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgcampaignid=205795&viewref=oneiddQqHEfkfYY4AUEHjHwtEtWw4sKt4TGYoneid__adf_Netmix_Reach13_Single&wglinkid=2647615
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=20336%2C56666&b=ZZAASwfBfqzkhmHDHDt3tJJwHXtJtxwk%2CdpWWuEfkfYY4AUEHjHwtEtWw4sKtRtGRr&f=9dGGfMfmfXd2TKHBH2tzCrrqs5tRtZb5%2CK744SRfZf77KXf5HMHktzCZxdSKtrtwRZ&c=468&d=60&e=GhLACcik64_dajm8k1YT9p3-If8S1ZpS&g=b453351b7a2bcb12f109982fcdd0c843%2F8849583161310858195&i=20773%2C22427&j=14%2C21&k=0&l=0&m=0&n=&p=&q=&o=cash_ads_advancedad_468x60&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:36 GMT
Last-Modified
Thu, 03 Jun 2021 09:27:36 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame 628E
342 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?render=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gitoku.com
Referer
https://gitoku.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3857
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136431
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 08:23:19 GMT
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712456228&ver1=2.2.3&qid=230383f5530383f5434353&rnd=zm27l7rsfx4t&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4227
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2f3db8aa8c1-CDG
content-length
23972
cf-request-id
0a72cc2c6a0000a8c168bbb000000001
expires
Thu, 03 Jun 2021 11:27:36 GMT
468x60
static.a-ads.com/a-ads-banners/174373/ Frame 4721
71 KB
72 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/174373/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/962757?size=468x60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
612d5b0f1a8892e56d386aa618c3328d8c6248ffe5ab4de287059b73052b450f

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:36 GMT
Last-Modified
Wed, 02 Jun 2021 17:37:52 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
6EZFGNCQ7GTF3EQE
ETag
"0dc81726d12dbddf0902ab067100c84f"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
72881
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
mu6mz3QkHKL0BMPg8Bg8iXv5SkW643zj
x-amz-id-2
QN+Sncpamf2YTpn81HehqT8Yzbp7QK3WDnR7+QjvEE6/hdup/KbuLwgfSv/GP6+tAZySPhBo0mU=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
www-player-webp.css
www.youtube.com/s/player/0b643cd1/ Frame 4ABE
356 KB
45 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/0b643cd1/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4SXG17wiPzQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4SXG17wiPzQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 04:07:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
191989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46118
x-xss-protection
0
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jun 2022 04:07:47 GMT
www-embed-player.js
www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/ Frame 4ABE
193 KB
64 KB
Script
General
Full URL
https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4SXG17wiPzQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8883a14e28c43192e52a115f6abc8f72909088d49d13752a913816614c984a31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4SXG17wiPzQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
140050
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65035
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:33:26 GMT
base.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 4ABE
2 MB
2 MB
Script
General
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4SXG17wiPzQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5cd7b3a4c5496d4c699526a6882f4a609682c49ffe34462ac9be3304b97bb62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4SXG17wiPzQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 17:41:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
143181
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1671434
x-xss-protection
0
expires
Wed, 01 Jun 2022 17:41:15 GMT
fetch-polyfill.js
www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/ Frame 4ABE
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/0b643cd1/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4SXG17wiPzQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4SXG17wiPzQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 18:36:08 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
139888
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Wed, 01 Jun 2022 18:36:08 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4ABE
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4SXG17wiPzQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 05:13:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
188051
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 01 Jun 2022 05:13:25 GMT
loader.js
www.gstatic.com/charts/50/ Frame F532
47 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/charts/50/loader.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/loader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec9b909992725623f9c0a44733583072781830b943a84312eee976eac8333028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15558
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 22:32:45 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 03 Jun 2021 10:27:29 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame A061
37 KB
19 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=u31bif2gtaj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f864208d2b21936f414822309cbedb4da55c5e4c83f1d344cafd783caedafc80
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DGuaDvItpenDbx39vqzopw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.recaptcha.net
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=u31bif2gtaj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gitoku.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gitoku.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 03 Jun 2021 09:27:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-DGuaDvItpenDbx39vqzopw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
19117
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712456493&rnd=zm27l7rsfx4t&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=0b9f3c2279244fff831c25aa0d5f7f54&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4968
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2f52ddf4ec1-FRA
content-length
26
cf-request-id
0a72cc2d3700004ec11d326000000001
expires
Thu, 03 Jun 2021 11:27:36 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712456484232&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=zm27l7rsfx4t&impid=&tps=38&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=160&h=600&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=15
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=qdMC6kAgbkypHArj1Q7Vg1tkVF3ilAa0cb3mjtHTSCE%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4968
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2f52de54ec1-FRA
content-length
26
cf-request-id
0a72cc2d3800004ec110045000000001
expires
Thu, 03 Jun 2021 11:27:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B66
0
446 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=4468882557211422&bg=!JySlJGDNAAaMan2LjGo7ACkAdvg8WgSf_m2RQYCtYhKydcN6-xbj0P-_oeVEwRcKtKXqmu9ruYJAcQIAAAG9UgAAAGNoAQcKAEpbg-ptdKaKTYdAWMkN2nHu2w-AeFD2db_dxeFsdblD0gyroNoI_blVzuLFiNAU2aD6e4jF-YnpWAZcCkxoGrORxs-pxNY4OMVN85kCa39wRF1ugrhrQsqphl4vhKYBmRq3wbYIaZjI2dzWDpNyzAOck5WH1RzLdJIO8fybij70zmYKfMHE0LDkUYkR_W3nUbBpVYtdTbkY0OlIMGoPzbV_pTB7erUcAfrb3U2hs1vshbDWEemvBqglreUh4n_oiqmL0TvCbNnR43m0gMvnpCUjGF8OWDKec--P6A5iqyaaip_Rr-iKDZudLIBOt_3SQnMbYVekULoEuVeZnz7tWTrD76BBvZa3bhXGLcVcbL9MTKmapdhE0QvjSCIk_BofUiWw9U-LsLgv-6e_c8BMcntIt1Ge0tpTWqTP34uppURs90XKqElUM-s6wqVjhN-9QTwKNv7mtHIN6kmI21zIPm3ANBawhv2lgDOdw-0kq2RrkC6jqsI7n8Tq5ZrI7VCA0yH4XRNb3ATjQ1Mvb6CgHOgnnqQclIbkLsMgvlystCw3iBJ1WW4avqA7A4MGZUzZe8NExoRkYbTdycGQ8S7DyKsYSOyBpsfF7KFDzXeVQlfAC_uELpN8pjBUL4zisHIyxwzecneuUyHLXZnFT00lr0hodfdiNO8ES_vICRVEG6PAEBJA0-K6bpSZLlRodKlXie2Pemn0OggtwyrayZZQ_pKEUEadeYmcPP8EI5l9BcVGf2Y_ZeZDBb8zEKisRBLyUSeF6nf7ieqGXU6ZmxB-yhkUoPMhSIjJyHFhNmOiTe9L7uL2RU98Tov8HX3hAsA_x6-xOF_2lpmVKJpLDEv9xzUJJKNvipOZr_LtPQB9eX0iXVr-9TV92RCJBUkiczm2C4Jrcr2us5OHT1FbGuTJHbqoWv5eacIcuwA
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fp_decode.html
track.webgains.com/ Frame BD56
63 B
270 B
Fetch
General
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=V0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ1_H_J3k25NAR0odm_dhrxbuJjkWxv5iJ3A0KAGYiLy.25.ea.68DK1civm_Ue_Ud0wHCSFQ_01kKJA237lY5BSq9y.DuZ
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 03 Jun 2021 09:27:36 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
id
googleads.g.doubleclick.net/pagead/ Frame 4ABE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4SXG17wiPzQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ac21696be219f4103719bc8c92c8200cf580b417d8eed512d85cbe8c4a593335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 03 Jun 2021 09:27:36 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4ABE
29 B
91 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:22:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
296
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:37:40 GMT
tooltip.css
www.gstatic.com/charts/50/css/core/ Frame F532
1 KB
558 B
Stylesheet
General
Full URL
https://www.gstatic.com/charts/50/css/core/tooltip.css
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/50/loader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
533
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 22:40:04 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 03 Jun 2021 09:50:06 GMT
util.css
www.gstatic.com/charts/50/css/util/ Frame F532
12 KB
12 KB
Stylesheet
General
Full URL
https://www.gstatic.com/charts/50/css/util/util.css
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/50/loader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:58:14 GMT
x-content-type-options
nosniff
age
1762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12720
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 22:40:04 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 03 Jun 2021 09:58:14 GMT
jsapi_compiled_default_module.js
www.gstatic.com/charts/50/js/ Frame F532
259 KB
259 KB
Script
General
Full URL
https://www.gstatic.com/charts/50/js/jsapi_compiled_default_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/50/loader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed1a5801d44ea12b50f00631079ed950f96b7b8ba39fa0cbc462f4e35d35a306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:47:01 GMT
x-content-type-options
nosniff
age
2435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
265407
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 22:33:05 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 03 Jun 2021 09:47:01 GMT
jsapi_compiled_graphics_module.js
www.gstatic.com/charts/50/js/ Frame F532
52 KB
52 KB
Script
General
Full URL
https://www.gstatic.com/charts/50/js/jsapi_compiled_graphics_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/50/loader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34e0afd6a6c9bbdea01a418a8c0bcfc480e9bf9ad66d8d9e1702c0bea28bf5f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:36:06 GMT
x-content-type-options
nosniff
age
3090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53050
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 22:33:05 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 03 Jun 2021 09:36:06 GMT
jsapi_compiled_ui_module.js
www.gstatic.com/charts/50/js/ Frame F532
495 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/charts/50/js/jsapi_compiled_ui_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/50/loader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da0a3074f0b12d603292f43c94412adea3913911c7105c7a945b02c3c889ccd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:26:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
167151
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 22:33:05 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 03 Jun 2021 10:26:15 GMT
jsapi_compiled_corechart_module.js
www.gstatic.com/charts/50/js/ Frame F532
8 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/charts/50/js/jsapi_compiled_corechart_module.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/charts/50/loader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adcd2df1dc4db686befb25f24ba7e5cffb95a12be24e5c1a47a8f138b88d8fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:14:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1597
x-xss-protection
0
last-modified
Tue, 30 Mar 2021 22:33:05 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3600
access-control-allow-credentials
true
accept-ranges
bytes
expires
Thu, 03 Jun 2021 10:14:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B25
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=2461021072483490&bg=!jo2ljcnNAAaMan2LjGo7ACkAdvg8Wky4qiETTysdEB-zBj4muCwKUdGPTvvCpDN5s514hYzU9a6sgQIAAAHcUgAAAKFoAQcKARoGcLtoKMNqFln2U3yLHhGKO_COUX8rTyFWqeTbqHDlHZohPcaQ2ugnZcYW9yPgSQd-6a4ZtKzbZlojZtVhna7n6dKTuljuiiEIf67acL5Xf7HEvNBikPTGqzm-u1poY1bxRXwtR_y_7kE1zqzhhxrScuv8a8XVsoYgYNQ2yrgbVfCJWcCRdXXGyTh5I7Bsi_eWayniokG2aX9mYcumtTmFkz0b0FCNbaPYnUxY7kXkZdiJNbWCWFwQuFkh2E2VcWFXJ0r4g4M9dXzfFGcPp5o6OTJwmZxBaAZ9FRAzPXWoBRKZ1mBgRMH3z-VjPtyiWvAOsvCxK9bntOyP4cCOCgy3fRZLgaSCXQLXaHtqAQiumLaH7qPQNbOWx2yZAmG22qit2BB0_llHrVjPvR8FojwieUd4x5a-oaiu7xMofuLemcwE9DaB-TDQ2STJ-U11Y4pgMNSjB6YVZvwDNePxQeWV55h5-VaAtmFShzqu_m7K_L6Ol5Dti_0I5ycA71MtHLQnEQyYmbzLc813W1csc_mEHDm4wPu-XG2XWSoN8xNl-ZqGYnX_GnIDihIggTbV8d4QAwuG5-Oh8x7YjXDeEEkA1uQYuzfd5TN01H1KQX_OOESxsIO92Bg5tct5dX749RLPLsfAXMX_sRx6AtvkoHNxAnyAmnjhprCTxA_VosIMBPemOmuJgZFFCiH2JsOCcgrYadxw8hwTqfgjklGrLGZWn6uVlP3azYJ6VIydDcMoqUlSh61n_17K-KHNl2OHX6fSXPQdqxABTkAwZpprfoem62ewcCTS31NBktDcLGP8SmeDTD50BOeKawy-Wgu-wn25wJ2WY3AW5Kj1MwdLDHTMITiuPn-vhD4CTQyKEpUnokNZ5AVCmtP9LQ6oizBd3ZZUrAl9xutM8jW4L74wxIDM7Q6l1_g5kzkNyNPguZ_iqUcAqyTzwr5xnEFT7slnsGrlWQHPOs5n4uw4g_qScopdPhrz1nKfknMBruDGJutYCEL8CMhmDaSoMyOvzs4pUpjtNvEPsi6jiXCAe8Q2IKT5Yx9pWOzWjGOzyu7QqQTYml9QRsVXV_58nh4x8T1PdhyPEzRS4J5rXgKDcW-ache4-ui6N-DXPJZvqcKhFYT4Jx_vI8-3p3Q2ZFPCy2lu_huQIhrCYt9dMaAJXq5KWTSmvmoaz97RCFO00QzZ25E
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
remote.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 4ABE
98 KB
30 KB
Script
General
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
168850c920ff331bd5d294b1a84972f74fa847bc89fd7a2d70b5e1480d2728c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4SXG17wiPzQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 03:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
194755
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30984
x-xss-protection
0
expires
Wed, 01 Jun 2022 03:21:41 GMT
x98QRAVG1ieye5zKpZW7SBO1tPS68vVZorrxLQbjnMg.js
www.google.com/js/th/ Frame 4ABE
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/x98QRAVG1ieye5zKpZW7SBO1tPS68vVZorrxLQbjnMg.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7df10440546d627b27b9ccaa595bb4813b5b4f4baf2f559a2baf12d06e39cc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 14:02:12 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 25 May 2021 09:00:00 GMT
server
sffe
age
69924
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
expires
Thu, 02 Jun 2022 14:02:12 GMT
embed.js
www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/ Frame 4ABE
25 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc8995800462e967657ce7a6d242f5226c5e0bdb2ca9e9947f238078b7566bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/4SXG17wiPzQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 01 Jun 2021 15:32:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 May 2021 00:23:20 GMT
server
sffe
age
150933
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7471
x-xss-protection
0
expires
Wed, 01 Jun 2022 15:32:03 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame A061
52 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=u31bif2gtaj
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 08:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 08:22:32 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame A061
342 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=u31bif2gtaj
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 07:00:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136431
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 03 Jun 2022 07:00:40 GMT
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33560
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
LRHfcHMDQNejSn8Qqiqe9eAw8ENPFNqNzhx9RWjbzMh3TjQuinzoyA==
asyncjs.php
swift.adclerks.com/www/delivery/ Frame F532
0
0
Script
General
Full URL
https://swift.adclerks.com/www/delivery/asyncjs.php
Requested by
Host: cdn.adclerks.com
URL: https://cdn.adclerks.com/core/ad2/24667/5761?r=73280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

index.php
www.gab.ag/ Frame 3659
14 KB
3 KB
Document
General
Full URL
https://www.gab.ag/index.php?view=register
Requested by
Host: ad.gab.ag
URL: https://ad.gab.ag/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cc28da789a592276b27636e12c53d8d46b4d42d1a12aaf211c9522d20f1e2ac

Request headers

:method
GET
:authority
www.gab.ag
:scheme
https
:path
/index.php?view=register
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.gab.ag/

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-type
text/html; charset=UTF-8
set-cookie
evo_session=7aa2qcebd60mi75c8f9hbt820anr7uqt; expires=Thu, 03-Jun-2021 11:27:40 GMT; Max-Age=7200; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a72cc2e4500002c2ecb89c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XoKwCZQO8njgE5i5qRD1pJRtemSkPM4Cqcy1LVkEC%2BIdR1kYsvQ3SgVjWSZqfAWkGKeW%2BHBub2wo%2F7CB9mkq8VW60rJavn%2FZws3hfl3KxA5PpD%2Bk61HdIx6I4QoQFkdnZhRM"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e2f6df1f2c2e-FRA
content-encoding
br
gen_204
pagead2.googlesyndication.com/pagead/ Frame 275C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=3210641154075121&bg=!urmluf3NAAaMan2LjGo7ACkAdvg8WnwfZ1-y09yIgZ7_ZeVnAnf45sLpssKmhh4a9AdB98nUSZE4rAIAAAKCUgAAAIpoAQeZAnVFVjaQxzvgnvFFJiNSAgQMMguoOX9IWv_IGglxFaFnksE35lLGoUou-se6Ib7gwL27UV7QmMSi9tlO1aQ3M5RJ4DOZ5ZhBAdtUNlMVdAKz1frn28FTkYvoTWT8kp05kBjKTFShsxtr_vYp1JerayWGNLQL4KoRDqaTFJlF_xmnxXD_YWdA9MNOD5ay_JGuvIsCU7SZuaz5NtOfSGYxwCkBwy-tTZDzL0f8TGFazxGVrb0GmhkxHq4dhdZe5TBOjIQL-lcWKtl8lfwq4hgii9NUkZiPSY_DZwVnnt7dljZfqcf29oFNiyRJm3WUDTXXjzsDlCbfk8xXGA881lYRTj6UDrvaKqz_X-KZ31VOXyy7jek6ChOthuzWnXvdO3_aXpi1oN5FtXL0TvpQ1gk-FKngp8raEuU1ZTbwvQs2osDw3cx_6i_cp_J5xZdekVkp2am7lgIwcN_bir0SoaXvW43QKO-ssy1PK9e7gJx18p9rAKN4kSZyxXj_aVaBeat3TzxcO10ZAdeapiZxi7pDu1B4cVl3IJXyd8JTn_7GyrD3oorM57i0ijOJnihWvsYiI_n-SPPJj3AtXkehrryDzaDCu4SMD_0Y--7DOduMHbrPgccYWVK9WvOyBkC1fxqstDjJuoaXt83JsZDklG3WRw7t8E1p0wGTRYfO2vgIJ1MBhbg0yt5CX6qtnQxyKkn1vFsfdQQE_EBAIKcTdlC5IyXyJVp0ymS9fXqL6mZpWLbP3twp-0pbDuOqnhMRtqOovLFSNHb8UEuhx4LSC8z3M8XVC82mkoK5ZHXO12FAOwAyB2K89991NPPDwoDylds_NMV3Jie9Wg
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C304
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=2976159897700327&bg=!Tk2lTQnNAAaMan2LjGo7ACkAdvg8Wqxv-BeSxE2tlFeOmE50MJZzMVmdleciB47V0LshjnRgLUjFFAIAAAJwUgAAALdoAQeZAnGWJmcVZrtQGZBmh12HxrU1qrNVP0bmbLyuMb8a2ee_FxaZAAdD3p1J7sw-lmDrkFR8H4E7E5sKwa5sco1lJM5K80uVGx7hmoo9DbdkOaK0u-4ho1xPcHp5xyHAB14EPJ0knWypvJBw6yMy9qGSeCnRqLQCNOHv6O_qLyqdWUjc81UkAGwYh_m7Ki9UmJlB8YRL2cVGacaEduzmuzUs9gODCVhm_NlJAoYc6nuPw8QtyatlqSohKejgZSpj8DLgfPkiC6861JPUtaOjn37X2aRBguTwqwauKoMFyVfu2RIPCpPUe92kkLpV3l89yqyHeYjcJgP-Y8MhnJZuccwlHNahh0N8KCprl49R6HlsSqp0pPJ2WktFrT43OjCpINrx9aFTsPNcBT0EUFHt3H5kcHY8xZg8BBYfKfIg9cDSbCQvDY0pXqkoSOsDvFTofOjneUjSzeptkGObQ21T8LvtU_Q4nFT9qnMJc_I7PClQvH0dK7I73AiqbMz0M1nGOLgNXwnTKpzAuNaBG2YQ6LQs_kNMgKkCXFKTK47vZTCC_qGjgdO6ZISvTi-fTMwSRoO4BqROJKyAAMueJOqurx3DvPqwajzkB6gvKTyS-2CpHbcsEun7CcUI54PQSyyHoni6LWOwBYCtRDoLHxxEy_5vxpAX1I5B7FjnzkGVPefOz6oy-FNZtTt3pf7X4D2EmTqmYO6nco9pJV-yXjlXWFxXDqFe8Mss9JKd0lDdUwya9EA63DRhEnlo3WsbMIbOrqXCMVsEhh7DzlAlgZj0PYNSAj2uP_ZrMixX7NxPWcOFsuRyV6ohTtYSAwl2yzbGENV9neqZ
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4ABE
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:36 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame A061
102 B
132 B
Other
General
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6eff65f2a8eb488e25dbca7a506949b599a8f05b522ee54edab296459f8efbcf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=u31bif2gtaj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 03 Jun 2021 09:27:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E794
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=479889386847318&bg=!FhWlFVHNAAaMan2LjGo7ACkAdvg8WrCUrnoqEc19O6vEVKbfPGO65XOicSqVhJmJUnA8xpRmA_gT8QIAAAJxUgAAADloAQeZAnHgd4SgxNaqpo3Dw-VVOU38CRs9ze8UHCuYs2CQ4IJ7uXkOXguaqQnxxfBgQgoN5UbU40V2pSDZ5kIBtSZme6lUEf3xTCUcXNDkk20qGHsrQbGhkZ8cwGjj1fWaqgloTAsHsEN3VXAu6aMgUhBP7TxQx3rO02P6ifqa2S26ppJkt0QW2wQFVKEriEHc-49vxnubkZ_Te1CH_pnkYNii1BPNVnPwlV79YwwnGYG_AV82rHINDRrIGN7X7bx9T1SW11hGZmn-fwgy5RrYlOWXwq5zjdMJ9ZGKRTwXMV5p1XYtFzAXIH0WFnyS8m5mPlqsBGsSH6rx__iafjRkvu3MhBdtdPxHu7_4fNeQFhmDWnObCsJJRFPB5AHNL5-nQFHl-K1DWLrHd7SAg-WLyI5laj5zUyTNbFYAfx5M6EDJkZst5o2PQcyKsWwysur9F4MoFFSEMG_cknHS-y647TLI-a17_ttMT1OkiYAeWoO8HOR9NC6JRdhAiDvnt36jX71fKmxSAK-aABB-oTwHd5UdeFRBSnHOm3yAla8cy54Y6HMuxVD1uQ0vCU-rcmOdPuB59u_SHqGLXlKsN8Xzt4bgP7UpfsYC8umGj6wYrdhqhzXnaFUrzOrU4ZMzkMrLne1x5GIxQj_v2UMYV5G8fVEe5ZoQf547ApmTDsYmu0XHeLtqrLhJd-LZTtoT60eDxqx71jkm1gbelee3ZXCKjMB4jKdRG9hKqYiMYy1hGoxZuWLoIsyQljgS9XcbH-m7QJ5iZv3Vnpgs7MEdyomp4JWJzrHbMomcj-D9P3NcU8Av9n01uEkKFaBIqVI6Tr2t_eku9fPx
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adcryp.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
www.youtube.com/ Frame 4ABE
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?Y0Qu4A
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/4SXG17wiPzQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/4SXG17wiPzQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:37 GMT
pix
ads.rekmob.com/retarget/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=reklamstore&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=fBAjqPoryOd3DvlZHVzVW6gX&ssp=reklamstore
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
date
Thu, 03 Jun 2021 09:27:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
271 B
590 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
7206d4ee81cb225774079752a1bf40d6163d7f8cabbfcd79c3f103889a497742

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:03 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33561
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
3Gu5YC7l_o64GnaTd2AOwL-CG2ZlR9nKuNVGRAfW9-YMcQqxudh4Rw==
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=6zeasDEzBbnpnGICfJS8&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__6zeasDEzBbnpnGICfJS8&ref=g.cash-ads.com&_=1622712457193&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
075c866cd3208c16d575f1353e8dc9c303d3bc7b77d9187baf46e44a3af5472d

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:37 GMT
/
ads.rekmob.com/m/props/ Frame 772A
270 B
592 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9c7cf1ffffab38fd0849a66dc32136a0677370a18c1613bf390f68133ac52730

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33561
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
pETIbpPFQHwkVXyRiWqkTVm-qPT_FGAHPUEgZ0pLv543Jj99rUPRSw==
reload
www.recaptcha.net/recaptcha/api2/ Frame A061
28 KB
16 KB
XHR
General
Full URL
https://www.recaptcha.net/recaptcha/api2/reload?k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3be1361960213862b0c71f7ac5574b7dd4fb35f40da283e81e700a4a0ffcbf50
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LcwmpQUAAAAADngHn1V4176fcD2kw9Wp5jKYDSf&co=aHR0cHM6Ly9naXRva3UuY29tOjQ0Mw..&hl=en&v=sG0iO6gHcGdWJzjJjW9AY49S&size=invisible&cb=u31bif2gtaj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
1; mode=block
expires
Thu, 03 Jun 2021 09:27:37 GMT
/
ads.rekmob.com/m/props/ Frame 772A
272 B
589 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5d66b2361b1910b9139fd827bad6bde30c2fa0112451dc995047f05929227311

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33561
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
1IxFZJy5UVuGyUrSXMLrhms1dVTtPsKfcYNJoHFA6xaRi5f4sxkAlQ==
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=jDxHrSxBK5JFOpVWLwl7&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__jDxHrSxBK5JFOpVWLwl7&ref=g.cash-ads.com&_=1622712457303&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a1ba51d932ed36d7765faf1e9c5478f397a97c86fb3aa428c089ab0b83dc2ecd

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.209.181.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame BD56
16 B
232 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.181.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.4.19
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.19
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame BD56
44 KB
45 KB
Script
General
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-50.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 13:02:40 GMT
via
1.1 bfe6539ddfc76c3ba5ee5e95acacd26e.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
73498
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CDG52-P1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
K8ni6allDUNPBv80oEZ52tNrgBqAkahfKW_EGl245m8nivYYn5bnUA==
adp
ads.rekmob.com/m/ Frame 772A
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=oGxkgI7z2Dp4SGsAQEib&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__oGxkgI7z2Dp4SGsAQEib&ref=g.cash-ads.com&_=1622712457360&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
06cc1d484904f030fa44071fd1d00840a90fe95703176798f968066a148b10e8

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
16a932fa.html
gitoku.com/re/684486db7b6a0bb2d2198d524ab85989/ Frame 628E
0
757 B
XHR
General
Full URL
https://gitoku.com/re/684486db7b6a0bb2d2198d524ab85989/16a932fa.html
Requested by
Host: gitoku.com
URL: https://gitoku.com/re/684486db7b6a0bb2d2198d524ab85989/16a932fa.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gitoku.com/re/684486db7b6a0bb2d2198d524ab85989/16a932fa.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryqTkiToyPBRxlkBId

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:37 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Eg%2FXjnGCpV%2FBT1FvZBTGHqRD5GYHcEBKl16pXg5zaIp0eivkJg8rpWRfj%2BQuV9SZ0PeeiHjoFECXSiT0h4c4AI4C0HZ%2BgOhubUHd93VDRUJ7OCndzyvllMLoPZIzEmGOq0ZvWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, must-revalidate
cf-ray
6597e2fa89614abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc309500004abcaa031000000001
expires
-1
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:37 GMT
sync
odr.mookie1.com/t/v2/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
43 B
324 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:37 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
date
Thu, 03 Jun 2021 09:27:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
270 B
594 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fa3b732f98185a709919fde825ac9539c580c02d1516e9ebe9ca2312e8512f88

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
tag
w-it.m-t.io/ Frame BD56
18 B
205 B
Script
General
Full URL
https://w-it.m-t.io/tag?type=impr&date=1622712457370
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
ec19d9ac7e80bb2fd5c0421a0cd46fd6
cache-control
private
content-length
38
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=mKjTsomr4lbF2yLLquUX&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__mKjTsomr4lbF2yLLquUX&ref=g.cash-ads.com&_=1622712457409&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fd0e207199fff05e4e01d2b30e33aa21b2de05c2daf7d799d0981a118ee8efbe

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
e3cd8146.html
gitoku.com/fg/684486db7b6a0bb2d2198d524ab85989/ Frame 0796
0
757 B
XHR
General
Full URL
https://gitoku.com/fg/684486db7b6a0bb2d2198d524ab85989/e3cd8146.html
Requested by
Host: gitoku.com
URL: https://gitoku.com/fg/684486db7b6a0bb2d2198d524ab85989/e3cd8146.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://gitoku.com/fg/684486db7b6a0bb2d2198d524ab85989/e3cd8146.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryDbBi6i6RKebzZ0sj

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:37 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2F6ziySZZVnWn1mLWYFx1y8rFrlqPfbTZkiCNkB7iYrsQrvpkEolxqvjzSrHQHTwywtt3A%2B0VAK8ZcFShLmf7mgxs1WiTQTi0Jk4O0ppfve7O3S29S1XN4bi%2FdrUz8Qe%2F00Jl8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, must-revalidate
cf-ray
6597e2fafa7a4abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc30dd00004abcfc08a000000001
expires
-1
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4228
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2fb38a0a8c1-CDG
content-length
1146
cf-request-id
0a72cc31000000a8c14629d000000001
expires
Thu, 03 Jun 2021 11:27:37 GMT
5a1b9c9bcd394786b925816e44cc87a0
adimg.rekmob.com/ Frame 1994
27 KB
28 KB
Image
General
Full URL
https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd8d37964d54dedc218e5346e5442830ac85a24fec916f3f3a540d0f08037c33

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 15:53:43 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:22:03 GMT
Server
AmazonS3
Age
74733
ETag
"8bf981578b0ec356244ea5b3376c955c"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
27977
X-Amz-Cf-Id
mAdd4vySNmCfzabnhUabQ506TfPlBJnVq05obws6P3Ou1JC0NmjFBQ==
imp
ads.rekmob.com/m/ Frame 1994
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=e461d3f4a6e64b0a85463aab949296fd&rid=NjBiOGEwODkwY2YyMTQ1ZTQyZTk5Y2E5&adId=MTM3MA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4228
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2fb48a8a8c1-CDG
content-length
1146
cf-request-id
0a72cc310e0000a8c13c2d9000000001
expires
Thu, 03 Jun 2021 11:27:37 GMT
3e98d504e9b649c4b90348dbd73ebf0a
adimg.rekmob.com/ Frame D661
11 KB
11 KB
Image
General
Full URL
https://adimg.rekmob.com/3e98d504e9b649c4b90348dbd73ebf0a
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c3a7af4b5c014cb9378457992e04ccacdde9e15d47cf21ada01d6b56bbc60ce

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 16:56:09 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:18:03 GMT
Server
AmazonS3
Age
59491
ETag
"976f5c21a45780a23a87d284b8c8a7b6"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
11039
X-Amz-Cf-Id
85zkmZuyzn30nbtWSlVH_dQ2BlfVxjN1bPArkpJQH-K_MasMqgij5w==
imp
ads.rekmob.com/m/ Frame D661
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=e6bf00110c12437dafc5a42dab989069&rid=NjBiOGEwODkwY2YyYWJkZGRmZmI1ZTQx&adId=MTM2Mg==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
track
w-it.m-t.io/ Frame BD56
0
75 B
Script
General
Full URL
https://w-it.m-t.io/track?campaignId=205795&clickId=10475_205795_16227124560134_8392ec2496&programId=10475&expiry=1630488456&acc=wg&scriptTag=&type=postview&indicator=eba7c01697b1fb9c9d6915de2812e9fb&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
97dfc68682696cdcc6dee713256022f1
server
Google Frontend
date
Thu, 03 Jun 2021 09:27:37 GMT
content-length
0
content-type
application/javascript;charset=utf-8
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712457523&ver1=2.2.3&qid=230383f5530383f5434353&rnd=vnm0maw0pdub&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4228
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2fb98dda8c1-CDG
content-length
23972
cf-request-id
0a72cc31430000a8c13a17e000000001
expires
Thu, 03 Jun 2021 11:27:37 GMT
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712457591&rnd=vnm0maw0pdub&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4969
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2fc18fd4ec1-FRA
content-length
26
cf-request-id
0a72cc318f00004ec13a29a000000001
expires
Thu, 03 Jun 2021 11:27:37 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
159 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712457585644&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=vnm0maw0pdub&impid=&tps=49&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=23
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4969
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2fc19004ec1-FRA
content-length
26
cf-request-id
0a72cc318f00004ec134a39000000001
expires
Thu, 03 Jun 2021 11:27:37 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4228
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2fc594ea8c1-CDG
content-length
1146
cf-request-id
0a72cc31ba0000a8c13a184000000001
expires
Thu, 03 Jun 2021 11:27:37 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame BB79
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 18:54:12 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
59469
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
x-sPN7GXM1dCzbTRrp__UpySUZWZUUtlyNTaRV3ZthGPatY2gpDzbg==
imp
ads.rekmob.com/m/ Frame BB79
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=6e63ff67ab8747d1b7a25fa2d2992451&rid=NjBiOGEwODkwY2YyMTQ1ZTQyZTk5Y2My&adId=MTM2OA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:04 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712457707&ver1=2.2.3&qid=230383f5530383f5434353&rnd=21th2tr7ewl3&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4228
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2fcb995a8c1-CDG
content-length
23972
cf-request-id
0a72cc31f60000a8c1462ab000000001
expires
Thu, 03 Jun 2021 11:27:37 GMT
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
109 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712457770&rnd=21th2tr7ewl3&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4969
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2fd2c154ec1-FRA
content-length
26
cf-request-id
0a72cc323600004ec15b84d000000001
expires
Thu, 03 Jun 2021 11:27:37 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=16227124577652&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=21th2tr7ewl3&impid=&tps=51&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=10
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:37 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4969
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e2fd2c174ec1-FRA
content-length
26
cf-request-id
0a72cc323900004ec13c3a4000000001
expires
Thu, 03 Jun 2021 11:27:37 GMT
bootstrap.min.css
www.gab.ag/assets/components/bootstrap/css/ Frame CF4C
152 KB
21 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/components/bootstrap/css/bootstrap.min.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:21 GMT
server
cloudflare
age
4644
etag
W/"5df12465-2606e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AYH8jc7ObKEPCY7WXeTPCalq5c5q6SqEG%2BxWgfMvX4rudPct1eWxhUmHS8QwDnM5rMpifeDtCKdCvVbc58RN6no9NDijhWAlvKUSodnltyezxrLc%2BfZSmF1sgJMMld%2BmrjQX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3027cb32c2e-FRA
cf-request-id
0a72cc358900002c2e8733f000000001
font-awesome.min.css
www.gab.ag/assets/components/font-awesome/css/ Frame CF4C
30 KB
7 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/components/font-awesome/css/font-awesome.min.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:38 GMT
server
cloudflare
age
4671
etag
W/"5df12476-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HxF0KwjLQaKTVQd5zO91kNJBUvxt88mxQfTYHxYEXrvj9RkwkGeLZzv2xgztnDSxv0SXD4U8yV2uw9zydWRY81OkB9ojifSAM4CTTCAx2qHwy4yj0UGwGf4ctKhiedVDOMsM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3027cb72c2e-FRA
cf-request-id
0a72cc358a00002c2e712b8000000001
jquery.min.js
www.gab.ag/assets/jquery/ Frame CF4C
95 KB
33 KB
Script
General
Full URL
https://www.gab.ag/assets/jquery/jquery.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a69fb479b5382d113b7dd50923eeb1e743dfa6841500d28ab96b11a93f0abeea

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Sep 2017 16:11:33 GMT
server
cloudflare
age
4644
etag
W/"59c687b5-17ba0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Dsxsq1RFK0M3SEGjpwXdgYl2ULOdqsBFtvjl4tKrMNu61O4e%2FnvNpy%2F4aEsE8XpHoGSsxx0BYaixAQGkHwswCbX9iXCtpcWPLLVGv6Wd8HuBidZ3K1WFGYf22LpkvhEJZQzd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3027cb82c2e-FRA
cf-request-id
0a72cc358a00002c2ed099d000000001
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ Frame CF4C
21 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gab.ag
Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
9800906
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
7510
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by
cache-fra19146-FRA, cache-hhn4029-HHN
date
Thu, 03 Jun 2021 09:27:38 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ Frame CF4C
59 KB
15 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gab.ag
Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
3557543
cdn-cachedat
2021-04-23 07:14:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc358b000096c27d1b7000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1edfa969acb3be0bd7798ad472fe3975
cf-ray
6597e3027d6e96c2-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery-ui.min.js
www.gab.ag/assets/jqueryui/ Frame CF4C
248 KB
63 KB
Script
General
Full URL
https://www.gab.ag/assets/jqueryui/jquery-ui.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9852ccf03b383d1b3855c1983e18258fbdf07999ff77a68327ed0413466db4f2

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Sep 2017 16:11:37 GMT
server
cloudflare
age
4644
etag
W/"59c687b9-3dee4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=y3JdyTWj%2Bc0d7APapsbtidAxcR%2BiOmEcWS5dVodm9gxNLpB7PQDoKunf0ChjVrTa%2B8dPOISPWRtxG6kRHh1R9h969Ydj3JH7B1lHz2orpDTuh79Pk5HsQT%2BEhDXY76i4kPhM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3027cc52c2e-FRA
cf-request-id
0a72cc358b00002c2e9c892000000001
evolutionscript.js
www.gab.ag/assets/evolution/js/ Frame CF4C
14 KB
4 KB
Script
General
Full URL
https://www.gab.ag/assets/evolution/js/evolutionscript.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be2a4d9b5c58396029b73f7f4786649bf20be679133cccf2130741f3786348d

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 16:39:08 GMT
server
cloudflare
age
4644
etag
W/"5df11bac-37e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7%2B2gomYmqwIrAeIHl1t6n0ClZbfTSFB0AO6OnK8cuYER1zbCEkkO3SY0vmWTyy5C2oJp2Vlqq0ZqP4lwsij3UpkO9cQ9o4EfdPKbvJIi9P4jS9YTYWBiIB%2B0N8tGPnf%2F7FYo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3027ccb2c2e-FRA
cf-request-id
0a72cc358c00002c2e693a8000000001
l2blockit.js
www.gab.ag/assets/evolution/js/ Frame CF4C
4 KB
1 KB
Script
General
Full URL
https://www.gab.ag/assets/evolution/js/l2blockit.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba57ba8c83b63763e70005c9b1840d8d7e8c71611969265aa5675aae93ead18

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 16:39:09 GMT
server
cloudflare
age
4644
etag
W/"5df11bad-f2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=dLwugat60rAo1sisMsrnHJT%2BYd0Zt8akXN%2BuRIVCCMl6SrkHOfDOd96sF%2FaVMX3daKZX%2BPGBTrX9%2B0H3bupOCEi5cd7w45PM73ro94rPb3RHN6UkiMAbSW8XwhU2uiWNfOd1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3027ccc2c2e-FRA
cf-request-id
0a72cc358c00002c2ecfa42000000001
bootstrap.bundle.min.js
www.gab.ag/assets/components/bootstrap/js/ Frame CF4C
77 KB
21 KB
Script
General
Full URL
https://www.gab.ag/assets/components/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:30 GMT
server
cloudflare
age
4622
etag
W/"5df1246e-1332b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5vD1yffEDmQQLdD%2F71AJVZGHplXSzQu4GFZa5hu8mBNbnVYF9lK7ChkpUNo24zK4YTenuQ%2BZ2d4wQNvH%2F%2FQLDNZbnd4JaCa7gJXxjNM6inmrbdI3st4xtZGW%2BJNKQlZs8T%2FO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3027ccd2c2e-FRA
cf-request-id
0a72cc358c00002c2e92186000000001
sdmenu.js
www.gab.ag/assets/evolution/css/33brushes-styles/js/ Frame CF4C
4 KB
1 KB
Script
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/js/sdmenu.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9342eaeb6d2acb526ecb319ddbe84a493bd115040df5be3c83ec88ff3e337dde

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Oct 2017 17:02:15 GMT
server
cloudflare
age
4635
etag
W/"59f0c397-e20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Q1PI8luE%2F%2BnbyxcovXuZir6K7ezmb0lMsWeU39fT4g0kflrmtFuignxJK2zFhvSkXD%2BgX9Qy5soGqu9%2Fjct0ujvu3yVB4t0Qr10pz5H5Ghj6Dp8AyIC2UodDxJNKYjNagXFz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3027cd12c2e-FRA
cf-request-id
0a72cc358d00002c2e87340000000001
jquery-ui.min.css
www.gab.ag/assets/jqueryui/css/ Frame CF4C
31 KB
7 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/jqueryui/css/jquery-ui.min.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efaaa09c3b1e7b374e13123fe496ba19e53ac74386fa136d09fdb34701c76755

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Sep 2017 16:14:26 GMT
server
cloudflare
age
4642
etag
W/"59c68862-7b5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QeFyULWqlREX%2FYdtv8pG8r7FwGhtYWfFAnislX3pFtLhBuA4rnYLcJFY6rUDAeBlEJHuIKlcR1m%2BIKGV%2BLYj3CrOSfwyKJORR1VKYWoDVU9gTngnwSKAB4mXs%2BE9N4zjpgkV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3027cd32c2e-FRA
cf-request-id
0a72cc358d00002c2ebd345000000001
global.css
www.gab.ag/assets/evolution/css/ Frame CF4C
21 KB
5 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/global.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ae20896f1fa269e4a066a4f15cb0d0c0263c78f1bc3f69caacaa5e15f66aea0

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Dec 2019 20:27:25 GMT
server
cloudflare
age
4642
etag
W/"5df93a2d-55e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CmnFVKgyau6BqP3w0qlUp5di2jMtAor140ltd5D3dZxyECD4VmBPKOeG%2B7UQsFE2BTgTC0i2k%2FbYSJVZ09DHBpCFCnuoR9DC8%2BF4yLzuexDTqSuEScZp4FYB2JYayPVE53aV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3028cf12c2e-FRA
cf-request-id
0a72cc359300002c2ecfa43000000001
site.css
www.gab.ag/assets/evolution/css/ Frame CF4C
25 KB
6 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/site.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae757987affdde9f2411be14b4cd5f17a0ad6eaa744e9f7ecca8338466055bbc

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Dec 2019 20:22:00 GMT
server
cloudflare
age
2948
etag
W/"5df938e8-62c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NXbii1UVYepbnuZsb4ILA9O2uaoKs5u72XERTbe2q%2BPR5XG5deWTBVozvdeDOjcNuXToelZgqxWLmWu6xs1Qs35GeJvZdh4nOyTROzM8O5kJ47oVcpP8sn7u8GmdhH%2BZQgw%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3028cf32c2e-FRA
cf-request-id
0a72cc359300002c2e94bce000000001
core.css
www.gab.ag/assets/evolution/css/33brushes-styles/css/ Frame CF4C
43 KB
7 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/css/core.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd62e8a4e85eae2ab9c3143ffb85ec24428af4b98b2df89e75903ea7bc33493f

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Dec 2019 20:45:01 GMT
server
cloudflare
age
4622
etag
W/"5df3f84d-ac4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LOOJcRuY%2FTX69ETJPo%2BNKCIo%2FRc5ygZAfyRbWCYVRNj7kKNyqxo8ZpKEXg0uDxpsMIk3jYunVsUfZKcQkA2tXbA%2FDOSmxyfSo4Crp71qhDFpnjC46T1OAzMAho8FSzfKh90%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3028cf52c2e-FRA
cf-request-id
0a72cc359400002c2ec6b60000000001
33brushes-custom.css
www.gab.ag/assets/evolution/css/33brushes-styles/css/ Frame CF4C
114 KB
18 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/css/33brushes-custom.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1376c0b817203f501f2be50a8bc4ca8b67e4e069f3dbd7775eaa7ef9b65c77

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Dec 2019 07:07:51 GMT
server
cloudflare
age
4635
etag
W/"5dfb21c7-1c74a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TLtGpNx0kCJoAIxLCEHo1Ck3KY%2B7hqVx%2FtToCFfoHQOfaqy69jkzkbxNg6tb8WzoLH%2BKyLgjvkTO1SW6iR5YpYlfGQFi%2FGPeir9IozC5YRkG0nOUbeFxLgPF3pDHCn5vDtVZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3028cf72c2e-FRA
cf-request-id
0a72cc359400002c2e601da000000001
cus-icons.css
www.gab.ag/assets/evolution/css/33brushes-styles/css/ Frame CF4C
36 KB
5 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/css/cus-icons.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c00d3d5af73123689b9baf2b54f0f7a08ec93f68cd6c15c61dbae8ebb7db90e

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Oct 2017 17:01:46 GMT
server
cloudflare
age
4622
etag
W/"59f0c37a-91ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w3kVQVLdwX4sgGpWE1pZO3452kF6VMAJ%2Fa7w7B8ghn%2FmwPRfY1OV363eyMK%2B%2FFp1NWjTSk0SPr6fmWSXS0c96lGDnfzc%2BynAvlXHQcE%2BJCQfVrAh3JyU9qQJPWIJElKdFznC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3028cf92c2e-FRA
cf-request-id
0a72cc359400002c2ea1048000000001
sdmenu.css
www.gab.ag/assets/evolution/css/33brushes-styles/css/ Frame CF4C
2 KB
1 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/css/sdmenu.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f0aaeb1391bc2af45ecc74f7db25f1bb39a5fa82c7e721c3118d2273725291

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Oct 2017 17:01:43 GMT
server
cloudflare
age
4635
etag
W/"59f0c377-8f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HWrYj4MedGR0P59Byc3BUBn89Cqn5sBZiGrYd4RqpJ%2BRUr9ZQ0bdVgQT2YsEle68AZ1Gs66Hy3l9joH6JmD9UMk7D%2FzafFwnhUDmzvKjEKcxZsWLiYzeb71yg%2FqgYHFEocLF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3028cfa2c2e-FRA
cf-request-id
0a72cc359400002c2e6bbc8000000001
css
fonts.googleapis.com/ Frame CF4C
6 KB
752 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 07:31:57 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:38 GMT
css
fonts.googleapis.com/ Frame CF4C
1 KB
564 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Caption
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4648845d5a4e1e4dd362de39677b2b09005d63a93ea458c0505779bc11abb939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 08:56:35 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:38 GMT
css
fonts.googleapis.com/ Frame CF4C
9 KB
816 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:02:07 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:38 GMT
widget.min.js
arc.io/ Frame CF4C
7 KB
3 KB
Script
General
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-40.cdg52.r.cloudfront.net
Software
/
Resource Hash
af7db5051724091f7eb9492f1a29064c37889cad5959564a4fa4ecf9f8f5da6e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 02 Jun 2021 22:27:26 GMT
age
1392
etag
"60b805ce-b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
date
Thu, 03 Jun 2021 09:04:26 GMT
x-amz-cf-pop
CDG52-P1
content-length
2895
via
1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront)
x-amz-cf-id
AbYquh8iMLhg6D5_lxYZVnfU9xRpfkYqlUF8904RIACqh4PgYT0ayg==
3959740.gif
s4is.histats.com/stats/i/ Frame CF4C
2 KB
3 KB
Image
General
Full URL
https://s4is.histats.com/stats/i/3959740.gif?3959740&103
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
3cfd35402895b1ce785d0ed3305eedd7955cd9cd13503684cb9648892a62a894

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:37 GMT
Connection
close
ETag
-369646471
Content-Length
2441
Content-Type
image/png
969200
adhitzads.com/ Frame CF4C
447 B
612 B
Script
General
Full URL
https://adhitzads.com/969200
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb0956632beb2db3c5099d6000ac4875a7373695db584327aa079b582e838da

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LIscETzl%2FAF7fSZxDnOP5xNLJ8x2K2dTsyPg%2BxjdBfx%2FHukxcSrwdjGTpgJUst%2FJTnp%2FNc%2FNMJVlURMpDIxUjNjAMJeTX1HnG9%2BQvkh2fKaVGBCVqDd3sBhLrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=3600, public
cf-ray
6597e303597b083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc36140000083f46860000000001
expires
Thu, 03 Jun 2021 10:27:38 GMT
1047672
adhitzads.com/ Frame CF4C
448 B
938 B
Script
General
Full URL
https://adhitzads.com/1047672
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fd4d63ec221017a4be24d2194abe9188f300b98946f29a1e2ddb0e7ce64e374

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iPbaN2W0KQxfT4Dna7H6gLiFeoVNyhE48cqqRew7poiZywC8ozzQjhbWAySEjemN1zbzUGtL0Cc0B7DV9pXcTtuPh5OushQVSoGX9QRLtObEEcHSGn%2FFae1aFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=3600, public
cf-ray
6597e303597e083f-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc36140000083f3bb9c000000001
expires
Thu, 03 Jun 2021 10:27:38 GMT
uGtr2LB.png
i.imgur.com/ Frame CF4C
184 B
510 B
Image
General
Full URL
https://i.imgur.com/uGtr2LB.png
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d0db53c29f47ea31122d7c6b88a22220ca50ce9a298abea4471d36f76d26b8cc
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
x-content-type-options
nosniff
age
10897180
x-cache
HIT, HIT
content-length
184
x-served-by
cache-bwi5124-BWI, cache-fra19131-FRA
last-modified
Wed, 01 May 2019 01:25:45 GMT
server
cat factory 1.0
x-timer
S1622712459.919217,VS0,VE0
etag
"07b3d6c272c58faaa685ec68acd61b3c"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 748
reklamstore.js
adserver.reklamstore.com/ Frame CF4C
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85721a6602da0b1be0c1bedca8a2db934b8f6bc9fffc14be4b0a48c2ed9cccf2

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33562
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
HW5muVzuTABZfnitJnX6LIcilIDuB3VVhaiQbgq0bfdcLmyenKt1jQ==
969390
adhitzads.com/ Frame CF4C
447 B
941 B
Script
General
Full URL
https://adhitzads.com/969390
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5e5250f5e145b8941a549bd962a93b3ba45c55868cb13e9e439fd2f02a5763

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RSYWPFL75UJtcKKWO39koq5XKxq7pnVFvchTAMuN7EkjouofEpcEICrwmubdOoNI7ewwXICoYlHkEcCH9xuVe%2Fg%2BYOaE62ObKWOeKR3dLIULKAoLYWaFrDU12A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=3600, public
cf-ray
6597e3043ab7082c-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc36a30000082c740b1000000001
expires
Thu, 03 Jun 2021 10:27:38 GMT
jquery.blockUI.js
www.gab.ag/assets/components/blockui/ Frame CF4C
19 KB
6 KB
Script
General
Full URL
https://www.gab.ag/assets/components/blockui/jquery.blockUI.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:05 GMT
server
cloudflare
age
4580
etag
W/"5df12455-4dfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9fa9M2Zviwmq%2FeMZZmY9IoqCx%2BdLfICTm0o0BZPpomVk18S%2B5ErdbiqFjV%2BbssDdrolXkLKBhYcZ8aLMHnty4NmJUv%2FU7dTl1IXJK8Jii%2BRg8dcmEvi4pp6yXFXiL9U0oZ75"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30408de2c2e-FRA
cf-request-id
0a72cc368300002c2e7f99b000000001
ajaxSubmit.js
www.gab.ag/assets/components/ajax_form/ Frame CF4C
2 KB
829 B
Script
General
Full URL
https://www.gab.ag/assets/components/ajax_form/ajaxSubmit.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3474f9e42f470faef4db25d456e1370e9cdacef7deab620d90362e86f2d933e

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:03 GMT
server
cloudflare
age
4607
etag
W/"5df12453-77a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=htfXTXp%2BJnFZyaTyI0%2BP3N0AeDXRdXs2AI0zJoBic7xxONs%2BM9j6pn3dOkXE0ORqUbnSfoECizh377QTJGOqWvWTktUf9HQTEeRN4NTnEpFyzXYlXiAp4Lh14Sw4ZWM%2FV9v%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30408df2c2e-FRA
cf-request-id
0a72cc368400002c2e5e837000000001
alerts.js
www.gab.ag/assets/components/ajax_form/ Frame CF4C
1 KB
840 B
Script
General
Full URL
https://www.gab.ag/assets/components/ajax_form/alerts.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6491f4fd82597aa8a54e50b21a3d98427153039ad0dbc6bd99639a77e90cade2

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:03 GMT
server
cloudflare
age
4606
etag
W/"5df12453-497"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HTO%2B5%2F5hWtSXPmpcx8q%2Bz0b6jWlgMkI%2BXTl2ieNuoRMv3Llu5kIIAfvCNHDqnlFBSt8YLktwPsMF4MbB5HUiXtjNWX0m8uVy2qwwe7LTlQblILYPlVbLzm1oNz9UR5WmDLc%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30408e02c2e-FRA
cf-request-id
0a72cc368400002c2e8735e000000001
forms.js
www.gab.ag/assets/components/ajax_form/ Frame CF4C
4 KB
1 KB
Script
General
Full URL
https://www.gab.ag/assets/components/ajax_form/forms.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcca172fb8956a6cb32cc2e0938b4658afc275ddabe650e890cfdd13924c9d44

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 23:29:29 GMT
server
cloudflare
age
4580
etag
W/"5f1f6359-10bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TG%2FzPUI6JP1fXZxsfxKYhvC9QBXjkyThstLMCX3lsJ4Wd3YZF%2FkeEFctag6SBr87FdyQB9fCXmoZiIivYBxIN1wCkZFgnvG7ymVAQkEicBBcC9CKnW8BlDXgkY37OKSMBm92"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30408e12c2e-FRA
cf-request-id
0a72cc368400002c2e8e8a5000000001
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33562
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
_XZGzwpQWkv2TaxedtrriQ_fbmj3POKuyP88dPDjLnpaPzASn6ITOw==
uicons.css
www.gab.ag/assets/evolution/css/ Frame CF4C
71 KB
8 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/uicons.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/assets/evolution/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3e012f4506ee657c139ef677a5b5e8ce4504655cb7ac403a2cfe6e5a1af425

Request headers

Referer
https://www.gab.ag/assets/evolution/css/global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Sep 2017 16:13:32 GMT
server
cloudflare
age
4551
etag
W/"59c6882c-11cf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YQVpGVRgCSPa7r0thvzw71lFeMFRA8iRmadQTWUycZRXnv7vVutzvIVBhA2a7YvNM%2F0qi2BKCEwECeaRSJRGi7PnMDadRSL9oyT8SrxvN79bMcCUSJRFqMiHiqu1el4hAObd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3036f572c2e-FRA
cf-request-id
0a72cc361c00002c2ecb932000000001
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:38 GMT
pix
ads.rekmob.com/retarget/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=0ebff9c7-3916-4d23-97e4-11820ec31688
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=reklamstore&expires=10&bsw_param=0ebff9c7-3916-4d23-97e4-11820ec31688
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:05 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
date
Thu, 03 Jun 2021 09:27:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
271 B
590 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
7206d4ee81cb225774079752a1bf40d6163d7f8cabbfcd79c3f103889a497742

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:05 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33562
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
pIbG4TgqPovvZ26bITtaenJaGpI12KEs1gfwiGG0zLC1GJ6UOqo8fg==
/
ads.rekmob.com/m/props/ Frame 772A
270 B
592 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9c7cf1ffffab38fd0849a66dc32136a0677370a18c1613bf390f68133ac52730

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:05 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33562
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
AdCssU0KunWLKP72F2b-efZw8Bl6Fm1hyzz0ay6hIcWWHuoQm1KslA==
adp
ads.rekmob.com/m/ Frame 772A
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=gUL1yelQrOxpBUJw2ER4&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__gUL1yelQrOxpBUJw2ER4&ref=g.cash-ads.com&_=1622712458830&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
2ae4d9a37ad3cf962f42f22af3b5139e542dc7716e0d23f53e4adde9f6960e6a

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:05 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
ads.rekmob.com/m/props/ Frame 772A
272 B
589 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5d66b2361b1910b9139fd827bad6bde30c2fa0112451dc995047f05929227311

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:05 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33562
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
kICdTdxHw1gqKP7tT1ioSNJIghHuYu6ohu_tGwCIIcVb_A4oTbGwbA==
ga.js
ssl.google-analytics.com/ Frame CF4C
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1293
date
Thu, 03 Jun 2021 09:06:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 03 Jun 2021 11:06:05 GMT
860840
ad.a-ads.com/ Frame 3DCE
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/860840?size=468x60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
cb84a7fda107c5453a77b2b3f0cafd748e87edc92c724bdd7d305259ac6569b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:38 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.gab.ag/
Content-Encoding
gzip
Cookie set A860A4556C60
mellowads.com/view/ Frame 757A
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f253831020e5ae7321ad3edf518d572241f9b1c9ff851182dce965e3c9bfa9

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:31 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc368b00002b71d2815000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e30419ac2b71-FRA
Content-Encoding
gzip
adp
ads.rekmob.com/m/ Frame 772A
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=EESNIJ6MzVPbBGSF7y6b&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__EESNIJ6MzVPbBGSF7y6b&ref=g.cash-ads.com&_=1622712458892&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
988d6e066a6f4841c27aa4a68d19568a38358c3339d021c582d8c4af4ae549f6

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
p3.adhitzads.com/ Frame CF4C
944 B
809 B
Script
General
Full URL
https://p3.adhitzads.com/?z=969200&p=2481549503&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=1
Requested by
Host: adhitzads.com
URL: https://adhitzads.com/969200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
cb94cba3fdefa631188ac4ef49933f93ee66bc7fac39fd6fb7d178a9de151d58

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.6.40
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc36c70000083f82193000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IH%2FFYz2N%2FwHidlb5IbHqkANJ7lyM5f%2F3bKWE5%2F6vck8%2BKgzIlToCe8Wz9SkMUJvrDdH8wj5%2BfIomhfidWkGZXiTF75nLLdkORCwWiRcBgnzXEc6LtpXSuPDWHf4dPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e3047c9b083f-CDG
expires
Sat, 26 Jul 1997 05:00:00 GMT
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=a5sIJ65kU6igO1Emmdpl&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__a5sIJ65kU6igO1Emmdpl&ref=g.cash-ads.com&_=1622712458949&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
f62f16de4fcde6d16e92a3f070538e622afbc2a33ef041d212883eac02d1f838

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:38 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:38 GMT
/
ads.rekmob.com/m/props/ Frame 772A
270 B
594 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fa3b732f98185a709919fde825ac9539c580c02d1516e9ebe9ca2312e8512f88

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:05 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
468x60
static.a-ads.com/a-ads-banners/172759/ Frame 3DCE
141 KB
141 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/172759/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/860840?size=468x60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
428910566f0044046badf3d52a9a8a84be4f9b862c74811c048527fadcbcca3b

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:38 GMT
Last-Modified
Tue, 01 Jun 2021 10:23:34 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
HDFFXHTQMGYTF9VG
ETag
"b05c82584a052724851296cb582886ce"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
144084
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
Zrvalc.oo2F9YEcpdJsen4oihQyNQN02
x-amz-id-2
ogy50ayEjpyTtIZVpWp0myrqmf2U0FX0/twUpnH/jNvK5wZgLwlddytUHQte7qXLdSD3OAMG174=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
core.js
static.arc.io/widget/js/ Frame CF4C
305 KB
89 KB
Script
General
Full URL
https://static.arc.io/widget/js/core.js?c6b0387
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54cf69fe7b9b56e7f8c10e74293e3d5be5b3579b0355620a9f56b1f3f8c63729

Request headers

Origin
https://www.gab.ag
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:29:21 GMT
content-encoding
br
vary
Accept-Encoding
age
39499
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"8f8c3a87f7579bb2c286660cbc1a1325"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
WrqxUnwn-2udIF-YTTEDno2Zl5_K4YZGYd0I_uWTCmAMsEG-DU-xZQ==
broker.html
core.arc.io/ Frame D41C
2 KB
936 B
Document
General
Full URL
https://core.arc.io/broker.html?c6b0387
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-41.fra2.r.cloudfront.net
Software
/
Resource Hash
7f1b840e7fe64080c79a2f1d946dbd74b76ea9880999a12637487e688490d670
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
core.arc.io
:scheme
https
:path
/broker.html?c6b0387
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

content-type
text/html
content-length
493
date
Wed, 02 Jun 2021 22:29:07 GMT
last-modified
Wed, 05 May 2021 02:49:38 GMT
etag
"609207c2-1ed"
content-encoding
br
expires
Fri, 02 Jul 2021 22:29:07 GMT
cache-control
max-age=2592000 public
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
iwnvgQduckpDoTIlCVcJcrhLTR9-Av3HzcfwnCqe0Bq65MhurWNI7A==
age
39512
adp
ads.rekmob.com/m/ Frame 772A
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=pMXaHr0rV7PDCmuG44ZC&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__pMXaHr0rV7PDCmuG44ZC&ref=g.cash-ads.com&_=1622712458991&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
c677e7d7e79165d7b34ae43cebfe98d6a3b6772e556aa0377ef10e682ca95f73

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
60b8a08aee920744201190ggab.ag186931
p3.adhitzads.com/ Frame 4749
2 KB
2 KB
Document
General
Full URL
https://p3.adhitzads.com/60b8a08aee920744201190ggab.ag186931
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=969200&p=2481549503&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d86b9b3f0356f4d62eb9f47c4863b883131889ebe389f9cb6b891d1f7b9bd2

Request headers

:method
GET
:authority
p3.adhitzads.com
:scheme
https
:path
/60b8a08aee920744201190ggab.ag186931
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:57:39 GMT
cache-control
max-age=1800 private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a72cc371a0000082c3d303000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7fmoR%2F2TfDd3ODkw%2B92Szvqpqr6MGobDNoTVDkasTNtPaYq7S3JXcxc5GuPs49BCVI1QWzIxqjSjy7gHVq2mbYG89%2FkD0PjkIyKQ%2BIn19Sw%2BFovqphsIMgRZf4dH0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e304fc93082c-CDG
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1622510797_cmp_421195.gif
p3.adhitzads.com/s/ad_files/ Frame CF4C
118 KB
119 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1622510797_cmp_421195.gif
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b45d1f3593659ce4ee8729c5aa8af1168f0bfd62f46f3b8d9190b9896e1db1c

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
198351
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
120827
cf-request-id
0a72cc37200000082c6699f000000001
last-modified
Tue, 01 Jun 2021 01:26:37 GMT
server
cloudflare
etag
"60b58ccd-1d7fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=KpdVzLnDTz%2BPQURhKVEz8XrGFYxoWd2VqoAFLjVnscD7ARDOThKpAk4%2Fm3ZAHKMPyJstymu29anjoq%2FiQe4212WJ6Qnok%2F2y%2FLWBI1WB%2Fjcj9nwk%2FSUb66lFsOjVvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e304fc8d082c-CDG
expires
Thu, 01 Jul 2021 02:21:48 GMT
bannerslink.png
p3.adhitzads.com/s/ Frame CF4C
1 KB
2 KB
Image
General
Full URL
https://p3.adhitzads.com/s/bannerslink.png
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
966753
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1323
cf-request-id
0a72cc371a0000082c75b75000000001
last-modified
Thu, 20 May 2010 21:29:39 GMT
server
cloudflare
etag
"4bf5a9c3-52b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gFqx%2FTXhw8eYnLg3Xz6MiN2GeUI3x3eMwJDZbt4Sz4rWrqF3T%2BNSUQoWs7DTuNhGy1GWy4BuyWfZhHjWBz7KtV11DBkXY4RXIqx97lZseNnkcIC8SNhD57vlQa7DCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e304fc95082c-CDG
expires
Tue, 22 Jun 2021 04:55:06 GMT
bannerslink_hover.png
p3.adhitzads.com/s/ Frame CF4C
596 B
1 KB
Image
General
Full URL
https://p3.adhitzads.com/s/bannerslink_hover.png
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e886ca7137283c676a0af2a3e2f120df39d976823726e6216d95f738b140d242

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
966751
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
596
cf-request-id
0a72cc371a0000082c13031000000001
last-modified
Thu, 18 Nov 2010 20:43:06 GMT
server
cloudflare
etag
"4ce58fda-254"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=XQNc%2FQV%2BXi8WOill8Gd8twvtudxHgEGhJd%2BxrNokl3X2%2BWqOCdzv2tlpSsV3XjfHkx1KuBQHyqAFRE%2FapDzCvM7T%2BThPh3al4VOzQbS1l6shwLc8mZjPfpyhi0O%2FJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e304fc96082c-CDG
expires
Tue, 22 Jun 2021 04:55:08 GMT
Cookie set A860A4556C60
mellowads.com/view/ Frame 1AE5
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31f18538aae63742917ccaf38b1e03a4b3e79b750377f129154441ebcb96429a

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:32 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc371800004ddccd9ca000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e304e9604ddc-FRA
Content-Encoding
gzip
Cookie set A860A4556C60
mellowads.com/view/ Frame B5C7
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
712d2f93ab86ee61953d57fd9a1336d47bdb03dceec20d854288c60ad5ebb944

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:39 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc37200000beba7fac9000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e3050debbeba-FRA
Content-Encoding
gzip
Cookie set A860A4556C60
mellowads.com/view/ Frame 289A
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6290d3a1579a75c612ad8d3942c10fe4fb1b3e174e7df9bbe8dce20e82068189

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:44 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc37200000d6c5230f1000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e304f891d6c5-FRA
Content-Encoding
gzip
Cookie set B8AE533AA3BB
mellowads.com/view/ Frame 9493
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/B8AE533AA3BB
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3349e63272862da96df3644f36467cae7957ed00854aa35d975a6c44a82f982

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:52 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc372000002bc288b27000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e3050a652bc2-FRA
Content-Encoding
gzip
/
p3.adhitzads.com/ Frame CF4C
954 B
1 KB
Script
General
Full URL
https://p3.adhitzads.com/?z=1047672&p=2481549503&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=2
Requested by
Host: adhitzads.com
URL: https://adhitzads.com/1047672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
1d65ccd5a4c6522d9d01148f94a59e58050b9891e65f472b44ff991c5bb8f81f

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.6.40
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc37260000082c3321d000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0e6coFidM1BvXwe2K59dv1NS3p6EG0kWuZ6voS5Gjqtfrw%2BGc9FT4cBt0iplKS3tlOYp0gtq8pHCrIYpQME%2Fmi5AWIMcwnZv5HQQdQJm0tWgoBMSNUmSDYjlQSsk5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e3050cc3082c-CDG
expires
Sat, 26 Jul 1997 05:00:00 GMT
vendors~widget-ui.js
static.arc.io/widget/js/ Frame CF4C
93 KB
31 KB
Script
General
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a97573fb98d12e72469bd719502cc07964386b1d274f46c8a1aecc246faf5916

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:29:26 GMT
content-encoding
br
vary
Accept-Encoding
age
39494
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"520b74b9d66dcf95cd6398794c2ad023"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
nF2yR_ft1zGs_z2rLOHxBGu4XX8qshRg89RpsN_2Pv-6D7bKTUXLXg==
widget.css
static.arc.io/widget/css/ Frame CF4C
84 KB
6 KB
Stylesheet
General
Full URL
https://static.arc.io/widget/css/widget.css?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:30:01 GMT
content-encoding
br
vary
Accept-Encoding
age
39459
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
niSgTcjrOiv6ith07qhk-p7fzyJhFTC42U5YZ6KcEKYbkRuwE_7kfA==
widget-ui.js
static.arc.io/widget/js/ Frame CF4C
40 KB
12 KB
Script
General
Full URL
https://static.arc.io/widget/js/widget-ui.js?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dc91b7deab415797539622fd50d18e8f8b674ac37e525070b592ad3c7f8b96b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:29:27 GMT
content-encoding
br
vary
Accept-Encoding
age
39493
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"ce2a4cd559f434679a1989acff0effea"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
kvmQLVQte06mwrqbX7squifVbzCUM8YIZvFQfNpDImkDkvEwAdVQTg==
broker.8ade32c4.js
static.arc.io/broker/js/ Frame D41C
23 KB
9 KB
Script
General
Full URL
https://static.arc.io/broker/js/broker.8ade32c4.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e67a62c23c04cf1f7f2ae3615dc16e99ff318a5238a311287ce9dfc74d79ef36

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2448342
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7f8131981b3050291ebfde5200590514"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
BfqxQpXy1wwm94n6fhMnZJA7gnB7b3RAC6CUtoqhE1XOiEZEec1gfw==
chunk-vendors.85cb0bd7.js
static.arc.io/broker/js/ Frame D41C
49 KB
18 KB
Script
General
Full URL
https://static.arc.io/broker/js/chunk-vendors.85cb0bd7.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87d5ef022a7dcf0361ac7c406f0a85a16712db4e66ee2363941c2a9f412fb27a

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2448342
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"c34d69d2acc5361be94bab962c0f07eb"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
wDeKrJxAZeRlXuQrHcB0iJlUNq63yWByOXNlI97K1f3sJcKomUIg6w==
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame D41C
0
5 KB
Other
General
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2448341
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
IDYdFbOkxR0eP3zePORn1gVlQMOZw8xsutd4K8w3XrMcj9fACrJSMA==
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame D41C
0
14 KB
Other
General
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 19:18:41 GMT
content-encoding
br
vary
Accept-Encoding
age
1606139
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
uMjw3qmSXeUoX96SeaaoCe45_bPBSFyghD46_cm5wkD3wQjdFLfZzg==
1622510797_cmp_421195.gif
p3.adhitzads.com/s/ad_files/ Frame 4749
118 KB
119 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1622510797_cmp_421195.gif
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/60b8a08aee920744201190ggab.ag186931
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b45d1f3593659ce4ee8729c5aa8af1168f0bfd62f46f3b8d9190b9896e1db1c

Request headers

Referer
https://p3.adhitzads.com/60b8a08aee920744201190ggab.ag186931
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
198351
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
120827
cf-request-id
0a72cc37880000082c392cb000000001
last-modified
Tue, 01 Jun 2021 01:26:37 GMT
server
cloudflare
etag
"60b58ccd-1d7fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GC6muqhg%2FTplEAFDt5Krxy9dxEl7KwuVn7PIvqTL%2F1iByHj5Wk5nGYeBkD1nzysvlwfDJENjOMNzbvw%2BXtYA%2BQtUr31gFL968nSne5QzMv2DGCTVtVnW2ozmbEKRVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e305ae95082c-CDG
expires
Thu, 01 Jul 2021 02:21:48 GMT
60b8a08b1175c382537204ggab.ag186931
p3.adhitzads.com/ Frame 2CEB
2 KB
2 KB
Document
General
Full URL
https://p3.adhitzads.com/60b8a08b1175c382537204ggab.ag186931
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=1047672&p=2481549503&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29526fc8d43a74de4d259ff56e5b8e06bdce2a9ee26f7bcc28c88ac1cfc5113e

Request headers

:method
GET
:authority
p3.adhitzads.com
:scheme
https
:path
/60b8a08b1175c382537204ggab.ag186931
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:57:39 GMT
cache-control
max-age=1800 private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a72cc378e0000082c43bbb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=S8vR%2Fp5nJ9E93%2BH1ypTRrylBKQqZ11asQMlfY02XNPiWVelngfrIOcE6ycjqPV59pG3KEj3kIN5pJPEgF%2Bbah9Lere2VZYUJg7lV3%2BOi6crWRTVTjFb0vnm8No8atw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e305aea1082c-CDG
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1622462657img_ad_cmp_429561.png
p3.adhitzads.com/s/ad_files/ Frame CF4C
100 KB
101 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1622462657img_ad_cmp_429561.png
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df68274871a0f3da2b68d287ef020d6e15111aa845d9864a256d98449b02f6a

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
235795
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
102492
cf-request-id
0a72cc378c0000082c6f219000000001
last-modified
Mon, 31 May 2021 12:04:17 GMT
server
cloudflare
etag
"60b4d0c1-1905c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QxZsNDC0rDrUM59sijQMGF8MDkRR6axYlKu3wgoQ%2B8auJZS24CgaickTXlZa%2Fo1J9FTd7lbZvUcqNYAKWt1%2BEe3QgX4SAAlBrWcpwphNgzgqee0dQPolJT4v7W2%2BtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e305aea2082c-CDG
expires
Wed, 30 Jun 2021 15:57:44 GMT
Cookie set B8AE533AA3BB
mellowads.com/view/ Frame F366
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/B8AE533AA3BB
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a6f5f6cc21b452b60d616b21673710400b70c9c79890fc10664b4fce3130c59

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:53 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc3788000032607c283000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e305aa9f3260-FRA
Content-Encoding
gzip
1410164
ad.a-ads.com/ Frame 3812
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1410164?size=728x90
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
29b6cd6b34a4f31faaa51ff355f5cbc83abc4e9fbf45ed238e5e97fde51de94e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.gab.ag/
Content-Encoding
gzip
publishertag.js
static.criteo.net/js/ld/ Frame CF4C
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:39 GMT
pix
ads.rekmob.com/retarget/ Frame CF4C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dreklamstore%26bsw_pa...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=46edafa990074ca6a70337ac1c3a1934&ssp=reklamstore&bsw_param=0ebff9c7-3916-4d23-97e4-11820ec31688&gdpr=&consent=&gdpr_pd=
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
date
Thu, 03 Jun 2021 09:27:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame CF4C
320 B
621 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=553524
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5087f1b703ae43df7c4dbc79728e283d3d5c4fc82bdaa1962df54d0f5907a896

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
gtm.js
www.googletagmanager.com/ Frame CF4C
82 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de22330701bb91c74cb65f3dd72208e816220e154b854ae38469e8bc6aab7bf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33171
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Jun 2021 09:27:39 GMT
reklamstore.js
adserver.reklamstore.com/ Frame CF4C
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85721a6602da0b1be0c1bedca8a2db934b8f6bc9fffc14be4b0a48c2ed9cccf2

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33563
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
Tbd3ULqfHH0rExefbmXsZOXxSHGuxGdi3s1rOlqdZNjiZw3rijbkog==
/
ads.rekmob.com/m/props/ Frame CF4C
320 B
621 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=555005
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
b23b15c185b96405769a3556bcdefa4e12bc9e49cd1c3d59e5ade1affba71b86

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame CF4C
320 B
621 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=553524
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5087f1b703ae43df7c4dbc79728e283d3d5c4fc82bdaa1962df54d0f5907a896

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame CF4C
320 B
621 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=555005
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
b23b15c185b96405769a3556bcdefa4e12bc9e49cd1c3d59e5ade1affba71b86

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
p3.adhitzads.com/ Frame CF4C
944 B
1 KB
Script
General
Full URL
https://p3.adhitzads.com/?z=969390&p=2481549503&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=3
Requested by
Host: adhitzads.com
URL: https://adhitzads.com/969390
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
aec209d26d31d88600921c21a37b246ea7f95f2cea2d0c464d96aac857cbaba4

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.6.40
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc37c30000082c781e8000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t9ciK31cRoQFyPEwXVwyVhDx%2F7gYRDqP%2Fb7ndoBWFoV7tBKfZttKr1gzQSET%2F6zGNDkIpinLw12w%2BnY7S3G0grHTA5zkcMRenqwePcEUvg3z53UmtG9Szf%2BnyOF3cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e3060fd5082c-CDG
expires
Sat, 26 Jul 1997 05:00:00 GMT
brokers.js
static.arc.io/widget/js/ Frame CF4C
22 KB
8 KB
Script
General
Full URL
https://static.arc.io/widget/js/brokers.js?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fb0ca8e793d8b529a7e7abdaa270757ea9774e2998d2421591133860a22a08

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:37:01 GMT
content-encoding
br
vary
Accept-Encoding
age
39039
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"312a3673cc8af3d946f275c1a4467309"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
nUjzLJKhhK0l5TbA2_tppAMVuFn1RSvVyuo35nPCKy5vM_dKypXnxw==
prebid
ib.adnxs.com/ut/v2/ Frame CF4C
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.132:80
AN-X-Request-Uuid
a75ceed5-ca3d-475b-b9c4-1836d1afe127
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame CF4C
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__mM7yJ5IJrKB2NAQjHURZ
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__mM7yJ5IJrKB2NAQjHURZ
33 B
565 B
Script
General
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__mM7yJ5IJrKB2NAQjHURZ
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8f45911c6f2bcd4b6dd41d900cc1aba815fef66d34f78cd3466d9b531503a447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
159
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__mM7yJ5IJrKB2NAQjHURZ
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
adp
ads.rekmob.com/m/ Frame CF4C
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=192c020147d342b89b44892f054dc030&ufid=mM7yJ5IJrKB2NAQjHURZ&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__mM7yJ5IJrKB2NAQjHURZ&ref=ad.gab.ag&_=1622712459230&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
d176de8c602f8d6086c97c0d5dbd5ad3dc300a59da2808f52a4ad7e1bf113e95

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CF4C
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
728x90
static.a-ads.com/a-ads-banners/174375/ Frame 3812
90 KB
91 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/174375/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1410164?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4e4342c6bb2d828cf123e6ad8ee6cfa7bb0d475e3140903ecca5bd7b4c1f6210

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Last-Modified
Wed, 02 Jun 2021 17:37:52 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
GGJQ6530PDRA9N8E
ETag
"244933e86f56ce74bf74a10d265562fe"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
92323
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
BAzLeNRKB5Q5tkW1WnUo2IhtSGM87Bpm
x-amz-id-2
/k1zaagwjfjIaPOjekVaokoRHlLSCXXsBdEWAD8NURTS5LZFdltNoT7kC0xLk4zZVJPI1bkD/8c=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
prebid
ib.adnxs.com/ut/v2/ Frame CF4C
50 B
741 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.75:80
AN-X-Request-Uuid
9ebd10d5-a2c9-4fc2-af75-7759bd740858
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame CF4C
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__NrSMjgQM1PBgMfk38alt
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__NrSMjgQM1PBgMfk38alt
33 B
564 B
Script
General
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__NrSMjgQM1PBgMfk38alt
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
b9a730a9e4f7c71de7173f1e99649200d2a81233b8041f6995d9180d6b9485f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
157
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__NrSMjgQM1PBgMfk38alt
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
adp
ads.rekmob.com/m/ Frame CF4C
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=192c020147d342b89b44892f054dc030&ufid=NrSMjgQM1PBgMfk38alt&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__NrSMjgQM1PBgMfk38alt&ref=ad.gab.ag&_=1622712459274&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
dfb5e582bd87b1442830e0ca46b1a48e7476e33bd891a811764090113ed3b92c

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CF4C
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v2/ Frame CF4C
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.184:80
AN-X-Request-Uuid
7c5abe7b-4a88-4f5d-81bf-9745ef3dc351
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame CF4C
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__YUjeXDyHBoY1Dr8ZTJiS
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__YUjeXDyHBoY1Dr8ZTJiS
33 B
565 B
Script
General
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__YUjeXDyHBoY1Dr8ZTJiS
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
6d6e441fef3468a8c054e7d57f56310450dea8b2c6293d122c7a80eb6d377ab4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
159
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__YUjeXDyHBoY1Dr8ZTJiS
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
adp
ads.rekmob.com/m/ Frame CF4C
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=4eef9d94fb6d4baca35d78effe61c3a2&ufid=YUjeXDyHBoY1Dr8ZTJiS&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__YUjeXDyHBoY1Dr8ZTJiS&ref=ad.gab.ag&_=1622712459278&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
18e4fed409d648f459abebb8ef87c169f54493366ad0f3c8de89e8eb308848fd

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CF4C
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v2/ Frame CF4C
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.138:80
AN-X-Request-Uuid
31af8829-e6c6-47b3-9ff2-eddf45c6d7f3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame CF4C
Redirect Chain
  • https://adx.adform.net/adx/?rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__0CX7zWehZwTJIDEev1mU
  • https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__0CX7zWehZwTJIDEev1mU
33 B
565 B
Script
General
Full URL
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__0CX7zWehZwTJIDEev1mU
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
662d9570ea4c2f0446d66dce124ccef73b38a50334bd7af40bd6a1ce1137d1a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
158
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
server
nginx
location
https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__0CX7zWehZwTJIDEev1mU
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
adp
ads.rekmob.com/m/ Frame CF4C
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=4eef9d94fb6d4baca35d78effe61c3a2&ufid=0CX7zWehZwTJIDEev1mU&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__0CX7zWehZwTJIDEev1mU&ref=ad.gab.ag&_=1622712459296&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9293bfa769e18550b757fa1674906075fc3802cdaaef826fb2fb361f90029c78

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CF4C
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
size0.css
mellowads.com/css/ Frame 757A
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4721
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc382500002bc2a6990000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e3069e772bc2-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 757A
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
1081813
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc38350000d6c505a52000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e306ab93d6c5-FRA
Cf-Bgj
imgq:100,h2pri
A6D45C4A266D.png
banners.mellowads.com/ads/ Frame 757A
30 KB
30 KB
Image
General
Full URL
https://banners.mellowads.com/ads/A6D45C4A266D.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba46f28d12545a2fdf80b370c55cb880a53b668ed5df95d1be59dac792c9fff

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
400002
Cf-Polished
origSize=50838
Connection
keep-alive
Content-Length
30427
cf-request-id
0a72cc38230000178e4abc3000000001
Last-Modified
Mon, 01 Jun 2020 20:16:01 GMT
Server
cloudflare
ETag
"c5fa1b785138d61:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e3069e31178e-FRA
Cf-Bgj
imgq:100,h2pri
log_event
www.youtube.com/youtubei/v1/ Frame 4ABE
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b643cd1/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/4SXG17wiPzQ
X-YouTube-Client-Version
1.20210526.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgswVTYySkFGVFpXYyiIweKFBg%3D%3D
X-YouTube-Ad-Signals
dt=1622712456600&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKqtKSffihAOCPn-ZHV5NjfWmVSrlIx4o6zb6o_0ozwff5Hsn3eVz6x7Ik8_1PVNDbSrt6fOkEW8LvATLpVfMbe9rzS9dQ

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 03 Jun 2021 09:27:39 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4230
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e306c8e2a8c1-CDG
content-length
1146
cf-request-id
0a72cc383e0000a8c16dac6000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame BBF0
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:16:11 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
75048
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
fxT9GYNtht99lAuhGVpDP00CK6ry-e_YwYGPbiQm_nXveeKDwlaBMw==
imp
ads.rekmob.com/m/ Frame BBF0
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=a36aa6087fa9470a9bf12e43898d9027&rid=NjBiOGEwOGIwY2YyYmVmMTBkNWFhZGRj&adId=MTM3Mg==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
60b8a08b38990907263349ggab.ag186931
p3.adhitzads.com/ Frame 8841
2 KB
2 KB
Document
General
Full URL
https://p3.adhitzads.com/60b8a08b38990907263349ggab.ag186931
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=969390&p=2481549503&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
045cc4d2694eb9ff0c2ae76b2653491c8306548adc0ce01d3aae0996cb8569fc

Request headers

:method
GET
:authority
p3.adhitzads.com
:scheme
https
:path
/60b8a08b38990907263349ggab.ag186931
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:57:39 GMT
cache-control
max-age=1800 private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a72cc38490000082c5e2e7000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1u4jQTP9f4vvo%2FcUNemOphb2aOQt4Y1QVyQK7WJ1RiT9VGu6iGfhu6bO25GwRydI8A%2Fa3Lg4ISd%2FxAEn6Y0IeiWMMX%2FCMKT1gEdB6OdkDk4bgV7ZF%2BBjIQ8kuzbUDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e306d9ff082c-CDG
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1622406813_cmp_421597.gif
p3.adhitzads.com/s/ad_files/ Frame CF4C
118 KB
119 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1622406813_cmp_421597.gif
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b45d1f3593659ce4ee8729c5aa8af1168f0bfd62f46f3b8d9190b9896e1db1c

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
304534
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
120827
cf-request-id
0a72cc38490000082c6305b000000001
last-modified
Sun, 30 May 2021 20:33:33 GMT
server
cloudflare
etag
"60b3f69d-1d7fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D4GWeeHeoi1K5rK4WuBiBagZQv58EfUzEaiBnHFerp2z06I7zlam0mQG20eSlTq5emAXzdv5qtWVZt560PwufZ%2F9%2Fh8arjeHkaAee35UORnmTlLVffBvzNvViLlqYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e306da06082c-CDG
expires
Tue, 29 Jun 2021 20:52:05 GMT
bannerslink.png
p3.adhitzads.com/s/ Frame CF4C
1 KB
2 KB
Image
General
Full URL
https://p3.adhitzads.com/s/bannerslink.png
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
966753
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1323
cf-request-id
0a72cc38490000082c43bd4000000001
last-modified
Thu, 20 May 2010 21:29:39 GMT
server
cloudflare
etag
"4bf5a9c3-52b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TEAuGrBBJWD6%2FTgCNZqXqzHPPAj6QG9kkpqkJqcPHdqBx5DejcMT0z%2B%2FJCd36wvH8y1SNROzNJjPKX1zTdQsIBl2SfZwy9QCbJrB4nC0rsCCWUEIlujoyCeZYXhlvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e306da09082c-CDG
expires
Tue, 22 Jun 2021 04:55:06 GMT
bannerslink_hover.png
p3.adhitzads.com/s/ Frame CF4C
596 B
1 KB
Image
General
Full URL
https://p3.adhitzads.com/s/bannerslink_hover.png
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e886ca7137283c676a0af2a3e2f120df39d976823726e6216d95f738b140d242

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
966751
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
596
cf-request-id
0a72cc384a0000082c6f22f000000001
last-modified
Thu, 18 Nov 2010 20:43:06 GMT
server
cloudflare
etag
"4ce58fda-254"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pt5a2zYCeG3sYhsegSEQ7iz8qCuAiSQlGKLz8MTlMxO7xovdJO4SAzabjXmeNvrPIZLmrhpMx2lFqATqpwLQY6WcCraTYComvjOY3w8aSZ1TYv9GXt6F9TPu9O1kbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e306da0b082c-CDG
expires
Tue, 22 Jun 2021 04:55:08 GMT
uGtr2LB.png
i.imgur.com/ Frame CF4C
184 B
277 B
Image
General
Full URL
https://i.imgur.com/uGtr2LB.png
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d0db53c29f47ea31122d7c6b88a22220ca50ce9a298abea4471d36f76d26b8cc
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
x-content-type-options
nosniff
age
10897180
x-cache
HIT, HIT
content-length
184
x-served-by
cache-bwi5124-BWI, cache-fra19131-FRA
last-modified
Wed, 01 May 2019 01:25:45 GMT
server
cat factory 1.0
x-timer
S1622712459.337020,VS0,VE0
etag
"07b3d6c272c58faaa685ec68acd61b3c"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 749
reklamstore.js
adserver.reklamstore.com/ Frame CF4C
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85721a6602da0b1be0c1bedca8a2db934b8f6bc9fffc14be4b0a48c2ed9cccf2

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33563
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
hT-s8qSfR4j7o3aGKVHOjSQWAzY8aIzWpGLlmk7surDURnJpDS9JMw==
1622462657img_ad_cmp_429561.png
p3.adhitzads.com/s/ad_files/ Frame 2CEB
100 KB
101 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1622462657img_ad_cmp_429561.png
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/60b8a08b1175c382537204ggab.ag186931
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df68274871a0f3da2b68d287ef020d6e15111aa845d9864a256d98449b02f6a

Request headers

Referer
https://p3.adhitzads.com/60b8a08b1175c382537204ggab.ag186931
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
235795
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
102492
cf-request-id
0a72cc384a0000082c19819000000001
last-modified
Mon, 31 May 2021 12:04:17 GMT
server
cloudflare
etag
"60b4d0c1-1905c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=w09wleMRymCHMHO%2F0bJ3cN1nn7%2FIiJnqIzfEEkgO6naM8%2B62dP2pVrxeWOUFLCyyeDSq11WBATEF5K90LGk8lta%2Bd8uA7zyv5VrRSS0EYK6wGvFJsN7ntMTj3pj2nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e306da0c082c-CDG
expires
Wed, 30 Jun 2021 15:57:44 GMT
bundle.min.js
browser.sentry-cdn.com/6.2.2/ Frame CF4C
65 KB
20 KB
Script
General
Full URL
https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.gab.ag
Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 09:25:54 GMT
server
Fastly
age
7255035
etag
"a948fc086ec14683f3f2270913c7f702"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20633
expires
Fri, 11 Mar 2022 10:10:24 GMT
size0.css
mellowads.com/css/ Frame B5C7
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4721
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc386e0000d6c5288c0000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e3071ccdd6c5-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame B5C7
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
1081813
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc38680000beba5a139000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e3070f09beba-FRA
Cf-Bgj
imgq:100,h2pri
size0.css
mellowads.com/css/ Frame 289A
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4721
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc386a00002bc29326b000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e3070f512bc2-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 289A
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
1081813
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc386900002b710d87a000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e30708ab2b71-FRA
Cf-Bgj
imgq:100,h2pri
CACB3CB80637.gif
banners.mellowads.com/ads/ Frame 289A
65 KB
65 KB
Image
General
Full URL
https://banners.mellowads.com/ads/CACB3CB80637.gif
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa232a21d87a8f414d57819642249d553cb2067cf6e182fe6e251933cf23b38

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
1063323
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
66166
cf-request-id
0a72cc386c0000178e5928a000000001
Last-Modified
Wed, 20 May 2020 12:13:46 GMT
Server
cloudflare
ETag
"731aa61ca02ed61:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e3070f47178e-FRA
Cf-Bgj
imgq:100,h2pri
size4.css
mellowads.com/css/ Frame 9493
1 KB
1003 B
Stylesheet
General
Full URL
https://mellowads.com/css/size4.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5

Request headers

Referer
https://mellowads.com/view/B8AE533AA3BB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4773
Cf-Polished
origSize=1482
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc386900004ddcb2955000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"b5b87228f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e3070f474ddc-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 9493
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/B8AE533AA3BB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
1081813
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc388800004ddcd538f000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e3073fe34ddc-FRA
Cf-Bgj
imgq:100,h2pri
593DA2A4C8CE.jpg
banners.mellowads.com/ads/ Frame 9493
19 KB
20 KB
Image
General
Full URL
https://banners.mellowads.com/ads/593DA2A4C8CE.jpg
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85abfdce7bf4946ef6a310830b3a3419ae040e1a407b561253a006c9a94c522

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
417405
Cf-Polished
origSize=22958
Connection
keep-alive
Content-Length
19915
cf-request-id
0a72cc386b00004e43fa3d6000000001
Last-Modified
Mon, 29 Mar 2021 19:29:05 GMT
Server
cloudflare
ETag
"9b8edec7d124d71:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/jpeg
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e30708e84e43-FRA
Cf-Bgj
imgq:100,h2pri
publishertag.js
static.criteo.net/js/ld/ Frame CF4C
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:39 GMT
/
ads.rekmob.com/m/props/ Frame CF4C
348 B
632 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=549123
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
745b0c17ac09b998fa0baed93b0a0d2901644b9b2891a98028b8912c5f35b9db

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
sync
odr.mookie1.com/t/v2/ Frame CF4C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
43 B
106 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
date
Thu, 03 Jun 2021 09:27:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame CF4C
348 B
631 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=546313
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
545eb5f040a84e9eeb653f362aad4ef21cd72f0b6838468822ffa71f47610d3a

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame CF4C
348 B
631 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=546313
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
545eb5f040a84e9eeb653f362aad4ef21cd72f0b6838468822ffa71f47610d3a

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame CF4C
348 B
632 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=549123
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
745b0c17ac09b998fa0baed93b0a0d2901644b9b2891a98028b8912c5f35b9db

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
Cookie set A860A4556C60
mellowads.com/view/ Frame 88FF
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df19aed83e064b5f770d4978376e6d656a5382272f6e8147f49c75ce1dfb49d8

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:39 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc387e0000beba8a8be000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e3072f19beba-FRA
Content-Encoding
gzip
syncframe
gum.criteo.com/ Frame 1C39
2 KB
1 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manicoins.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=manicoins.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1570
set-cookie
uid=efdec341-b80d-4a47-8449-0c6527d1d6ea; expires=Fri, 03 Jun 2022 09:27:39 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 03 Jun 2021 09:27:38 GMT
content-length
1129
size0.css
mellowads.com/css/ Frame 1AE5
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4721
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc38830000d6c5d9aca000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e3073d22d6c5-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 1AE5
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
1081813
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc388300002bc2b49ed000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e3073fad2bc2-FRA
Cf-Bgj
imgq:100,h2pri
A4BA65D9C200.jpg
banners.mellowads.com/ads/ Frame 1AE5
9 KB
9 KB
Image
General
Full URL
https://banners.mellowads.com/ads/A4BA65D9C200.jpg
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ca7443c786849c10624effa8693e82f74dbb5ecb4210691ca64deb151a7160

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
657322
Cf-Polished
origSize=10089
Connection
keep-alive
Content-Length
8818
cf-request-id
0a72cc388600004e43d0999000000001
Last-Modified
Mon, 29 Mar 2021 18:57:52 GMT
Server
cloudflare
ETag
"ea2eb06bcd24d71:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/jpeg
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e307397a4e43-FRA
Cf-Bgj
imgq:100,h2pri
prebid
ib.adnxs.com/ut/v2/ Frame CF4C
50 B
741 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.82:80
AN-X-Request-Uuid
a746fbba-fde5-4918-8294-f0242f3b87b7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame CF4C
33 B
564 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwNA%3D%3D&callback=adf__AK1CH7C1gpxlEHgEP5po
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
4692f6351f66b897fafed6559e2517b6ab020f67698c082bf3a98c18cfa11ae4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
157
expires
-1
adp
ads.rekmob.com/m/ Frame CF4C
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=54f6df99caa7486ba63d0c3df54e7ba2&ufid=AK1CH7C1gpxlEHgEP5po&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__AK1CH7C1gpxlEHgEP5po&ref=ad.gab.ag&_=1622712459426&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
b2146f73c9d8d760979a83e09c47f65c4215d67fc12a81c59ac4a43ba550169e

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CF4C
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb
ice.360yield.com/ul_cb/ Frame CF4C
109 B
323 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%22UhWjSuqV3uS8JOiOsM3S%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%22hzIaFRnFgVrdIeAzXrmq%22,%22pid%22:%2222033549%22,%22banner%22:{%22w%22:300,%22h%22:250},%22tid%22:%2254f6df99caa7486ba63d0c3df54e7ba2%22}]}}
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.167.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f6ee9d7f91afc3a099942398ec8f27a66e360a916feb18f8c8304c4dabd879a6

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
109
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v2/ Frame CF4C
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.251:80
AN-X-Request-Uuid
a3c97f06-37d4-4bdf-9a5b-9e881ed15545
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame CF4C
33 B
564 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwNA%3D%3D&callback=adf__E7o0jynw7tcIzpsxJWMD
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
847b340929490f5f6c105ba18047c1ef92b9882530c3be46a66a7e3fc8bd5dfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
157
expires
-1
adp
ads.rekmob.com/m/ Frame CF4C
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=54f6df99caa7486ba63d0c3df54e7ba2&ufid=E7o0jynw7tcIzpsxJWMD&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__E7o0jynw7tcIzpsxJWMD&ref=ad.gab.ag&_=1622712459431&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e52fac5e9f145f0dd922427cb0615f79187de8d3c7a72349d6e6b832e6780908

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CF4C
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb
ice.360yield.com/ul_cb/ Frame CF4C
109 B
322 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%22jJMfEOgXDolmYIWw2vTL%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%22bnaIE5xycq6fZQGlMK4E%22,%22pid%22:%2222033549%22,%22banner%22:{%22w%22:300,%22h%22:250},%22tid%22:%2254f6df99caa7486ba63d0c3df54e7ba2%22}]}}
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.167.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
168b490c7ed560a7c581e2fba706f81e03084a10a22aab503bf6502b6f857e6d

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
109
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712459415&ver1=2.2.3&qid=230383f5530383f5434353&rnd=q0t1lc90kfst&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4230
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e307897ca8c1-CDG
content-length
23972
cf-request-id
0a72cc38b10000a8c13b90e000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame D41C
45 KB
14 KB
Script
General
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.8ade32c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 19:18:41 GMT
content-encoding
br
vary
Accept-Encoding
age
1606139
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
RfgcXQhoVcN-rOjZk5RiHf-L4aGTvnkzzEUX1seyPh0DYZtjZSWDhA==
prebid
ib.adnxs.com/ut/v2/ Frame CF4C
50 B
741 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.42:80
AN-X-Request-Uuid
826597fb-0354-45e7-bbe0-320be7a3bf27
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame CF4C
33 B
566 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwMg%3D%3D&callback=adf__nkCfSXjubVOWylzYjP8M
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
03c37d2ce2c24cfcfa47f6b97d48986be96367bbce9c77e2aa4a742b6407972d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
159
expires
-1
adp
ads.rekmob.com/m/ Frame CF4C
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=449301397e8e42a9922ea633e3eb3fda&ufid=nkCfSXjubVOWylzYjP8M&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__nkCfSXjubVOWylzYjP8M&ref=ad.gab.ag&_=1622712459449&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fce606b952c88179a13079015dde40e24cba6b56cbb17bd8f4e66aac1f17f8a0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CF4C
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb
ice.360yield.com/ul_cb/ Frame CF4C
109 B
322 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%22B6Qw3igloNg0c0htdVgC%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%22SyktyQWTyMZeZU5q7toW%22,%22pid%22:%2222030222%22,%22banner%22:{%22w%22:300,%22h%22:250},%22tid%22:%22449301397e8e42a9922ea633e3eb3fda%22}]}}
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.167.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
120fa6cac18fe34d383614a18a993cbcc760256639cc4531bfb6c54c51cc9cd5

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
109
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v2/ Frame CF4C
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:39 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.236:80
AN-X-Request-Uuid
1e42acfd-fcfe-44e4-bcc9-fc6e2485d65f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame CF4C
33 B
564 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwMg%3D%3D&callback=adf__CJu4O1QR8MijRn8EeI2K
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e209be06f500a0e828b62920c380d4ceeae367496d26ef811784cfec3b5d3f61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
157
expires
-1
adp
ads.rekmob.com/m/ Frame CF4C
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=449301397e8e42a9922ea633e3eb3fda&ufid=CJu4O1QR8MijRn8EeI2K&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__CJu4O1QR8MijRn8EeI2K&ref=ad.gab.ag&_=1622712459458&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5dd64f3495742c70d64a099c78c264e89df62e35eed7a2e978671971a9e16fbc

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame CF4C
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb
ice.360yield.com/ul_cb/ Frame CF4C
109 B
322 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%22KNUvoyImPWgZSiJzPSkw%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%22q0HPbdCVFs0tusiBf2fO%22,%22pid%22:%2222030222%22,%22banner%22:{%22w%22:300,%22h%22:250},%22tid%22:%22449301397e8e42a9922ea633e3eb3fda%22}]}}
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.167.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
04b0e08c947b965acef92220c072ae7e754541f67eaa597d44b288ced33ec885

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:39 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
109
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
1622406813_cmp_421597.gif
p3.adhitzads.com/s/ad_files/ Frame 8841
118 KB
119 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1622406813_cmp_421597.gif
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/60b8a08b38990907263349ggab.ag186931
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b45d1f3593659ce4ee8729c5aa8af1168f0bfd62f46f3b8d9190b9896e1db1c

Request headers

Referer
https://p3.adhitzads.com/60b8a08b38990907263349ggab.ag186931
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
304534
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
120827
cf-request-id
0a72cc38cf0000082c24b69000000001
last-modified
Sun, 30 May 2021 20:33:33 GMT
server
cloudflare
etag
"60b3f69d-1d7fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RSv3wY8edq5YadoPTd%2Bgd%2Fhmq3osqr0mNobl8oHw3QkAcTkHeycag8T6Uhwa84XVan5baEwBT%2F8zO54h57AgLf8HfcPyWbD2Qxkbf8DD623QVZaMdni5n4Voqhjyjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e307bc0c082c-CDG
expires
Tue, 29 Jun 2021 20:52:05 GMT
fltiu.js
pixel.yabidos.com/ Frame CF4C
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=4eef9d94fb6d4baca35d78effe61c3a2&nai=&si=24908&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4230
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e307c9b6a8c1-CDG
content-length
1146
cf-request-id
0a72cc38de0000a8c140879000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
32d0e9c9c24a4599b7c35c17bf87e9ae
adimg.rekmob.com/ Frame 0C01
42 KB
42 KB
Image
General
Full URL
https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
057f09a69601da3adc7b756b621f7b98e3b24b50ee89da83314bc45c4ef03ca4

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 12:13:39 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 15:53:13 GMT
Server
AmazonS3
Age
76480
ETag
"1206c40415c3aa41e749ad6054d636b5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
42678
X-Amz-Cf-Id
5KynzcfykDat2ET3-Ylw6RfvGorLcqN1RZ4x84y0FqwoL21sgw4FGw==
imp
ads.rekmob.com/m/ Frame 0C01
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=4eef9d94fb6d4baca35d78effe61c3a2&udid=09fa54693bce4b309d6b4da22f63e9af&rid=NjBiOGEwOGIwY2YyOGVjZTM3NjM5OGJm&adId=MTM2MA==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
32d0e9c9c24a4599b7c35c17bf87e9ae
adimg.rekmob.com/ Frame 89EE
42 KB
42 KB
Image
General
Full URL
https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
057f09a69601da3adc7b756b621f7b98e3b24b50ee89da83314bc45c4ef03ca4

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 12:13:39 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 15:53:13 GMT
Server
AmazonS3
Age
76480
ETag
"1206c40415c3aa41e749ad6054d636b5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
42678
X-Amz-Cf-Id
P8Vccoy-Z167kPVygUjIBtU3Nc-GoZ13iFERtaCqgk3T5Iiam_fyLQ==
imp
ads.rekmob.com/m/ Frame 89EE
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=4eef9d94fb6d4baca35d78effe61c3a2&udid=d65e8a930a664d4281d4477506df1bc5&rid=NjBiOGEwOGIwY2YyOGVjZTM3NjM5OGMz&adId=MTM2MA==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
size4.css
mellowads.com/css/ Frame F366
1 KB
1003 B
Stylesheet
General
Full URL
https://mellowads.com/css/size4.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5

Request headers

Referer
https://mellowads.com/view/B8AE533AA3BB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4773
Cf-Polished
origSize=1482
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc38ff00003260ff0cb000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"b5b87228f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e307ff2f3260-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame F366
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/B8AE533AA3BB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
1081813
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc38f700004ddc7f02e000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e307f9c44ddc-FRA
Cf-Bgj
imgq:100,h2pri
1B2CCA4EE062.png
banners.mellowads.com/ads/ Frame F366
75 KB
76 KB
Image
General
Full URL
https://banners.mellowads.com/ads/1B2CCA4EE062.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d8592dd8a656428110f48d8cc9d3816aa445e86ca7e2bc795af5cb9233badb

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
60067
Cf-Polished
origSize=131831
Connection
keep-alive
Content-Length
76835
cf-request-id
0a72cc38fb00004e43f1b3c000000001
Last-Modified
Mon, 01 Jun 2020 20:13:46 GMT
Server
cloudflare
ETag
"304ab5275138d61:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e307fb604e43-FRA
Cf-Bgj
imgq:100,h2pri
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712459545&rnd=q0t1lc90kfst&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=0b9f3c2279244fff831c25aa0d5f7f54&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4971
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e308394e4ec1-FRA
content-length
26
cf-request-id
0a72cc392200004ec15c9c6000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
158 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=162271245954037&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=q0t1lc90kfst&impid=&tps=61&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=160&h=600&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=10
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4971
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e30839504ec1-FRA
content-length
26
cf-request-id
0a72cc392200004ec13a348000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
fltiu.js
pixel.yabidos.com/ Frame CF4C
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=54f6df99caa7486ba63d0c3df54e7ba2&nai=&si=24908&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4230
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3084a1fa8c1-CDG
content-length
1146
cf-request-id
0a72cc392e0000a8c1618c3000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
1639873e3dee4c7592212204b62bbbf4
adimg.rekmob.com/ Frame BA87
40 KB
40 KB
Image
General
Full URL
https://adimg.rekmob.com/1639873e3dee4c7592212204b62bbbf4
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffcc93cf9c4061aa41fd8746c14c0409c170db8321dd6bdc8edabf491602d5a7

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 18:22:23 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 15:48:21 GMT
Server
AmazonS3
Age
54320
ETag
"d19c83815b42cfc1d7d18cff64e48eed"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
40568
X-Amz-Cf-Id
PEPFgkHMil7J6Fjg0-U5XTwzYzpV5NlMbTRSyQANaoVUIaX1X0hHvg==
imp
ads.rekmob.com/m/ Frame BA87
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=54f6df99caa7486ba63d0c3df54e7ba2&udid=c08043c785d044cf872bf62a309aac50&rid=NjBiOGEwOGIwY2YyMzEyYTkyZGVkM2E5&adId=MTM1Mg==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame CF4C
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=449301397e8e42a9922ea633e3eb3fda&nai=&si=24908&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4230
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3085a47a8c1-CDG
content-length
1146
cf-request-id
0a72cc393c0000a8c12f13d000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
0a6ae0abcb30465ab37c829b201d09a1
adimg.rekmob.com/ Frame 6A15
58 KB
58 KB
Image
General
Full URL
https://adimg.rekmob.com/0a6ae0abcb30465ab37c829b201d09a1
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c9fd9081dbd2adb4b3f7810cdaadedf7edb8a0d604b89e43b5770ff74049b7a

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 13:16:06 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 16:00:22 GMT
Server
AmazonS3
Age
72732
ETag
"ae58864fa705b974b2189df65fef8e79"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
59080
X-Amz-Cf-Id
1KBxkDPV0XWukWMI9BZul-sH59DIh3pyiOVbFsiQeTA2dORikHYXCQ==
imp
ads.rekmob.com/m/ Frame 6A15
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=449301397e8e42a9922ea633e3eb3fda&udid=e8e8902c3d4b4e4f90e92b07d972d143&rid=NjBiOGEwOGIwY2YyYWJkZGRmZmI1ZjU3&adId=MTM1Mw==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame CF4C
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=192c020147d342b89b44892f054dc030&nai=&si=24908&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4230
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3086a62a8c1-CDG
content-length
1146
cf-request-id
0a72cc39440000a8c151a5e000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
32d0e9c9c24a4599b7c35c17bf87e9ae
adimg.rekmob.com/ Frame B1D6
42 KB
42 KB
Image
General
Full URL
https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
057f09a69601da3adc7b756b621f7b98e3b24b50ee89da83314bc45c4ef03ca4

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 12:13:39 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 15:53:13 GMT
Server
AmazonS3
Age
76480
ETag
"1206c40415c3aa41e749ad6054d636b5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
42678
X-Amz-Cf-Id
1iFLh-p7P6Me_0JymQxlnlLEEsGjPlCz_DETxirGKqk1yfa8RhN45A==
imp
ads.rekmob.com/m/ Frame B1D6
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=192c020147d342b89b44892f054dc030&udid=58731947a6a948109b4eee0e3744c3fd&rid=NjBiOGEwOGIwY2YyOWJmZWZjNmE2YzJk&adId=MTM2MA==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:06 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame CF4C
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712459596&ver1=2.2.3&qid=230383f5530383f5434353&rnd=f5qob6cpuzh5&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=4eef9d94fb6d4baca35d78effe61c3a2&nai=&si=24908&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4230
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e308caa0a8c1-CDG
content-length
23972
cf-request-id
0a72cc397b0000a8c151a60000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
size0.css
mellowads.com/css/ Frame 88FF
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4721
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc39850000beba5d308000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e308dffbbeba-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 88FF
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
1081813
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc398500003260998c7000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e308d8db3260-FRA
Cf-Bgj
imgq:100,h2pri
CACB3CB80637.gif
banners.mellowads.com/ads/ Frame 88FF
65 KB
65 KB
Image
General
Full URL
https://banners.mellowads.com/ads/CACB3CB80637.gif
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa232a21d87a8f414d57819642249d553cb2067cf6e182fe6e251933cf23b38

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
CF-Cache-Status
HIT
Age
1063323
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
66166
cf-request-id
0a72cc398600004e432d905000000001
Last-Modified
Wed, 20 May 2020 12:13:46 GMT
Server
cloudflare
ETag
"731aa61ca02ed61:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Expires
Sun, 04 Jul 2021 09:27:39 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e308ddc64e43-FRA
Cf-Bgj
imgq:100,h2pri
vbl.gif
pre.glotgrx.com/ Frame CF4C
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712459728&rnd=f5qob6cpuzh5&ifm=1&uai=1&cid=544&s=ad.gab.ag&p=12328&x=rekmob&adtg=4eef9d94fb6d4baca35d78effe61c3a2&ats=0&atf=&nsi=&si=24908&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4971
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3096cea4ec1-FRA
content-length
26
cf-request-id
0a72cc39e000004ec153923000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
nflrc.gif
pre.glotgrx.com/ Frame CF4C
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712459722285&ver=1.2r81&qid=230383f5530383f5434353&p=12328&s=ad.gab.ag&x=rekmob&cid=544&od1=&od2=&adtg=4eef9d94fb6d4baca35d78effe61c3a2&nci=&nai=&si=24908&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=f5qob6cpuzh5&impid=&tps=75&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=3&icpl=25&icp=https%253A//manicoins.com&irfl=22&irf=https%253A//ad.gab.ag/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-9-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.5_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=14
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4971
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3096cfd4ec1-FRA
content-length
26
cf-request-id
0a72cc39e300004ec10910b000000001
expires
Thu, 03 Jun 2021 11:27:39 GMT
widget.css
static.arc.io/widget/css/ Frame ADEC
84 KB
6 KB
Stylesheet
General
Full URL
https://static.arc.io/widget/css/widget.css?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:30:01 GMT
content-encoding
br
vary
Accept-Encoding
age
39459
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
waee_iXhHpjxSGyW_3G8w9bcB3PneQfo9zgRsrwPjGjY9Iju-8E9pA==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame ADEC
2 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
653339
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a72cc3a1400002c2a06207000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wn6GrNInfG%2B3J3vLU6gRCgs7n91LMD%2FJk%2FbDT1bXhT7KCxrAhcYNnorSz1UVDzj8WLVL3%2BxPDuEpwzukIcF78ScqLUY2OSRdOHU0QErxspt35ZSVQtfdAHnvpxWg6sUxs8ymEX9BrKGAunITQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6597e309b8e12c2a-FRA
expires
Tue, 24 May 2022 09:27:39 GMT
widget.css
static.arc.io/widget/css/ Frame 7E1F
84 KB
6 KB
Stylesheet
General
Full URL
https://static.arc.io/widget/css/widget.css?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:30:01 GMT
content-encoding
br
vary
Accept-Encoding
age
39459
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
jy9Qxlcu1QWCz9ktZlqtdK2STvuAx00wlwHlscAfpGQQHVSiKyzIoQ==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 7E1F
2 KB
950 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
653339
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a72cc3a1a00002c2aec81c000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3BuUYIBqmidgzDR0wPWXWDZgk1xwr1mfvtPd7QVKjs61b7LpEwr%2BvV%2FbkIMixtgKaOkhVjgboa%2BHP%2B6MGyMpbtCeOsp58s5VutD7W9SGRWIhTdkRPaDpQzkQljX4r8xOyPQwRSlcta2UeFchow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6597e309c9002c2a-FRA
expires
Tue, 24 May 2022 09:27:39 GMT
truncated
/ Frame ADEC
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7E1F
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7E1F
277 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7E1F
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7E1F
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7E1F
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7E1F
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7E1F
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
bootstrap.min.css
www.gab.ag/assets/components/bootstrap/css/ Frame 3659
152 KB
21 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/components/bootstrap/css/bootstrap.min.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:21 GMT
server
cloudflare
age
4646
etag
W/"5df12465-2606e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bzc8y7XbHMbOa2t4KydtDS2vD74AX2Xm8LLhlnEgcrZIFN4yumfPQ%2BwMfUnDytG3z7fRsc70FU6QFXOIyMqjzthOWsRgMsbkRONIxvmfuXTvPLAwDDn5dFxe1Us7n2KCM3Nx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30eca9e2c2e-FRA
cf-request-id
0a72cc3d4000002c2e58abb000000001
font-awesome.min.css
www.gab.ag/assets/components/font-awesome/css/ Frame 3659
30 KB
7 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/components/font-awesome/css/font-awesome.min.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:38 GMT
server
cloudflare
age
4673
etag
W/"5df12476-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=TfNspmbJEfFdooRFF9W9TNTVjGlA82xiCGATG5bKCe2TicSt0g9e65mX04FFtlRA3uiGh01U5J3bEd3MK2pOcjYBuJrSCbQBUpcepz57yCo1LwasXZ9qvzZyzCdMhOU%2FB1MW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30ecaa02c2e-FRA
cf-request-id
0a72cc3d4000002c2e72b50000000001
jquery.min.js
www.gab.ag/assets/jquery/ Frame 3659
95 KB
32 KB
Script
General
Full URL
https://www.gab.ag/assets/jquery/jquery.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a69fb479b5382d113b7dd50923eeb1e743dfa6841500d28ab96b11a93f0abeea

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Sep 2017 16:11:33 GMT
server
cloudflare
age
4646
etag
W/"59c687b5-17ba0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PRQaOYlVRn2apXmlUgeP4hw9Fpd3%2FcelQEJGA4Za9IIiUF%2FO1bNdZOMlWaT9XKmXXGBrrioJWaXGfC1835EUHp3zSZmXf%2FLlwJOPMrpP9e%2BC%2BPaEOrl3tWkChAlR1sMY3Hqg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30ecaa32c2e-FRA
cf-request-id
0a72cc3d4100002c2ec3b10000000001
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ Frame 3659
21 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gab.ag
Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
9800908
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
7510
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
x-served-by
cache-fra19146-FRA, cache-hhn4029-HHN
date
Thu, 03 Jun 2021 09:27:40 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/ Frame 3659
59 KB
16 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.gab.ag
Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
3557545
cdn-cachedat
2021-04-23 07:14:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc3d4d00001f35f917b000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:09 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1edfa969acb3be0bd7798ad472fe3975
cf-ray
6597e30eebeb1f35-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery-ui.min.js
www.gab.ag/assets/jqueryui/ Frame 3659
248 KB
63 KB
Script
General
Full URL
https://www.gab.ag/assets/jqueryui/jquery-ui.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9852ccf03b383d1b3855c1983e18258fbdf07999ff77a68327ed0413466db4f2

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Sep 2017 16:11:37 GMT
server
cloudflare
age
4646
etag
W/"59c687b9-3dee4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=FZ%2Bjs99kIL7oukAJTq%2FCc%2FIdoMaIzDpjk%2FyQZhAO2Hw1QZefPdlowJKXTn%2Frzntm1bZeHdQITLlgCllmCv4edhRTk6Rv1cHoAMG%2B%2BSUzctwvb5N%2FQytPBvFxplWcec7WFtjQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edabf2c2e-FRA
cf-request-id
0a72cc3d4600002c2e5ca8c000000001
evolutionscript.js
www.gab.ag/assets/evolution/js/ Frame 3659
14 KB
4 KB
Script
General
Full URL
https://www.gab.ag/assets/evolution/js/evolutionscript.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be2a4d9b5c58396029b73f7f4786649bf20be679133cccf2130741f3786348d

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 16:39:08 GMT
server
cloudflare
age
4646
etag
W/"5df11bac-37e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YPscJ2Qiuzxn8sPmyKoBHddM8hAmDJCVDIjLyrWnCpExdHcIkJvaYEahCPxYltr%2BfMGiSrmLUj%2Fw4Yck5Oc9apNwjvbPBAd%2FrffKGJy40tn7DdRwGbNsidyTmLiTISeVjcD2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edac22c2e-FRA
cf-request-id
0a72cc3d4900002c2ec6826000000001
l2blockit.js
www.gab.ag/assets/evolution/js/ Frame 3659
4 KB
2 KB
Script
General
Full URL
https://www.gab.ag/assets/evolution/js/l2blockit.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba57ba8c83b63763e70005c9b1840d8d7e8c71611969265aa5675aae93ead18

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 16:39:09 GMT
server
cloudflare
age
4646
etag
W/"5df11bad-f2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2fAEeT8M4PbjtSs1RqTNPehvCHKFe2BwktZvc9hy6jSAHNxcwQyggLQw9Qp%2BLOZZZ7pp3yNG9w6xDDghHnnd05IybSeMV9Z3Ck%2BzIg68xKidreCUWwUsANP7QU09%2BMWEQG1s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edac42c2e-FRA
cf-request-id
0a72cc3d4700002c2ed51c6000000001
bootstrap.bundle.min.js
www.gab.ag/assets/components/bootstrap/js/ Frame 3659
77 KB
21 KB
Script
General
Full URL
https://www.gab.ag/assets/components/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:30 GMT
server
cloudflare
age
4624
etag
W/"5df1246e-1332b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lnDnrT4nU%2F7XBOty8Fb71LKYR7y2osKW6GiPDTg0FBULLx%2BRrExuNjWDuNyuwuVgXSY8KCQn%2B5Wi082m%2BvyTQDGQTWEYvWZzuptdSs%2FP59YP9BDF7C0FKAY10Y52tuPTUsqp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edad52c2e-FRA
cf-request-id
0a72cc3d4f00002c2ec6827000000001
sdmenu.js
www.gab.ag/assets/evolution/css/33brushes-styles/js/ Frame 3659
4 KB
1 KB
Script
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/js/sdmenu.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9342eaeb6d2acb526ecb319ddbe84a493bd115040df5be3c83ec88ff3e337dde

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Oct 2017 17:02:15 GMT
server
cloudflare
age
4637
etag
W/"59f0c397-e20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Vkff0CBdfy0ZBAh%2FpZSAh11WAhcVbICWw6pL1W3NIu2fmWuxVu29kXKxRgflosmxu1MYG7OVkU8Yf4gJ%2FGvS10OWYfPg4SCyNzRkn9hLfiRi3kvT3BoEXz32GINj1emCnjMJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edaef2c2e-FRA
cf-request-id
0a72cc3d4f00002c2eaf0bf000000001
jquery-ui.min.css
www.gab.ag/assets/jqueryui/css/ Frame 3659
31 KB
7 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/jqueryui/css/jquery-ui.min.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efaaa09c3b1e7b374e13123fe496ba19e53ac74386fa136d09fdb34701c76755

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Sep 2017 16:14:26 GMT
server
cloudflare
age
4644
etag
W/"59c68862-7b5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=38HSTQeeBrB7IlQBFMq24KNGaflnVeVMlZrJCaXnIOn9BC4HRWXYuSgRtSvTSomh%2BOoZm%2BoZN3QFeYGwGb3%2BcycUinRIoi1xjRhPhkmLVPT4UqzTonQU9dyB1a4vUwz9CK9%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edac72c2e-FRA
cf-request-id
0a72cc3d4700002c2e90099000000001
global.css
www.gab.ag/assets/evolution/css/ Frame 3659
21 KB
5 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/global.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ae20896f1fa269e4a066a4f15cb0d0c0263c78f1bc3f69caacaa5e15f66aea0

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Dec 2019 20:27:25 GMT
server
cloudflare
age
4644
etag
W/"5df93a2d-55e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bCbwsWgAxlKXY0l%2FbG%2FmK%2B9uOxXDnHDCLHDKUlBUu7DspLDWJpt0UQWXDXy6a0AY3Vph%2FtP2wsTEDtJzpbo6Hawgp6tWPTu5PV51Zv4iOjyTUt4fCL0ZqXY2Rii%2BYLqai78t"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edac92c2e-FRA
cf-request-id
0a72cc3d4700002c2e69065000000001
site.css
www.gab.ag/assets/evolution/css/ Frame 3659
25 KB
6 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/site.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae757987affdde9f2411be14b4cd5f17a0ad6eaa744e9f7ecca8338466055bbc

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Dec 2019 20:22:00 GMT
server
cloudflare
age
2950
etag
W/"5df938e8-62c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D9CNARQ03IPt9giM38mm4G6w5aHkWU%2Fb3L7aTrQCBtKnJnQnGoddrhWlIyRvyjMNPQS%2Fz%2Fo7siT%2F3LtTWC%2B0%2F5a0D6XIvUKPP%2BdYEDOoMfb%2Bessp6mEd9vfWGc0I6W1kZlt4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edacb2c2e-FRA
cf-request-id
0a72cc3d4700002c2eb1009000000001
core.css
www.gab.ag/assets/evolution/css/33brushes-styles/css/ Frame 3659
43 KB
7 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/css/core.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd62e8a4e85eae2ab9c3143ffb85ec24428af4b98b2df89e75903ea7bc33493f

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 13 Dec 2019 20:45:01 GMT
server
cloudflare
age
4624
etag
W/"5df3f84d-ac4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HBaOcGjVmnuhq5%2BUYq4fI3izCATQncFRil9X7qHZ%2F6TSVOjaqEI3X5T%2BoKDn3KABD29cRVcQ7sVKl2KgdavxKsjGgTd4dwtujtxzHi%2Fgv3%2BAcAENukR2lyUl2rqkx8Q92S81"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edacc2c2e-FRA
cf-request-id
0a72cc3d4800002c2e88304000000001
33brushes-custom.css
www.gab.ag/assets/evolution/css/33brushes-styles/css/ Frame 3659
114 KB
18 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/css/33brushes-custom.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1376c0b817203f501f2be50a8bc4ca8b67e4e069f3dbd7775eaa7ef9b65c77

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Dec 2019 07:07:51 GMT
server
cloudflare
age
4637
etag
W/"5dfb21c7-1c74a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2%2BRnikHmr%2BhpiZhQqFy4jcjXKCjlVYTWtB7QGspHZfMLqIszDguMjATErF47ZIkp3rqMf9v1AIDYCm5%2FHM15fySMUpCl%2BrCP5KBIswVM8%2BHH9fiC2oSPoYaz9wfJL3QA%2BMDN"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edace2c2e-FRA
cf-request-id
0a72cc3d4800002c2ecb9da000000001
cus-icons.css
www.gab.ag/assets/evolution/css/33brushes-styles/css/ Frame 3659
36 KB
5 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/css/cus-icons.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c00d3d5af73123689b9baf2b54f0f7a08ec93f68cd6c15c61dbae8ebb7db90e

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Oct 2017 17:01:46 GMT
server
cloudflare
age
4624
etag
W/"59f0c37a-91ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OKaza2fhMckaUN2Y52yWyJHNO%2FuOjswwkJG5iKTd0bbD7Fb6KW475TCC%2BxMfKOEqHUxu%2BDCMClbkIvBsyM1lSM%2F2BoERYVC4xZvKoMbT8mF7YGtSHk7yuB5n9Cz613mSnYKS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edad22c2e-FRA
cf-request-id
0a72cc3d4800002c2e7135e000000001
sdmenu.css
www.gab.ag/assets/evolution/css/33brushes-styles/css/ Frame 3659
2 KB
1021 B
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/33brushes-styles/css/sdmenu.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5f0aaeb1391bc2af45ecc74f7db25f1bb39a5fa82c7e721c3118d2273725291

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Oct 2017 17:01:43 GMT
server
cloudflare
age
4637
etag
W/"59f0c377-8f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=47%2FGtNpHj1l9Q2pyV4FigdZP4%2B8o6upzA7E6ScaX5kkce5tRmMIPvOMygdeXs4yELH6XvuslJq9it1f5%2BmrqaB25urlbQjE1vBD7iRQgXsPKAY1zBTCBLT0FsymCTfowuWXj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30edad32c2e-FRA
cf-request-id
0a72cc3d4800002c2ea7912000000001
css
fonts.googleapis.com/ Frame 3659
6 KB
679 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 08:36:41 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:40 GMT
css
fonts.googleapis.com/ Frame 3659
1 KB
467 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans+Caption
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4648845d5a4e1e4dd362de39677b2b09005d63a93ea458c0505779bc11abb939
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:05:22 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:40 GMT
css
fonts.googleapis.com/ Frame 3659
9 KB
743 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 07:39:24 GMT
server
ESF
date
Thu, 03 Jun 2021 09:27:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Jun 2021 09:27:40 GMT
widget.min.js
arc.io/ Frame 3659
7 KB
3 KB
Script
General
Full URL
https://arc.io/widget.min.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-40.cdg52.r.cloudfront.net
Software
/
Resource Hash
af7db5051724091f7eb9492f1a29064c37889cad5959564a4fa4ecf9f8f5da6e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Wed, 02 Jun 2021 22:27:26 GMT
age
1394
etag
"60b805ce-b4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
date
Thu, 03 Jun 2021 09:04:26 GMT
x-amz-cf-pop
CDG52-P1
content-length
2895
via
1.1 35c1a072f5e34dd7857432de42b52680.cloudfront.net (CloudFront)
x-amz-cf-id
KikrOTtrFNSmdQXlGHyT1zsY0Cp_pTqm1NaYd7da4cVzePhjgImnEA==
3959740.gif
s4is.histats.com/stats/i/ Frame 3659
2 KB
3 KB
Image
General
Full URL
https://s4is.histats.com/stats/i/3959740.gif?3959740&103
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.27.80.143 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns558056.ip-198-27-80.net
Software
/
Resource Hash
3cfd35402895b1ce785d0ed3305eedd7955cd9cd13503684cb9648892a62a894

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:39 GMT
Connection
close
ETag
-369646471
Content-Length
2441
Content-Type
image/png
969200
adhitzads.com/ Frame 3659
447 B
910 B
Script
General
Full URL
https://adhitzads.com/969200
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb0956632beb2db3c5099d6000ac4875a7373695db584327aa079b582e838da

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9LTzcUk%2Fdlm%2FsWuWwtwOUaLhmVVkqAOTEePbb0xhqGIZ4OpDiceR%2BX4KJv4gY6cds%2BmAebmGWPvy8NYfvyu36JgFka1u5nhVEE3xqu5ZmS0V%2F%2BreZgNodeOnOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=3600, public
cf-ray
6597e31019a8082c-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc3e0b0000082c1811e000000001
expires
Thu, 03 Jun 2021 10:27:40 GMT
1047672
adhitzads.com/ Frame 3659
448 B
910 B
Script
General
Full URL
https://adhitzads.com/1047672
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fd4d63ec221017a4be24d2194abe9188f300b98946f29a1e2ddb0e7ce64e374

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=clT4xJTyDaXYWuXK6rYbi%2BsWalknLEzkUuU9elpAEtkkOGIiIPZLBBm%2F5T4CLBiyqYCHAJMnpyx2kmt0HnN%2FymDPyJv9wm6Yb%2F0CNRUyYqGMgQhljhpqObGaDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=3600, public
cf-ray
6597e3105a64082c-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc3e370000082c6e0ba000000001
expires
Thu, 03 Jun 2021 10:27:40 GMT
uGtr2LB.png
i.imgur.com/ Frame 3659
184 B
284 B
Image
General
Full URL
https://i.imgur.com/uGtr2LB.png
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d0db53c29f47ea31122d7c6b88a22220ca50ce9a298abea4471d36f76d26b8cc
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
x-content-type-options
nosniff
age
10897181
x-cache
HIT, HIT
content-length
184
x-served-by
cache-bwi5124-BWI, cache-fra19131-FRA
last-modified
Wed, 01 May 2019 01:25:45 GMT
server
cat factory 1.0
x-timer
S1622712461.856916,VS0,VE0
etag
"07b3d6c272c58faaa685ec68acd61b3c"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 750
reklamstore.js
adserver.reklamstore.com/ Frame 3659
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85721a6602da0b1be0c1bedca8a2db934b8f6bc9fffc14be4b0a48c2ed9cccf2

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33564
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
imbfV-XGM5U-Gt4fbB4oT2IpxEN6GmQ6LELQSOWEYzdZf_Rhktn2Dw==
969390
adhitzads.com/ Frame 3659
447 B
907 B
Script
General
Full URL
https://adhitzads.com/969390
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f5e5250f5e145b8941a549bd962a93b3ba45c55868cb13e9e439fd2f02a5763

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HQ4cDmpCY18%2F8IBXBOp%2FPUnnoPkiCMsUs6GHODUYxlei4gTR2cWJgLa4U0EYk9dGXzw6t%2BYObM8oeVI2L9vk%2Fh58c07f7E40QWgB59zYZNaVGyI9FVLVbnNvhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=3600, public
cf-ray
6597e3105a6b082c-CDG
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc3e3c0000082c46329000000001
expires
Thu, 03 Jun 2021 10:27:40 GMT
jquery.blockUI.js
www.gab.ag/assets/components/blockui/ Frame 3659
19 KB
6 KB
Script
General
Full URL
https://www.gab.ag/assets/components/blockui/jquery.blockUI.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:05 GMT
server
cloudflare
age
4583
etag
W/"5df12455-4dfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DUA%2BWNY4yyYoZ67BNVexrz%2FdzzarfR4PpNecsf6DwPoZxsRmuSvCSSNahwNm%2FnfjKJ1okdV4hdCDd9rNKqmQY95pnvknPTE%2B8Oo%2FGzd9n5st3WI%2FcAa9TN06myiOO1wNRqTh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3105e5b2c2e-FRA
cf-request-id
0a72cc3e3600002c2ea792e000000001
ajaxSubmit.js
www.gab.ag/assets/components/ajax_form/ Frame 3659
2 KB
851 B
Script
General
Full URL
https://www.gab.ag/assets/components/ajax_form/ajaxSubmit.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3474f9e42f470faef4db25d456e1370e9cdacef7deab620d90362e86f2d933e

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:03 GMT
server
cloudflare
age
4609
etag
W/"5df12453-77a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PmxQg1AiG36c6WNr6aH2st9zmsi9H0D1uDF8RaziY3Iy%2BHXicnykzDZKMPnPDHvEBi%2BnZ6hriW1wYkNuEdcngIsfmTuokA%2BXmAXgL4jOrLJJq3uXA21%2B9MIIWANNAMONsBHa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3105e5c2c2e-FRA
cf-request-id
0a72cc3e3700002c2e92263000000001
alerts.js
www.gab.ag/assets/components/ajax_form/ Frame 3659
1 KB
698 B
Script
General
Full URL
https://www.gab.ag/assets/components/ajax_form/alerts.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6491f4fd82597aa8a54e50b21a3d98427153039ad0dbc6bd99639a77e90cade2

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 11 Dec 2019 17:16:03 GMT
server
cloudflare
age
4608
etag
W/"5df12453-497"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6hu7uySM3iK5FpHV6s1AaN%2BfFoyeoX6nH7iUJyXw1TNnfKTsD7JWRuqB2gaMY5RIITIVo2sMwScL8CqYSadr0ndAn%2BPUYRcRmF3E3JMMEQJN2Xmbf%2BwJ2OpDOgmBwOuGBlD4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3105e5e2c2e-FRA
cf-request-id
0a72cc3e3700002c2e8831b000000001
forms.js
www.gab.ag/assets/components/ajax_form/ Frame 3659
4 KB
1 KB
Script
General
Full URL
https://www.gab.ag/assets/components/ajax_form/forms.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcca172fb8956a6cb32cc2e0938b4658afc275ddabe650e890cfdd13924c9d44

Request headers

Referer
https://www.gab.ag/index.php?view=register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 23:29:29 GMT
server
cloudflare
age
4582
etag
W/"5f1f6359-10bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ZbbTXNeKArs64Yl5hzfcmEPyZibdJPfGdg5pfDlnjXBYFShGM85bUEterB95nBgOu7UaBTGxBIzlyy2FCmCW04qOR7e%2FesYvqLDYuI3tdA3S%2BnF6x6J9mrsRDM5ftBxLJVrt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e3105e5f2c2e-FRA
cf-request-id
0a72cc3e3700002c2e64219000000001
index.php
www.bitcoadz.io/display/ Frame B7DD
643 B
839 B
Script
General
Full URL
https://www.bitcoadz.io/display/index.php?page=query/data/48433|13619|0|76087|45698|1|19241|0|7.data.77962|20202|0|76087|45698|1|19241|0|0.data.77649|20115|0|76087|45698|1|19241|0|0.data.79133|20433|0|76087|45698|1|19241|0|0/debd4083d2bebae4c00a3ab01d8d426f/1622712470//0|0
Requested by
Host: www.bitcoadz.io
URL: https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:418e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387d027826c1312acc64a06ed67e259ef8bb2c9d06734eb2496c435899c9a229

Request headers

Referer
https://www.bitcoadz.io/display/index.php?page=query/items/&aduid=45698&height=90&device_type=large_dev_adblock&displaytype=4&native=0&stickysupport=0&block_id=0&responsive=1&page_data=f47528d5974c0f7537fd3288cf670654&time=1622712453&val_count_adunit=1&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2kh33uYTlRe%2FW6ORQ7mXkvrQSY4VjRsXlqUtnAMqo5HICa6u21A3Z5Jpc0gjgE3R0DZwD3Bx13rFPu%2FqSh2qtSEgU86TDt%2F7%2BNrQhgKv3P8jfBatTWaW5keg7HggMGbQIvh%2FAuxpUUiT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
6597e30eeceb175e-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc3d4d0000175e1d945000000001
expires
Sat, 03 Jul 2021 09:27:40 GMT
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33564
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
ySDFygxgmTLiFckG2_myFcUuepHe9ArQg1-wSQWcvbYQvBwCL-ZQyg==
uicons.css
www.gab.ag/assets/evolution/css/ Frame 3659
71 KB
8 KB
Stylesheet
General
Full URL
https://www.gab.ag/assets/evolution/css/uicons.css
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/assets/evolution/css/global.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3e012f4506ee657c139ef677a5b5e8ce4504655cb7ac403a2cfe6e5a1af425

Request headers

Referer
https://www.gab.ag/assets/evolution/css/global.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Sep 2017 16:13:32 GMT
server
cloudflare
age
4553
etag
W/"59c6882c-11cf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yCYzVHGS7KW6r4cDa87T%2BzTESpXx%2BfNniCT%2FbpoMYPIylYJ4bE%2BosVtY5BhGHWzuuNByuQ979iRZThF6rzZtFORMy3MKpcobE%2Bcfb3s5PCAJpoeG4Is0uPMTJMZtXSrVIcrP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
6597e30f7c552c2e-FRA
cf-request-id
0a72cc3dad00002c2e71369000000001
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:40 GMT
pix
ads.rekmob.com/retarget/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=0ebff9c7-3916-4d23-97e4-11820ec31688
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=0ebff9c7-3916-4d23-97e4-11820ec31688
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=feea779a-7ac3-4b45-b72b-b332681875a7&ssp=reklamstore&expires=30&user_group=5&bsw_param=0ebff9c7-3916-4d23-97e4-11820ec31688
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
date
Thu, 03 Jun 2021 09:27:40 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
271 B
590 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
7206d4ee81cb225774079752a1bf40d6163d7f8cabbfcd79c3f103889a497742

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33564
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
EpUyafJ2O1qU04YuRaZ7QdALorCMl5daLd-bhIZ1AnjH7AO1FKHUVg==
/
ads.rekmob.com/m/props/ Frame 772A
270 B
592 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9c7cf1ffffab38fd0849a66dc32136a0677370a18c1613bf390f68133ac52730

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33564
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
9KwnbUWkmgYUzWU5zkawDTiQS4ydxqdwceqlgk7I_MCmX0i4NMj10g==
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=dzKrUalxUg5MbL5cIBEF&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__dzKrUalxUg5MbL5cIBEF&ref=g.cash-ads.com&_=1622712460774&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
002dd99db44b3a8341e89ced5ad86a4177b61d06d0a815f95c04ecd9a0961be9

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:40 GMT
/
ads.rekmob.com/m/props/ Frame 772A
272 B
589 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5d66b2361b1910b9139fd827bad6bde30c2fa0112451dc995047f05929227311

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33564
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
x72mN6fTeQtDDDAvWITayZMebT9itC01qKGYaxV5Svumzyo4FY4zDA==
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=icOvNokdJD3mwM7o1psG&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__icOvNokdJD3mwM7o1psG&ref=g.cash-ads.com&_=1622712460782&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
314a9d3d99e3c70f50d547481a3a1a41276f39e58dc3710b2fcb85ebf70fa42f

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
ads.rekmob.com/m/props/ Frame 772A
270 B
594 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fa3b732f98185a709919fde825ac9539c580c02d1516e9ebe9ca2312e8512f88

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=TPZqUmHrOhIpHB0bfRk8&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__TPZqUmHrOhIpHB0bfRk8&ref=g.cash-ads.com&_=1622712460813&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
74ba81efea7a44f7f4d43b06bcb2f322e39bc05222036903edae4f46fb6900ba

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=RNzQWwWJcwyQYswn1DYC&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__RNzQWwWJcwyQYswn1DYC&ref=g.cash-ads.com&_=1622712460827&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
b9a3f96e1cc71af9dec578dbd9cb2e0e60862d676bbc96b1dac56dc1153518a0

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
ga.js
ssl.google-analytics.com/ Frame 3659
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1295
date
Thu, 03 Jun 2021 09:06:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Thu, 03 Jun 2021 11:06:05 GMT
860840
ad.a-ads.com/ Frame F1E6
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/860840?size=468x60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
1fcd258cc9454369f3ffdb6e3b671e4e52b59be8cf25deb2f1caf0333874b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:40 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.gab.ag/
Content-Encoding
gzip
Cookie set A860A4556C60
mellowads.com/view/ Frame 30C6
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bccbd703bdfea7014aee0b308efffead8717c7a0aa5f0d0281d03b1e4227c50

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:45 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc3e3a0000beba73a44000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e3105ba8beba-FRA
Content-Encoding
gzip
core.js
static.arc.io/widget/js/ Frame 3659
305 KB
89 KB
Script
General
Full URL
https://static.arc.io/widget/js/core.js?c6b0387
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54cf69fe7b9b56e7f8c10e74293e3d5be5b3579b0355620a9f56b1f3f8c63729

Request headers

Origin
https://www.gab.ag
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:29:21 GMT
content-encoding
br
vary
Accept-Encoding
age
39500
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"8f8c3a87f7579bb2c286660cbc1a1325"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
Hschq9Q-G2eE_KCWQTKg6VJZOQOeTZKEur7vlJkbdt1ndrvUNrpf3Q==
broker.html
core.arc.io/ Frame A4B0
2 KB
934 B
Document
General
Full URL
https://core.arc.io/broker.html?c6b0387
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-41.fra2.r.cloudfront.net
Software
/
Resource Hash
7f1b840e7fe64080c79a2f1d946dbd74b76ea9880999a12637487e688490d670
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
core.arc.io
:scheme
https
:path
/broker.html?c6b0387
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_immortal|Arc_nodeId=K3JPab47iPaLvchEGNLQ3o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

content-type
text/html
content-length
493
date
Wed, 02 Jun 2021 22:29:07 GMT
last-modified
Wed, 05 May 2021 02:49:38 GMT
etag
"609207c2-1ed"
content-encoding
br
expires
Fri, 02 Jul 2021 22:29:07 GMT
cache-control
max-age=2592000 public
access-control-allow-origin
*
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 debe291145dc27044f50d04bac101cd9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
t1pibb41b_6G17WUwq2d7TiGA6xyEajn0Tk12HtO78eDMt7OhAiCuA==
age
39513
/
p3.adhitzads.com/ Frame 3659
950 B
1 KB
Script
General
Full URL
https://p3.adhitzads.com/?z=969200&p=1687969204&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=1
Requested by
Host: adhitzads.com
URL: https://adhitzads.com/969200
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
341df80e00be0f872c23054584444a5a5bf9afb006cdb441909aa8a71a69b35c

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.6.40
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc3e620000082c4f223000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gPsSW0MXF%2BGl0Pu65yGDiQ7D9mhWKw5Bg6NRASk1p05LsSAktWUHTepD67EKpMuMPsPOzyIrbAO9hHlCcYYzZsVhFxL8K2l%2F6BJH1QNHGkYFzSMWEEeJmTryKYbMVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e3109af0082c-CDG
expires
Sat, 26 Jul 1997 05:00:00 GMT
broker.8ade32c4.js
static.arc.io/broker/js/ Frame A4B0
23 KB
9 KB
Script
General
Full URL
https://static.arc.io/broker/js/broker.8ade32c4.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e67a62c23c04cf1f7f2ae3615dc16e99ff318a5238a311287ce9dfc74d79ef36

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2448343
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7f8131981b3050291ebfde5200590514"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
N6S9Bg_LS1XEG2rhqonJChHacNWIbmNziq2pKXNwpiYwpN5dgU-w3A==
chunk-vendors.85cb0bd7.js
static.arc.io/broker/js/ Frame A4B0
49 KB
18 KB
Script
General
Full URL
https://static.arc.io/broker/js/chunk-vendors.85cb0bd7.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87d5ef022a7dcf0361ac7c406f0a85a16712db4e66ee2363941c2a9f412fb27a

Request headers

Origin
https://core.arc.io
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2448343
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"c34d69d2acc5361be94bab962c0f07eb"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 ef16cf332760e013a5fd2d10ab2b11ec.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
bhWvVznHNsPAeYQSHc-cpqlmP8XJPPbF6U7Sp4eq5CeoffP5IGezTw==
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame A4B0
0
5 KB
Other
General
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 01:21:58 GMT
content-encoding
br
vary
Accept-Encoding
age
2448342
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
R0-vSTuplWJ5V0mzfY1V6gKA_pzXlCpKh496kjYkiadsn7tjhlMqZg==
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame A4B0
0
14 KB
Other
General
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 19:18:41 GMT
content-encoding
br
vary
Accept-Encoding
age
1606140
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 05 May 2021 02:50:01 GMT
server
AmazonS3
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
BK0pmr6DGJdd3UYQod0Ui89gsFqEpZ9uToghYJeyYsZvVS8GVpaIgw==
vendors~widget-ui.js
static.arc.io/widget/js/ Frame 3659
93 KB
31 KB
Script
General
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a97573fb98d12e72469bd719502cc07964386b1d274f46c8a1aecc246faf5916

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:29:26 GMT
content-encoding
br
vary
Accept-Encoding
age
39495
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"520b74b9d66dcf95cd6398794c2ad023"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
t7g72KlKYODdCIbk9DPTvcX0pwPMFuTeyQpsv27Tf6Wh7Bwe6y4P5Q==
widget.css
static.arc.io/widget/css/ Frame 3659
84 KB
6 KB
Stylesheet
General
Full URL
https://static.arc.io/widget/css/widget.css?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:30:01 GMT
content-encoding
br
vary
Accept-Encoding
age
39460
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
n2KiZ5fHINP_BQl17w2NPoAVmAVzt0oxe51hFHe1M8_cU0J_cbAgNw==
widget-ui.js
static.arc.io/widget/js/ Frame 3659
40 KB
12 KB
Script
General
Full URL
https://static.arc.io/widget/js/widget-ui.js?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2dc91b7deab415797539622fd50d18e8f8b674ac37e525070b592ad3c7f8b96b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:29:27 GMT
content-encoding
br
vary
Accept-Encoding
age
39494
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"ce2a4cd559f434679a1989acff0effea"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
BD0W9BNwLwQuAHbF48lHhcbVeDN0j3Ntn7g1lyzOVpogZ4idlY-DNQ==
brokers.js
static.arc.io/widget/js/ Frame 3659
22 KB
8 KB
Script
General
Full URL
https://static.arc.io/widget/js/brokers.js?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3fb0ca8e793d8b529a7e7abdaa270757ea9774e2998d2421591133860a22a08

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:37:01 GMT
content-encoding
br
vary
Accept-Encoding
age
39040
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"312a3673cc8af3d946f275c1a4467309"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
4LXfr2c9fnO4uRDUB6LRX1_KNVeL-p40hkylwou43EVmLS57dgjPYA==
bannerslink.png
p3.adhitzads.com/s/ Frame 3659
1 KB
2 KB
Image
General
Full URL
https://p3.adhitzads.com/s/bannerslink.png
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=969200&p=1687969204&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
966754
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1323
cf-request-id
0a72cc3ebb0000082c5dacd000000001
last-modified
Thu, 20 May 2010 21:29:39 GMT
server
cloudflare
etag
"4bf5a9c3-52b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cMPmV3vi4OabOQvu7IYs%2FHSuR1yxkoMLNP%2Bn5Smk6i7UL%2ByhcLGcmRoN6dU8E2fY4YgAUt0pMmjJUrDgFhYMYu20mxPn4DZDmpl%2BICibeDgDw6zBdNIpCzuA8q417w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e3112c34082c-CDG
expires
Tue, 22 Jun 2021 04:55:06 GMT
bannerslink_hover.png
p3.adhitzads.com/s/ Frame 3659
596 B
1 KB
Image
General
Full URL
https://p3.adhitzads.com/s/bannerslink_hover.png
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=969200&p=1687969204&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e886ca7137283c676a0af2a3e2f120df39d976823726e6216d95f738b140d242

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:40 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
966752
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
596
cf-request-id
0a72cc3ebc0000082c349fa000000001
last-modified
Thu, 18 Nov 2010 20:43:06 GMT
server
cloudflare
etag
"4ce58fda-254"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=q6%2BA%2FvBLfdJFqv5edk0fenqym8IPkDUWEp0dyOeZwpayY8AzubzLwK2x7pSMCp21UclylRgjy0O3LKD4YrPJQQ8PwdXMDM%2FnTgi%2FGpzlXRf%2BFHU4SILSPWMkR2S90g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e3112c35082c-CDG
expires
Tue, 22 Jun 2021 04:55:08 GMT
60b8a08ce6b0a297933852ggab.ag186931
p3.adhitzads.com/ Frame C39A
2 KB
2 KB
Document
General
Full URL
https://p3.adhitzads.com/60b8a08ce6b0a297933852ggab.ag186931
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=969200&p=1687969204&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beec15e03fe29ec65940fee75c9b5e9e8653a03c49e77015146b554a69808fe9

Request headers

:method
GET
:authority
p3.adhitzads.com
:scheme
https
:path
/60b8a08ce6b0a297933852ggab.ag186931
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:57:41 GMT
cache-control
max-age=1800 private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a72cc3ebe0000082c0a35b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D3A4%2Bu9%2FGop9Lu4DAy8Zv3yTdYeHVMj4Z4lrXBGl3kLxEraAQe2eQUn%2BTQhIUuXWgwH2ASAhkr8Qj%2FVDfNAj3WO1jt6To38YesQKXRY8mbptOGKrsw7fQzfac%2Bp5Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e3113c3f082c-CDG
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1604381493img_ad_cmp_423493.gif
p3.adhitzads.com/s/ad_files/ Frame 3659
15 KB
16 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1604381493img_ad_cmp_423493.gif
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e6f63ad63eddd1eeb2f65ce9db41d027b6aea1dc6d6915bc26f0ac4de2c3b4

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1924472
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15303
cf-request-id
0a72cc3ebd0000082c0ba8f000000001
last-modified
Tue, 03 Nov 2020 05:31:33 GMT
server
cloudflare
etag
"5fa0eb35-3bc7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BRjjiEzaBqNm5yaHlkvgKQ6c15vp%2BkKT71sXuNaSANRmaFxoQbrCb4PcL6Ry4fnFvLWtRDLi9nRr4CqmbPxkYvpuxoY1MS4Jx%2FCSwT63h3hn2Os%2Fd6JsaRkkqoKggw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e3112c3a082c-CDG
expires
Fri, 11 Jun 2021 02:53:09 GMT
Cookie set A860A4556C60
mellowads.com/view/ Frame D505
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b2f2968e10e4bdf80bfdd49a5a496dee1425b0ba7086376bdc12a3397e2f2d5

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:54 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc3ebc000032602915b000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e3112b4c3260-FRA
Content-Encoding
gzip
Cookie set A860A4556C60
mellowads.com/view/ Frame 0E70
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
647ad96c5875174087791ece6edd9185ccb71df157ac20c331041f401e5883f0

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:34 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc3ec100004ddcb5202000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e3113a184ddc-FRA
Content-Encoding
gzip
Cookie set A860A4556C60
mellowads.com/view/ Frame A8EA
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918161ad1c70ea8ff02e28054b8eeddbd63811cc8e259101992d3fd3b2dc6b48

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:34 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc3ec400002bc2c5264000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e3113feb2bc2-FRA
Content-Encoding
gzip
Cookie set B8AE533AA3BB
mellowads.com/view/ Frame 4663
2 KB
1 KB
Document
General
Full URL
https://mellowads.com/view/B8AE533AA3BB
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
708af168805baf21052aca92835aac5d1d19b3450d16ecce6dab5f4e9168f8b5

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:35 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc3ec40000d6c5f7b9e000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e31138d5d6c5-FRA
Content-Encoding
gzip
/
p3.adhitzads.com/ Frame 3659
954 B
1 KB
Script
General
Full URL
https://p3.adhitzads.com/?z=1047672&p=1687969204&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=2
Requested by
Host: adhitzads.com
URL: https://adhitzads.com/1047672
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
2fdef7a9f24c9a633a03e299334bc3b1827d13ef082b7dcc03d3c02c2ece03e1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.6.40
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc3eca0000082c4388e000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Oi%2F6cPKuVZA%2FVB5uwo0W9dALodnhEYfHTXDwt%2FaE2CpLlNyzcLwaliKDWhMn5gRo73Zn4R8XHM9HTGsQpobwSZDaasAsR5mt9DfW1QfmhuIS3xC4t5%2BzX9K%2Bxan31A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e3114c6b082c-CDG
expires
Sat, 26 Jul 1997 05:00:00 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3114932a8c1-CDG
content-length
1146
cf-request-id
0a72cc3ecf0000a8c1451f1000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
a6ef61b5aa4d4a35995bc18d04125b93
adimg.rekmob.com/ Frame 2B36
12 KB
12 KB
Image
General
Full URL
https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3e048568ec73a37d3de0f63e7812bd07756797f6b82a84053ac56e9c28d6e37

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 15:46:51 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:42 GMT
Server
AmazonS3
Age
75048
ETag
"7be928384c3265ed526e5c5e5c519349"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
12001
X-Amz-Cf-Id
cXcqvKiSp1Kg9zda-Ks5Y2L6emB9GadYt9rVRlJsdYDLkcJCRqPovw==
imp
ads.rekmob.com/m/ Frame 2B36
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=b3c767288ae44691a3bffff12b9ea228&rid=NjBiOGEwOGMwY2YyYWJkZGRmZmI2MDJk&adId=MTM2OQ==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
bundle.min.js
browser.sentry-cdn.com/6.2.2/ Frame 3659
65 KB
20 KB
Script
General
Full URL
https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.gab.ag
Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
last-modified
Thu, 11 Mar 2021 09:25:54 GMT
server
Fastly
age
7255037
etag
"a948fc086ec14683f3f2270913c7f702"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
content-length
20633
expires
Fri, 11 Mar 2022 10:10:24 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e311896aa8c1-CDG
content-length
1146
cf-request-id
0a72cc3efa0000a8c1578af000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
bi.js
cdn.runative-syndicate.com/sdk/v1/ Frame 4658
6 KB
3 KB
Script
General
Full URL
https://cdn.runative-syndicate.com/sdk/v1/bi.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.110 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
c54b644fd5c4c94f49cc8bde286802266cbb733d557d4fed43cc705b95d1de3d

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
last-modified
Wed, 17 Feb 2021 13:10:31 GMT
server
nginx
age
9140952
etag
W/"602d15c7-1931"
vary
Accept-Encoding
content-type
application/javascript
x-robots-tag
noindex, nofollow
imp
ads.rekmob.com/m/ Frame 4658
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=3b0aa6c8fe854547a03e7b6da5c0742c&rid=NjBiOGEwOGQwY2YyMzEyYTkyZGVkNDk0&adId=MTQ3Mw==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712461033&ver1=2.2.3&qid=230383f5530383f5434353&rnd=kmwfcgsirdrf&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e311a97ba8c1-CDG
content-length
23972
cf-request-id
0a72cc3f080000a8c146387000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
60b8a08d0621b957325805ggab.ag186931
p3.adhitzads.com/ Frame 23F9
2 KB
2 KB
Document
General
Full URL
https://p3.adhitzads.com/60b8a08d0621b957325805ggab.ag186931
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=1047672&p=1687969204&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fced08a2e5d745a4f58f49133e57aa725eb4e3f35170f60da0effef83264a33

Request headers

:method
GET
:authority
p3.adhitzads.com
:scheme
https
:path
/60b8a08d0621b957325805ggab.ag186931
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:57:41 GMT
cache-control
max-age=1800 private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a72cc3f0c0000082c8106d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YSJyIv7qwCRUH3f9Z4ruCQq2RL1Qk1wY%2FwfvBoAB%2BspgGtgKiFt4aPb4qfwcBp7YLOWLwKWWcf3kekXRcC%2BVCv0IE7E0VH2PkonoQCYNvS%2BCl5yANO4C%2BJcUj8vL%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e311ad4c082c-CDG
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1618981553img_ad_cmp_428122.gif
p3.adhitzads.com/s/ad_files/ Frame 3659
1022 KB
1022 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1618981553img_ad_cmp_428122.gif
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e04a1299d4c25d2ef6c05d9881963f76c2606875999b721e82b41c3d049136

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
966752
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1046118
cf-request-id
0a72cc3f0c0000082c191e0000000001
last-modified
Wed, 21 Apr 2021 05:05:53 GMT
server
cloudflare
etag
"607fb2b1-ff666"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9SCx2iVSN7puwha%2FWmQt6QWqV1cBz%2FXLLdvdKgdAgZca6w6c04ps8bVqtA9aSiwix%2F8PzKrg3d6NyHbAQ03bNf%2BHREOHtL9rQ724vVGl9nZ%2FGD129RvadVvtT05TGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e311ad4a082c-CDG
expires
Tue, 22 Jun 2021 04:55:09 GMT
Cookie set B8AE533AA3BB
mellowads.com/view/ Frame 24FA
3 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/B8AE533AA3BB
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fb5e6c6675cfa340ce19640ed445a22fabe6a23551529b328ad86bd5871fe29

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:34 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc3f0a00002b71ff0db000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e311abd72b71-FRA
Content-Encoding
gzip
1410164
ad.a-ads.com/ Frame D97C
6 KB
2 KB
Document
General
Full URL
https://ad.a-ads.com/1410164?size=728x90
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
29b6cd6b34a4f31faaa51ff355f5cbc83abc4e9fbf45ed238e5e97fde51de94e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.gab.ag/
Content-Encoding
gzip
publishertag.js
static.criteo.net/js/ld/ Frame 3659
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:41 GMT
pix
ads.rekmob.com/retarget/ Frame 3659
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
date
Thu, 03 Jun 2021 09:27:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 3659
320 B
621 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=553524
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5087f1b703ae43df7c4dbc79728e283d3d5c4fc82bdaa1962df54d0f5907a896

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
gtm.js
www.googletagmanager.com/ Frame 3659
82 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5bf558d0232023965ed5bb5334f6ca8016ab4aeef42ff3895d9f9886bdf42df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33170
x-xss-protection
0
last-modified
Thu, 03 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 03 Jun 2021 09:27:41 GMT
reklamstore.js
adserver.reklamstore.com/ Frame 3659
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85721a6602da0b1be0c1bedca8a2db934b8f6bc9fffc14be4b0a48c2ed9cccf2

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33565
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
DvsJCZG21NEFNGUbpm404gXjfXuJD7NaQmoDYBTYO-rAfTn92ZeBFQ==
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e311b98ca8c1-CDG
content-length
1146
cf-request-id
0a72cc3f120000a8c14cabd000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame C852
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:16:11 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
75050
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
W1wdiMZOIYMkQNj6Z_Skw60kuQWQ-_LXLnV4LwmIqniCsa2Oox4XVQ==
imp
ads.rekmob.com/m/ Frame C852
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=b6ec61c894bd4f1c85071c567f739dfd&rid=NjBiOGEwOGQwY2YyYWJkZGRmZmI2MDM5&adId=MTM3Mg==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e311c995a8c1-CDG
content-length
1146
cf-request-id
0a72cc3f1a0000a8c138901000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame AA28
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 18:54:12 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
59473
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
R_HSg0nHkOedC-l0nAYCrav657EuBiPV8qtHaojxiiWvbIvTHQ5d_g==
imp
ads.rekmob.com/m/ Frame AA28
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=a9d7ef4515ff4d8fbb58617b452c8f03&rid=NjBiOGEwOGQwY2YyMzEyYTkyZGVkNDk2&adId=MTM2OA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
1604381493img_ad_cmp_423493.gif
p3.adhitzads.com/s/ad_files/ Frame C39A
15 KB
16 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1604381493img_ad_cmp_423493.gif
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/60b8a08ce6b0a297933852ggab.ag186931
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e6f63ad63eddd1eeb2f65ce9db41d027b6aea1dc6d6915bc26f0ac4de2c3b4

Request headers

Referer
https://p3.adhitzads.com/60b8a08ce6b0a297933852ggab.ag186931
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1924472
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15303
cf-request-id
0a72cc3f200000082c5dad9000000001
last-modified
Tue, 03 Nov 2020 05:31:33 GMT
server
cloudflare
etag
"5fa0eb35-3bc7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u7hLvYarGCRYRtGUWBt1sgbnaqb24YKHhyG5IEx%2BPChEsoe8yVzIjAelwMiSVpok4Tvggxj0cRzroOMEfDsUsYtRldv0qv9o%2FCKOFk1o%2BEm6lpVX6ZPs02Pw1bj1vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e311cd9d082c-CDG
expires
Fri, 11 Jun 2021 02:53:09 GMT
7a59f4ee8243465197d99ee2959f6ef7.html
run-syndicate.com/iframes2/ Frame E444
10 KB
4 KB
Document
General
Full URL
https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Requested by
Host: cdn.runative-syndicate.com
URL: https://cdn.runative-syndicate.com/sdk/v1/bi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.198.68.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
cd6c5d2ace181243b3e20960e2f10df4e165bca858583aa70584a3e787231d55

Request headers

:method
GET
:authority
run-syndicate.com
:scheme
https
:path
/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://jun.eurosptp.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://jun.eurosptp.com/

Response headers

server
nginx
date
Thu, 03 Jun 2021 09:27:41 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding *
cache-control
no-cache, no-store, no-transform, must-revalidate no-transform
pragma
no-cache
expires
0
x-api-version
2
link
<https://lcdn.runative-syndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.runative-syndicate.com/images/7/8/fe29a4f9e31b741227b65428c85e2dc7078795/300x250.jpg>; rel=preload; as=image
x-request-id
b438cd8834cf12f2
set-cookie
ts_uid=c91a5f2a-80f5-4e3c-97d1-96f427c26c3d; expires=Fri, 03 Dec 2021 09:27:41 GMT; domain=.run-syndicate.com; path=/; HttpOnly; secure; SameSite=None bfq=e0SIEaFjSxcWIsYUPJiwDMMufRQE; expires=Fri, 04 Jun 2021 09:27:41 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
x-robots-tag
none noindex, nofollow
report-to
{ "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding
gzip
/
ads.rekmob.com/m/props/ Frame 3659
320 B
621 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=555005
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
b23b15c185b96405769a3556bcdefa4e12bc9e49cd1c3d59e5ade1affba71b86

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 3659
320 B
621 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=553524
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5087f1b703ae43df7c4dbc79728e283d3d5c4fc82bdaa1962df54d0f5907a896

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:07 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 3659
320 B
621 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=555005
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
b23b15c185b96405769a3556bcdefa4e12bc9e49cd1c3d59e5ade1affba71b86

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
p3.adhitzads.com/ Frame 3659
950 B
1 KB
Script
General
Full URL
https://p3.adhitzads.com/?z=969390&p=1687969204&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=3
Requested by
Host: adhitzads.com
URL: https://adhitzads.com/969390
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
0f324e3bdb92e00aac4abb256e9090f60666eda653935cb1e5ffe5019743f325

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.6.40
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc3f450000082c3d3f3000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Fl5w341ycJv7w33D0%2BKWUuujgPqR1M3KDZLQQ3qvfSY2N2XSylOTUvSS4zcBa75uyPavgLmHe2wgSCbCddhoPZ4ZsDXBDrjVSST9Y2%2BMkpGdWvuxqYqA2MmzjJm3uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6597e3120e28082c-CDG
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v2/ Frame 3659
50 B
741 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:41 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.80:80
AN-X-Request-Uuid
8c5bb1e5-ff0f-4ad3-ac22-769f749493dc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 3659
33 B
562 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__btub2ZLGIvbs0LO6Ds55
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
451a6c34b3afcdeae6c45279076c4d1eb683f5550db52170c215fd41264a29d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
156
expires
-1
adp
ads.rekmob.com/m/ Frame 3659
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=192c020147d342b89b44892f054dc030&ufid=btub2ZLGIvbs0LO6Ds55&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__btub2ZLGIvbs0LO6Ds55&ref=ad.gab.ag&_=1622712461147&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a40b8e5067d465311164933f346b9dcae0e9c518b35fa1bcd4db4597a592a757

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 3659
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712461137&ver1=2.2.3&qid=230383f5530383f5434353&rnd=e5z3zav9wty4&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e31239f1a8c1-CDG
content-length
23972
cf-request-id
0a72cc3f690000a8c14e95c000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
159 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712461176&rnd=e5z3zav9wty4&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=1e86b52dba4f4154a0ee87b99af3da50&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3126d104ec1-FRA
content-length
26
cf-request-id
0a72cc3f7d00004ec116376000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712461169462&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=e5z3zav9wty4&impid=&tps=75&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=13
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3126d134ec1-FRA
content-length
26
cf-request-id
0a72cc3f7f00004ec107052000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
prebid
ib.adnxs.com/ut/v2/ Frame 3659
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:41 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid
15d0629c-2a7c-4c51-a8ef-2c6bd3854731
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 3659
33 B
566 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__QPnXFq63vXdpWs5LQK63
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
a39b47ab0b43a84afee42eab7e6b44c411450c8e0e547a09b2ec627419ed09f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
160
expires
-1
adp
ads.rekmob.com/m/ Frame 3659
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=4eef9d94fb6d4baca35d78effe61c3a2&ufid=QPnXFq63vXdpWs5LQK63&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__QPnXFq63vXdpWs5LQK63&ref=ad.gab.ag&_=1622712461194&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
a34c5cfb3b9d332e277beeb2f8b99781bd64c2c3cdd8674cd272181969cdfb7b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 3659
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v2/ Frame 3659
50 B
741 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:41 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.46:80
AN-X-Request-Uuid
23d6cb10-3590-4210-9c22-36dd5532f25b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 3659
33 B
563 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwOQ%3D%3D&callback=adf__D4jptAOWIzRH2LvASRb3
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
557aed8c9b8d7953fdb3c22516f6e225ca78a9fe9a860b75b9cdca37f818d124
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
157
expires
-1
adp
ads.rekmob.com/m/ Frame 3659
113 B
446 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=192c020147d342b89b44892f054dc030&ufid=D4jptAOWIzRH2LvASRb3&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__D4jptAOWIzRH2LvASRb3&ref=ad.gab.ag&_=1622712461204&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
477207b8df3dfd631f010038e8917b7d931fa24282c76e31f9a08d3eea7e1c72

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 3659
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v2/ Frame 3659
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:41 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid
16bb379e-f21d-46c8-886d-5b2e9e82171b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 3659
33 B
562 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDExMQ%3D%3D&callback=adf__Reo1cWBfOIs128sWGVvI
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
685ca868cf8fd43fd844dd6ecaa1f525e424df6cb518f0805f1e243b2bc9569d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
156
expires
-1
adp
ads.rekmob.com/m/ Frame 3659
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=4eef9d94fb6d4baca35d78effe61c3a2&ufid=Reo1cWBfOIs128sWGVvI&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__Reo1cWBfOIs128sWGVvI&ref=ad.gab.ag&_=1622712461215&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
0926b8d9b98da648b4884f5ebb99379188cdc8956d418c13a1208f7b1cc797ac

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 3659
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
728x90
static.a-ads.com/a-ads-banners/174375/ Frame D97C
90 KB
91 KB
Image
General
Full URL
https://static.a-ads.com/a-ads-banners/174375/728x90?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1410164?size=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4e4342c6bb2d828cf123e6ad8ee6cfa7bb0d475e3140903ecca5bd7b4c1f6210

Request headers

Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Last-Modified
Wed, 02 Jun 2021 17:37:52 GMT
Server
nginx/1.14.0 (Ubuntu)
x-amz-request-id
GGJQ6530PDRA9N8E
ETag
"244933e86f56ce74bf74a10d265562fe"
Content-Type
image/gif
Cache-Control
max-age=315360000
x-amz-replication-status
COMPLETED
Content-Length
92323
Connection
keep-alive
Accept-Ranges
bytes
x-amz-version-id
BAzLeNRKB5Q5tkW1WnUo2IhtSGM87Bpm
x-amz-id-2
/k1zaagwjfjIaPOjekVaokoRHlLSCXXsBdEWAD8NURTS5LZFdltNoT7kC0xLk4zZVJPI1bkD/8c=
Expires
Thu, 31 Dec 2037 23:55:55 GMT
size0.css
mellowads.com/css/ Frame 30C6
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4723
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc3fa80000beba8a900000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e312ad21beba-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 30C6
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
1081815
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc3fb70000beba58a39000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e312bd25beba-FRA
Cf-Bgj
imgq:100,h2pri
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712461263&rnd=e5z3zav9wty4&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=1e86b52dba4f4154a0ee87b99af3da50&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3130e924ec1-FRA
content-length
26
cf-request-id
0a72cc3fe200004ec149274000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=162271246124664&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=e5z3zav9wty4&impid=&tps=75&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1-27-v8&trim=&fio=23
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3130e944ec1-FRA
content-length
26
cf-request-id
0a72cc3fe100004ec11d13a000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
60b8a08d256e1252912765ggab.ag186931
p3.adhitzads.com/ Frame AD27
2 KB
2 KB
Document
General
Full URL
https://p3.adhitzads.com/60b8a08d256e1252912765ggab.ag186931
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/?z=969390&p=1687969204&l=https%3A//www.gab.ag/index.php%3Fview%3Dregister&r=https%3A//ad.gab.ag/&c=3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dbed3d88f1d34aa60b322d08c27b069412e5d7e44f6f60bc77e0fd394aee27c

Request headers

:method
GET
:authority
p3.adhitzads.com
:scheme
https
:path
/60b8a08d256e1252912765ggab.ag186931
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 03 Jun 2021 09:57:41 GMT
cache-control
max-age=1800 private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
cf-request-id
0a72cc3fe90000082c1f0da000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FLohX%2Bgwubph1cbIUO0y2u7buC%2FK9PM4PCaXVErRg0fn5a006sH2XSFeLEELIurCY61LqJ14WaNTrEdFjOuzFoZ9laNQ9LDIWtr6Jytw3MXN6A%2FusX%2FVF%2BQkoxOOmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e31308b5082c-CDG
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
1622653841img_ad_cmp_429610.gif
p3.adhitzads.com/s/ad_files/ Frame 3659
21 KB
21 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1622653841img_ad_cmp_429610.gif
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56ac6898cb9416aa00060184b370f94fa8008c215a6eb649607783c6a09c9a4

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
56555
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21322
cf-request-id
0a72cc3fe90000082c752a6000000001
last-modified
Wed, 02 Jun 2021 17:10:41 GMT
server
cloudflare
etag
"60b7bb91-534a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bf%2FHt9abLGekP24LWbGN4x6y%2BPcebggfzwhMQcxG2nivM18Z3Hrb0%2B0ICj27ua83a%2BU355Ae6su7AvWTAOxPPzpzbY4Rrsq3mdszhI3AvE%2B0YCSaNerOBZnyM%2BM31Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e31308b2082c-CDG
expires
Fri, 02 Jul 2021 17:45:06 GMT
/
ads.rekmob.com/m/props/ Frame 3659
348 B
632 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=549123
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
745b0c17ac09b998fa0baed93b0a0d2901644b9b2891a98028b8912c5f35b9db

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 3659
348 B
631 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=546313
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
545eb5f040a84e9eeb653f362aad4ef21cd72f0b6838468822ffa71f47610d3a

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 3659
348 B
631 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=546313
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
545eb5f040a84e9eeb653f362aad4ef21cd72f0b6838468822ffa71f47610d3a

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
/
ads.rekmob.com/m/props/ Frame 3659
348 B
632 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=549123
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
745b0c17ac09b998fa0baed93b0a0d2901644b9b2891a98028b8912c5f35b9db

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
Cookie set A860A4556C60
mellowads.com/view/ Frame BC7B
2 KB
2 KB
Document
General
Full URL
https://mellowads.com/view/A860A4556C60
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
665b4800ee022409cc94040e12bc972e43159f55ba6aec09c5e979cc7f8c7222

Request headers

Host
mellowads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gab.ag/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
private
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
Set-Cookie
user=referrer=; expires=Wed, 01-Sep-2021 09:27:41 GMT; path=/
CF-Cache-Status
DYNAMIC
cf-request-id
0a72cc3ff30000d6c5a1828000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server
cloudflare
CF-RAY
6597e3131c83d6c5-FRA
Content-Encoding
gzip
syncframe
gum.criteo.com/ Frame 980D
2 KB
1 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=manicoins.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=manicoins.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gab.ag/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=efdec341-b80d-4a47-8449-0c6527d1d6ea
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gab.ag/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4349
set-cookie
uid=efdec341-b80d-4a47-8449-0c6527d1d6ea; expires=Fri, 03 Jun 2022 09:27:41 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 03 Jun 2021 09:27:41 GMT
content-length
1129
fltiu.js
pixel.yabidos.com/ Frame 3659
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=192c020147d342b89b44892f054dc030&nai=&si=24908&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3133ab6a8c1-CDG
content-length
1146
cf-request-id
0a72cc40080000a8c130182000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
32d0e9c9c24a4599b7c35c17bf87e9ae
adimg.rekmob.com/ Frame 19BF
42 KB
42 KB
Image
General
Full URL
https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
057f09a69601da3adc7b756b621f7b98e3b24b50ee89da83314bc45c4ef03ca4

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 12:13:39 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 15:53:13 GMT
Server
AmazonS3
Age
76482
ETag
"1206c40415c3aa41e749ad6054d636b5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
42678
X-Amz-Cf-Id
jgdoN_35XsEWjoh9OlXDnF-yT3saai1YjFM8qHi_vJQFIu-NKVAzDA==
imp
ads.rekmob.com/m/ Frame 19BF
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=192c020147d342b89b44892f054dc030&udid=94b79883353a419cb5bb4033d5ef95ad&rid=NjBiOGEwOGQwY2YyMzEyYTkyZGVkNGFi&adId=MTM2MA==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
1618981553img_ad_cmp_428122.gif
p3.adhitzads.com/s/ad_files/ Frame 23F9
1022 KB
1022 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1618981553img_ad_cmp_428122.gif
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/60b8a08d0621b957325805ggab.ag186931
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e04a1299d4c25d2ef6c05d9881963f76c2606875999b721e82b41c3d049136

Request headers

Referer
https://p3.adhitzads.com/60b8a08d0621b957325805ggab.ag186931
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
966752
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1046118
cf-request-id
0a72cc40110000082c46357000000001
last-modified
Wed, 21 Apr 2021 05:05:53 GMT
server
cloudflare
etag
"607fb2b1-ff666"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wnYBLduWlslmw1auuDIZBJH%2BiB3DF3ejBFtY4t6ooz8QE9arRutFeXjoMubdgkgdtV0Wny7z9Qe2fOJWRuUuwl%2B4AzoZWClezNojIzQeGUfRT8qtFC4l1rW1Z6yaPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e313496b082c-CDG
expires
Tue, 22 Jun 2021 04:55:09 GMT
b.b.js
lcdn.runative-syndicate.com/sdk/v1/ Frame E444
4 KB
4 KB
Script
General
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/b.b.js
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
d7d6b4ac1019f487f26ab37a8eef1c80be8d6c213a98d875d8847e99288802c6

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
last-modified
Mon, 01 Jun 2020 09:16:15 GMT
server
nginx
age
29535623
etag
"5ed4c75f-100b"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
4107
300x250.jpg
lcdn.runative-syndicate.com/images/7/8/fe29a4f9e31b741227b65428c85e2dc7078795/ Frame E444
7 KB
8 KB
Image
General
Full URL
https://lcdn.runative-syndicate.com/images/7/8/fe29a4f9e31b741227b65428c85e2dc7078795/300x250.jpg
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
1d68d92741d56955f7e5090ad5d2d6524dea7d1a37e150432386b723ba6a7c52

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
last-modified
Wed, 30 Sep 2020 06:53:46 GMT
server
nginx
age
8169276
etag
W/"5f742b7a-1dbd"
vary
Accept-Encoding
content-type
image/jpeg
x-robots-tag
noindex, nofollow
prebid
ib.adnxs.com/ut/v2/ Frame 3659
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:41 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.230:80
AN-X-Request-Uuid
8baa2f6c-0e20-491d-987d-577fe257abfe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 3659
33 B
561 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwNA%3D%3D&callback=adf__4bcqrc6E3nsmeEfkOfue
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
7b2afffdbc3bb7ece8c874f0dcc6c0d887aaae09090c9f9f6801ce7ddddcb35f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
155
expires
-1
adp
ads.rekmob.com/m/ Frame 3659
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=54f6df99caa7486ba63d0c3df54e7ba2&ufid=4bcqrc6E3nsmeEfkOfue&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__4bcqrc6E3nsmeEfkOfue&ref=ad.gab.ag&_=1622712461356&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
c883200e23e97c6b0ec0be3de55074caf00f798d13338c12feeb3f1acce4d772

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 3659
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb
ice.360yield.com/ul_cb/ Frame 3659
109 B
322 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%22eKgiJZi6h3ljkTj5j0qn%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%22czJyKs742rLSZ3YT6stn%22,%22pid%22:%2222033549%22,%22banner%22:{%22w%22:300,%22h%22:250},%22tid%22:%2254f6df99caa7486ba63d0c3df54e7ba2%22}]}}
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.167.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d6ea9f94ed27dbd8a4959397ba71191c5f0654c022865fe957d6190cb0b415a0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
109
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
prebid
ib.adnxs.com/ut/v2/ Frame 3659
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:41 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.113:80
AN-X-Request-Uuid
d4a2103a-51f9-45c5-b61b-8f8942160b39
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 3659
33 B
563 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwMg%3D%3D&callback=adf__oYPW82mcch4B5lWvQ7L0
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
9e46aac23557537adf94a53e11ea94f4d4845d47d64a466d59cffe5a4fcf4fbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
157
expires
-1
adp
ads.rekmob.com/m/ Frame 3659
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=449301397e8e42a9922ea633e3eb3fda&ufid=oYPW82mcch4B5lWvQ7L0&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__oYPW82mcch4B5lWvQ7L0&ref=ad.gab.ag&_=1622712461359&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
ce4842bf446a0b406f3134cea0e2461f00cafb104de1b86e6a3b6a06eac03558

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 3659
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb
ice.360yield.com/ul_cb/ Frame 3659
109 B
322 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%22u681NSsOz5ghAuRA7crv%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%22SaMHzSEJKOyRZwvraJ3j%22,%22pid%22:%2222030222%22,%22banner%22:{%22w%22:300,%22h%22:250},%22tid%22:%22449301397e8e42a9922ea633e3eb3fda%22}]}}
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.167.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
93a48976dc3f05b75820aa416963466a9cf5dbc7033e9b368da5e8cd8a79755a

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
109
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
fltiu.js
pixel.yabidos.com/ Frame 3659
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=4eef9d94fb6d4baca35d78effe61c3a2&nai=&si=24908&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3139aefa8c1-CDG
content-length
1146
cf-request-id
0a72cc40510000a8c16db55000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
prebid
ib.adnxs.com/ut/v2/ Frame 3659
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:41 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid
8bf58b5f-ef28-439c-8a57-ae33ad191505
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 3659
33 B
563 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwMg%3D%3D&callback=adf__yCg1AjphDqWk38baDp3p
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
0edf30f84b3dbf7cdbb929daf30510c4322d8fcf00521ae4a801cf697a6687c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
157
expires
-1
adp
ads.rekmob.com/m/ Frame 3659
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=449301397e8e42a9922ea633e3eb3fda&ufid=yCg1AjphDqWk38baDp3p&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__yCg1AjphDqWk38baDp3p&ref=ad.gab.ag&_=1622712461363&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
d9622fb4a5b0a3399726355ffd4049ffa116544c83ecbcc564fffddd5f7f756d

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 3659
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb
ice.360yield.com/ul_cb/ Frame 3659
109 B
322 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%2275AlCaoGZk4rpJbFtSj6%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%22DOeLPTJyYUIUhRkxyA6P%22,%22pid%22:%2222030222%22,%22banner%22:{%22w%22:300,%22h%22:250},%22tid%22:%22449301397e8e42a9922ea633e3eb3fda%22}]}}
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.167.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a32cc7605271b4a750b32b1e500ec31e249142d6613c2ee9c2d5e7ae809b48d2

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
109
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
32d0e9c9c24a4599b7c35c17bf87e9ae
adimg.rekmob.com/ Frame 2E48
42 KB
42 KB
Image
General
Full URL
https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
057f09a69601da3adc7b756b621f7b98e3b24b50ee89da83314bc45c4ef03ca4

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 12:13:39 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 15:53:13 GMT
Server
AmazonS3
Age
76482
ETag
"1206c40415c3aa41e749ad6054d636b5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
42678
X-Amz-Cf-Id
6yhms3qN3F6naTxOXL9-GAYmnCKlwX7aUSsTMYYCD4HJgk60Mq23cg==
imp
ads.rekmob.com/m/ Frame 2E48
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=4eef9d94fb6d4baca35d78effe61c3a2&udid=5969c1d160e143f5995e7e89a3282102&rid=NjBiOGEwOGQwY2YyN2IyMzZiM2I3ZTA3&adId=MTM2MA==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
prebid
ib.adnxs.com/ut/v2/ Frame 3659
50 B
742 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v2/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Thu, 03 Jun 2021 09:27:41 GMT
X-Proxy-Origin
89.249.64.171; 89.249.64.171; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.230:80
AN-X-Request-Uuid
d009d382-04e0-4d2a-aa73-ce67adbd49b5
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.gab.ag
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/ Frame 3659
33 B
563 B
Script
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTgyNDEwNA%3D%3D&callback=adf__Hzk35vdTgh0ldouJfQHc
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
615df615c81d1629d9af1a44d35abc2b4e9e697b2dae261b9cc00c2e5db1e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
157
expires
-1
adp
ads.rekmob.com/m/ Frame 3659
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=54f6df99caa7486ba63d0c3df54e7ba2&ufid=Hzk35vdTgh0ldouJfQHc&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__Hzk35vdTgh0ldouJfQHc&ref=ad.gab.ag&_=1622712461374&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
2b58cdabebcc773b2357bb5428e98038dc66becfc6b2ffd725fde636fe281dc3

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 3659
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
hb
ice.360yield.com/ul_cb/ Frame 3659
109 B
322 B
XHR
General
Full URL
https://ice.360yield.com/ul_cb/hb?jsonp={%22bid_request%22:{%22id%22:%22saAuw2uHxBzyvZiAwFSF%22,%22version%22:%224.2.0-JS-5.1%22,%22imp%22:[{%22id%22:%226dDoJ6po8IGFsbQzmIO3%22,%22pid%22:%2222033549%22,%22banner%22:{%22w%22:300,%22h%22:250},%22tid%22:%2254f6df99caa7486ba63d0c3df54e7ba2%22}]}}
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.167.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cd2fb72513bb1f405f8bf41a0f89bfee10442052e34d893745ba83739df24745

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.gab.ag
date
Thu, 03 Jun 2021 09:27:41 GMT
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
109
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
size0.css
mellowads.com/css/ Frame D505
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4723
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc404700002b710b3f0000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e313a9c72b71-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame D505
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
1081815
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc405200004ddc8db59000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e313b8e34ddc-FRA
Cf-Bgj
imgq:100,h2pri
size0.css
mellowads.com/css/ Frame 0E70
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4723
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc404e00002bc2f812a000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e313adbd2bc2-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 0E70
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
1081815
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc406a000032601d101000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e313d85a3260-FRA
Cf-Bgj
imgq:100,h2pri
5B43F7A03B83.png
banners.mellowads.com/ads/ Frame 0E70
19 KB
20 KB
Image
General
Full URL
https://banners.mellowads.com/ads/5B43F7A03B83.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af596aec554cb8e7486aa2b8e5186a1b80d20da5bbe8e1c66564f75579bba77

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
265452
Cf-Polished
origSize=22115
Connection
keep-alive
Content-Length
19915
cf-request-id
0a72cc405b00004e43f2b86000000001
Last-Modified
Sat, 29 May 2021 18:11:56 GMT
Server
cloudflare
ETag
"31902b1cb654d71:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e313ba874e43-FRA
Cf-Bgj
imgq:100,h2pri
size0.css
mellowads.com/css/ Frame A8EA
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4723
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc404e0000beba4c312000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e313adabbeba-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame A8EA
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
1081815
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc406300004ddc851be000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e313d9254ddc-FRA
Cf-Bgj
imgq:100,h2pri
158C930572E7.gif
banners.mellowads.com/ads/ Frame A8EA
253 KB
254 KB
Image
General
Full URL
https://banners.mellowads.com/ads/158C930572E7.gif
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ae4b7caebde18500087c25a61d1c4d6a6845d7cd3aa598792bd72cc124c087

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
705044
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
259370
cf-request-id
0a72cc40530000178ed2ac2000000001
Last-Modified
Sat, 15 May 2021 08:26:45 GMT
Server
cloudflare
ETag
"125fb9a6449d71:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/gif
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e313bb66178e-FRA
Cf-Bgj
imgq:100,h2pri
size4.css
mellowads.com/css/ Frame 4663
1 KB
1003 B
Stylesheet
General
Full URL
https://mellowads.com/css/size4.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5

Request headers

Referer
https://mellowads.com/view/B8AE533AA3BB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4775
Cf-Polished
origSize=1482
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc405600002b71f7bb6000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"b5b87228f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e313b9fc2b71-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 4663
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/B8AE533AA3BB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
1081815
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc406400002b71f5326000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e313da2f2b71-FRA
Cf-Bgj
imgq:100,h2pri
593DA2A4C8CE.jpg
banners.mellowads.com/ads/ Frame 4663
19 KB
20 KB
Image
General
Full URL
https://banners.mellowads.com/ads/593DA2A4C8CE.jpg
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c85abfdce7bf4946ef6a310830b3a3419ae040e1a407b561253a006c9a94c522

Request headers

Referer
https://mellowads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
417407
Cf-Polished
origSize=22958
Connection
keep-alive
Content-Length
19915
cf-request-id
0a72cc40650000178e87374000000001
Last-Modified
Mon, 29 Mar 2021 19:29:05 GMT
Server
cloudflare
ETag
"9b8edec7d124d71:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/jpeg
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e313db98178e-FRA
Cf-Bgj
imgq:100,h2pri
bannerNativeTrackImpression.js
lcdn.runative-syndicate.com/sdk/v1/ Frame E444
655 B
837 B
Script
General
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/bannerNativeTrackImpression.js
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
f870e36f1d8c5188723dd872a87705dfad89cabaf1c99ddd8ea7e0350fb48842

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
last-modified
Mon, 31 Aug 2020 07:23:11 GMT
server
nginx
age
23853422
etag
"5f4ca55f-28f"
content-type
application/javascript
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
655
n.css
lcdn.runative-syndicate.com/sdk/v1/ Frame E444
8 KB
8 KB
Stylesheet
General
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/n.css
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
last-modified
Wed, 17 Feb 2021 15:07:12 GMT
server
nginx
age
9135965
etag
"602d3120-2055"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8277
native-banner-default.css
lcdn.runative-syndicate.com/sdk/v1/ Frame E444
251 B
422 B
Stylesheet
General
Full URL
https://lcdn.runative-syndicate.com/sdk/v1/native-banner-default.css
Requested by
Host: run-syndicate.com
URL: https://run-syndicate.com/iframes2/7a59f4ee8243465197d99ee2959f6ef7.html?keywords=page,php&extid=101739&adb=1&clientjs=1&w=1600&h=1200
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.111 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
ff9150f84253841e2097c26de1611c67aad46c758b1899c75800af0016e5c446

Request headers

Referer
https://run-syndicate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
last-modified
Mon, 31 Aug 2020 07:23:11 GMT
server
nginx
age
23853421
etag
"5f4ca55f-fb"
content-type
text/css
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
251
size4.css
mellowads.com/css/ Frame 24FA
1 KB
1003 B
Stylesheet
General
Full URL
https://mellowads.com/css/size4.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5

Request headers

Referer
https://mellowads.com/view/B8AE533AA3BB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4775
Cf-Polished
origSize=1482
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc405f00002bc2d2be5000000001
Last-Modified
Wed, 15 Nov 2017 09:57:33 GMT
Server
cloudflare
ETag
W/"b5b87228f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e313ce202bc2-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame 24FA
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/B8AE533AA3BB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/B8AE533AA3BB
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
1081815
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc406d00002bc2d8336000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e313ee472bc2-FRA
Cf-Bgj
imgq:100,h2pri
1622653841img_ad_cmp_429610.gif
p3.adhitzads.com/s/ad_files/ Frame AD27
21 KB
21 KB
Image
General
Full URL
https://p3.adhitzads.com/s/ad_files/1622653841img_ad_cmp_429610.gif
Requested by
Host: p3.adhitzads.com
URL: https://p3.adhitzads.com/60b8a08d256e1252912765ggab.ag186931
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.21.55.158 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56ac6898cb9416aa00060184b370f94fa8008c215a6eb649607783c6a09c9a4

Request headers

Referer
https://p3.adhitzads.com/60b8a08d256e1252912765ggab.ag186931
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
56555
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
21322
cf-request-id
0a72cc40670000082c0a38b000000001
last-modified
Wed, 02 Jun 2021 17:10:41 GMT
server
cloudflare
etag
"60b7bb91-534a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4q7rDM%2BEinBKlafGGAJfiL5i0fYykpcGpSKybkKOONm5L1nQ%2F%2BO%2FQ6WrUF3ly2y1ExZNja8ZTfbz%2FTMHFg19jRtjKaPogAgNM%2FEK2k%2FTkqg9z4Wt5Hax2vDIGyfzcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6597e313da98082c-CDG
expires
Fri, 02 Jul 2021 17:45:06 GMT
flimpobj.js
pixel.yabidos.com/ Frame 3659
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712461405&ver1=2.2.3&qid=230383f5530383f5434353&rnd=ibsd79owiy3o&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=192c020147d342b89b44892f054dc030&nai=&si=24908&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e313fb2ea8c1-CDG
content-length
23972
cf-request-id
0a72cc40790000a8c14639f000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
32d0e9c9c24a4599b7c35c17bf87e9ae
adimg.rekmob.com/ Frame 5553
42 KB
42 KB
Image
General
Full URL
https://adimg.rekmob.com/32d0e9c9c24a4599b7c35c17bf87e9ae
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
057f09a69601da3adc7b756b621f7b98e3b24b50ee89da83314bc45c4ef03ca4

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 12:13:39 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 15:53:13 GMT
Server
AmazonS3
Age
76482
ETag
"1206c40415c3aa41e749ad6054d636b5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
42678
X-Amz-Cf-Id
cAPP4Lrj-qsUqTQqJcUN3m_2cpqQFAAE1nLvg4W8t_pxJjoUBaJ8Fg==
imp
ads.rekmob.com/m/ Frame 5553
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=4eef9d94fb6d4baca35d78effe61c3a2&udid=3443dfc52aa84184aeb474989253603a&rid=NjBiOGEwOGQwY2YyMTQ1ZTQyZTk5ZWM2&adId=MTM2MA==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 3659
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712461483&ver1=2.2.3&qid=230383f5530383f5434353&rnd=f8tdg5id5ktw&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=4eef9d94fb6d4baca35d78effe61c3a2&nai=&si=24908&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3145b8aa8c1-CDG
content-length
23972
cf-request-id
0a72cc40be0000a8c1463a5000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
fltiu.js
pixel.yabidos.com/ Frame 3659
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=449301397e8e42a9922ea633e3eb3fda&nai=&si=24908&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3145b8da8c1-CDG
content-length
1146
cf-request-id
0a72cc40b90000a8c168935000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
vbl.gif
pre.glotgrx.com/ Frame 3659
26 B
158 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712461514&rnd=f8tdg5id5ktw&ifm=1&uai=1&cid=544&s=ad.gab.ag&p=12328&x=rekmob&adtg=4eef9d94fb6d4baca35d78effe61c3a2&ats=0&atf=&nsi=&si=24908&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3148b5c4ec1-FRA
content-length
26
cf-request-id
0a72cc40d100004ec179933000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
nflrc.gif
pre.glotgrx.com/ Frame 3659
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712461506978&ver=1.2r81&qid=230383f5530383f5434353&p=12328&s=ad.gab.ag&x=rekmob&cid=544&od1=&od2=&adtg=4eef9d94fb6d4baca35d78effe61c3a2&nci=&nai=&si=24908&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=f8tdg5id5ktw&impid=&tps=75&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=728&h=90&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=3&icpl=25&icp=https%253A//manicoins.com&irfl=22&irf=https%253A//ad.gab.ag/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-9-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.5_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=15
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3148b5f4ec1-FRA
content-length
26
cf-request-id
0a72cc40d100004ec14a0a4000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
1639873e3dee4c7592212204b62bbbf4
adimg.rekmob.com/ Frame 48A0
40 KB
40 KB
Image
General
Full URL
https://adimg.rekmob.com/1639873e3dee4c7592212204b62bbbf4
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffcc93cf9c4061aa41fd8746c14c0409c170db8321dd6bdc8edabf491602d5a7

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 18:22:23 GMT
Via
1.1 845104f8cc68143037f48a67fd59744a.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 15:48:21 GMT
Server
AmazonS3
Age
54322
ETag
"d19c83815b42cfc1d7d18cff64e48eed"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
40568
X-Amz-Cf-Id
BjESFMUbfwC3UgsgaOOh_rv3TLT0UfuUo9pM9WY97GOwZkvpJb198Q==
imp
ads.rekmob.com/m/ Frame 48A0
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=449301397e8e42a9922ea633e3eb3fda&udid=74b0d8df446840aca8c051071c3a72eb&rid=NjBiOGEwOGQwY2YyMzEyYTkyZGVkNGNj&adId=MTM1Mg==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 3659
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=54f6df99caa7486ba63d0c3df54e7ba2&nai=&si=24908&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e314ac07a8c1-CDG
content-length
1146
cf-request-id
0a72cc40e50000a8c1578dd000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
0a6ae0abcb30465ab37c829b201d09a1
adimg.rekmob.com/ Frame EB2C
58 KB
58 KB
Image
General
Full URL
https://adimg.rekmob.com/0a6ae0abcb30465ab37c829b201d09a1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c9fd9081dbd2adb4b3f7810cdaadedf7edb8a0d604b89e43b5770ff74049b7a

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 13:16:06 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 16:00:22 GMT
Server
AmazonS3
Age
72734
ETag
"ae58864fa705b974b2189df65fef8e79"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
59080
X-Amz-Cf-Id
-1i_K5dN1v7ymQDWX_fMTcOff4SqFwnRbo1uDazVLWE55P83MSRdCw==
imp
ads.rekmob.com/m/ Frame EB2C
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=54f6df99caa7486ba63d0c3df54e7ba2&udid=faaf4f502bff4bc389a6a188e735f987&rid=NjBiOGEwOGQwY2YyODE1NmUxY2U5NWI3&adId=MTM1Mw==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 3659
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712461541&ver1=2.2.3&qid=230383f5530383f5434353&rnd=d3x7p8s1rxw2&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=449301397e8e42a9922ea633e3eb3fda&nai=&si=24908&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e314bc16a8c1-CDG
content-length
23972
cf-request-id
0a72cc40f10000a8c145213000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
vbl.gif
pre.glotgrx.com/ Frame 3659
26 B
221 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712461567&rnd=d3x7p8s1rxw2&ifm=1&uai=1&cid=544&s=ad.gab.ag&p=12328&x=rekmob&adtg=449301397e8e42a9922ea633e3eb3fda&ats=0&atf=&nsi=&si=24908&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e314dc364ec1-FRA
content-length
26
cf-request-id
0a72cc410a00004ec12f24a000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
nflrc.gif
pre.glotgrx.com/ Frame 3659
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712461562574&ver=1.2r81&qid=230383f5530383f5434353&p=12328&s=ad.gab.ag&x=rekmob&cid=544&od1=&od2=&adtg=449301397e8e42a9922ea633e3eb3fda&nci=&nai=&si=24908&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=d3x7p8s1rxw2&impid=&tps=78&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=3&icpl=25&icp=https%253A//manicoins.com&irfl=22&irf=https%253A//ad.gab.ag/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-9-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.5_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=11
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e314dc3b4ec1-FRA
content-length
26
cf-request-id
0a72cc410a00004ec14fa7d000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
size0.css
mellowads.com/css/ Frame BC7B
395 B
867 B
Stylesheet
General
Full URL
https://mellowads.com/css/size0.css?v18
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
4723
Cf-Polished
origSize=593
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
0a72cc41130000d6c5231b0000000001
Last-Modified
Wed, 15 Nov 2017 09:57:32 GMT
Server
cloudflare
ETag
W/"aaacc827f85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/css
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
CF-RAY
6597e314efb0d6c5-FRA
Cf-Bgj
minify
minibrand.png
mellowads.com/img/ Frame BC7B
880 B
1 KB
Image
General
Full URL
https://mellowads.com/img/minibrand.png
Requested by
Host: mellowads.com
URL: https://mellowads.com/view/A860A4556C60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:8916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0

Request headers

Referer
https://mellowads.com/view/A860A4556C60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:41 GMT
CF-Cache-Status
HIT
Age
1081815
Cf-Polished
status=not_needed
Connection
keep-alive
Content-Length
880
cf-request-id
0a72cc412a0000d6c52633a000000001
Last-Modified
Wed, 15 Nov 2017 09:57:38 GMT
Server
cloudflare
ETag
"db70512bf85dd31:0"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
image/png
Expires
Sun, 04 Jul 2021 09:27:41 GMT
Cache-Control
public, max-age=2678400
Accept-Ranges
bytes
CF-RAY
6597e3150800d6c5-FRA
Cf-Bgj
imgq:100,h2pri
vbl.gif
pre.glotgrx.com/ Frame 3659
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712461657&rnd=d3x7p8s1rxw2&ifm=1&uai=1&cid=544&s=ad.gab.ag&p=12328&x=rekmob&adtg=449301397e8e42a9922ea633e3eb3fda&ats=0&atf=&nsi=&si=24908&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3156d864ec1-FRA
content-length
26
cf-request-id
0a72cc416200004ec146228000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
nflrc.gif
pre.glotgrx.com/ Frame 3659
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=162271246164655&ver=1.2r81&qid=230383f5530383f5434353&p=12328&s=ad.gab.ag&x=rekmob&cid=544&od1=&od2=&adtg=449301397e8e42a9922ea633e3eb3fda&nci=&nai=&si=24908&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=d3x7p8s1rxw2&impid=&tps=78&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=3&icpl=25&icp=https%253A//manicoins.com&irfl=22&irf=https%253A//ad.gab.ag/&cty=4&fcs=0&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.5_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1-27-v8&trim=&fio=17
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3156d884ec1-FRA
content-length
26
cf-request-id
0a72cc416200004ec110282000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
0a6ae0abcb30465ab37c829b201d09a1
adimg.rekmob.com/ Frame E4C8
58 KB
58 KB
Image
General
Full URL
https://adimg.rekmob.com/0a6ae0abcb30465ab37c829b201d09a1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c9fd9081dbd2adb4b3f7810cdaadedf7edb8a0d604b89e43b5770ff74049b7a

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 13:16:06 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 16:00:22 GMT
Server
AmazonS3
Age
72734
ETag
"ae58864fa705b974b2189df65fef8e79"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
59080
X-Amz-Cf-Id
zAtVSdNICX4v0JN72bok5pKIAvVwn82cShXy5UnVtpzxta4qqSzbZg==
imp
ads.rekmob.com/m/ Frame E4C8
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=54f6df99caa7486ba63d0c3df54e7ba2&udid=eb97a7e7131346fc9cf2f1d876ed9f24&rid=NjBiOGEwOGQwY2YyYWJkZGRmZmI2MDc2&adId=MTM1Mw==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
1639873e3dee4c7592212204b62bbbf4
adimg.rekmob.com/ Frame BF60
40 KB
40 KB
Image
General
Full URL
https://adimg.rekmob.com/1639873e3dee4c7592212204b62bbbf4
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ffcc93cf9c4061aa41fd8746c14c0409c170db8321dd6bdc8edabf491602d5a7

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 18:22:23 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 15:48:21 GMT
Server
AmazonS3
Age
54322
ETag
"d19c83815b42cfc1d7d18cff64e48eed"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
40568
X-Amz-Cf-Id
tviqfFHevIquBjhWwhbWK682VHKxDr0TTJlLGGg-2oieg_fdXlc05Q==
imp
ads.rekmob.com/m/ Frame BF60
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=449301397e8e42a9922ea633e3eb3fda&udid=b16756d0d8124e669b9aa36fa49ed96d&rid=NjBiOGEwOGQwY2YyOWJmZWZjNmE2Yzgw&adId=MTM1Mg==
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:08 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 3659
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712461726&ver1=2.2.3&qid=230383f5530383f5434353&rnd=1z3zd4olu4pv&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=12328&s=ad.gab.ag&x=rekmob&nci=&adtg=449301397e8e42a9922ea633e3eb3fda&nai=&si=24908&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4232
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e315dd27a8c1-CDG
content-length
23972
cf-request-id
0a72cc41a70000a8c13536d000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
vbl.gif
pre.glotgrx.com/ Frame 3659
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712461796&rnd=1z3zd4olu4pv&ifm=1&uai=1&cid=544&s=ad.gab.ag&p=12328&x=rekmob&adtg=449301397e8e42a9922ea633e3eb3fda&ats=0&atf=&nsi=&si=24908&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3164fce4ec1-FRA
content-length
26
cf-request-id
0a72cc41ee00004ec1492b4000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
nflrc.gif
pre.glotgrx.com/ Frame 3659
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712461784673&ver=1.2r81&qid=230383f5530383f5434353&p=12328&s=ad.gab.ag&x=rekmob&cid=544&od1=&od2=&adtg=449301397e8e42a9922ea633e3eb3fda&nci=&nai=&si=24908&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=1z3zd4olu4pv&impid=&tps=80&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=3&icpl=25&icp=https%253A//manicoins.com&irfl=22&irf=https%253A//ad.gab.ag/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-9-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.5_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=19
Requested by
Host: www.gab.ag
URL: https://www.gab.ag/index.php?view=register
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.gab.ag/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4973
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e3164fd14ec1-FRA
content-length
26
cf-request-id
0a72cc41ef00004ec13e154000000001
expires
Thu, 03 Jun 2021 11:27:41 GMT
widget.css
static.arc.io/widget/css/ Frame A511
84 KB
6 KB
Stylesheet
General
Full URL
https://static.arc.io/widget/css/widget.css?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:30:01 GMT
content-encoding
br
vary
Accept-Encoding
age
39461
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
6doTIXBZ2JxTTx3PwEqUg8LClUwD_tMKEteWkUsi0rAx_tu-J1qU_Q==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame A511
2 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
653341
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a72cc4219000063a1d61a6000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tGcW31A0hFr0xD6EIalB444aM2sYjbxtB407Dva2lG1Ngtz8x88mZgw8C0%2F9wEG2j71WipXs8dsQ21bcJA2v%2BVQzitfOAtHLqLKgVxFLTvAak8ROquX83szKDBGliQl6fo%2B6zBmdxZC20uEddg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6597e3168f1763a1-FRA
expires
Tue, 24 May 2022 09:27:41 GMT
truncated
/ Frame 3659
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A511
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
widget.css
static.arc.io/widget/css/ Frame 9DA6
84 KB
6 KB
Stylesheet
General
Full URL
https://static.arc.io/widget/css/widget.css?c6b0387
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.158.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-158-95.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:30:01 GMT
content-encoding
br
vary
Accept-Encoding
age
39461
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Jun 2021 22:27:48 GMT
server
AmazonS3
etag
W/"a923e8363c5b89f335d13ce57f2f1fa8"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
text/css
via
1.1 3345a8f17bb96a1199a195b00a8d2c0f.cloudfront.net (CloudFront)
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cache-control
public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop
CDG52-P2
x-amz-cf-id
WY7-2aC4Chl7VaX82Hm77F-FSMOm91MNHaY7KlO3Uda-5ZsVM5nhIg==
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 9DA6
2 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
653341
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
631
cf-request-id
0a72cc4220000063a1e505b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8jjRt9crTv4J4leQp0VRXWuxSXuqWqwYjTNSGDcqwWT80brjI0kiAGghrxt1mhjI%2BQRLZ99RRmnkHiPWHKsk%2B1%2F4Txq08xixHr6GEkStkFK7A6ceuexgZXKgRpLu%2F3cj1ZfO%2FMG02rh8VD4sKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6597e3169f1e63a1-FRA
expires
Tue, 24 May 2022 09:27:41 GMT
truncated
/ Frame 3659
277 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3659
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3659
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3659
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3659
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3659
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9DA6
411 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9DA6
277 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9DA6
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9DA6
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9DA6
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9DA6
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9DA6
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33566
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
mCiqThKgJQ-dJrzMQmREUd2DkrXgfDCL6-yCfM2lomyqZh85FteWSw==
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:42 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:42 GMT
pix
ads.rekmob.com/retarget/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:09 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=0ebff9c7-3916-4d23-97e4-11820ec31688&d=1
date
Thu, 03 Jun 2021 09:27:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
271 B
590 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
7206d4ee81cb225774079752a1bf40d6163d7f8cabbfcd79c3f103889a497742

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:09 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33566
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
_cM0FrHpqJp7Jaq3qJ5WKefeUkXT4EAWRgXT6jeuzZMjqP--VZQC-w==
/
ads.rekmob.com/m/props/ Frame 772A
270 B
592 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9c7cf1ffffab38fd0849a66dc32136a0677370a18c1613bf390f68133ac52730

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:09 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33566
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
GiTLcAwlNNeSNpqyMLTy1IOj6Qk7YDPcdh5NGWq4g_XY9RY_9Ba8Dw==
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:42 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:42 GMT
/
ads.rekmob.com/m/props/ Frame 772A
272 B
589 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5d66b2361b1910b9139fd827bad6bde30c2fa0112451dc995047f05929227311

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:09 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33566
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
k8uAbKmdQCKojT7cR7RRj4i-vnX1mC5YOUoQIlZtMMe47kKdPGxtpA==
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=PLPKF7RWcSuyKMyiFAnx&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__PLPKF7RWcSuyKMyiFAnx&ref=g.cash-ads.com&_=1622712462817&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
7fe688d32eec898397522f9646fd8d3744e380e2af6527153c6300ec38533e0f

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:09 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=XDzMakrQwUyEu4yJSUCW&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__XDzMakrQwUyEu4yJSUCW&ref=g.cash-ads.com&_=1622712462852&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
0acaac5d8b7b53f048c5a561bb5fbed64eb26c5d4db446cf2de73712f63b31a1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:09 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 772A
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=gQ1Z5zwYj61K7JmSUAXn&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__gQ1Z5zwYj61K7JmSUAXn&ref=g.cash-ads.com&_=1622712462859&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6da3f4a2c8be8a7fb622f5208ac9ee95f89b5c11ca25c6cf6ca7e463e61ce3fc

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:09 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:42 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:42 GMT
sync
odr.mookie1.com/t/v2/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
43 B
106 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Jun 2021 09:27:42 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0ebff9c7-3916-4d23-97e4-11820ec31688&ssp=reklamstore&gdpr=&gdpr_consent=
date
Thu, 03 Jun 2021 09:27:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
270 B
594 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fa3b732f98185a709919fde825ac9539c580c02d1516e9ebe9ca2312e8512f88

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:09 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=WPHanMJsdpMZ1pVBRR1n&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__WPHanMJsdpMZ1pVBRR1n&ref=g.cash-ads.com&_=1622712462896&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
53c9c0be3fc4a79ca807ddffe19bdde732c9881c74334351078e7a56fc1a83d7

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:10 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e31e5b3ca8c1-CDG
content-length
1146
cf-request-id
0a72cc46fc0000a8c132839000000001
expires
Thu, 03 Jun 2021 11:27:43 GMT
2e630aeb4a40478e989c620cb82e8065
adimg.rekmob.com/ Frame 9B43
36 KB
36 KB
Image
General
Full URL
https://adimg.rekmob.com/2e630aeb4a40478e989c620cb82e8065
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84b2b9345e9b1f9f7560f2ce69ff573ba6158d91921779c97350eccbb965e94a

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 19:01:54 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 13 Jun 2019 11:46:49 GMT
Server
AmazonS3
Age
51949
ETag
"d7c08a0f024d55ff27b9457e408bd6d5"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
36826
X-Amz-Cf-Id
Tu6sBzXarbm4mvPs3cpenMObXE3HJcVjl_lavPjbCnscKaGV2mE_EQ==
imp
ads.rekmob.com/m/ Frame 9B43
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=1e86b52dba4f4154a0ee87b99af3da50&udid=3256bac859ff44b28d85151ac2a2e769&rid=NjBiOGEwOGYwY2YyYWIzNTdjNTExYjA3&adId=MTM2NA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:10 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e31e8b62a8c1-CDG
content-length
1146
cf-request-id
0a72cc47160000a8c154aa2000000001
expires
Thu, 03 Jun 2021 11:27:43 GMT
a6ef61b5aa4d4a35995bc18d04125b93
adimg.rekmob.com/ Frame 85AE
12 KB
12 KB
Image
General
Full URL
https://adimg.rekmob.com/a6ef61b5aa4d4a35995bc18d04125b93
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3e048568ec73a37d3de0f63e7812bd07756797f6b82a84053ac56e9c28d6e37

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 15:46:51 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:42 GMT
Server
AmazonS3
Age
75050
ETag
"7be928384c3265ed526e5c5e5c519349"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
12001
X-Amz-Cf-Id
lBF8NL5huM8Yj_Y316K9xbqbA2TZIdBBt1gsnnTvj3Zvgptim9XQ7g==
imp
ads.rekmob.com/m/ Frame 85AE
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=8dfddaef30604a8b9ab5dc4a7b9eb432&rid=NjBiOGEwOGYwY2YyMzEyYTkyZGVkNWI3&adId=MTM2OQ==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:10 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712463138&ver1=2.2.3&qid=230383f5530383f5434353&rnd=p2xthv2uxup5&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nai=&si=33151&pn=&h=250&w=300&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e31eab74a8c1-CDG
content-length
23972
cf-request-id
0a72cc472c0000a8c13283d000000001
expires
Thu, 03 Jun 2021 11:27:43 GMT
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
159 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712463197&rnd=p2xthv2uxup5&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=1e86b52dba4f4154a0ee87b99af3da50&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:43 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4975
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e31f0d774ec1-FRA
content-length
26
cf-request-id
0a72cc476800004ec134899000000001
expires
Thu, 03 Jun 2021 11:27:43 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712463192278&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=1e86b52dba4f4154a0ee87b99af3da50&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=p2xthv2uxup5&impid=&tps=86&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=300&h=250&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-3-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=13
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:43 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4975
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e31f0d7a4ec1-FRA
content-length
26
cf-request-id
0a72cc476800004ec139102000000001
expires
Thu, 03 Jun 2021 11:27:43 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e31f6bd7a8c1-CDG
content-length
1146
cf-request-id
0a72cc47a10000a8c12e83d000000001
expires
Thu, 03 Jun 2021 11:27:43 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame 22CA
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 18:54:12 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
59475
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
EgJA6dQlPmnl9Lsa1CduwtNAGD22ImM6CjBaGR02p2aHPj_TlRz2Gw==
imp
ads.rekmob.com/m/ Frame 22CA
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=c8f75a186c0f4612b85e879d6f8b4402&rid=NjBiOGEwOGYwY2YyOGVjZTM3NjM5YTZi&adId=MTM2OA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:10 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712463299&ver1=2.2.3&qid=230383f5530383f5434353&rnd=7xxcvu1x7evo&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4234
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e31fac0fa8c1-CDG
content-length
23972
cf-request-id
0a72cc47cc0000a8c132844000000001
expires
Thu, 03 Jun 2021 11:27:43 GMT
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712463359&rnd=7xxcvu1x7evo&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:43 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4975
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32008244ec1-FRA
content-length
26
cf-request-id
0a72cc480600004ec113a2c000000001
expires
Thu, 03 Jun 2021 11:27:43 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712463350865&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=7xxcvu1x7evo&impid=&tps=88&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=15
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:43 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4975
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32008254ec1-FRA
content-length
26
cf-request-id
0a72cc480600004ec175b11000000001
expires
Thu, 03 Jun 2021 11:27:43 GMT
index.php
adsrv.adcryp.to/track/ Frame C4F5
139 B
311 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|136|0|1823|1741|1|1344|2|0|136|0|0|0|0/9822ec09b6c5419c282ad24160811c03/1622712473/GB/
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
364649d292765b93b954450e9cfa8e1393584d7485f71797c7228bd3efa51f87

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
index.php
adsrv.adcryp.to/track/ Frame 9961
139 B
311 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|109|0|1823|1740|1|1344|2|0|109|0|0|0|0/8812d967c33ea7c3de9b29ccf7318875/1622712473/GB/
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
47099cdf3bf87e05ae894088b33b8b05e286f2590cb20da532b20333eaab3eb6

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
index.php
adsrv.adcryp.to/track/ Frame 33FA
139 B
311 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|108|0|1823|1737|1|1344|2|0|108|0|0|0|0/8dcefb29e862b65709d39307c4ed4ffd/1622712473/GB/
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
6934f66f0dac5c8ac43c8cda83eadb5bad070d8f925c2898b5c7451aad2d15a2

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
index.php
adsrv.adcryp.to/track/ Frame 2A45
139 B
311 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|135|0|1823|1739|1|1344|2|0|135|0|0|0|0/3b5b871864e588b06692f213aa2ec059/1622712473/GB/
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
9d801f77de55257587d2403f0b6c0366fd4c1de746ce013aed6909c644a65e19

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:43 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
index.php
adsrv.adcryp.to/track/ Frame 8627
139 B
311 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|108|0|1823|1738|1|1344|2|0|108|0|0|0|0/89fa83306bf9938c8d23c038862115a5/1622712473/GB/
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
eeb8e96d44df412e2a369666e44b1bf6a05197d522f9b9f0488d69c09567a015

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33568
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
yOfDAKgr9qUblUuKYQGSO3d1GxI06Hj66rDnHcHP8NTP-z5-KDhuzw==
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:44 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:44 GMT
pix
ads.rekmob.com/retarget/ Frame 772A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=reklamstore
  • https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dreklamstore%26expires%3D30%26user_group%3D...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dreklamstore%26expires%3D30%26user_group%3D...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=4c9b14e6-e8b4-529a-ad5c-6efecde4ce6e&ssp=reklamstore&expires=30&user_group=1
  • https://ads.rekmob.com/retarget/pix?id=bs&cv=c512b3ac-7992-45ba-8538-0c578ecfdd2c&d=1
35 B
403 B
Image
General
Full URL
https://ads.rekmob.com/retarget/pix?id=bs&cv=c512b3ac-7992-45ba-8538-0c578ecfdd2c&d=1
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Server
nginx/1.9.6
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
//ads.rekmob.com/retarget/pix?id=bs&cv=c512b3ac-7992-45ba-8538-0c578ecfdd2c&d=1
date
Thu, 03 Jun 2021 09:27:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
ads.rekmob.com/m/props/ Frame 772A
271 B
590 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101739
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
7206d4ee81cb225774079752a1bf40d6163d7f8cabbfcd79c3f103889a497742

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33568
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
L_mpOXxBYn5RSPEw8GEsIkltZYFbi8UTRzWiz0kCxiYEG7iGZmUcPg==
/
ads.rekmob.com/m/props/ Frame 772A
270 B
592 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101741
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
9c7cf1ffffab38fd0849a66dc32136a0677370a18c1613bf390f68133ac52730

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33568
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
IHuw8zAkSAdihvp7UPVmR9VWLCLlRcMp2XTYRafykcERF5nuXTCD1A==
adp
ads.rekmob.com/m/ Frame 772A
113 B
447 B
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=1e86b52dba4f4154a0ee87b99af3da50&ufid=cQ34b2EM1WxTqI0Y2fHA&mobile_web=1&dt=3&as=1&os=3&jsonp=1&callback=rmb__cQ34b2EM1WxTqI0Y2fHA&ref=g.cash-ads.com&_=1622712464761&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
3017935bffd8919945a4bf449219c7d358d7cf9c662b677c55b2afe30039b015

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
publishertag.js
static.criteo.net/js/ld/ Frame 772A
117 KB
38 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:44 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 06:12:36 GMT
server
nginx
etag
W/"60a5fdd4-1d41b"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 04 Jun 2021 09:27:44 GMT
/
ads.rekmob.com/m/props/ Frame 772A
272 B
589 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101742
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5d66b2361b1910b9139fd827bad6bde30c2fa0112451dc995047f05929227311

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
reklamstore.js
adserver.reklamstore.com/ Frame 772A
95 KB
29 KB
Script
General
Full URL
https://adserver.reklamstore.com/reklamstore.js
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6600:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 00:08:17 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2021 07:59:54 GMT
server
AmazonS3
age
33568
etag
"f3c830240d9f26683eafb3723b922aa9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
29647
x-amz-cf-id
8FiJQpqllataK7dVoEhhrdVDrHAzGLHAOiZ0MXtPuhmuoZDL5VdF1g==
index.php
adsrv.adcryp.to/track/ Frame C4F5
2 B
173 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|136|0|1823|1741|1|1344|2|0|136|2.0E-5|2.0E-5|0|287/1085e3e98e7951dd59616cbd8f220691/1622712493/GB//4/1
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1741&pid=1823&width=728&height=90&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=1&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&ufid=olPS7ToLqi1gEE00KVkL&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__olPS7ToLqi1gEE00KVkL&ref=g.cash-ads.com&_=1622712464783&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
36fbd415b44d75048831f398c57055af6c8cba8e5fcfeace039e3afc373d35eb

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
/
ads.rekmob.com/m/props/ Frame 772A
270 B
594 B
XHR
General
Full URL
https://ads.rekmob.com/m/props/?regionId=1101743
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
fa3b732f98185a709919fde825ac9539c580c02d1516e9ebe9ca2312e8512f88

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Code
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Code
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=0b9f3c2279244fff831c25aa0d5f7f54&ufid=XOHBDehu4lgQ6GLMaNKp&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__XOHBDehu4lgQ6GLMaNKp&ref=g.cash-ads.com&_=1622712464819&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
39fa91a8d50021413deb45157de31e268065a87561be20c464f60f2857cd2db8

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
adp
ads.rekmob.com/m/ Frame 772A
4 KB
2 KB
Script
General
Full URL
https://ads.rekmob.com/m/adp?uid=536a874d2489404ea4758a28f8d8b1c6&ufid=ORdpaT8bJ3ZZDH02VwaY&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__ORdpaT8bJ3ZZDH02VwaY&ref=g.cash-ads.com&_=1622712464832&crtg=-1
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
5590ee840d7b1fa10ddd6d87958cf624b73c242f4a26d9abd674301856193120

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Content-Encoding
gzip
Server
nginx/1.9.6
X-Code
DE
Vary
Accept-Encoding
Content-Type
text/plain;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
c2afcd18-bd43-413d-9022-ce0be50a31fd
https://manicoins.com/
39 KB
0
Image
General
Full URL
blob:https://manicoins.com/c2afcd18-bd43-413d-9022-ce0be50a31fd
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c5bba8c74a9cbc2746fa5f0babe8d4b593338b694f3d49ba8c038cff35104e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
39427
Content-Type
image/png
07db0740-1104-4ab9-a3a3-62b6491ee753
https://manicoins.com/ Frame 57D6
2 KB
0
Document
General
Full URL
blob:https://manicoins.com/07db0740-1104-4ab9-a3a3-62b6491ee753
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
327a6274d39db27091c2bb5a1c52f4af29659ee901139b9a50ee4bca2b64edb8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1896
Content-Type
text/html
3d766c20-d94e-41c6-9d88-6c7d03725ebd
https://manicoins.com/ Frame 5E4F
269 KB
0
Document
General
Full URL
blob:https://manicoins.com/3d766c20-d94e-41c6-9d88-6c7d03725ebd
Requested by
Host: manicoins.com
URL: blob:https://manicoins.com/07db0740-1104-4ab9-a3a3-62b6491ee753
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04e524f6e6e8a604f4c89568d9312ccd75e217fc22b970ea9500cbb85f79fa60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
275294
Content-Type
text/html
truncated
/ Frame 5E4F
19 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c5a6f309c4afc5e58f370123b2acb7e1fe3fe7d0a54a0b356acead178ca556b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E4F
987 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38523b2d48c5fa225dfa133f0eb534667b8acdf44f6ede0079aa06c49fa28565

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E4F
63 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
null
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ Frame 5E4F
68 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
null
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ Frame 5E4F
36 KB
0
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Origin
null
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/ Frame 5E4F
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e0cca6263416fa107cca916db5742b3e46aeb2dca4359e4051407d2cd3c6d4b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E4F
821 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec40036f822e2e0ad3bf8bdbb03a25a73a15612c1008c6527dc3759b777b0c10

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.php
adsrv.adcryp.to/track/ Frame 9961
2 B
173 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|109|0|1823|1740|1|1344|2|0|109|2.0E-5|2.0E-5|0|287/42ada85e8b50f2c72e76feae92d669cb/1622712493/GB//4/1
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1740&pid=1823&width=468&height=60&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=2&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:45 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
index.php
adsrv.adcryp.to/track/ Frame 33FA
2 B
173 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|108|0|1823|1737|1|1344|2|0|108|2.0E-5|2.0E-5|0|287/d8aff934d063d3dc48ec7b4bb0e18ce0/1622712493/GB//4/1
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1737&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=3&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:45 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
index.php
adsrv.adcryp.to/track/ Frame 2A45
2 B
173 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|135|0|1823|1739|1|1344|2|0|135|2.0E-5|2.0E-5|0|287/f2745dd2028eeec6c6f8a6ef5df369fd/1622712493/GB//4/2
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1739&pid=1823&width=300&height=250&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=4&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:45 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4236
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32a9c0ba8c1-CDG
content-length
1146
cf-request-id
0a72cc4e9d0000a8c13027e000000001
expires
Thu, 03 Jun 2021 11:27:45 GMT
5a1b9c9bcd394786b925816e44cc87a0
adimg.rekmob.com/ Frame 5DAF
27 KB
28 KB
Image
General
Full URL
https://adimg.rekmob.com/5a1b9c9bcd394786b925816e44cc87a0
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd8d37964d54dedc218e5346e5442830ac85a24fec916f3f3a540d0f08037c33

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 12:42:05 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:22:03 GMT
Server
AmazonS3
Age
74741
ETag
"8bf981578b0ec356244ea5b3376c955c"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
27977
X-Amz-Cf-Id
7wuwWPn-Sr_iLXrZ4xye8tC8hfoDEfZQukRHLeM2ZEgrl-zOeAlIYA==
imp
ads.rekmob.com/m/ Frame 5DAF
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=62db1d4bb5234c59bf5b75dbac1d7a91&udid=2be26e0904004a4ea88cc2a3b081a134&rid=NjBiOGEwOTEwY2YyODE1NmUxY2U5NzY3&adId=MTM3MA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:11 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4236
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32acc36a8c1-CDG
content-length
1146
cf-request-id
0a72cc4ec10000a8c1628a5000000001
expires
Thu, 03 Jun 2021 11:27:45 GMT
5cd4030f5e814adf8b0ac59f14899340
adimg.rekmob.com/ Frame D329
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/5cd4030f5e814adf8b0ac59f14899340
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 18:54:12 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:21:16 GMT
Server
AmazonS3
Age
59477
ETag
"dcd2f41c062246be1f6c22954db863c3"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8005
X-Amz-Cf-Id
sU-b4sBJjPF0GLKOJ-_vt0ofd7rj9O39AtstVZlb9Ix-UuBAC-YTmQ==
imp
ads.rekmob.com/m/ Frame D329
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=536a874d2489404ea4758a28f8d8b1c6&udid=82abb20657b44282a8ccbb5ec38a1e59&rid=NjBiOGEwOTEwY2YyMTQ1ZTQyZTlhMGE2&adId=MTM2OA==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:12 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712465081&ver1=2.2.3&qid=230383f5530383f5434353&rnd=jpqkzohdrfkq&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=62db1d4bb5234c59bf5b75dbac1d7a91&nai=&si=33151&pn=&h=90&w=728&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4236
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32adc3ea8c1-CDG
content-length
23972
cf-request-id
0a72cc4ecb0000a8c155247000000001
expires
Thu, 03 Jun 2021 11:27:45 GMT
fltiu.js
pixel.yabidos.com/ Frame 772A
2 KB
1 KB
Script
General
Full URL
https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=0b9f3c2279244fff831c25aa0d5f7f54&nai=&si=33151&pn=&h=600&w=160&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4236
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32b0c50a8c1-CDG
content-length
1146
cf-request-id
0a72cc4ee30000a8c138a1a000000001
expires
Thu, 03 Jun 2021 11:27:45 GMT
6453e71f2fc743c495dfb4a701a51d13
adimg.rekmob.com/ Frame D5AE
8 KB
8 KB
Image
General
Full URL
https://adimg.rekmob.com/6453e71f2fc743c495dfb4a701a51d13
Requested by
Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-125.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 14:16:11 GMT
Via
1.1 a5b64a1ac22cdce92ad57684d05480be.cloudfront.net (CloudFront)
Last-Modified
Thu, 21 May 2020 07:16:13 GMT
Server
AmazonS3
Age
75054
ETag
"529f2354ce0808bc9fdd7b911d8c10da"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
CDG52-P1
Content-Length
8069
X-Amz-Cf-Id
I-ikn9-TtOzN76cwWFeTH02xQFnAMJZJpakC--V-AicgQWzvSQiysg==
imp
ads.rekmob.com/m/ Frame D5AE
2 B
179 B
Image
General
Full URL
https://ads.rekmob.com/m/imp?uid=0b9f3c2279244fff831c25aa0d5f7f54&udid=57fb68b706bc4635be1c5917bc7ccd77&rid=NjBiOGEwOTEwY2YyOWJmZWZjNmE2ZDMz&adId=MTM3Mg==
Requested by
Host: jun.eurosptp.com
URL: https://jun.eurosptp.com/page.php?fr&ban&format=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.9.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 08:52:12 GMT
Connection
keep-alive
Server
nginx/1.9.6
X-Code
DE
Content-Length
2
Content-Type
image/avif;charset=ISO-8859-1
flimpobj.js
pixel.yabidos.com/ Frame 772A
30 KB
24 KB
Script
General
Full URL
https://pixel.yabidos.com/flimpobj.js?cb=1622712465127&ver1=2.2.3&qid=230383f5530383f5434353&rnd=dz1uj5s6z38x&cid=544
Requested by
Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=43285&s=g.cash-ads.com&x=rekmob&nci=&adtg=536a874d2489404ea4758a28f8d8b1c6&nai=&si=33151&pn=&h=60&w=468&bp=&pp=&ci=&ip=89.249.64.171&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:31 GMT
server
cloudflare
age
4236
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32b1c5aa8c1-CDG
content-length
23972
cf-request-id
0a72cc4eee0000a8c13c0d8000000001
expires
Thu, 03 Jun 2021 11:27:45 GMT
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712465152&rnd=dz1uj5s6z38x&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4977
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32b3fe84ec1-FRA
content-length
26
cf-request-id
0a72cc4f0600004ec1103cf000000001
expires
Thu, 03 Jun 2021 11:27:45 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
158 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712465147104&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=dz1uj5s6z38x&impid=&tps=101&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-14-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1&trim=&fio=10
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4977
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32b3feb4ec1-FRA
content-length
26
cf-request-id
0a72cc4f0600004ec142be6000000001
expires
Thu, 03 Jun 2021 11:27:45 GMT
vbl.gif
pre.glotgrx.com/ Frame 772A
26 B
108 B
Image
General
Full URL
https://pre.glotgrx.com/vbl.gif?cb=1622712465182&rnd=dz1uj5s6z38x&ifm=1&uai=1&cid=544&s=g.cash-ads.com&p=43285&x=rekmob&adtg=536a874d2489404ea4758a28f8d8b1c6&ats=0&atf=&nsi=&si=33151&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4977
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32b686e4ec1-FRA
content-length
26
cf-request-id
0a72cc4f2600004ec10723d000000001
expires
Thu, 03 Jun 2021 11:27:45 GMT
nflrc.gif
pre.glotgrx.com/ Frame 772A
26 B
109 B
Image
General
Full URL
https://pre.glotgrx.com/nflrc.gif?cb=1622712465178953&ver=1.2r81&qid=230383f5530383f5434353&p=43285&s=g.cash-ads.com&x=rekmob&cid=544&od1=&od2=&adtg=536a874d2489404ea4758a28f8d8b1c6&nci=&nai=&si=33151&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=dz1uj5s6z38x&impid=&tps=101&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&os=&mm=&di=&ip=89.249.64.171&ci=&pp=&bp=&w=468&h=60&pn=&1=319033ca1469a91fc7dc8c1b874c16f6&2=2.1&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=544&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=2&icpl=25&icp=https%253A//manicoins.com&irfl=27&irf=https%253A//g.cash-ads.com/&cty=4&fcs=0&flky=&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=undefined&ncf=4g_9.9_undefined_null_0_undefined_false&fli=3429136985&flerr=0-a1-27-v8&trim=&fio=11
Requested by
Host: manicoins.com
URL: https://manicoins.com/index
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:4036 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://jun.eurosptp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Jun 2021 15:09:22 GMT
server
cloudflare
age
4977
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
6597e32b68734ec1-FRA
content-length
26
cf-request-id
0a72cc4f2700004ec175bd9000000001
expires
Thu, 03 Jun 2021 11:27:45 GMT
index.php
adsrv.adcryp.to/track/ Frame 8627
2 B
173 B
Script
General
Full URL
https://adsrv.adcryp.to/track/index.php?page=click/data/0|108|0|1823|1738|1|1344|2|0|108|2.0E-5|2.0E-5|0|287/0cb220773e92aec00b68d2d7f68727eb/1622712493/GB//4/1
Requested by
Host: adsrv.adcryp.to
URL: https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.34.181.16 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.16.181.34.188.clients.your-server.de
Software
nginx /
Resource Hash
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Request headers

Referer
https://adsrv.adcryp.to/display/index.php?page=query/items/&aduid=1738&pid=1823&width=160&height=600&displaytype=4&native=0&device_type=large_dev_adblock&block_id=0&responsive=0&adcode_count=5&adSectionWidth=0&page_data=94ef6688f374dfe92d5c5fa7df141ba5&time=1622712451&deliver=manicoins.com&search_keywords=Bitcoin%2C%20free%20Bitcoin%2C%20faucet%2C%20Bitcoin%20faucet%2C%20win%20Bitcoin%2C%20get%20free%20Bitcoin%2C%20win%20free%20Bitcoin%2C%20autoclaim%20Bitcoin%2C%20auto%20claim%20Bitcoin%2C%20autoclaim%2C%20BTC%2C%20Mani%20Coins&page_referrer=aHR0cHM6Ly9tYW5pY29pbnMuY29tL2luZGV4&page_title=Mani%20Coins&meta_description=A%20site%20to%20win%20free%20Satoshi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 03 Jun 2021 09:27:45 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
dac262e5eef440b3a68df4804d9db5a6
gonapysa.xyz/view/ Frame 8B23
Redirect Chain
  • https://ycipiwic.xyz/l/n/view/0141d608cacb483e96fdc1acef2fe047?r=aHR0cHM6Ly9nb25hcHlzYS54eXovdmlldy9kYWMyNjJlNWVlZjQ0MGIzYTY4ZGY0ODA0ZDlkYjVhNg&cid=372b40753430073abe9596a0e2b1de00&pto=0001-0000002...
  • https://gonapysa.xyz/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmV...
571 B
809 B
Document
General
Full URL
https://gonapysa.xyz/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=372b40753430073abe9596a0e2b1de02&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9105eb4ed60294150b8c755e8e39c45a36605b913a29e45ac3ab03cefc1ba4

Request headers

:method
GET
:authority
gonapysa.xyz
:scheme
https
:path
/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=372b40753430073abe9596a0e2b1de02&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-transform, private
p3p
CP="CAO PSA OUR"
etag
W/"wM5S-ew2v2Iyq-_gREHmGsDx3Z5jVA"
last-modified
Thu, 03 Jun 2021 09:27:45 GMT
set-cookie
tid=VGOe3fHAGuZBRODvqzJivzbs-VLOwA; expires=Sat, 03-Jul-2021 09:27:45 GMT; Max-Age=2592000; path=/; domain=gonapysa.xyz; secure; httponly; samesite=none
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-request-id
0a72cc51ee000096bc621ff000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zJzOxrZQWGP2bCEZR3cyXKg1AnIubASCFdc2rp77t17pz1WUVvpKGwKA9Wz0NikSj7I9l%2BxAgsVOmsklOwoefG40%2BRrOmS7vT6D9hI622xLuyYSto7zBci8UYvtmGQo60yu5sobt"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e32fe98c96bc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
location
https://gonapysa.xyz/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=372b40753430073abe9596a0e2b1de02&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
cf-cache-status
DYNAMIC
cf-request-id
0a72cc51c700002b7d35107000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xYUI%2FkPO2aGJ5%2BjgZtxl8iZ%2B88sJITc6QWPRt1au5C69pL3YUUovlaRT4e%2Fl1RRWMR0oF5B4w3%2Fo%2B%2FRZBMhRqyB5A6LPibSxpGfDky0LwBhVp%2FRh45iVA3anZM6HQwBhPfvVPVSU"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e32fa8892b7d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
14a413ea17b8406c9c9a4938acbb376c
gonapysa.xyz/view/ Frame D241
Redirect Chain
  • https://ycipiwic.xyz/l/n/view/838b9f75666b4d6da49e83f4096f9bdb?r=aHR0cHM6Ly9nb25hcHlzYS54eXovdmlldy8xNGE0MTNlYTE3Yjg0MDZjOWM5YTQ5MzhhY2JiMzc2Yw&cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-0000002...
  • https://gonapysa.xyz/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmV...
571 B
654 B
Document
General
Full URL
https://gonapysa.xyz/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=f68bc2b2a54247eff7b4a69fb33db602&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Requested by
Host: fandmo.com
URL: https://fandmo.com/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dca582b19b7f84f5146fc8bb3c57a822b1633d4381b6d1b797cb786955fb95f

Request headers

:method
GET
:authority
gonapysa.xyz
:scheme
https
:path
/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=f68bc2b2a54247eff7b4a69fb33db602&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://manicoins.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://manicoins.com/

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-type
text/html; charset=UTF-8
cache-control
max-age=0, no-transform, private
p3p
CP="CAO PSA OUR"
etag
W/"wM5S-ew2v2Iyq-_gREHmGsDx3Z5jVA"
last-modified
Thu, 03 Jun 2021 09:27:45 GMT
set-cookie
tid=VGOe3fHAGuZBRODvqzJivzbs-VLOwA; expires=Sat, 03-Jul-2021 09:27:45 GMT; Max-Age=2592000; path=/; domain=gonapysa.xyz; secure; httponly; samesite=none
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-request-id
0a72cc5201000096bce4a65000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PxZuPUW9%2F2GinsI3D0DCXtj%2Bi5b2dyn%2BjIb1wg0frDaePBoOS7SOq62aMlFNtIZCineI6HqjgQ74h6cjMG9CUBVnaj%2FOqJVcnp%2BnUJPe9wuj6RiKL9yWb1T5Iw6eP%2BH5UOq2EjTC"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e33009a596bc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
location
https://gonapysa.xyz/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=f68bc2b2a54247eff7b4a69fb33db602&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
cf-cache-status
DYNAMIC
cf-request-id
0a72cc51cf00002b7d35108000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BTynJs9u7CJ7J%2FFJthi%2BEOIS2btnSXqBvKGxCrGNg1XbB5sS4Usy%2F3ELmDXjQZp2s6rT8SbXrSrA9LchGkV30LxSUOnKySuSzMcQF6Tm%2BGWVgiwbIlszitlBvLe1aPZGGDsAOEcT"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6597e32fb8b12b7d-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
view.js
gonapysa.xyz/-/ Frame 8B23
2 KB
2 KB
Script
General
Full URL
https://gonapysa.xyz/-/view.js
Requested by
Host: gonapysa.xyz
URL: https://gonapysa.xyz/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=372b40753430073abe9596a0e2b1de02&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
532f2b8eaeac84111b882e6b1fbb8bf9623abccfd714ea87ec55045edb9c2255

Request headers

Referer
https://gonapysa.xyz/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=372b40753430073abe9596a0e2b1de02&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5092
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc52110000d6e506a25000000001
last-modified
Thu, 27 May 2021 11:02:29 GMT
server
cloudflare
etag
W/"60af7c45-9e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c66f%2Blgmg1dscvYvYysNFwyTOYPw8bx8SOawrl%2BvbqDEPF3OR%2B77g9rQDM6fLN1%2BvhfKTD1dzuOGmX451%2FCeOQBpVNdu9XBV%2FGRCMAe8XXMPvqJb7x4O1lwAZjI%2BfLHUJnqSf%2F3M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6597e3301bf7d6e5-FRA
372b40753430073abe9596a0e2b1de02
gonapysa.xyz/context/ Frame 8B23
43 B
580 B
Image
General
Full URL
https://gonapysa.xyz/context/372b40753430073abe9596a0e2b1de02?k=eyJmcmFtZSI6MCwid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMCwidXJsIjoiaHR0cHM6Ly9tYW5pY29pbnMuY29tLyIsInBvcCI6MH0
Requested by
Host: gonapysa.xyz
URL: https://gonapysa.xyz/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=372b40753430073abe9596a0e2b1de02&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://gonapysa.xyz/view/dac262e5eef440b3a68df4804d9db5a6?cid=372b40753430073abe9596a0e2b1de00&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAlhNjdkZDVjZTE3Yzg0MDAzOWMzOTYyYTU2MzYxZmQ1Mw&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=372b40753430073abe9596a0e2b1de02&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hgA90sUoAjX%2FiSxzsAlSGZ6BcEjKkzND4Mos2OLTcg%2BkAXjoHxJ3c1Fu%2Fne0SZxgYBg6NJPXwdSZvwFksNNZ3yIOKv3XnIzQZIEO95dTH7iuhtVSw1l6tgEaE3Y6iffEbWJoDqxx"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, private
cf-ray
6597e3303c31d6e5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc52230000d6e51400c000000001
view.js
gonapysa.xyz/-/ Frame D241
2 KB
2 KB
Script
General
Full URL
https://gonapysa.xyz/-/view.js
Requested by
Host: gonapysa.xyz
URL: https://gonapysa.xyz/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=f68bc2b2a54247eff7b4a69fb33db602&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
532f2b8eaeac84111b882e6b1fbb8bf9623abccfd714ea87ec55045edb9c2255

Request headers

Referer
https://gonapysa.xyz/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=f68bc2b2a54247eff7b4a69fb33db602&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:45 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5092
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc522c0000d6e58134b000000001
last-modified
Thu, 27 May 2021 11:02:29 GMT
server
cloudflare
etag
W/"60af7c45-9e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5aw1spuQwHk5xB2oZS1N0aOx6RrwOddzVbZMf%2F0%2Bb47DYeY14ivM1AGXjvHQNJDBCP2NXzKILAi1OM8w6kriBD1%2FUs4bbbOCeHxTBbMNGHMbpXFq%2BPKR5eY%2BELPTF2sVUOjTteMh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6597e3304c54d6e5-FRA
f68bc2b2a54247eff7b4a69fb33db602
gonapysa.xyz/context/ Frame D241
43 B
579 B
Image
General
Full URL
https://gonapysa.xyz/context/f68bc2b2a54247eff7b4a69fb33db602?k=eyJmcmFtZSI6MCwid2lkdGgiOjE2MDAsImhlaWdodCI6MTIwMCwidXJsIjoiaHR0cHM6Ly9tYW5pY29pbnMuY29tLyIsInBvcCI6MH0
Requested by
Host: gonapysa.xyz
URL: https://gonapysa.xyz/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=f68bc2b2a54247eff7b4a69fb33db602&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:5219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://gonapysa.xyz/view/14a413ea17b8406c9c9a4938acbb376c?cid=f68bc2b2a54247eff7b4a69fb33db600&pto=0001-00000028-3E05&pfr=0001-00000050-C19A&ctx=aWlkCWZyYW1lCXdpZHRoCWhlaWdodAl1cmwJa2V5d29yZHMJcmVmCXBvcAl6b25lCjAJSFc1Qnc2SVRDc09JdzRuRG1qM0RpY09Qd3FQQ3IxYkRsZw0xCTANMgkxNjAwDTMJMTIwMA00CWh0dHBzOi8vbWFuaWNvaW5zLmNvbS9pbmRleA01CUJpdGNvaW4sZnJlZSBCaXRjb2luLGZhdWNldCxCaXRjb2luIGZhdWNldCx3aW4gQml0Y29pbixnZXQgZnJlZSBCaXRjb2luLHdpbiBmcmVlIEJpdGNvaW4sYXV0b2NsYWltIEJpdGNvaW4sYXV0byBjbGFpbSBCaXRjb2luLGF1dG9jbGFpbQ02CQ03CTANOAk5M2Y5YzNkYTk3MTk0ZGFlOTc1YmI0MmEwN2I1YWVkNA&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg&pto=0001-00000028-3E05&pid=e01717e671584cf5935e0c4cb670a419&eid=f68bc2b2a54247eff7b4a69fb33db602&iid=HW5Bw6ITCsOIw4nDmj3DicOPwqPCr1bDlg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:46 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ryby%2BwsWs9ehvYhoUSEuKNa6zAKKL1nH7ilZbUYAdxQ8X9NVaLrxEkDgcFryIYxDYpGxtetj6y05kOzkjmaZpSsY93tfWdSt3u3T4%2F2aeZmSim3QyJkU85jz%2FhqmCLT7yitqnvTX"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, private
cf-ray
6597e3305c85d6e5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a72cc523c0000d6e52e296000000001
161112260.png
static.adclerks.com/ads/202106/ Frame F532
12 KB
12 KB
Image
General
Full URL
https://static.adclerks.com/ads/202106/161112260.png
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4785b8f6367b2e4a8492b2f40a83218dc16e620b8b84254ddd07d5663403ae9

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:46 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
33721
x-cache
MISS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12093
cf-request-id
0a72cc525800004dcad40d9000000001
last-modified
Thu, 03 Jun 2021 00:05:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8hnw6CvnPm1776cKvoiyPEP%2F%2F%2BBk0w8rvhNPwwwKFNeOUx77YN4Ax7C09hdT6IvLjF%2BOgs4gAvVJ26KgVgYzLl%2F%2BQGN%2FmLLcv3q%2BNmq9CKfD6shlG97s6cNV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6597e3308ae54dca-FRA
expires
Sun, 13 Jun 2021 00:05:41 GMT
157356073.jpg
static.adclerks.com/ads/202105/ Frame F532
22 KB
22 KB
Image
General
Full URL
https://static.adclerks.com/ads/202105/157356073.jpg
Requested by
Host: www.kissanime1.ml
URL: https://www.kissanime1.ml/2020/11/amv_25.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3b49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bed83e45601417e0a7c65d48fef51976e85ca20692466c1e8a9f19be208e4dc

Request headers

Referer
https://www.kissanime1.ml/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 09:27:48 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7914
x-cache
HIT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
22120
cf-request-id
0a72cc5d9800004dcaaba21000000001
last-modified
Mon, 24 May 2021 07:09:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qgNLQRfo1uvFeq9QMgcPZk5zr1LKNZCJcvuu%2Fb1K0Z3gFOPK4xHzdVcwHV66s5PA14ai2%2FgcABl9yoYDHHt1JsD1ZdLiFb4YKzrxMBY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
6597e3428f594dca-FRA
expires
Tue, 08 Jun 2021 19:56:16 GMT
truncated
/ Frame 1B18
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C8B4
305 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
manicoins.com
URL
https://manicoins.com/css/floatclick.css
Domain
manicoins.com
URL
https://manicoins.com/js/alert.js
Domain
whos.amung.us
URL
https://whos.amung.us/swidget/popmyads.png
Domain
serveur-minecraft.com
URL
https://serveur-minecraft.com/visit/1638

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| html5 object| Modernizr function| yepnope object| jQuery110204188578114335071 function| WOW object| elem object| scpt function| __cmp function| _typeof2 boolean| supportBinaryFetch function| next object| a0_0x433e function| a0_0x3d7e object| atOptions object| __core-js_shared__ object| core function| __uspapi number| adcode_count function| post_sticky_handler function| post_noads_handler function| post_trackdata_handler function| post_skin_handler function| post_expandable_handler function| post_realImpression_handler function| post_pop_handler function| post_interstitial_handler function| post_native_handler function| native_resize_handler function| post_iframe_handler object| ItemDataScript_parameter string| ItemDataScript_parameter_new object| ItemDataScript_parameter_seperate string| aduid string| pid string| width string| height string| displaytype number| responsive string| block_id number| adSectionWidth object| page_meta_data string| page_title string| page_referrer string| meta_description string| meta_keywords string| search_keywords number| currently_rendered number| currently_rendered_flag string| currently_rendered_adunit object| cpc_impression object| cpm_impression object| cpa_impression string| cpd_impression string| cpv_impression object| html_impression string| ret string| iframe_src string| urlorigin function| xyzstickyhide function| xyzstickyshow function| xyzstickyfloat function| base64_encode function| Set_Cookie_Data function| Get_Cookie function| Set_Cookie function| myEquals function| myEqualsIgnoreCase function| utf8_encode object| ItemDataScript_split string| ItemDataScript_dir string| stickysupport function| xyzstickyfloat_handler48796 object| adq number| title_length number| description_length function| xyzstickyfloat_handler45697 function| xyzstickyfloat_handler45696 function| xyzstickyfloat_handler45700 function| BlockAdBlock object| blockAdBlock function| adBlockDetected function| adBlockNotDetected string| xcJQCflAmpis string| KkUCuxqIgh number| VABjXzYzJp number| WSpSwDLzQd number| nsJjjBITZC number| neMuFFBFgq function| rMwHazIJjv object| BGWRSzJxTu number| c2 number| c1 object| E8b6IczkKQxV function| cfVDoTdmsN function| cookieinfo object| cbinstance object| toastr object| __CF$cv$params object| responsedata number| realImpression-1741 number| len number| realImpression-1740 number| realImpression-1737 number| realImpression-1739 function| xyzstickyfloat_handler45698 number| realImpression-1738 string| cookie_content_value string| cookie_content_data object| cookie_content_data_array number| current_array_length object| current_array object| cookie_content_replace string| cookie_content_new object| cookie_content_new_array number| cookie_content_new_length number| ii object| cookie_content_new_array_split number| new_current_array_length

2 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: I8Yu8UexCDk
.youtube.com/ Name: YSC
Value: BETxBqAZZrQ

250 Console Messages

Source Level URL
Text
console-api error URL: https://quantcast.mgr.consensu.org/cmp.js(Line 1)
Message:
Choice CMP v1 is deprecated, please upgrade to Choice CMP v2. https://help.quantcast.com/hc/en-us/articles/360057828994-Quantcast-Choice-Deprecates-TCF-v1-1-version-with-holistic-move-to-TCF-v2-0
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.000001278088908512072, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][setOption] The option "debug" he was assigned to "true"
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][on] A type of event "detected" was added
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][on] A type of event "notDetected" was added
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011859160608612125, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api warning URL: https://static.arc.io/widget/js/core.js?c6b0387(Line 30)
Message:
Failed to install Arc's Service Worker. For installation help, see https://portal.arc.io/installation. Service Worker documentation: https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers#Why_is_my_service_worker_failing_to_register. TypeError Cannot read property 'removeItem' of null
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 4 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 5 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 5 0
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387(Line 1)
Message:
Vue global error handler TypeError: Cannot convert undefined or null to object [object Object] mounted hook (Promise/async)
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 4 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 5 0
console-api warning URL: https://static.arc.io/widget/js/core.js?c6b0387(Line 30)
Message:
Failed to install Arc's Service Worker. For installation help, see https://portal.arc.io/installation. Service Worker documentation: https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers#Why_is_my_service_worker_failing_to_register. TypeError Cannot read property 'removeItem' of null
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 5 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.000001278088908512072, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011859160608612125, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 4 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log (Line 1)
Message:
keyword false
console-api log URL: https://static.arc.io/widget/js/widget-ui.js?c6b0387(Line 1)
Message:
Vue global error handler TypeError: Cannot convert undefined or null to object [object Object] mounted hook (Promise/async)
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 4 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 300x250
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Init Props: ad_unit_id_check: true, device_type_check: true, cookie_enabled_check: true, frequency_cap_check: true, subsequent_request_check: true, referrer_check: true,
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 728x90
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 468x60
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results: rmb: 0.0000011618990077382474, size: 160x600
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
[object Object]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
Next try 1 0
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
[object HTMLDivElement]
console-api log URL: https://popmyads.com/x/pma(Line 3)
Message:
console.clear
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM Results:
console-api log URL: https://adserver.reklamstore.com/reklamstore.js(Line 1)
Message:
RM: No winner;
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][onload->eventCallback] A check loading is launched
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][_creatBait] Bait has been created
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][check] An audit was requested with a loop
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][check] A check is in progress ...
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][_checkBait] A check (1/5 ~1ms) was conducted and detection is negative
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][_checkBait] A check (2/5 ~51ms) was conducted and detection is negative
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][_checkBait] A check (3/5 ~101ms) was conducted and detection is negative
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][_checkBait] A check (4/5 ~151ms) was conducted and detection is negative
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][_checkBait] A check (5/5 ~201ms) was conducted and detection is negative
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][_stopLoop] A loop has been stopped
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][_destroyBait] Bait has been removed
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][emitEvent] An event with a negative detection was called
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][emitEvent] Call function 1/1
console-api log URL: https://manicoins.com/js/adblock.js(Line 50)
Message:
[BlockAdBlock][clearEvent] The event list has been cleared

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30df6e5b426bbf888258c717dfaad4d7.safeframe.googlesyndication.com
ad.a-ads.com
ad.gab.ag
ad2bitcoin.com
ad488a54f79acdbaa437b57ffadb47a0.safeframe.googlesyndication.com
ad4m.at
ad4mat.net
adcryp.to
adhitzads.com
adimg.rekmob.com
ads.betweendigital.com
ads.creative-serving.com
ads.rekmob.com
adserver.reklamstore.com
adservice.google.com
adservice.google.de
adsrv.adcryp.to
adx.adform.net
ajax.googleapis.com
analytics-wg.webgains.io
analytics.webgains.io
api.allorigins.win
api.webgains.io
arc.io
as.ad4m.at
assets.ad4m.at
audience.rtb.adp3.net
b5569ccd6b4252b61984ee6fa46dd364.safeframe.googlesyndication.com
banners.mellowads.com
bidswitch-eu.splicky.com
browser.sentry-cdn.com
cdn.adclerks.com
cdn.cryptobrowser.store
cdn.jsdelivr.net
cdn.runative-syndicate.com
cdnjs.cloudflare.com
cookieinfoscript.com
core.arc.io
cutt.ly
diapi.webgains.com
drfrr.org
f033022d489e09a13e5d456d6de0c44c.safeframe.googlesyndication.com
fandmo.com
fonts.googleapis.com
fonts.gstatic.com
g.cash-ads.com
get.cryptobrowser.site
gitoku.com
gonapysa.xyz
googleads.g.doubleclick.net
green.erne.co
gum.criteo.com
htlp.eon.de
i.ibb.co
i.imgur.com
ib.adnxs.com
ice.360yield.com
inv-nets.admixer.net
jun.eurosptp.com
lcdn.runative-syndicate.com
lh3.googleusercontent.com
lh6.googleusercontent.com
lovemetome123456789.blogspot.com
manicoins.com
maniexpress.000webhostapp.com
maquiags.com
mellowads.com
myolnyr5bsk18.com
odr.mookie1.com
oranegfodnd.com
p3.adhitzads.com
pagead2.googlesyndication.com
partner.blau.de
pbs.twimg.com
pixel.yabidos.com
pl15918242.bestrevenuenetwork.com
popmyads.com
portal.blau.de
pre.glotgrx.com
prebid-eu.creativecdn.com
quantcast.mgr.consensu.org
resources.blogblog.com
run-syndicate.com
s10.histats.com
s4.histats.com
s4is.histats.com
securepubads.g.doubleclick.net
serveur-minecraft.com
simplebits.io
ssl.google-analytics.com
stackpath.bootstrapcdn.com
static.a-ads.com
static.adclerks.com
static.arc.io
static.criteo.net
static.doubleclick.net
swift.adclerks.com
syndication.realsrv.com
tpc.googlesyndication.com
tr.cryptobrowser.site
track.webgains.com
w-it.m-t.io
whos.amung.us
widgets.amung.us
www.awin1.com
www.bestdisplayformats.com
www.bitcoadz.io
www.blogger.com
www.creativeformatsnetwork.com
www.gab.ag
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.interclics.com
www.kissanime1.ml
www.lead-alliance.net
www.recaptcha.net
www.telefonica-partner.de
www.vietnamnet.vn.nmnm.cf
www.www.baomoi.com.tntn.cf
www.youtube.com
x.bidswitch.net
ycipiwic.xyz
manicoins.com
serveur-minecraft.com
whos.amung.us

104.111.239.217
104.16.200.58
104.21.55.158
109.206.162.83
13.225.87.41
146.0.227.107
146.185.142.91
146.59.152.166
151.101.12.193
185.173.160.143
185.184.8.65
185.33.221.11
188.165.137.78
188.34.181.16
188.42.191.196
192.229.233.50
192.243.59.12
192.243.59.13
192.243.59.20
192.99.13.63
198.27.80.143
198.74.54.57
2001:4860:4802:36::15
213.186.33.19
216.239.34.21
216.58.212.162
23.95.12.219
2600:9000:218e:fe00:9:46dc:4700:93a1
2600:9000:21f3:6600:1c:4bbb:9180:93a1
2606:4700:10::6816:1e8
2606:4700:10::6816:4aab
2606:4700:20::681a:ad1
2606:4700:20::ac43:4526
2606:4700:20::ac43:470d
2606:4700:3030::6815:418e
2606:4700:3031::6815:4408
2606:4700:3031::ac43:992e
2606:4700:3032::6815:31b5
2606:4700:3032::ac43:aa7a
2606:4700:3032::ac43:b512
2606:4700:3033::6815:48e3
2606:4700:3034::6815:3b49
2606:4700:3034::ac43:b6bf
2606:4700:3034::ac43:bbbc
2606:4700:3035::6815:1b79
2606:4700:3035::6815:4258
2606:4700:3035::6815:5219
2606:4700:3036::6815:2ab0
2606:4700:3037::ac43:d4d0
2606:4700::6810:125e
2606:4700::6810:135e
2606:4700::6810:4036
2606:4700::6810:8916
2606:4700::6810:e633
2606:4700::6812:acf
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::2009
2a00:1450:4001:813::200a
2a00:1450:4001:813::2013
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2013
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::2009
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a02:2638::1c
2a02:2638::3
2a02:4780:dead:116e::1
2a04:4e42:1b::621
2a04:4e42:400::729
3.123.96.39
34.98.67.61
37.157.6.252
38.122.162.115
46.105.201.240
46.236.13.147
46.4.41.145
49.12.13.182
5.9.10.165
52.209.181.46
52.222.149.125
52.222.149.40
52.222.149.50
52.222.158.95
52.28.167.150
52.29.191.126
67.202.114.216
8.253.204.110
8.253.95.111
81.29.72.47
82.113.101.236
84.200.5.215
85.114.134.182
88.151.101.1
88.198.68.43
95.211.229.247
002dd99db44b3a8341e89ced5ad86a4177b61d06d0a815f95c04ecd9a0961be9
0047f2b4e58d50cd286045db5a9a694d843c551e96e92f7bcd10bf2e111149f2
00b23c0624bc9f5b25ad78a8ceb8b7d8019107699428df1c0e706bedf392798e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0275679ffb2b6abe28f7636402008ed24426c8d84fdfca5aa7803ae407170356
0310007ae0a9de97eb6bb834803407ebb847f0ad77a85c340837963619a513fa
03623d6100facad0445a642c07be0d3e23ec0c8f458e4c7ced8d4e5a87907aa8
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
03c37d2ce2c24cfcfa47f6b97d48986be96367bbce9c77e2aa4a742b6407972d
045cc4d2694eb9ff0c2ae76b2653491c8306548adc0ce01d3aae0996cb8569fc
04b0e08c947b965acef92220c072ae7e754541f67eaa597d44b288ced33ec885
04e524f6e6e8a604f4c89568d9312ccd75e217fc22b970ea9500cbb85f79fa60
051fba127f6a21e116bbda80f25abdd56d33b5935957fae87efff06db99a59fb
057f09a69601da3adc7b756b621f7b98e3b24b50ee89da83314bc45c4ef03ca4
060f20635860e1747b0d6d7ee2b2d85f93cdee9d09788f3b8a15fd9843549e90
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06b82202b476b4e7170d35bc674c22c9202967fed93495d0c121591e11d4cbe2
06cc1d484904f030fa44071fd1d00840a90fe95703176798f968066a148b10e8
06dbd31cf93212a75a4247578cab00646fedb933f1fab3bd6f3d91be854e811d
075c866cd3208c16d575f1353e8dc9c303d3bc7b77d9187baf46e44a3af5472d
08112594a094b208a4415fce2acffac973304326ef87507fbb31e6c938a66fc2
089235661a668bb50fe8219681157f56c90876102a6fb39213c07e6ba207a534
0926b8d9b98da648b4884f5ebb99379188cdc8956d418c13a1208f7b1cc797ac
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f
0acaac5d8b7b53f048c5a561bb5fbed64eb26c5d4db446cf2de73712f63b31a1
0d2619297718ae9d9623cf2959fd41a2d57d5baee732ef13c1a59ffa078b3c5c
0d2800042520c1606a2ebb7a01f21b0ba0c09ebcf83f2f471a6e2d69d5f0ef63
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0df68274871a0f3da2b68d287ef020d6e15111aa845d9864a256d98449b02f6a
0edf30f84b3dbf7cdbb929daf30510c4322d8fcf00521ae4a801cf697a6687c4
0f0d2b1936c5afce74ffb140ba5329a616fee931c9d2df3cb2d02ce56bbf684d
0f324e3bdb92e00aac4abb256e9090f60666eda653935cb1e5ffe5019743f325
0f38e7ebb4ccc81d8a6102e4ed9904f5d2bf439ef0c92489ea30798aa3832e4e
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
10d159adb573ca535b8275f1d27dc8d60fffd9678ee3b5f1a0f7b4be4a77342f
11021c30663759ca8c3f5a67849cf3cd580b8f8bbe9fb88f98b01d24cf774e32
120fa6cac18fe34d383614a18a993cbcc760256639cc4531bfb6c54c51cc9cd5
125291a1043b461f3b3cd1384c5384faa2bf2b7cc9054a9f726758407ced10ff
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1423a3365ac47d78aaf716d5eb408349991db9574544e9a5e8e6ad89c8a4adad
168850c920ff331bd5d294b1a84972f74fa847bc89fd7a2d70b5e1480d2728c2
168b490c7ed560a7c581e2fba706f81e03084a10a22aab503bf6502b6f857e6d
16e1a946f09747536cdca6771d61648aa863c9042f82f1d47de42163af52b5a1
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
183923f8c8c3960dce8ad9722cf55a30d19b321b721741bd9e2ab6ae1f1ae72a
1887b7c36b2abe1bdd4e2dbd493124d5962590513099c5c8815a758fad2f715d
18e4fed409d648f459abebb8ef87c169f54493366ad0f3c8de89e8eb308848fd
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19fc11f3da5d728114937792c42b8233fceff304c637de18e7e5ec6d6abcd65e
1beac21d3234ad00e8e65b281f6debe51509c1ae13c5b60887bc4b0ba155bfba
1d65ccd5a4c6522d9d01148f94a59e58050b9891e65f472b44ff991c5bb8f81f
1d68d92741d56955f7e5090ad5d2d6524dea7d1a37e150432386b723ba6a7c52
1fa232a21d87a8f414d57819642249d553cb2067cf6e182fe6e251933cf23b38
1fcd258cc9454369f3ffdb6e3b671e4e52b59be8cf25deb2f1caf0333874b9c3
1fced08a2e5d745a4f58f49133e57aa725eb4e3f35170f60da0effef83264a33
200e27015c697b8c7f0b22cb698f5dc61be69b9e0cdbe3c26e1a5667d5986ebb
2013945e077d5287e02dd14e8a29ceb880db9ff2aab1ae5c3f3f17d08fe5d6cd
209f0917a5187e8f8e105606d0c7158e24447c9f9045628a98bd5e8c7068cf01
20cf2d38d6801232d390e0642b511c0363180fac8bc7a270a4d832604cb5acf1
21245765a4f16ff69c28d8b20b06af5f3f3bf4dfd198292b6dcfc7628c7560e2
21de9b90173dd3bd8c897b2c173617ffc15eed321a42b0f9c0b68dda34399ea5
244d98b726490f85a532b4fa63a08a70d354e7c8c928a5e967b9f30330a3cc7d
24b59f4e4fbf1d4a988ffa478952ceb54e0b2f0774da926bcd2cc0376200dbfe
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
24fc807e6f299bd67750cd231aba96727a9f3c4ac2ba111171b7ede93a5c2af5
250a184709ed324116d49e9658ba8a4fbd8aacb61a97c3b4a1bac0a7b908b435
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
267f86b986829cb9a3c46b9fcdbc56783bb923005ba5ef5b27efce504e72ecfa
26c7b1d3f8f1b32f68c5a75830af9ecdeb5f92657e256ad88f1c38a1507c8603
2903b25f4c546b29db8e65b43d8b9de9435b97be7dcb9a9f13a0d6b6941f1fcc
294292dad3c8ff6b2b062c326b224622b975a45173627b86544338a767c9a3f2
29526fc8d43a74de4d259ff56e5b8e06bdce2a9ee26f7bcc28c88ac1cfc5113e
29b6cd6b34a4f31faaa51ff355f5cbc83abc4e9fbf45ed238e5e97fde51de94e
2ae20896f1fa269e4a066a4f15cb0d0c0263c78f1bc3f69caacaa5e15f66aea0
2ae4d9a37ad3cf962f42f22af3b5139e542dc7716e0d23f53e4adde9f6960e6a
2b2d4c5dd00ac4338c4c2ab2a085298d0e1185c2e1d58af9cf9100748d5f8d97
2b2f2968e10e4bdf80bfdd49a5a496dee1425b0ba7086376bdc12a3397e2f2d5
2b58cdabebcc773b2357bb5428e98038dc66becfc6b2ffd725fde636fe281dc3
2b80af3e84a876b357bb3d20267b148ba34b296985d5d612c6d3e9c7dff734e3
2b8b894d36c2d240d6b6927d211f791c38c7b714ff685cbf404e34212e5c7da9
2c00d3d5af73123689b9baf2b54f0f7a08ec93f68cd6c15c61dbae8ebb7db90e
2c9fd9081dbd2adb4b3f7810cdaadedf7edb8a0d604b89e43b5770ff74049b7a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6
2dc91b7deab415797539622fd50d18e8f8b674ac37e525070b592ad3c7f8b96b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0
2ee31115d41fd8113b7c5ff8907a7b275262c9af4e89bc13790d9f9b16e02aed
2fa997e09f206cb872e70d94837c6c32a5438f86a1c962886db3497b8af26d2f
2fdef7a9f24c9a633a03e299334bc3b1827d13ef082b7dcc03d3c02c2ece03e1
3017935bffd8919945a4bf449219c7d358d7cf9c662b677c55b2afe30039b015
303efdbe23ca1d49284f639b27a700b3e17cda31859d5ac7e807fb3f17d3115e
314a9d3d99e3c70f50d547481a3a1a41276f39e58dc3710b2fcb85ebf70fa42f
317a4b3c77269258fbf082d910a099adcd8873cb9c037b42c9b6468ce8d7101d
31f18538aae63742917ccaf38b1e03a4b3e79b750377f129154441ebcb96429a
327a6274d39db27091c2bb5a1c52f4af29659ee901139b9a50ee4bca2b64edb8
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
33f132344c07603b4137dcecec032052b3e0a5e40aa9ea4bfab3bbce0d686647
34021da19a421b1a1ca6dc54d5db69e246cfacf9a3572fdbef78eb6b85b31c59
341df80e00be0f872c23054584444a5a5bf9afb006cdb441909aa8a71a69b35c
34e04a1299d4c25d2ef6c05d9881963f76c2606875999b721e82b41c3d049136
34e0afd6a6c9bbdea01a418a8c0bcfc480e9bf9ad66d8d9e1702c0bea28bf5f6
34e6f63ad63eddd1eeb2f65ce9db41d027b6aea1dc6d6915bc26f0ac4de2c3b4
3507fb25bf9f5f4a36a714f7b17510963093a3fe2e0ad450a3a80e8e11e9d8d1
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
364649d292765b93b954450e9cfa8e1393584d7485f71797c7228bd3efa51f87
36a88df037dc6c940450a9e251a34c9321d76d894d3d1734ee8cede45028d84c
36ae5665d20b3043d7c330846a2712a01de07cc1a8819d08f306853249a3bb52
36ba7545f1bd869f5d3abcc2e0c4e1072a33be1da4934214011a8c4399438e0f
36fbd415b44d75048831f398c57055af6c8cba8e5fcfeace039e3afc373d35eb
37120c7c1dc6b2588840c2a80f3a30e3f1063ff0bc016141cafadd965abe3e30
38523b2d48c5fa225dfa133f0eb534667b8acdf44f6ede0079aa06c49fa28565
387d027826c1312acc64a06ed67e259ef8bb2c9d06734eb2496c435899c9a229
39c7236869f6294ac1bc4334b31d70129c3aca4086785267acfea7a0a59bee11
39fa91a8d50021413deb45157de31e268065a87561be20c464f60f2857cd2db8
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3ba46f28d12545a2fdf80b370c55cb880a53b668ed5df95d1be59dac792c9fff
3ba5aad9708f59f3a458c5415628bc5e647dfcc01577a42cf7cebd383f52ad4d
3bc4a8c6d724075c74427caf23af8f977bb340c649a9d64b6613ba4b92e695c0
3bcb085e15f3fd7e95440c92531fa82f913f2847ff74d5dfea6ea9e7fabc9442
3be1361960213862b0c71f7ac5574b7dd4fb35f40da283e81e700a4a0ffcbf50
3bed83e45601417e0a7c65d48fef51976e85ca20692466c1e8a9f19be208e4dc
3c50473b14b373ffba7f11fa44835301c4ccbb84579d9a60c634b484df97d1ba
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3cfd35402895b1ce785d0ed3305eedd7955cd9cd13503684cb9648892a62a894
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5c00893aa1d99af20756a1a9e34a4711f2487e9235fa9c9c21fa16f6007067
3e5eda4fcc980e9bead8afef643527559f4d505089d8937d9f2ee5154fe69be4
3ea14e481c971f10b980c574ded902d2f5caa7cc15d962f655a24ddfd9cb5527
428910566f0044046badf3d52a9a8a84be4f9b862c74811c048527fadcbcca3b
4289c63fd2b0ae5926316028943355967883265d9907d35e3c3effe4c3a09cd4
43ca7443c786849c10624effa8693e82f74dbb5ecb4210691ca64deb151a7160
43ec7168b5ef08cf980cf15b864d4ff460b74556fc9f8ca7a9555e1ae54a1d89
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
451a6c34b3afcdeae6c45279076c4d1eb683f5550db52170c215fd41264a29d5
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
454f94ac71b595e0e5a07e6040b2ca749b3bd937a598d2baff4f83408b50de5d
4648845d5a4e1e4dd362de39677b2b09005d63a93ea458c0505779bc11abb939
4692f6351f66b897fafed6559e2517b6ab020f67698c082bf3a98c18cfa11ae4
46b98a3787c3de05a63a522c71300ef713f78660098ae524fda5e19bb8567a83
46d5a8dc8dfbdd7894d8f66feb7109189ef391575541c63725fa0044686b7b9b
47099cdf3bf87e05ae894088b33b8b05e286f2590cb20da532b20333eaab3eb6
477207b8df3dfd631f010038e8917b7d931fa24282c76e31f9a08d3eea7e1c72
49d87b26761d7028c67332aedd5999cc608981088ce5217ad5ba3fd7970a2e5c
4af596aec554cb8e7486aa2b8e5186a1b80d20da5bbe8e1c66564f75579bba77
4c0ddd5f84226a630de4cfacb523cc1a0821f50434466a8898d0ef6aecad3dd4
4c5a6f309c4afc5e58f370123b2acb7e1fe3fe7d0a54a0b356acead178ca556b
4c5bba8c74a9cbc2746fa5f0babe8d4b593338b694f3d49ba8c038cff35104e7
4d4af139311c81555211be2e79cf4fe27b40ef7c9242efd2f04aaaa1ab90bfb1
4dbed3d88f1d34aa60b322d08c27b069412e5d7e44f6f60bc77e0fd394aee27c
4dec5c79a9b66b4a5e0021e63281f06132ec4b035f8a9c201cfa77c8e32a2b5f
4e4342c6bb2d828cf123e6ad8ee6cfa7bb0d475e3140903ecca5bd7b4c1f6210
4e88b43766561caea6dfdaeca7e8282b23e14a2fd29e7133708aa6fcafd9e47e
4f61350bc40d801c8fa2b14d71dec2b79a720ac264c71b807ddb73d378af9850
5059b43707f745f854f77216b1690d26863da2b069a5cdf26edb1b16e8685d9e
50797246e8a6431e60bcf89283d3a47b4ba5cd25f3dae4f881e3a6689a6794db
5087f1b703ae43df7c4dbc79728e283d3d5c4fc82bdaa1962df54d0f5907a896
532f2b8eaeac84111b882e6b1fbb8bf9623abccfd714ea87ec55045edb9c2255
53c9c0be3fc4a79ca807ddffe19bdde732c9881c74334351078e7a56fc1a83d7
545eb5f040a84e9eeb653f362aad4ef21cd72f0b6838468822ffa71f47610d3a
54cf69fe7b9b56e7f8c10e74293e3d5be5b3579b0355620a9f56b1f3f8c63729
557aed8c9b8d7953fdb3c22516f6e225ca78a9fe9a860b75b9cdca37f818d124
5590ee840d7b1fa10ddd6d87958cf624b73c242f4a26d9abd674301856193120
56433dd803d523690979ccabb62f994561e71abdef50befdd4158150d7e910de
56820271eeef561b351a0251e3bc0b8c2859dfdcc12324ae0c1fea3148bb08e9
593bc804002feeb8575c72e8812098c94da49a345acb0586bf941c6ed7869c44
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
59e054acacbce0cfc6b7329639eb4ad898676b507b93a2b8a843ec7b5bd61202
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5b45d1f3593659ce4ee8729c5aa8af1168f0bfd62f46f3b8d9190b9896e1db1c
5bdea4a919a4200dd6f8b4772e7d33607a78b9bd445ccfdcf1bc16581cb78553
5c3c6e3ed7b2047b6c440af5d104597a82ec8fc4a73c3adfe06a4ba2bdcab0d9
5d0e1445c328585c9666a273ae2bb14b98f85dda4583abdb223d7e29b9c08557
5d66b2361b1910b9139fd827bad6bde30c2fa0112451dc995047f05929227311
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
5dd64f3495742c70d64a099c78c264e89df62e35eed7a2e978671971a9e16fbc
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5f6d001a0863007f948f68066a291ed0e7126fce8b4e26733f2d1f48c4762c3f
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
60e5c35a0c418b3b6e1bb6e16c9fcf7413aea5648ec9a1a123fb49a90443c053
612d5b0f1a8892e56d386aa618c3328d8c6248ffe5ab4de287059b73052b450f
615df615c81d1629d9af1a44d35abc2b4e9e697b2dae261b9cc00c2e5db1e259
617c6ac911930407b6d6b4a6fd266f5c7b67bb74b0fbf118ce457a77b7dacd1d
6290d3a1579a75c612ad8d3942c10fe4fb1b3e174e7df9bbe8dce20e82068189
62c3d6ce8b5de89f01e123b5b90d24bdb26181e6a329a4262fd9d5d8e9f94ffa
63a526682af9747eb0b22846c24e42e6438c1b87fd96230332d0823258d57361
647ad96c5875174087791ece6edd9185ccb71df157ac20c331041f401e5883f0
6491f4fd82597aa8a54e50b21a3d98427153039ad0dbc6bd99639a77e90cade2
662d9570ea4c2f0446d66dce124ccef73b38a50334bd7af40bd6a1ce1137d1a3
665b4800ee022409cc94040e12bc972e43159f55ba6aec09c5e979cc7f8c7222
6719aedef2d721f0cc35af4fc6d65fe90bb1ce53e3f846d1b83e2976335cc8ba
67980f10ea12e1c623901625ae00c51e8f7860d72741bd1cf75fe16a8d76f9be
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
683f0bbe7bd7d3b4cd85115e2c621933646ccd1f1930920ee6852de9a368ec82
685ca868cf8fd43fd844dd6ecaa1f525e424df6cb518f0805f1e243b2bc9569d
6934f66f0dac5c8ac43c8cda83eadb5bad070d8f925c2898b5c7451aad2d15a2
6942bbecde948a8e032fc1204e9fc6a8d6508a2c095785d3f68e2726dc2f1d13
6996d03e94d90ec8b599c31a46fc41c18facd93107afdbfe238c8a940d3ae7ae
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ae6e24695d3d6a959b3ccd0b3db48abb33d798d485f160c5bef9a82264076b3
6af436b3ab42a7b46c383a451abef69c5776f2451dfb4df9172dee3ca2b8efe9
6b0d7e674e14e65084a9f51ce67adcd02a414a84f995bc3da73421de848a77c1
6b3e012f4506ee657c139ef677a5b5e8ce4504655cb7ac403a2cfe6e5a1af425
6b7967da0f4254751c0301d688cffe377e97419ac9322895f0d06a3bf5c63f4b
6c3a7af4b5c014cb9378457992e04ccacdde9e15d47cf21ada01d6b56bbc60ce
6d24a3c22d30be4245f1f5bfafaa66b15b72dc37538060632004fb3cf2d3fbf3
6d6e441fef3468a8c054e7d57f56310450dea8b2c6293d122c7a80eb6d377ab4
6da3f4a2c8be8a7fb622f5208ac9ee95f89b5c11ca25c6cf6ca7e463e61ce3fc
6dca582b19b7f84f5146fc8bb3c57a822b1633d4381b6d1b797cb786955fb95f
6eff65f2a8eb488e25dbca7a506949b599a8f05b522ee54edab296459f8efbcf
6f8f6bdafa97167b264c7ca87a009e1652d5c9f765a44249e0bf0908e5f5e378
6fd4d63ec221017a4be24d2194abe9188f300b98946f29a1e2ddb0e7ce64e374
70219d2484b8750386a905c72cf606ad56e1d637b53c41ecd1d8c93a590d09ce
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
708af168805baf21052aca92835aac5d1d19b3450d16ecce6dab5f4e9168f8b5
712d2f93ab86ee61953d57fd9a1336d47bdb03dceec20d854288c60ad5ebb944
7206d4ee81cb225774079752a1bf40d6163d7f8cabbfcd79c3f103889a497742
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
745b0c17ac09b998fa0baed93b0a0d2901644b9b2891a98028b8912c5f35b9db
74ba81efea7a44f7f4d43b06bcb2f322e39bc05222036903edae4f46fb6900ba
7512ae62108af074eaa90622e9df04625f120ecf4a909443fa6dc1a2b071c7a1
759bcbbf2058d0a33948eab23c35c499523a2d7fe779f3746fc40afe72020e7a
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
78abb70b85eb301e978660326b8b2ee8922f9ec67ac80d6ede17cb267e4e181f
7933c11d58e32c20939355d001cd36fd70284d2045f5a7c01d9765784cb13001
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7afc4980d9737a172d72d5a6a2f6edeebf8a0da85a2c3425258bafea15b889dd
7b1376c0b817203f501f2be50a8bc4ca8b67e4e069f3dbd7775eaa7ef9b65c77
7b2afffdbc3bb7ece8c874f0dcc6c0d887aaae09090c9f9f6801ce7ddddcb35f
7ba57ba8c83b63763e70005c9b1840d8d7e8c71611969265aa5675aae93ead18
7bde0242f3ee9309bbe3dbcf8ceac69c1c2e89644b0d228cd562113f4556452e
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
7cb3c067cd4e881adbe56c6d5f8e90651c9c9f2997837f1938b6c7cf185357f6
7e643c54ee8007344044f356b79763be016a4158971326c59b9ba64cb41fbd1a
7f1b840e7fe64080c79a2f1d946dbd74b76ea9880999a12637487e688490d670
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
7fe688d32eec898397522f9646fd8d3744e380e2af6527153c6300ec38533e0f
810293324e0d2bbf0a8713f573d6215398731cd38076b6e8f3d84aa877aa3635
8183a474a84a5e546806849e9d5e5dd4a1f388c7000a4b519c9f0bf6474f87f1
8341ee466685f34d429e537dcafc6cf17b0134410b708b021bda8d90e7eb97d1
847b340929490f5f6c105ba18047c1ef92b9882530c3be46a66a7e3fc8bd5dfa
84b2b9345e9b1f9f7560f2ce69ff573ba6158d91921779c97350eccbb965e94a
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85721a6602da0b1be0c1bedca8a2db934b8f6bc9fffc14be4b0a48c2ed9cccf2
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8706ae696503e418edcb9696da1ae9b19436ed262c5bf54e259e45b9f49c4ac5
875c56f3f89c0bed24f5383f995706baacb399150bea1466801fd93ad07c2677
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
87d5ef022a7dcf0361ac7c406f0a85a16712db4e66ee2363941c2a9f412fb27a
884b26d045b731e2f4b4bab4b1a1b03d677631b13b122e560f08efde52dc1349
8883a14e28c43192e52a115f6abc8f72909088d49d13752a913816614c984a31
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8a6f5f6cc21b452b60d616b21673710400b70c9c79890fc10664b4fce3130c59
8bccbd703bdfea7014aee0b308efffead8717c7a0aa5f0d0281d03b1e4227c50
8be2a4d9b5c58396029b73f7f4786649bf20be679133cccf2130741f3786348d
8be9ff7007c39a65cbbc80caaaefcabfd721aa61892669ef0189b42bafaab3b2
8d4ffbbd9b6f88eefb0066afc035ea66f142f6aff014652e222ad6e8926c28de
8e0a98f7e51096a75f19419275aed91f110e27b3b7d8464d5620addd1a1817d9
8e0cca6263416fa107cca916db5742b3e46aeb2dca4359e4051407d2cd3c6d4b
8f45911c6f2bcd4b6dd41d900cc1aba815fef66d34f78cd3466d9b531503a447
8f5e5250f5e145b8941a549bd962a93b3ba45c55868cb13e9e439fd2f02a5763
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
900191a443115d8b48a9d68d3062e8b3d7129727951b8617465b485baf253006
918161ad1c70ea8ff02e28054b8eeddbd63811cc8e259101992d3fd3b2dc6b48
9293bfa769e18550b757fa1674906075fc3802cdaaef826fb2fb361f90029c78
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
9342eaeb6d2acb526ecb319ddbe84a493bd115040df5be3c83ec88ff3e337dde
93a48976dc3f05b75820aa416963466a9cf5dbc7033e9b368da5e8cd8a79755a
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
95c7ef477fd065e822bb6bbeba61af793731390649881826432daced1e3894b0
96b126417447a9c5d415f06e00e2e6372248c9857f5ff60b6477f8c6f55c449a
9708a6251d2c936cebe877aa73d94832c9b41dfab9934dcbcbd00cb8a3f90e47
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
9852ccf03b383d1b3855c1983e18258fbdf07999ff77a68327ed0413466db4f2
985658a40096b972ebd99ff108164d69b190ea06508758ff978a6d751cc5e4fe
988d6e066a6f4841c27aa4a68d19568a38358c3339d021c582d8c4af4ae549f6
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9b48f1ecae307ce86f1f18099265f6088cff41c781f2ded265f25890c5a845ea
9c4964adac0e09cf0af35a2c9599e7d46af59dac499fd45643e38773818a7e97
9c7cf1ffffab38fd0849a66dc32136a0677370a18c1613bf390f68133ac52730
9cc28da789a592276b27636e12c53d8d46b4d42d1a12aaf211c9522d20f1e2ac
9d5b9c9d218e12f741a78d93c812ff284a41a94d7dc2eca88a3c9428d03ecee7
9d801f77de55257587d2403f0b6c0366fd4c1de746ce013aed6909c644a65e19
9e3861d539d004333e92fdf9891613b4bc72fd05e0bfa5ab6105b6da1edad3bf
9e46aac23557537adf94a53e11ea94f4d4845d47d64a466d59cffe5a4fcf4fbc
9f0bcce85846f02d425a7f569ab6f77f74b8b1381d50af605d108f57c42d0db8
9f7266e5f4028c94356469932f4823ce9c89e065fbc60833e9e37b7dd6e6cd88
9fb0956632beb2db3c5099d6000ac4875a7373695db584327aa079b582e838da
9fb5e6c6675cfa340ce19640ed445a22fabe6a23551529b328ad86bd5871fe29
9ff70aa440a18a5cf392af513624b8ac4fa2bb4fd158c0747afbbcde79bef625
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17
a10d401210e1b8125e258472f0b0a547b34c155721112a05b96fe47d1ee1e256
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a1ae4b7caebde18500087c25a61d1c4d6a6845d7cd3aa598792bd72cc124c087
a1ba51d932ed36d7765faf1e9c5478f397a97c86fb3aa428c089ab0b83dc2ecd
a283edc3c64a60d86823ec0747cf7886c3736749bd1ec88188b97ff530167b49
a32cc7605271b4a750b32b1e500ec31e249142d6613c2ee9c2d5e7ae809b48d2
a34c5cfb3b9d332e277beeb2f8b99781bd64c2c3cdd8674cd272181969cdfb7b
a39b47ab0b43a84afee42eab7e6b44c411450c8e0e547a09b2ec627419ed09f0
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a40b8e5067d465311164933f346b9dcae0e9c518b35fa1bcd4db4597a592a757
a4785b8f6367b2e4a8492b2f40a83218dc16e620b8b84254ddd07d5663403ae9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50a51f56ae3a8194fd3e1d8b86d8a5d0efdf921296bffeaac46fbe240c529ec
a5f0aaeb1391bc2af45ecc74f7db25f1bb39a5fa82c7e721c3118d2273725291
a603eac48b2a94338eb03a6909eea4cfe5d4ae62ccd2aee92f77163ca6fbe36c
a69fb479b5382d113b7dd50923eeb1e743dfa6841500d28ab96b11a93f0abeea
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a97573fb98d12e72469bd719502cc07964386b1d274f46c8a1aecc246faf5916
a9901541a27c605a0d7425964091d5e39ad8d0b088be795c5392e1d1dd0de3d7
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab678728d50221c34ab637a8db8060f2d87621fced24a19b1f41ee4ca6a3e3ff
abbb15e7aaa3601686c511996de4b8f18f33e18e3510cdd70e1874ecbf45f856
ac21696be219f4103719bc8c92c8200cf580b417d8eed512d85cbe8c4a593335
adcd2df1dc4db686befb25f24ba7e5cffb95a12be24e5c1a47a8f138b88d8fff
ae757987affdde9f2411be14b4cd5f17a0ad6eaa744e9f7ecca8338466055bbc
aec209d26d31d88600921c21a37b246ea7f95f2cea2d0c464d96aac857cbaba4
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
af7db5051724091f7eb9492f1a29064c37889cad5959564a4fa4ecf9f8f5da6e
b03f93a74104be128cc8f74b4faf9b6eba7cb2fa77fb05d7dcd255a81861c5ab
b0ab31cee6337c40015a912b36898a1afc203bf25def5b0607f59c1bee905907
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
b18b9428451ffe5dd6082f6d4dc39f56cf645b712af0a42c92a5c6896f263435
b1c8ec53a7e6693e4546889e76c3a619f6ee83c983c448f0274754f4bc25028f
b2146f73c9d8d760979a83e09c47f65c4215d67fc12a81c59ac4a43ba550169e
b234cd4e547010429dc55b3eb30a4de01674978c6a57e7837f873e6ab28f3a5d
b23b15c185b96405769a3556bcdefa4e12bc9e49cd1c3d59e5ade1affba71b86
b2d86b9b3f0356f4d62eb9f47c4863b883131889ebe389f9cb6b891d1f7b9bd2
b32505e96c69bdbf22da20c6eebc54a63f5881c108afbfa63e50ca9723b4b9ab
b3474f9e42f470faef4db25d456e1370e9cdacef7deab620d90362e86f2d933e
b3e95f43a10a17150009cf32b5db9fd77945784fc5b20913577180bf2ecb5925
b4acc7be68530c88688a069775a856107c5a32ca9f5582123860913e21f613b5
b52f125528ddc7a91dfa45e6f31412c74e3f92972321497fdee9637dca669ecc
b5336c7209eaed75cbcd0f5e6685abc0671eddc7bcc474eeeb7b04e78aa1b003
b54a40b1b280f8117a5864639b2213d139db2f7057e5b9a1b687c37e5e03ec90
b5552dc4fcd9717dd52e84906a5fafe2af02d28768feff85b0dd74621f63ca05
b74c53b83275539f5180de251e4746b8626971a9d6929def61a8fe4bc2ad29a0
b7b7934292cac229ce7cc79023bcbb0ac961d8ac5c521f9d34444254b8196dc3
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
b9a3f96e1cc71af9dec578dbd9cb2e0e60862d676bbc96b1dac56dc1153518a0
b9a730a9e4f7c71de7173f1e99649200d2a81233b8041f6995d9180d6b9485f6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc725208dc3c2e0b0c012a0b8b5506158727158b0277a6b2e2b6d9dbc102816
bd2120d54005f0252a416b7b8bfdc5925d0f25f6fb9d583c40bdab2c7bb3fd72
bd62e8a4e85eae2ab9c3143ffb85ec24428af4b98b2df89e75903ea7bc33493f
beec15e03fe29ec65940fee75c9b5e9e8653a03c49e77015146b554a69808fe9
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c0f253831020e5ae7321ad3edf518d572241f9b1c9ff851182dce965e3c9bfa9
c1270649e41f47bedb005117d1f60756afbd7485bc0154f17a3ba6ff0e6753e5
c1f5d61df483affbf71518b4a3cabec346f0de818a2f6c4bfeb2e704f922832d
c3cace2c917f8eb837dfe0f117e7bfb97b3048d827496ec9183739985d671807
c4b05d5e9cc86bd922808a5bcc27fe805d19a424ae2c929fba7f60ecaee82698
c54b644fd5c4c94f49cc8bde286802266cbb733d557d4fed43cc705b95d1de3d
c57e1e41e41bb07d79ca40e5d590f30fc8d99da722e152b05cc58fabd3b5aaeb
c582d21e47fdd55c868b22e15e5e4799eec9ff4184c6fc6f10ad47cb5f80017c
c5bf558d0232023965ed5bb5334f6ca8016ab4aeef42ff3895d9f9886bdf42df
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c677e7d7e79165d7b34ae43cebfe98d6a3b6772e556aa0377ef10e682ca95f73
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c7bf321a20371d1ca123ce16a52b366eaf61ebd5135b3519287d84443cb47e44
c7cf2bdaa84a8fee1ff732b1db43228512e832458b727e8b8bf06ca8ccbd7953
c7df10440546d627b27b9ccaa595bb4813b5b4f4baf2f559a2baf12d06e39cc8
c85abfdce7bf4946ef6a310830b3a3419ae040e1a407b561253a006c9a94c522
c883200e23e97c6b0ec0be3de55074caf00f798d13338c12feeb3f1acce4d772
c94cb01bf1135f20df8d37a9a5371e6779938858dc4e29813ed09b3644e23018
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c97c6711a3842ff47e9255b0d954eef44acb0ae4625ca9180e3f5bcde4f0f8b1
cb84a7fda107c5453a77b2b3f0cafd748e87edc92c724bdd7d305259ac6569b1
cb94cba3fdefa631188ac4ef49933f93ee66bc7fac39fd6fb7d178a9de151d58
cbc5ba43f72e5546360a82c34fc013c03ea293387040e79109f89dc515920a6d
cc8995800462e967657ce7a6d242f5226c5e0bdb2ca9e9947f238078b7566bce
ccfdf09a3a205c1ae5f97e70d0627a43d0271314f548e9edc42e306046785c38
cd2fb72513bb1f405f8bf41a0f89bfee10442052e34d893745ba83739df24745
cd6c5d2ace181243b3e20960e2f10df4e165bca858583aa70584a3e787231d55
ce4842bf446a0b406f3134cea0e2461f00cafb104de1b86e6a3b6a06eac03558
cee6ac6bead150d908b8a00a65f48630a72ba6e4215385fad324365bda7dc238
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d04adb94dc02ab091627b1aa2e6c7db5328df243e2cde934eeceb2b32c9089e4
d0db53c29f47ea31122d7c6b88a22220ca50ce9a298abea4471d36f76d26b8cc
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1583072c56f1b6e180434fffd53b8c8778b7ffe277af4bb2465b62333f3bbf1
d176de8c602f8d6086c97c0d5dbd5ad3dc300a59da2808f52a4ad7e1bf113e95
d252b095e3be279781e80a6c6b785735e56dfa5cc77c1d68f5b95b74d9cb6a0b
d366d5bb5d9bbd289e658f041c8411594dfcedd78f228060ebe3d923a42e41df
d48f25742fadbefad97a1d50d11611efc83249e83c4bf967fa0f36b6105a906d
d5b5fab3b788b3161871e2509cbaaa55f9b73fae0aae0459211269320f11ab5a
d5d8592dd8a656428110f48d8cc9d3816aa445e86ca7e2bc795af5cb9233badb
d5d9c805252fa0bbf1054ce303e51d18933af8abb6a5f4ee01fc436e7ee62387
d6ea9f94ed27dbd8a4959397ba71191c5f0654c022865fe957d6190cb0b415a0
d71a79e64f9caf89a9fd7ac123fabe6d5049c00db4a807e46fbee65ac0624bfc
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7d6b4ac1019f487f26ab37a8eef1c80be8d6c213a98d875d8847e99288802c6
d8cafaaa9b989a8e48ee553971cf9b972b2d8f3e8fdddbd06a8147d0ec0498e5
d8efca1437a843aa5a01948f379004c8d3dbb0549556179e7dee2f6c1c0865b3
d9622fb4a5b0a3399726355ffd4049ffa116544c83ecbcc564fffddd5f7f756d
da0a3074f0b12d603292f43c94412adea3913911c7105c7a945b02c3c889ccd5
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
da8b3eaa730106aa068069e97668646978e29f71d8aca97b720db0f0ab8a13ed
dab3e21eb90fa5bc4468ff647d2b29a7e56f344d8db1ffbb40defff15be12613
db03c8c6967dc9e1d996bd573afc75a2acd997d25fa5c7b1f047bbc2e8ff62d7
db38c6a8c5f7a567a809b00ac06e130668df0aadb8191c0667d1e335870ca86a
dbcaad6a5f820771676f4317ff8609f252dfabd61272c1237aee0905339deafb
dbcef181283c990b4e3dea3fb909c519d9aa986f8b76924f171912d02acc0120
dc1ff50f6295aee3cece758dcad886ac0faff1a0e15ecd77458d6c6cdac38ba6
dcca172fb8956a6cb32cc2e0938b4658afc275ddabe650e890cfdd13924c9d44
dcd3f9ed8cc9687012ed230fcea0a5de7066fbc95eb00919e37ce730efb1d26a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0c1c2fd13406f7b50220149cca46a504ff9a4b76b5d638c6a58009ada59fbf
dd18d22d732ff5aa9eb7a11d7096a072f02c77035f9fb9c8d8a3c03a981b435f
dd8d37964d54dedc218e5346e5442830ac85a24fec916f3f3a540d0f08037c33
ddc2bf3176d5baae32050259740e7b87a874d51fb3d03bb6e5a8d22af849b369
de22330701bb91c74cb65f3dd72208e816220e154b854ae38469e8bc6aab7bf4
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df19aed83e064b5f770d4978376e6d656a5382272f6e8147f49c75ce1dfb49d8
df81f81974fe7f716a8f70b9dae7c6addf069bdffa9dd60a0222211a6cedef37
dfb5e582bd87b1442830e0ca46b1a48e7476e33bd891a811764090113ed3b92c
e09210314eb842aa78fda7f7bfbf7d24127459773fa36e1b9e65cdc4e3119930
e209be06f500a0e828b62920c380d4ceeae367496d26ef811784cfec3b5d3f61
e209da557420e3913b6b87a1b911e84a08b39cc6de8f9e7928edbf0f0f770ff8
e3349e63272862da96df3644f36467cae7957ed00854aa35d975a6c44a82f982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e47b019304a48fd59d5f1aa95745babcf1e19c7a5c917e6a1ff088aaca37280a
e52fac5e9f145f0dd922427cb0615f79187de8d3c7a72349d6e6b832e6780908
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
e5b3da87ef3fc88bcd2944526305eb486ed0403b4e75513f7a7646f3a46ce40b
e5cd7b3a4c5496d4c699526a6882f4a609682c49ffe34462ac9be3304b97bb62
e67a62c23c04cf1f7f2ae3615dc16e99ff318a5238a311287ce9dfc74d79ef36
e7848aab1733bc0564e8c9c51a66477253dfb298dccfdf3f93a05b159ea7efe6
e886ca7137283c676a0af2a3e2f120df39d976823726e6216d95f738b140d242
e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280
ea9105eb4ed60294150b8c755e8e39c45a36605b913a29e45ac3ab03cefc1ba4
ebd675c552a02d9fd8df7e9e919adbcaa204aeed0490881a7bf64f61cdd5b776
ec40036f822e2e0ad3bf8bdbb03a25a73a15612c1008c6527dc3759b777b0c10
ec6327763a39ecd11f082ad9e489b9f20c8e29ecf74f0da2f4e2879225cc6490
ec9b909992725623f9c0a44733583072781830b943a84312eee976eac8333028
ecab71d3bed0cb52ab56495da8378e889e74ab6f5771d423d382c63b71f0948f
ecc59793c854590b485e1f4e9aa386eaf03ccd59e7436ef98ca040e04a1a19b1
ed1a5801d44ea12b50f00631079ed950f96b7b8ba39fa0cbc462f4e35d35a306
ed49fcb630a629684b9bf5d169bed9b98ac95aebba979c01c7a3f6324bdc2ca5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee753ae9bc8a63c26a8cfad53c2beb154512129a84273a655ebd4c5d3602c6b1
eeb8e96d44df412e2a369666e44b1bf6a05197d522f9b9f0488d69c09567a015
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efaaa09c3b1e7b374e13123fe496ba19e53ac74386fa136d09fdb34701c76755
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
efb9939aaed3ac10f7398430da7d361529b2e4ccdb4f1f75a531ca26f3f42bfa
efdde317b774ed03a69918bb931553608881c84987ce79e68c7f9d32d6138a96
f1865bcf054e092f39630245febb9d858fff3fac1c41b521e2164ca0e0649758
f2e20ed24a339b107a6c14e6b6b92adf226f5237fb2ef20226ee978a75dc5706
f39fac5c0aafcf4b242ecfafd5e7c57baf65e82527f30bf2d4abc213258d21be
f3e048568ec73a37d3de0f63e7812bd07756797f6b82a84053ac56e9c28d6e37
f3fb0ca8e793d8b529a7e7abdaa270757ea9774e2998d2421591133860a22a08
f42f982d3cf93053a71b4b69f1e3e576ee87e829ac9d7df7e641cee7f6dd142e
f56ac6898cb9416aa00060184b370f94fa8008c215a6eb649607783c6a09c9a4
f62f16de4fcde6d16e92a3f070538e622afbc2a33ef041d212883eac02d1f838
f65dd0ed5ab0097e2cb276b346ccfaddb2a9134c9278af39c6a24cd821fce06f
f6ee9d7f91afc3a099942398ec8f27a66e360a916feb18f8c8304c4dabd879a6
f72a1e6a0ba386125a35e7d5ee0a14038f1d2d8837605242cfa16e28e50f756b
f73eb854ba041fae2c2ff7bae977b44e7849ce7988bc965d7d5861d32c969011
f82e13aad36401dc233dd2dd24a7ffd7ef38527a1d8251e96aa4ca755ee2efa2
f841ce5a7a84bcc22c449754839561462ae30432456d86b4c876d9f7e4755a93
f864208d2b21936f414822309cbedb4da55c5e4c83f1d344cafd783caedafc80
f870e36f1d8c5188723dd872a87705dfad89cabaf1c99ddd8ea7e0350fb48842
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f98cfd8031682e7e94e64edfd3f280790195aedb30de7d99a322bafbabc81040
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
f9951fae8e289706db41b427f800b8cfaa831ce3262eeb4c679a14141cd8d199
fa3b732f98185a709919fde825ac9539c580c02d1516e9ebe9ca2312e8512f88
faa8b66c1a42db56dc217f07c7e1cb9a00f9235c425f165e800f515d2891af95
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fb562efb939b9e7454851c32bb14f578d8f9895c7fcc1352ef9b58973735cfb5
fb99807d9c2d9b98d417acd2a3e897a28cc0829d4815642cb9bd1ab640b98454
fbdddb5e70d9800200b82335264d5cb47635b4938c9a6a8e2d8a0711e7bd9756
fc2fcd486a4b62c9cb8defc598d71be80ba779e914d1294446187b051a2f3cc8
fce606b952c88179a13079015dde40e24cba6b56cbb17bd8f4e66aac1f17f8a0
fd0e207199fff05e4e01d2b30e33aa21b2de05c2daf7d799d0981a118ee8efbe
fd2bb69a43dc488727886c1fad9b29556f6b20c8ac2a8397d6c0d0e5b8568575
fe8e5a4c5d188829f690f080f9c755664edd121e599431b8b999a62b8dbfe185
ff9150f84253841e2097c26de1611c67aad46c758b1899c75800af0016e5c446
ffcc93cf9c4061aa41fd8746c14c0409c170db8321dd6bdc8edabf491602d5a7