www.responsinator.com Open in urlscan Pro
45.33.40.48 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lk...
Submission: On November 16 via manual (November 16th 2023, 5:19:17 am UTC) from IN — Scanned from DE

Summary HTTP 210 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 35 domains to perform 210 HTTP transactions. The main IP is 45.33.40.48, located in Fremont, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.responsinator.com.

This is the only time www.responsinator.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	45.33.40.48 45.33.40.48	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
10	31.220.27.98 31.220.27.98	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
10	2a02:b4a:1:7:... 2a02:b4a:1:7::9165:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
10 20	2a02:b4a:1:7:... 2a02:b4a:1:7::9168:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	64.227.70.247 64.227.70.247	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3034::ac43:b510	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	104.234.25.171 104.234.25.171	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
3	209.250.227.32 209.250.227.32	20473 (AS-CHOOPA) (AS-CHOOPA)
1 9	139.45.197.244 139.45.197.244	9002 (RETN-AS) (RETN-AS)
15	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1 4	193.108.153.22 193.108.153.22	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
38	172.64.200.26 172.64.200.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3 3	13.42.237.35 13.42.237.35	16509 (AMAZON-02) (AMAZON-02)
2	23.227.38.74 23.227.38.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	62.113.230.87 62.113.230.87	47447 (TTM) (TTM)
6	139.45.197.168 139.45.197.168	9002 (RETN-AS) (RETN-AS)
5	37.48.87.182 37.48.87.182	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5 10	2606:4700:303... 2606:4700:3035::6815:e80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3031::ac43:88f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	() ()
2	2a00:1450:400... 2a00:1450:4001:806::2008	() ()
7	2a00:1450:400... 2a00:1450:4001:830::2002	() ()
15	2606:4700::68... 2606:4700::6810:5814	() ()
10	2606:4700::68... 2606:4700::6811:180e	() ()
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	() ()
1 4	2a02:6b8::1:119 2a02:6b8::1:119	() ()
1	2a00:1450:400... 2a00:1450:4001:80e::2003	() ()
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	() ()
2	2a00:1450:400... 2a00:1450:4001:828::2002	() ()
3	2a00:1450:400... 2a00:1450:4001:812::2001	() ()
1	2a00:1450:400... 2a00:1450:4001:830::2004	() ()
210	33

13 45.33.40.48 (Fremont, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li990-48.members.linode.com

www.responsinator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 31.220.27.98 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

iqfmvj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:b4a:1:7::9165:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

mdakky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:b4a:1:7::9168:1 (Netherlands) 10 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ecrwqu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.227.70.247 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-15.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3034::ac43:b510 (United States)

ASN13335 (CLOUDFLARENET, US)

ripplestreams4u.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.234.25.171 (Canada) 3 redirects

ASN8100 (ASN-QUADRANET-GLOBAL, US)

www.gemutliches-familienleben.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.250.227.32 (Whitechapel, United Kingdom)

ASN20473 (AS-CHOOPA, US)
PTR: 209.250.227.32.vultrusercontent.com

wachsendefamilie.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 139.45.197.244 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

lidsaich.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.108.153.22 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-22.deploy.static.akamaitechnologies.com

ak.deephicy.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 172.64.200.26 (United States)

ASN13335 (CLOUDFLARENET, US)

totaltopwords.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.48.68.71 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.42.237.35 (London, United Kingdom) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-237-35.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.227.38.74 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com

www.outlet-teppiche.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
de.bluettipower.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.113.230.87 (Bad Segeberg, Germany)

ASN47447 (TTM, DE)
PTR: srv-a-de.c-331.maxcluster.net

www.lexa-pferdefutter.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.168 (United Kingdom)

ASN9002 (RETN-AS, GB)

yonmasqueraina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.48.87.182 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

track.routes.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3035::6815:e80 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

smarter-surf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3031::ac43:88f3 (United States)

ASN13335 (CLOUDFLARENET, US)

promo.pixelsee.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700::6810:5814 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:180e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (None, ) 1 redirects

ASN- ()

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	totaltopwords.com totaltopwords.com	156 KB
20	ecrwqu.com 10 redirects ecrwqu.com — Cisco Umbrella Rank: 363460	5 KB
16	pixelsee.app promo.pixelsee.app — Cisco Umbrella Rank: 244179	68 KB
15	jsdelivr.net cdn.jsdelivr.net	291 KB
15	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11206	8 KB
13	responsinator.com www.responsinator.com	1 MB
10	cloudflare.com cdnjs.cloudflare.com	47 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	226 KB
10	smarter-surf.com 5 redirects smarter-surf.com	43 KB
10	mdakky.com mdakky.com — Cisco Umbrella Rank: 43349	1001 B
10	iqfmvj.com iqfmvj.com — Cisco Umbrella Rank: 620010	129 KB
9	lidsaich.net 1 redirects lidsaich.net — Cisco Umbrella Rank: 216279	26 KB
7	ripplestreams4u.xyz ripplestreams4u.xyz	6 KB
6	yonmasqueraina.com yonmasqueraina.com	21 KB
5	routes.name track.routes.name — Cisco Umbrella Rank: 327772	9 KB
4	deephicy.net 1 redirects ak.deephicy.net — Cisco Umbrella Rank: 94640	16 KB
3	yandex.com 1 redirects mc.yandex.com	2 KB
3	webgains.com 3 redirects track.webgains.com — Cisco Umbrella Rank: 62639	1 KB
3	wachsendefamilie.de wachsendefamilie.de	813 B
3	gemutliches-familienleben.com 3 redirects www.gemutliches-familienleben.com	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	38 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
2	facebook.net connect.facebook.net	89 KB
2	googletagmanager.com www.googletagmanager.com	159 KB
2	datatechone.com datatechone.com — Cisco Umbrella Rank: 34587	933 B
2	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 20826	775 B
1	google.com www.google.com	1 KB
1	facebook.com www.facebook.com	185 B
1	gstatic.com fonts.gstatic.com	33 KB
1	yandex.ru mc.yandex.ru	70 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	bluettipower.eu de.bluettipower.eu
1	lexa-pferdefutter.de www.lexa-pferdefutter.de
1	outlet-teppiche.de www.outlet-teppiche.de
1	servedby-buysellads.com m.servedby-buysellads.com — Cisco Umbrella Rank: 33351	16 KB
210	35

	Domain	Requested by
38	totaltopwords.com	lidsaich.net totaltopwords.com
20	ecrwqu.com	10 redirects iqfmvj.com
16	promo.pixelsee.app	totaltopwords.com promo.pixelsee.app
15	cdn.jsdelivr.net	smarter-surf.com
15	my.rtmark.net	lidsaich.net ak.deephicy.net totaltopwords.com
13	www.responsinator.com	www.responsinator.com
10	cdnjs.cloudflare.com	smarter-surf.com www.responsinator.com
10	smarter-surf.com	5 redirects www.responsinator.com
10	mdakky.com	iqfmvj.com
10	iqfmvj.com	www.responsinator.com
9	lidsaich.net	1 redirects www.responsinator.com lidsaich.net
7	pagead2.googlesyndication.com	promo.pixelsee.app pagead2.googlesyndication.com tpc.googlesyndication.com
7	ripplestreams4u.xyz	iqfmvj.com
6	yonmasqueraina.com	www.responsinator.com yonmasqueraina.com
5	track.routes.name	ak.deephicy.net totaltopwords.com
4	ak.deephicy.net	1 redirects lidsaich.net ak.deephicy.net www.responsinator.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	mc.yandex.com	1 redirects promo.pixelsee.app
3	track.webgains.com	3 redirects
3	wachsendefamilie.de	iqfmvj.com
3	www.gemutliches-familienleben.com	3 redirects
3	www.google-analytics.com	www.responsinator.com www.googletagmanager.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	connect.facebook.net	promo.pixelsee.app connect.facebook.net
2	www.googletagmanager.com	promo.pixelsee.app www.googletagmanager.com
2	datatechone.com	lidsaich.net ak.deephicy.net
2	srv.buysellads.com	m.servedby-buysellads.com
1	www.google.com	tpc.googlesyndication.com
1	www.facebook.com	promo.pixelsee.app
1	fonts.gstatic.com	fonts.googleapis.com
1	mc.yandex.ru	promo.pixelsee.app
1	fonts.googleapis.com	promo.pixelsee.app
1	de.bluettipower.eu	wachsendefamilie.de
1	www.lexa-pferdefutter.de	wachsendefamilie.de
1	www.outlet-teppiche.de	wachsendefamilie.de
1	m.servedby-buysellads.com	www.responsinator.com
210	36

This site contains links to these domains. Also see Links.

Domain
www.paypal.com

Subject Issuer	Validity	Valid
iqfmvj.com R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
mdakky.com R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
ecrwqu.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
ripplestreams4u.xyz GTS CA 1P5	`2023-11-15` - `2024-02-13`	3 months	crt.sh
wachsendefamilie.de Sectigo RSA Domain Validation Secure Server CA	`2023-06-07` - `2024-07-07`	a year	crt.sh
lidsaich.net R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
ak.hetaruwg.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
totaltopwords.com GTS CA 1P5	`2023-10-02` - `2023-12-31`	3 months	crt.sh
datatechone.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-18` - `2023-12-24`	a year	crt.sh
www.outlet-teppiche.de R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
lexa-pferdefutter.de R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
de.bluettipower.eu R3	`2023-10-11` - `2024-01-09`	3 months	crt.sh
yonmasqueraina.com R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
track.routes.name ZeroSSL RSA Domain Secure Site CA	`2023-10-09` - `2024-01-07`	3 months	crt.sh
smarter-surf.com GTS CA 1P5	`2023-10-20` - `2024-01-18`	3 months	crt.sh
pixelsee.app GTS CA 1P5	`2023-11-13` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-25` - `2023-11-23`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Frame ID: 4908FAD97C604C9AABB61C4DAA3CF16F
Requests: 17 HTTP requests in this frame

Frame: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d4&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Frame ID: 5549FF72D0BDA97EF5E5A67541E76C87
Requests: 25 HTTP requests in this frame

Frame: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Frame ID: D2CC7953B2894D4C3C5635B686CBF266
Requests: 25 HTTP requests in this frame

Frame: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b1c06c900017b39da&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Frame ID: 9FE8CC2A04B68DE0094CF0335084B28D
Requests: 19 HTTP requests in this frame

Frame: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e0&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Frame ID: 6BA640F3F615F880DC7647AB35977CB3
Requests: 25 HTTP requests in this frame

Frame: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Frame ID: 7ECF503A726AE46B764532CAEF250FD8
Requests: 25 HTTP requests in this frame

Frame: https://www.lexa-pferdefutter.de/?utm_source=affiliate&utm_medium=webgains&utm_campaign=banner&wgu=13507_121411_17001119462759_a47f2c8891&wgexpiry=1731647946&clickid=13507_121411_17001119462759_a47f2c8891&source=webgains&siteid=121411
Frame ID: C031778E212EC0A81C710C8FC0762CF8
Requests: 5 HTTP requests in this frame

Frame: https://yonmasqueraina.com/?t=0&ymid=748886384483512688
Frame ID: 82FB61462467B53D30C51FB59B9EF77E
Requests: 19 HTTP requests in this frame

Frame: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
Frame ID: 5B3A509705498E881B923E4AEF80A2C8
Requests: 50 HTTP requests in this frame

Frame: https://www.outlet-teppiche.de/?utm_source=affiliate&utm_medium=banner120x600_2&utm_campaign=esprit-teppiche&wgu=276075_121411_17001119462854_b4f163d213&wgexpiry=1731647946&source=webgains&siteid=121411&utm_source=affiliate
Frame ID: BEAA3842255C01BC896EA282D0083F16
Requests: 5 HTTP requests in this frame

Frame: https://de.bluettipower.eu/?wgu=294040_121411_17001119462917_b9579e3598&wgexpiry=1731647946&source=webgains&siteid=121411
Frame ID: 6AA0E455C9DAAC6E69415778A8F097F5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 144579F78F8539B35E24559AE77560BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5826337412698082&output=html&adk=522671305&adf=2681834968&plat=1%3A520%2C2%3A16777736%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.responsinator.com&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&dt=1700111948645&bpp=5&bdt=999&idt=465&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&nras=1&correlator=5837008031970&frm=8&ife=1&pv=2&ga_vid=1827934561.1700111949&ga_sid=1700111949&ga_hid=1520747732&ga_fc=0&nhd=1&u_tz=60&u_his=50&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=736&ish=350&ifk=1124752372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C44806141%2C44807763%2C44808148%2C44808285%2C44809055%2C44809071%2C318512602&oid=2&pvsid=3006620264674615&tmod=895213188&uas=0&nvt=1&fsapi=1&usrc=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C736%2C350&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.chk1t6fv6fx0&fsb=1&dtd=495
Frame ID: 000BBCCBB8F73952C57C8380CB195798
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7247380E37A4F0A4A29509B97ECAB39A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 06E0E1B380F5EF7423288DC013858CE1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Responsinator - iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

BuySellAds (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

servedby-buysellads\.com/monetization(?:\.[\w\d]+)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

210
Requests

90 %
HTTPS

53 %
IPv6

35
Domains

36
Subdomains

33
IPs

5
Countries

2594 kB
Transfer

5787 kB
Size

31
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=9H9TMPT4YF79A
Title: Say thanks and buy us a beer!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 46

https://ecrwqu.com/cuclc?aid=1705842395920745024&t=1700111943&s=1087117 HTTP 302
https://ripplestreams4u.xyz/redzonehd.php

Request Chain 47

https://ecrwqu.com/cuclc?aid=7755717486134118238&t=1700111943&s=1087117 HTTP 302
https://ripplestreams4u.xyz/redzonehd.php

Request Chain 48

https://ecrwqu.com/cuclc?aid=14379679261031089810&t=1700111943&s=1087117 HTTP 302
https://ripplestreams4u.xyz/redzonehd.php

Request Chain 49

https://ecrwqu.com/cuclc?aid=690604970377101384&t=1700111943&s=1087117 HTTP 302
https://ripplestreams4u.xyz/redzonehd.php

Request Chain 50

https://ecrwqu.com/cuclc?aid=13252324967898303591&t=1700111943&s=1087117 HTTP 302
https://ripplestreams4u.xyz/redzonehd.php

Request Chain 51

https://ecrwqu.com/cuclc?aid=5492490902917039331&t=1700111943&s=1072682 HTTP 302
https://www.gemutliches-familienleben.com/cl9rl9k.php?key=kjudi913ub527enu4pd2&cpa_cost=0.0002&SOURCE_ID=a510693&CAMPAIGN_ID=1072682&COUNTRY=DE&BROWSER=Chrome&CREATIVE_ID={CREATIVE_ID}&FORMAT=pops&OS=Windows&LANG=de&ZONE_ID=a510693 HTTP 302
https://wachsendefamilie.de/Bluetti.php?clickref=4947dghj6c80cdd

Request Chain 52

https://ecrwqu.com/cuclc?aid=930719495006732754&t=1700111943&s=1087117 HTTP 302
https://ripplestreams4u.xyz/redzonehd.php

Request Chain 53

https://ecrwqu.com/cuclc?aid=6902032663693836312&t=1700111943&s=1072682 HTTP 302
https://www.gemutliches-familienleben.com/cl9rl9k.php?key=kjudi913ub527enu4pd2&cpa_cost=0.0002&SOURCE_ID=a510693&CAMPAIGN_ID=1072682&COUNTRY=DE&BROWSER=Chrome&CREATIVE_ID={CREATIVE_ID}&FORMAT=pops&OS=Windows&LANG=de&ZONE_ID=a510693 HTTP 302
https://wachsendefamilie.de/Outlet-teppiche.php?clickref=32fecghj6c8fed25

Request Chain 54

https://ecrwqu.com/cuclc?aid=7179596960574098944&t=1700111943&s=1072682 HTTP 302
https://www.gemutliches-familienleben.com/cl9rl9k.php?key=kjudi913ub527enu4pd2&cpa_cost=0.0002&SOURCE_ID=a510693&CAMPAIGN_ID=1072682&COUNTRY=DE&BROWSER=Chrome&CREATIVE_ID={CREATIVE_ID}&FORMAT=pops&OS=Windows&LANG=de&ZONE_ID=a510693 HTTP 302
https://wachsendefamilie.de/ads05.php?clickref=70893ghj6tl3y03d

Request Chain 55

https://ecrwqu.com/cuclc?aid=11112793156310418528&t=1700111943&s=1087117 HTTP 302
https://ripplestreams4u.xyz/redzonehd.php

Request Chain 56

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900294538&utmhn=www.responsinator.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Responsinator%20-%20iqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D&utmhid=1755334882&utmr=-&utmp=%2F%3Furl%3Dhttps%25253A%25252F%25252Fiqfmvj.com%25252Fchecking-browser%25253Fh%25253DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%25253DeyJ%252526si1%25253D%252526si2%25253D&utmht=1700111944185&utmac=UA-29714105-1&utmcc=__utma%3D249645061.393179501.1700111944.1700111944.1700111944.1%3B%2B__utmz%3D249645061.1700111944.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1550687576&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900294538&utmhn=www.responsinator.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Responsinator%20-%20iqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D&utmhid=1755334882&utmr=-&utmp=%2F%3Furl%3Dhttps%25253A%25252F%25252Fiqfmvj.com%25252Fchecking-browser%25253Fh%25253DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%25253DeyJ%252526si1%25253D%252526si2%25253D&utmht=1700111944185&utmac=UA-29714105-1&utmcc=__utma%3D249645061.393179501.1700111944.1700111944.1700111944.1%3B%2B__utmz%3D249645061.1700111944.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1550687576&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 79

https://track.webgains.com/click.html?wglinkid=3006185&wgcampaignid=121411&clickref=32fecghj6c8fed25 HTTP 302
https://www.outlet-teppiche.de/?utm_source=affiliate&utm_medium=banner120x600_2&utm_campaign=esprit-teppiche&wgu=276075_121411_17001119462854_b4f163d213&wgexpiry=1731647946&source=webgains&siteid=121411&utm_source=affiliate

Request Chain 80

https://track.webgains.com/click.html?wglinkid=831049&wgcampaignid=121411&clickref=70893ghj6tl3y03d HTTP 302
https://www.lexa-pferdefutter.de/?utm_source=affiliate&utm_medium=webgains&utm_campaign=banner&wgu=13507_121411_17001119462759_a47f2c8891&wgexpiry=1731647946&clickid=13507_121411_17001119462759_a47f2c8891&source=webgains&siteid=121411

Request Chain 81

https://track.webgains.com/click.html?wglinkid=4334858&wgcampaignid=121411&clickref=4947dghj6c80cdd HTTP 302
https://de.bluettipower.eu/?wgu=294040_121411_17001119462917_b9579e3598&wgexpiry=1731647946&source=webgains&siteid=121411

Request Chain 95

https://lidsaich.net/?z=6003953&syncedCookie=true&rhd=false HTTP 302
https://ak.deephicy.net/4/6118780/?var=6003953

Request Chain 111

https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
https://yonmasqueraina.com/?t=0&ymid=748886384483512688

Request Chain 132

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b1c06c900017b39da&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages. HTTP 302
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b1c06c900017b39da&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Request Chain 148

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages. HTTP 302
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Request Chain 149

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e0&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages. HTTP 302
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e0&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Request Chain 150

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages. HTTP 302
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Request Chain 151

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d4&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages. HTTP 302
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d4&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Request Chain 214

https://mc.yandex.com/watch/95374876?wmode=7&page-url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023%26sub2%3Dpropeller%26sub6%3D748886387130118436&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A696547093864%3Ahid%3A825801889%3Az%3A60%3Ai%3A20231116061908%3Aet%3A1700111949%3Ac%3A1%3Arn%3A444634223%3Arqn%3A1%3Au%3A1700111949314660086%3Aw%3A736x350%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C91%2C102%2C1%2C6%2C0%2C%2C506%2C11%2C%2C%2C%2C739%3Aco%3A0%3Acpf%3A1%3Ans%3A1700111947409%3Arqnl%3A1%3Ast%3A1700111949%3At%3APIXELSEE%20%7C%20Your%20file%20ready%20to%20download&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/95374876/1?wmode=7&page-url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023%26sub2%3Dpropeller%26sub6%3D748886387130118436&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A696547093864%3Ahid%3A825801889%3Az%3A60%3Ai%3A20231116061908%3Aet%3A1700111949%3Ac%3A1%3Arn%3A444634223%3Arqn%3A1%3Au%3A1700111949314660086%3Aw%3A736x350%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C91%2C102%2C1%2C6%2C0%2C%2C506%2C11%2C%2C%2C%2C739%3Aco%3A0%3Acpf%3A1%3Ans%3A1700111947409%3Arqnl%3A1%3Ast%3A1700111949%3At%3APIXELSEE%20%7C%20Your%20file%20ready%20to%20download&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

210 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.responsinator.com/ 15 KB
3 KB 594ms
215ms Document
text/html 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: 11ac518da4c3bab1ab905231310f39ef05ad87a56d28d48e1c2171387dadef81

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2357
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 05:19:02 GMT
Expires: Thu, 16 Nov 2023 05:19:02 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK main.css
www.responsinator.com/css/ 11 KB
3 KB 192ms
186ms Stylesheet
text/css 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.responsinator.com/css/main.css?v=9
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: adaa3eccf56747a88cba8dd0fb0aebda667b876a315f836e0bdcb120f18186c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Content-Encoding: gzip
Last-Modified: Sun, 02 Dec 2018 00:51:11 GMT
Server: Apache
ETag: "12a3e2-2b1c-57bff6db4ddc0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2599
Expires: Sat, 16 Dec 2023 05:19:03 GMT

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 72 KB
16 KB 172ms
50ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://m.servedby-buysellads.com/monetization.js
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: HTTP/1.1
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 85035853ec4a25b718afdcde13e0ffe59b86ba0e7125d07b5e2857cfdad0d741

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Nov 2023 15:55:33 GMT
Server: AmazonS3
x-amz-request-id: 3SRFVH5V8B61MVFT
ETag: "c89307314053bc69d48ccd0533eb7ff6"
x-amz-server-side-encryption: AES256
X-HW: 1700111943.cds307.am5.h2,1700111943.cds121.am5.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2409
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16182
x-amz-id-2: QUhW1PBH5L96akgJdXHVmi6sjLz8MTM2MUww7LAO2opCX8lYvJhcePHaZeB7y5nCXKpLB57I3WcW7dN+IDP5H+7Z+mXOcKlVJmAlLAF7syI=

GET
H/1.1 200
OK responsinator.min.js Show response
www.responsinator.com/includes/ 21 KB
7 KB 207ms
193ms Script
application/javascript 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.responsinator.com/includes/responsinator.min.js?v=201403261325
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: d9687f03179306124bdfa38fcb7363346bf5406d956cc06b0121ae970c230be2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Dec 2017 08:54:18 GMT
Server: Apache
ETag: "12a444-53e0-56020cbcd4280"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6258
Expires: Sat, 16 Dec 2023 05:19:03 GMT

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame 5549 25 KB
13 KB 209ms
18ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu3

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame D2CC 25 KB
13 KB 159ms
0ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu4

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame 9FE8 25 KB
13 KB 227ms
76ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu4

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame 6BA6 25 KB
13 KB 223ms
73ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu3

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame 7ECF 25 KB
13 KB 227ms
79ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame C031 25 KB
13 KB 167ms
17ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame 82FB 25 KB
13 KB 212ms
64ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu4

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame 5B3A 25 KB
13 KB 164ms
18ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu4

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame BEAA 25 KB
13 KB 210ms
67ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu

GET
H2 200 checking-browser Show response
iqfmvj.com/ Frame 6AA0 25 KB
13 KB 203ms
60ms Document
text/html 31.220.27.98
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6

Request headers

Referer: http://www.responsinator.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:03 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu3

GET
H2 200 rpe Show response
mdakky.com/ Frame D2CC 0
100 B 156ms
26ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.605508021707871&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H/1.1 200
OK iphone-x-portrait.png
www.responsinator.com/images/ 105 KB
106 KB 198ms
180ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/iphone-x-portrait.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: b266de2122c09ce7e0842a01205260fca57995c419f3b32cd6f0e5528bbe7181

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Last-Modified: Wed, 13 Dec 2017 15:31:48 GMT
Server: Apache
ETag: "12a41e-1a548-5603a7736c100"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 107848
Expires: Sat, 16 Dec 2023 05:19:03 GMT

GET
H/1.1 200
OK iphone-x-landscape.png
www.responsinator.com/images/ 75 KB
75 KB 205ms
188ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/iphone-x-landscape.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: b727fd355cca5c48e32d7d6d9a652e8528a8e1e5c0101914c7cc54e520e8f2c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Last-Modified: Wed, 13 Dec 2017 15:31:48 GMT
Server: Apache
ETag: "12a41d-12abb-5603a7736c100"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 76475
Expires: Sat, 16 Dec 2023 05:19:03 GMT

GET
H/1.1 200
OK android-pixel-2-portrait.png
www.responsinator.com/images/ 148 KB
148 KB 377ms
179ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/android-pixel-2-portrait.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: 1a5a498ff355690fa37d2f1cf667d113e0a268fbd2e37cd9b590c5e7bf45ce89

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Last-Modified: Thu, 11 Jan 2018 18:29:00 GMT
Server: Apache
ETag: "12a421-24e91-5628452541300"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 151185
Expires: Sat, 16 Dec 2023 05:19:03 GMT

GET
H/1.1 200
OK android-pixel-2-landscape.png
www.responsinator.com/images/ 151 KB
151 KB 378ms
180ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/android-pixel-2-landscape.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: 9eb534c432866ba3d2dccc21cbd1f4d7d025d162d697a7c59afc9e83569dc10e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Last-Modified: Thu, 11 Jan 2018 18:29:00 GMT
Server: Apache
ETag: "12a420-25bb3-5628452541300"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 154547
Expires: Sat, 16 Dec 2023 05:19:03 GMT

GET
H/1.1 200
OK iphone-6-portrait.png
www.responsinator.com/images/ 60 KB
61 KB 378ms
181ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/iphone-6-portrait.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: cba05ec4b9ec039e6e59ca44e23fa1710b666d94d4f99465631ee21e9877a90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Last-Modified: Tue, 12 Dec 2017 08:54:18 GMT
Server: Apache
ETag: "12a40c-f0a9-56020cbcd4280"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 61609
Expires: Sat, 16 Dec 2023 05:19:03 GMT

GET
H/1.1 200
OK iphone-6-landscape.png
www.responsinator.com/images/ 67 KB
67 KB 381ms
184ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/iphone-6-landscape.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: e57cfb6c364785359ce3bb95459e4a43dad921a1aec8421fe2cae34a7b369845

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Last-Modified: Tue, 12 Dec 2017 08:54:18 GMT
Server: Apache
ETag: "12a409-10a4a-56020cbcd4280"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 68170
Expires: Sat, 16 Dec 2023 05:19:03 GMT

GET
H/1.1 200
OK iphone-6-plus-portrait.png
www.responsinator.com/images/ 66 KB
66 KB 234ms
230ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/iphone-6-plus-portrait.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: 7326eace7b7a4b6f5a5113e3c26272ad0a73c639e28679e169b65ea497fd5d49

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:04 GMT
Last-Modified: Tue, 12 Dec 2017 08:54:18 GMT
Server: Apache
ETag: "12a40b-1063c-56020cbcd4280"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 67132
Expires: Sat, 16 Dec 2023 05:19:04 GMT

GET
H/1.1 200
OK iphone-6-plus-landscape.png
www.responsinator.com/images/ 72 KB
73 KB 193ms
191ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/iphone-6-plus-landscape.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: d3ea3a7a8fca774bc0df4bd897da772f00e8362fad39e10d6ef6f0144915d2d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:04 GMT
Last-Modified: Tue, 12 Dec 2017 08:54:18 GMT
Server: Apache
ETag: "12a40a-1219c-56020cbcd4280"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 74140
Expires: Sat, 16 Dec 2023 05:19:04 GMT

GET
H/1.1 200
OK ipad-portrait.png
www.responsinator.com/images/ 186 KB
187 KB 183ms
180ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/ipad-portrait.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: bb0cd98eff73a71cc04c43416d5b8b0d0ada966656c9b2868a45807ae087bb6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:04 GMT
Last-Modified: Tue, 12 Dec 2017 08:54:18 GMT
Server: Apache
ETag: "12a406-2e8b1-56020cbcd4280"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 190641
Expires: Sat, 16 Dec 2023 05:19:04 GMT

GET
H/1.1 200
OK ipad-landscape.png
www.responsinator.com/images/ 191 KB
192 KB 192ms
186ms Image
image/png 45.33.40.48
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.responsinator.com/images/ipad-landscape.png
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/css/main.css?v=9
Protocol: HTTP/1.1
Server: 45.33.40.48 Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li990-48.members.linode.com
Software: Apache /
Resource Hash: 72a3b94157a8df70e87d77a7c293c5e37e2e1c9dcc6b747e0609b32261c22065

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/css/main.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:04 GMT
Last-Modified: Tue, 12 Dec 2017 08:54:18 GMT
Server: Apache
ETag: "12a405-2fcaf-56020cbcd4280"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 195759
Expires: Sat, 16 Dec 2023 05:19:04 GMT

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame D2CC 150 B
306 B 152ms
29ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: fc4affa779fb354fb891e4726ad66dc6ae255f2d06798f74f2c7f5a23326db07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 rpe Show response
mdakky.com/ Frame 5B3A 0
101 B 49ms
25ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.9833534555817376&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H/1.1 200
OK CK7D4K7N.json Show response
srv.buysellads.com/ads/ 819 B
775 B 39ms
38ms Fetch
application/json 64.227.70.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://srv.buysellads.com/ads/CK7D4K7N.json?segment=placement:responsinatorcom
Requested by: Host: m.servedby-buysellads.com
URL: http://m.servedby-buysellads.com/monetization.js
Protocol: HTTP/1.1
Server: 64.227.70.247 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-15.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 0b44dd9e42b4f31a1230fc566b3c5f59e5c6a6d20e133697be6220caf1ce7e0b

Request headers

Referer: http://www.responsinator.com/
x-origin: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
accept-language: de-DE,de;q=0.9
x-client: monetization.js/20231024 (target:body;noViewable:true;script_id:_bsa_srv-CK7D4K7N_0;platforms:desktop%2Cmobile;skippedVisible:true)
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 16 Nov 2023 05:19:03 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Content-Length: 509

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

304ms
84ms

Script
text/javascript

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D

Protocol

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 04:20:11 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3533
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 16 Nov 2023 06:20:11 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

OPTIONS
H/1.1 200
OK CK7D4K7N.json
srv.buysellads.com/ads/ Frame 0
0 364ms
40ms Preflight 64.227.70.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://srv.buysellads.com/ads/CK7D4K7N.json?segment=placement:responsinatorcom
Protocol: HTTP/1.1
Server: 64.227.70.247 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-15.buysellads.com
Software: //srv.buysellads.com /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-client,x-origin
Access-Control-Request-Method: GET
Origin: http://www.responsinator.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 23
Date: Thu, 16 Nov 2023 05:19:03 GMT
Server: //srv.buysellads.com
Vary: Accept-Encoding

GET
H2 200 rpe Show response
mdakky.com/ Frame 6BA6 0
100 B 51ms
22ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.9692435417431633&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 rpe Show response
mdakky.com/ Frame 9FE8 0
100 B 46ms
29ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.7926717928986797&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 rpe Show response
mdakky.com/ Frame 7ECF 0
100 B 35ms
28ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.9778986888581658&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 rpe Show response
mdakky.com/ Frame 6AA0 0
100 B 42ms
24ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.7628696397183532&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 rpe Show response
mdakky.com/ Frame 82FB 0
100 B 32ms
30ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.41140067352246756&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 rpe Show response
mdakky.com/ Frame BEAA 0
100 B 30ms
30ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.4263453811731399&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 rpe Show response
mdakky.com/ Frame C031 0
100 B 31ms
30ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.6740495987822375&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 rpe Show response
mdakky.com/ Frame 5549 0
100 B 32ms
30ms XHR
text/plain 2a02:b4a:1:7::9165:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1169228&st=1295400&wd=510693&d=iqfmvj.com&tpl=44&rnd=0.6063763679908285&sbid=&sbid2=
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9165:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame 5B3A 150 B
306 B 32ms
31ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: af925430e16a935250ff8fefd08b9013451c67b9187087057ebe342db596f12c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame 6BA6 151 B
306 B 33ms
32ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6e08f2bd37f54d13a90be55b530541b3316cd22f439c1aa971552bdee1812566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame 9FE8 149 B
304 B 37ms
35ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a4aa796bf2e6d6da0e3548c641e8a617c0e9599c439e2a87438b81af66df41b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame 7ECF 151 B
306 B 32ms
31ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f951efa8701ec7ccdd15fcbdd710dde52826e4ae255c627a612619db42682d11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame 6AA0 150 B
306 B 31ms
31ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: aa29e946feaf5abaab48702c5d71342e37c6f4424732aaff10ade12f34364f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame 82FB 149 B
306 B 32ms
31ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f8a229ff866665d6849cca42f07af07b72b9fbca9afdab69986f19e2fb9fef58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame BEAA 150 B
305 B 34ms
34ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: dce5b4a0c334b4a05df4e0488dbacb8d7785ebb978b9f9b318809ffc620fca54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame C031 150 B
306 B 33ms
32ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b9947f0395ce5534159dfe081481e599d7da5f2027734fe98bfc6f1c88902e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 phtbload Show response
ecrwqu.com/ Frame 5549 151 B
306 B 32ms
32ms Fetch
application/javascript 2a02:b4a:1:7::9168:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ecrwqu.com/phtbload?a=1&e=aeyJwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTN9
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9168:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: c906068563fd24ff258d506399d807859cc3fc5cfac6d072381076235f1c177b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://iqfmvj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Nov 2023 05:19:03 GMT
content-encoding: gzip
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2

200

redzonehd.php Show response
ripplestreams4u.xyz/ Frame D2CC
Redirect Chain

https://ecrwqu.com/cuclc?aid=1705842395920745024&t=1700111943&s=1087117
https://ripplestreams4u.xyz/redzonehd.php

1 KB
829 B

299ms
164ms

Document
text/html

2606:4700:3034::ac43:b510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ripplestreams4u.xyz/redzonehd.php
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c49e859519173476bef5f89108326af4f3c38a7046875798d7bbc80c68d788f

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46e259e1915e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJNOwSU0XsKX67CoVRIuywBK%2FK%2FRagXmxpdAxIHu2n1O5qKPolWqeEs7rbSWJOTzBImnfeLd72VcEPs3eJUT5Qcc4%2B6%2F4A3GPgBCHOiDlhbYQEDsKhW7npL5esPIQwxbK7vXjKmFAePtu2tbgIxQL8nx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 163
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 05:19:03 GMT
location: https://ripplestreams4u.xyz/redzonehd.php
server: nginx/1.18.0

GET
H2

200

redzonehd.php Show response
ripplestreams4u.xyz/ Frame 5B3A
Redirect Chain

https://ecrwqu.com/cuclc?aid=7755717486134118238&t=1700111943&s=1087117
https://ripplestreams4u.xyz/redzonehd.php

1 KB
835 B

299ms
190ms

Document
text/html

2606:4700:3034::ac43:b510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ripplestreams4u.xyz/redzonehd.php
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c49e859519173476bef5f89108326af4f3c38a7046875798d7bbc80c68d788f

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46e259e4915e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5GY1vlxtvHSfzfLKLkiHFZq1KYExZDPmSCvoOAbWTEpmrMmoyy6oMI0Xh6PV5JYuM3fGaHosolaafNbqg440buLK%2BFnPk5pyhKVBh7GibrAHsPAL3olfrJR7RzaeAZsg24nmVkZvAvoNY9Ix6F%2BjNFQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 163
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 05:19:03 GMT
location: https://ripplestreams4u.xyz/redzonehd.php
server: nginx/1.18.0

GET
H2

200

redzonehd.php Show response
ripplestreams4u.xyz/ Frame 6BA6
Redirect Chain

https://ecrwqu.com/cuclc?aid=14379679261031089810&t=1700111943&s=1087117
https://ripplestreams4u.xyz/redzonehd.php

1 KB
833 B

309ms
184ms

Document
text/html

2606:4700:3034::ac43:b510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ripplestreams4u.xyz/redzonehd.php
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c49e859519173476bef5f89108326af4f3c38a7046875798d7bbc80c68d788f

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46e259e3915e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joMiMt%2Fxt4XFAI8hmk2kJxMXVOdT7WTaBD6cxDte%2BdwFDQOFXXRHbaLrDVPh9bwPNJRAMYUvqI36TO%2B4eWiKmqbeaEEXnFamJfEkGLpGjcidpaY1XUjKRMB0b2vK%2BpZpR6mTkU%2F9KWjpKgAGoHWAuXj7"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 163
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 05:19:03 GMT
location: https://ripplestreams4u.xyz/redzonehd.php
server: nginx/1.18.0

GET
H2

200

redzonehd.php Show response
ripplestreams4u.xyz/ Frame 9FE8
Redirect Chain

https://ecrwqu.com/cuclc?aid=690604970377101384&t=1700111943&s=1087117
https://ripplestreams4u.xyz/redzonehd.php

1 KB
841 B

296ms
170ms

Document
text/html

2606:4700:3034::ac43:b510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ripplestreams4u.xyz/redzonehd.php
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c49e859519173476bef5f89108326af4f3c38a7046875798d7bbc80c68d788f

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46e259e0915e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhdY%2FVtz4u%2Fis2bC%2B3F89GUIBpkuu2bA7EzOWHlHwXyUCFmCvtuZsBM0y0sRvKvx1U7jwGxtmmgBdQwqmhHwy%2FudBDQegfxur9fOXkhGcS4DwFNDSB4uVil39ZZVb7Z8clCDHaXQXMhdJQU%2B6HfYfBy2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 163
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 05:19:03 GMT
location: https://ripplestreams4u.xyz/redzonehd.php
server: nginx/1.18.0

GET
H2

200

redzonehd.php Show response
ripplestreams4u.xyz/ Frame 7ECF
Redirect Chain

https://ecrwqu.com/cuclc?aid=13252324967898303591&t=1700111943&s=1087117
https://ripplestreams4u.xyz/redzonehd.php

1 KB
1 KB

294ms
158ms

Document
text/html

2606:4700:3034::ac43:b510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ripplestreams4u.xyz/redzonehd.php
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c49e859519173476bef5f89108326af4f3c38a7046875798d7bbc80c68d788f

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46e259df915e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3vyLkhTVQ%2Fs53Z8P3xuCD%2FABOUdWbfvrM38RwtNWtp43lLZqFuuatEthMFGkq2K%2BOsaDNzoD8dUbJ1qxB5QCS0WVNbqrslcvlDbvmBQYL%2F7sy%2B4%2FiWNQPlCg4xHJMscgcpM0wLoiOKDEPfyBEeIALjA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 163
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 05:19:03 GMT
location: https://ripplestreams4u.xyz/redzonehd.php
server: nginx/1.18.0

GET
H2

200

Bluetti.php Show response
wachsendefamilie.de/ Frame 6AA0
Redirect Chain

https://ecrwqu.com/cuclc?aid=5492490902917039331&t=1700111943&s=1072682
https://www.gemutliches-familienleben.com/cl9rl9k.php?key=kjudi913ub527enu4pd2&cpa_cost=0.0002&SOURCE_ID=a510693&CAMPAIGN_ID=1072682&COUNTRY=DE&BROWSER=Chrome&CREATIVE_ID={CREATIVE_ID}&FORMAT=pops&...
https://wachsendefamilie.de/Bluetti.php?clickref=4947dghj6c80cdd

147 B
270 B

849ms
63ms

Document
text/html

209.250.227.32
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://wachsendefamilie.de/Bluetti.php?clickref=4947dghj6c80cdd

Requested by

Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.250.227.32 Whitechapel, United Kingdom, ASN20473 (AS-CHOOPA, US),

Reverse DNS

209.250.227.32.vultrusercontent.com

Software

nginx /

Resource Hash

82e736267a28134ceab9b1c2399d78115ec4074a694b1eccb32a2b0e8bdc8ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:05 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 05:19:04 GMT
Location: https://wachsendefamilie.de/Bluetti.php?clickref=4947dghj6c80cdd
Server: nginx/1.24.0
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

GET
H2

200

redzonehd.php Show response
ripplestreams4u.xyz/ Frame 82FB
Redirect Chain

https://ecrwqu.com/cuclc?aid=930719495006732754&t=1700111943&s=1087117
https://ripplestreams4u.xyz/redzonehd.php

1 KB
843 B

347ms
222ms

Document
text/html

2606:4700:3034::ac43:b510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ripplestreams4u.xyz/redzonehd.php
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c49e859519173476bef5f89108326af4f3c38a7046875798d7bbc80c68d788f

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46e259e6915e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uo0NeH4tHnLYDcFaEUtt4QitAsvrwHabrPsHy50LJMZIRQ5%2BraQudPGDMV1Ez%2BLHLQQjEjUB0glUsRtEVuPuB8lxr4p%2BoIHfPKHxDDS%2BLR%2BLcbMRUmKZPD3NLzcEBbXO2b70VG%2B2EOz3o%2BYkC8zaWTzc"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 163
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 05:19:03 GMT
location: https://ripplestreams4u.xyz/redzonehd.php
server: nginx/1.18.0

GET
H2

200

Outlet-teppiche.php Show response
wachsendefamilie.de/ Frame BEAA
Redirect Chain

https://ecrwqu.com/cuclc?aid=6902032663693836312&t=1700111943&s=1072682
https://www.gemutliches-familienleben.com/cl9rl9k.php?key=kjudi913ub527enu4pd2&cpa_cost=0.0002&SOURCE_ID=a510693&CAMPAIGN_ID=1072682&COUNTRY=DE&BROWSER=Chrome&CREATIVE_ID={CREATIVE_ID}&FORMAT=pops&...
https://wachsendefamilie.de/Outlet-teppiche.php?clickref=32fecghj6c8fed25

148 B
272 B

820ms
49ms

Document
text/html

209.250.227.32
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://wachsendefamilie.de/Outlet-teppiche.php?clickref=32fecghj6c8fed25

Requested by

Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.250.227.32 Whitechapel, United Kingdom, ASN20473 (AS-CHOOPA, US),

Reverse DNS

209.250.227.32.vultrusercontent.com

Software

nginx /

Resource Hash

36c849cf278594ebfb7283cbed34fc67734b040bfc9d96fd16b3b4f15d4a8131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:05 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 05:19:04 GMT
Location: https://wachsendefamilie.de/Outlet-teppiche.php?clickref=32fecghj6c8fed25
Server: nginx/1.24.0
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

GET
H2

200

ads05.php Show response
wachsendefamilie.de/ Frame C031
Redirect Chain

https://ecrwqu.com/cuclc?aid=7179596960574098944&t=1700111943&s=1072682
https://www.gemutliches-familienleben.com/cl9rl9k.php?key=kjudi913ub527enu4pd2&cpa_cost=0.0002&SOURCE_ID=a510693&CAMPAIGN_ID=1072682&COUNTRY=DE&BROWSER=Chrome&CREATIVE_ID={CREATIVE_ID}&FORMAT=pops&...
https://wachsendefamilie.de/ads05.php?clickref=70893ghj6tl3y03d

147 B
271 B

844ms
57ms

Document
text/html

209.250.227.32
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://wachsendefamilie.de/ads05.php?clickref=70893ghj6tl3y03d

Requested by

Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.250.227.32 Whitechapel, United Kingdom, ASN20473 (AS-CHOOPA, US),

Reverse DNS

209.250.227.32.vultrusercontent.com

Software

nginx /

Resource Hash

cabe1e4f9e88fb4c6a6b731b4ffeea55513bc83790103875b508817e10cf390d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:05 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Nov 2023 05:19:04 GMT
Location: https://wachsendefamilie.de/ads05.php?clickref=70893ghj6tl3y03d
Server: nginx/1.24.0
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked

GET
H2

200

redzonehd.php Show response
ripplestreams4u.xyz/ Frame 5549
Redirect Chain

https://ecrwqu.com/cuclc?aid=11112793156310418528&t=1700111943&s=1087117
https://ripplestreams4u.xyz/redzonehd.php

1 KB
838 B

286ms
178ms

Document
text/html

2606:4700:3034::ac43:b510
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ripplestreams4u.xyz/redzonehd.php
Requested by: Host: iqfmvj.com
URL: https://iqfmvj.com/checking-browser?h=waWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0=eyJ&si1=&si2=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b510 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c49e859519173476bef5f89108326af4f3c38a7046875798d7bbc80c68d788f

Request headers

Referer: https://iqfmvj.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46e259e7915e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC0bJmTIu8JqxNHtmjiJXOB2ERcroC9lWcN9H1tjUl2pA7mL07hpsNlX2G01VZiXqtfBjd7O0iqZeZcXRHa%2F02ESL7K1vunRJn7ywkKVfJ6jzPMV%2F5eCqQI8F8d%2BqxCQ%2FGIIImexel3u2DHYP2bgVV11"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 163
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 05:19:03 GMT
location: https://ripplestreams4u.xyz/redzonehd.php
server: nginx/1.18.0

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900294538&utmhn=www.responsinator.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900294538&utmhn=www.responsinator.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...

35 B
197 B

108ms
100ms

Image
image/gif

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900294538&utmhn=www.responsinator.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Responsinator%20-%20iqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D&utmhid=1755334882&utmr=-&utmp=%2F%3Furl%3Dhttps%25253A%25252F%25252Fiqfmvj.com%25252Fchecking-browser%25253Fh%25253DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%25253DeyJ%252526si1%25253D%252526si2%25253D&utmht=1700111944185&utmac=UA-29714105-1&utmcc=__utma%3D249645061.393179501.1700111944.1700111944.1700111944.1%3B%2B__utmz%3D249645061.1700111944.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1550687576&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Protocol

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.responsinator.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 05:19:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1900294538&utmhn=www.responsinator.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Responsinator%20-%20iqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D&utmhid=1755334882&utmr=-&utmp=%2F%3Furl%3Dhttps%25253A%25252F%25252Fiqfmvj.com%25252Fchecking-browser%25253Fh%25253DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%25253DeyJ%252526si1%25253D%252526si2%25253D&utmht=1700111944185&utmac=UA-29714105-1&utmcc=__utma%3D249645061.393179501.1700111944.1700111944.1700111944.1%3B%2B__utmz%3D249645061.1700111944.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1550687576&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 6003953 Show response
lidsaich.net/4/ Frame 7ECF 1 KB
2 KB 250ms
90ms Document
text/html 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lidsaich.net/4/6003953
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 891b9caf2978900353c4cd01ca86c7b82c12ac7c50bdc9b0a03c4a6ea0a4cafe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:04 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://totaltopwords.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: ca82c932e6e61d60e2f44f50588fc8bc

GET
H2 200 6003953 Show response
lidsaich.net/4/ Frame D2CC 1 KB
2 KB 237ms
77ms Document
text/html 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lidsaich.net/4/6003953
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 9fcb8529fd0da55a58223147901444062cd6e734633500c75b9d66398485cab8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:04 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://totaltopwords.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: f595dbdeb32a34d794d62c0185f0dd89

GET
H2 200 6003953 Show response
lidsaich.net/4/ Frame 9FE8 30 KB
13 KB 193ms
51ms Document
text/html 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lidsaich.net/4/6003953
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: c40a508fcf1f3323c8502c2c616f8a7a19b698f23c2eb32ff3639cc31e7e743c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:04 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 4c6c4432687985bc45eb20d98193575e

GET
H2 200 6003953 Show response
lidsaich.net/4/ Frame 5549 1 KB
2 KB 227ms
87ms Document
text/html 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lidsaich.net/4/6003953
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e52c6ed3820b52febc3ea64f3443790360da17919d1ea960a7b23ea21cdb64f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:04 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://totaltopwords.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: a5343d4eb8f5c1bcec1d197aa5d3480e

GET
H2 200 6003953 Show response
lidsaich.net/4/ Frame 6BA6 1 KB
2 KB 215ms
85ms Document
text/html 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lidsaich.net/4/6003953
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ca27d1c781da498dbf268b7516b04c48026d9090ca0011355eadab749d1b0983

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:04 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://totaltopwords.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: a327b7dfc54ac96a33f850ec4ef3fba2

GET
H2 200 6003953 Show response
lidsaich.net/4/ Frame 5B3A 1 KB
2 KB 215ms
88ms Document
text/html 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lidsaich.net/4/6003953
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be4f721b01bfa63cb75579f56e1ec00426f9c1c963eb76a84ff3ee10c8aba27a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:04 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://totaltopwords.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: 5589132f6f08f12982c1232319a3c5de

GET
H2 200 6003953 Show response
lidsaich.net/4/ Frame 82FB 1 KB
2 KB 200ms
76ms Document
text/html 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://lidsaich.net/4/6003953
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4599b86cc302ff9e71af3f96aa4926097178fa048a2c0922c0e5d2f8d79169fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0 no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:04 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT Mon, 26 Jul 1997 05:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://ak.deephicy.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache no-cache
server: nginx
timing-allow-origin: *
x-trace-id: c2839accf49b4abb86e6942d40386a98

POST
H2 200 sftouch
lidsaich.net/ Frame 9FE8 2 B
608 B 340ms
0ms Ping
text/plain 139.45.197.244
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lidsaich.net/sftouch?userId=e3d52d7b38314020a0c0555e3e23f536&z=6003953&p_rid=22b2c8db-35a6-4d6d-b472-b221ba0d3db9&p_src=sf

Requested by

Host: lidsaich.net
URL: https://lidsaich.net/4/6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lidsaich.net/4/6003953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-length: 2
x-trace-id: 9039a4c35a26eb09af0423b3d537982e
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://lidsaich.net
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H2 200 img.gif
my.rtmark.net/ Frame 82FB 43 B
504 B 546ms
75ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=1a0f859c981741b4bb3167d921a36d46

Requested by

Host: lidsaich.net
URL: https://lidsaich.net/4/6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://lidsaich.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
ak.deephicy.net/4/6118780/ Frame 82FB 30 KB
13 KB 558ms
71ms Document
text/html 193.108.153.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.deephicy.net/4/6118780/?var=6003953
Requested by: Host: lidsaich.net
URL: https://lidsaich.net/4/6003953
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b83e28db12f2cbdd7597cad90b77fc29399ef2f3146c58c850aa1fc6d0ec5922

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 12421
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:05 GMT
expires: Thu, 16 Nov 2023 05:19:05 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma: no-cache
timing-allow-origin: *
vary: Accept-Encoding
x-trace-id: 01d9d497888976eb2f8658327d74dbc1

POST
H2 200 img.gif
my.rtmark.net/ Frame D2CC 43 B
504 B 544ms
72ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=6e7e5a5e8bf54fc4b3d22361732b2984

Requested by

Host: lidsaich.net
URL: https://lidsaich.net/4/6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://lidsaich.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
totaltopwords.com/ Frame D2CC 40 KB
13 KB 601ms
126ms Document
text/html 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by: Host: lidsaich.net
URL: https://lidsaich.net/4/6003953
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: f8c35331ecb5d4134aadf61a7c584125c52628ab4194a894b4d786995be4470a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46ee2b3f92a8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qu5wMUKR3xt1nFbyVLHisx%2FBpzAgWo%2FyVaBrKl26LME9lP3gc6H3Ojv7lyP4FBszvQCKVv6U%2FyGrlG9cyZ6vemVXbkh94AWfYoTPX4vMgDeXmFX%2BKD6MD3HcwS0Cu7V%2BTuabFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 img.gif
my.rtmark.net/ Frame 6BA6 43 B
503 B 549ms
78ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=40305dc809014f92b987827e6e0d06ee

Requested by

Host: lidsaich.net
URL: https://lidsaich.net/4/6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://lidsaich.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
totaltopwords.com/ Frame 6BA6 40 KB
13 KB 562ms
94ms Document
text/html 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by: Host: lidsaich.net
URL: https://lidsaich.net/4/6003953
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 9fa63a1487e9dabb90ece211f9d1ae0e082fdd6efd254b8189f57acd39eec36e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46ee2b4092a8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jxgOyrUR1ZPphkyjTiIs2jkynH0siE4RgZbNa35X3XPppwcn9a8gM9V6E%2FfyPHY%2BH9K3K3f%2BfzyrEFjQ4aCXwfbzpjToTPXSw6xsNktFr3oeTyWQIa%2FNH5aAQ5aiU26NdMSTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 img.gif
my.rtmark.net/ Frame 5549 43 B
503 B 535ms
69ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=0166e15f83824c9f8afb45cee771a048

Requested by

Host: lidsaich.net
URL: https://lidsaich.net/4/6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://lidsaich.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
totaltopwords.com/ Frame 5549 40 KB
13 KB 534ms
95ms Document
text/html 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by: Host: lidsaich.net
URL: https://lidsaich.net/4/6003953
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5a00259d10af8d8da81ef0381456da60da753f49c22ad16e9e22502abbfcf54c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46ee2b3e92a8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hvgOLa%2B0J%2FDvVROP8hmgma4stD0QtoWRF0u3TYS8Ilxhqa2Oln2TfpgLRRz1ui6D%2Fd2rRmzmhhHmROep1x4xDLBhny8goi1l9cVU3o8IMahaOTAsG3CRhn70L6wm%2BsIUeym%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 img.gif
my.rtmark.net/ Frame 5B3A 43 B
504 B 462ms
7ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=815862c587594b42a9d8c401a2ae0f03

Requested by

Host: lidsaich.net
URL: https://lidsaich.net/4/6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://lidsaich.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
totaltopwords.com/ Frame 5B3A 40 KB
13 KB 525ms
92ms Document
text/html 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by: Host: lidsaich.net
URL: https://lidsaich.net/4/6003953
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: f5669db302db6872c5347049f30f1a367694c3a08e3fe9db0abbe553e2d0dad2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46edfb2f92a8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvI%2BdRRaGdo0kX2vrIDmcSRrGZslZAxitBIIhsopKAj%2BOq7X7kl2HKnUF27ABo3K1WRoDfn0iBeaXafZOMeomfisdj%2BJbK%2FsX58P4vhOZILr7sq4P3c6eRAh0d4vQjh578oigQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H2 200 img.gif
my.rtmark.net/ Frame 7ECF 43 B
503 B 441ms
8ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=ec494d6c96a243e6a20cfffee33c8401

Requested by

Host: lidsaich.net
URL: https://lidsaich.net/4/6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://lidsaich.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
totaltopwords.com/ Frame 7ECF 40 KB
13 KB 526ms
94ms Document
text/html 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Requested by: Host: lidsaich.net
URL: https://lidsaich.net/4/6003953
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ee0304f6065fd4ad4164b39e8d7012342baab37702659811a617262575335e58

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46edfb3092a8-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPqWxLlEolQ6mJZULmYu8H5XVCMKf%2BL2A80YV4LSME2l%2FTiSXa2b3XoYBORfdplYiSJNsq01mHulDHEwLxTEs9nuuDKChdta%2FmS%2B4mLWA2xCEOiA0Fudd1oY%2Fp3%2FUceAat6O8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

POST
H/1.1 200
OK add Show response
datatechone.com/log/ Frame 9FE8 2 B
465 B 443ms
36ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: lidsaich.net
URL: https://lidsaich.net/4/6003953
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://lidsaich.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Nov 2023 05:19:06 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://lidsaich.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2 200 img.gif
my.rtmark.net/ Frame 9FE8 43 B
490 B 311ms
67ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=e3d52d7b38314020a0c0555e3e23f536&z=6003953&p_rid=22b2c8db-35a6-4d6d-b472-b221ba0d3db9&p_src=sf

Requested by

Host: lidsaich.net
URL: https://lidsaich.net/4/6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lidsaich.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:05 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2

200

/
www.outlet-teppiche.de/ Frame BEAA
Redirect Chain

https://track.webgains.com/click.html?wglinkid=3006185&wgcampaignid=121411&clickref=32fecghj6c8fed25
https://www.outlet-teppiche.de/?utm_source=affiliate&utm_medium=banner120x600_2&utm_campaign=esprit-teppiche&wgu=276075_121411_17001119462854_b4f163d213&wgexpiry=1731647946&source=webgains&siteid=1...

0
0

143ms
58ms

Document
text/html

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.outlet-teppiche.de/?utm_source=affiliate&utm_medium=banner120x600_2&utm_campaign=esprit-teppiche&wgu=276075_121411_17001119462854_b4f163d213&wgexpiry=1731647946&source=webgains&siteid=121411&utm_source=affiliate

Requested by

Host: wachsendefamilie.de
URL: https://wachsendefamilie.de/Outlet-teppiche.php?clickref=32fecghj6c8fed25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wachsendefamilie.de/Outlet-teppiche.php?clickref=32fecghj6c8fed25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46f149d118d9-FRA
content-encoding: br
content-language: de
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 05:19:06 GMT
etag: W/"cacheable:6c8ad6907a908d3bd7cead80179bddd6"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin, <//www.outlet-teppiche.de/cdn/shop/t/6/assets/theme.css?v=173396915288770484011697806019>; as="style"; rel="preload"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CX%2F1ssXiI2SumpGUSioXP1AuzO8iZlRLUHxNZO%2B1VIz4w8CWQHndoTHPkgn1U2v7%2FmYpXxUjfrENSc95T6zy49L651vrYOZQuMGQ6LrLSGEox%2Bj0Lo3atcBTjXWNaxbJZysXY3HDEmM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=9, db;dur=4, asn;desc="39351", edge;desc="FRA", country;desc="DE", theme;desc="151246143815", pageType;desc="index", servedBy;desc="tzh9", requestID;desc="a57d6487-c465-4b25-96fa-297c83704f1e" cfRequestDuration;dur=29.999971
strict-transport-security: max-age=7889238
vary: Accept
x-cache: hit, server
x-content-type-options: nosniff
x-dc: gcp-europe-west3,gcp-europe-west3,gcp-europe-west3
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: a57d6487-c465-4b25-96fa-297c83704f1e
x-shardid: 326
x-shopid: 59328856116
x-shopify-stage: production
x-sorting-hat-podid: 326
x-sorting-hat-shopid: 59328856116
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: private, max-age=60
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:06 GMT
expires: Thu, 16 Nov 2023 05:20:06 GMT
last-modified: Thu, 16 Nov 2023 05:19:06 GMT
location: https://www.outlet-teppiche.de/?utm_source=affiliate&utm_medium=banner120x600_2&utm_campaign=esprit-teppiche&wgu=276075_121411_17001119462854_b4f163d213&wgexpiry=1731647946&source=webgains&siteid=121411&utm_source=affiliate
server: nginx
x-powered-by: PHP/7.4.26
x-wg-cache: cache-not-used

GET
H2

200

/
www.lexa-pferdefutter.de/ Frame C031
Redirect Chain

https://track.webgains.com/click.html?wglinkid=831049&wgcampaignid=121411&clickref=70893ghj6tl3y03d
https://www.lexa-pferdefutter.de/?utm_source=affiliate&utm_medium=webgains&utm_campaign=banner&wgu=13507_121411_17001119462759_a47f2c8891&wgexpiry=1731647946&clickid=13507_121411_17001119462759_a47...

0
0

967ms
859ms

Document
text/html

62.113.230.87
TTM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lexa-pferdefutter.de/?utm_source=affiliate&utm_medium=webgains&utm_campaign=banner&wgu=13507_121411_17001119462759_a47f2c8891&wgexpiry=1731647946&clickid=13507_121411_17001119462759_a47f2c8891&source=webgains&siteid=121411

Requested by

Host: wachsendefamilie.de
URL: https://wachsendefamilie.de/ads05.php?clickref=70893ghj6tl3y03d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

62.113.230.87 Bad Segeberg, Germany, ASN47447 (TTM, DE),

Reverse DNS

srv-a-de.c-331.maxcluster.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer: https://wachsendefamilie.de/ads05.php?clickref=70893ghj6tl3y03d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-length: 29923
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:07 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: deny

Redirect headers

access-control-allow-headers: Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: private, max-age=60
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:06 GMT
expires: Thu, 16 Nov 2023 05:20:06 GMT
last-modified: Thu, 16 Nov 2023 05:19:06 GMT
location: https://www.lexa-pferdefutter.de/?utm_source=affiliate&utm_medium=webgains&utm_campaign=banner&wgu=13507_121411_17001119462759_a47f2c8891&wgexpiry=1731647946&clickid=13507_121411_17001119462759_a47f2c8891&source=webgains&siteid=121411
server: nginx
x-powered-by: PHP/7.4.26
x-wg-cache: cache-not-used

GET
H2

200

/
de.bluettipower.eu/ Frame 6AA0
Redirect Chain

https://track.webgains.com/click.html?wglinkid=4334858&wgcampaignid=121411&clickref=4947dghj6c80cdd
https://de.bluettipower.eu/?wgu=294040_121411_17001119462917_b9579e3598&wgexpiry=1731647946&source=webgains&siteid=121411

0
0

194ms
76ms

Document
text/html

23.227.38.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://de.bluettipower.eu/?wgu=294040_121411_17001119462917_b9579e3598&wgexpiry=1731647946&source=webgains&siteid=121411

Requested by

Host: wachsendefamilie.de
URL: https://wachsendefamilie.de/Bluetti.php?clickref=4947dghj6c80cdd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.74 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

shops.myshopify.com

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wachsendefamilie.de/Bluetti.php?clickref=4947dghj6c80cdd
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46f1be662c3d-FRA
content-encoding: br
content-language: de
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Thu, 16 Nov 2023 05:19:06 GMT
etag: W/"cacheable:00568919919c0791e83e00be68bbac92"
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
powered-by: Shopify
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0Smb2FFyOTfuN3vGanMOzn8MeCSJ0ZQye7P4EzXkO8V1si6opaThvc457fI9gyT9xP5QMAsucwUeAYBCqMCGqqXgW1x%2B%2BBdVIzM%2Fqq8LVQVyRPTYCreHpOsTdQFT8yhQxawJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: processing;dur=16;desc="gc:2", db;dur=6, asn;desc="39351", edge;desc="FRA", country;desc="DE", theme;desc="149310505304", pageType;desc="index", servedBy;desc="64mn", requestID;desc="6af7ca83-5949-4e42-89e2-2fb3f670b62b" cfRequestDuration;dur=35.000086
strict-transport-security: max-age=7889238
vary: Accept
x-cache: hit, server
x-content-type-options: nosniff
x-dc: gcp-europe-west3,gcp-europe-west3,gcp-europe-west3
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 6af7ca83-5949-4e42-89e2-2fb3f670b62b
x-shardid: 343
x-shopid: 61064249522
x-shopify-stage: production
x-sorting-hat-podid: 343
x-sorting-hat-shopid: 61064249522
x-storefront-renderer-rendered: 1
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-headers: Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
cache-control: private, max-age=60
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:06 GMT
expires: Thu, 16 Nov 2023 05:20:06 GMT
last-modified: Thu, 16 Nov 2023 05:19:06 GMT
location: https://de.bluettipower.eu?wgu=294040_121411_17001119462917_b9579e3598&wgexpiry=1731647946&source=webgains&siteid=121411
server: nginx
x-powered-by: PHP/7.4.26
x-wg-cache: cache-not-used

POST
H2 200 sftouch
ak.deephicy.net/ Frame 82FB 2 B
539 B 43ms
42ms Ping
text/plain 193.108.153.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://ak.deephicy.net/sftouch?userId=fe4afeca6ee649fdb65a7b48e809118c&z=6118780&p_rid=322d9c42-cbb4-4dec-9fee-385017ae4133&p_src=sf

Requested by

Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=6003953

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.108.153.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a193-108-153-22.deploy.static.akamaitechnologies.com

Software

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ak.deephicy.net/4/6118780/?var=6003953
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=1
date: Thu, 16 Nov 2023 05:19:06 GMT
x-content-type-options: nosniff
content-length: 2
x-trace-id: 6332048b36eb40cc1013e29771698d64
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
access-control-allow-origin: https://ak.deephicy.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Thu, 16 Nov 2023 05:19:06 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 82FB 43 B
490 B 60ms
58ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=fe4afeca6ee649fdb65a7b48e809118c&z=6118780&p_rid=322d9c42-cbb4-4dec-9fee-385017ae4133&p_src=sf

Requested by

Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ak.deephicy.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 5B3A 65 B
544 B 68ms
29ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=99f31d0301820358bc4feb25d3b63bce

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

47b6906b1c63a60db7ad684ec7ab622ade6d888d751d560bdd2f236efd64abf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totaltopwords.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
totaltopwords.com/pfe/current/ Frame 5B3A 26 KB
11 KB 66ms
39ms Script
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886376082321659&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 11:01:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654e0d74-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25Lz4VA4VVm1xjL2as1jBAT7EzqgO6PZN%2FsQtd1YvVHp7M%2Be1L4LhiqaQcOqdFoMm0yaKAed0jRNJvvbf%2Bv1eWtTpR9mh%2F4gFX8dLm6fSQNYNH687loVBbTREj%2FBAV9gtY9SKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 826d46f01c3592a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 7ECF 65 B
544 B 51ms
30ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=87ff66c542808885300261150b1339f7

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

47b6906b1c63a60db7ad684ec7ab622ade6d888d751d560bdd2f236efd64abf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totaltopwords.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
totaltopwords.com/pfe/current/ Frame 7ECF 26 KB
11 KB 82ms
64ms Script
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886375650308480&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 11:01:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654e0d75-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc5zLMF6c8dAh1oD3vl7nZRnVI5kU%2BT%2BnIvb6PnIMHRuUmadiLMTcpHhwQsjg8dCqoxyyOJCPCc9S3dwfDtLNVH%2BPLp7hzW5DepIZHqb8Jn4ONURrtGCJdtrGKOZxe5kfBDwzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 826d46f02c4992a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 6BA6 65 B
544 B 49ms
37ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=aedfcedad35f31f39e93bd7083f112a0

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

47b6906b1c63a60db7ad684ec7ab622ade6d888d751d560bdd2f236efd64abf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totaltopwords.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
totaltopwords.com/pfe/current/ Frame 6BA6 26 KB
10 KB 70ms
64ms Script
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886375960678725&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 11:01:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654e0d75-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwYB0kLvC%2BE9mzQkA3LiX55f2IgmdqXESf34uXhWTR3FDr3GxjwPI63pF%2FsOWOiRtAPfOaaUCL10rvifkWTH4bn6HlQI8X0pxrquKtcFa8dWOD73iwnSHdzh6qLr%2B4aLTR6TFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 826d46f02c4b92a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame 5549 65 B
544 B 66ms
65ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=7829748843a9a1a8f4630452ab54d16f

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

47b6906b1c63a60db7ad684ec7ab622ade6d888d751d560bdd2f236efd64abf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totaltopwords.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 micro.tag.min.js Show response
totaltopwords.com/pfe/current/ Frame 5549 26 KB
10 KB 69ms
68ms Script
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886376082321658&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 11:01:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654e0d75-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ke1r347prkUcrSlAqKeASwsBE4rLxPNOBQ540sd7d6GWUGpZBTPKOHScvTcs4jBhpRBM8WlHdKinT%2F3p9VSCSoYzeowIaOGASW6rtxbfy%2FqGRJR6ZGeS0SPFHP7C%2FyXVLbfgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 826d46f05c5792a8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame D2CC 65 B
544 B 53ms
50ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=c891aa2b0683c1ae8b19cc563fce8bc0

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

47b6906b1c63a60db7ad684ec7ab622ade6d888d751d560bdd2f236efd64abf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://totaltopwords.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H3 200 micro.tag.min.js Show response
totaltopwords.com/pfe/current/ Frame D2CC 26 KB
11 KB 55ms
52ms Script
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886374266180552&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Nov 2023 11:01:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654e0d74-697f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omIM%2F%2BbebMvbIagmusLjl4gWjvqtqSaN%2Fb6UlRmvshMjOCLlyko%2FSIZhZOeK%2B2FiKmYkh3xQNK7DBa9jrROwMfkcYa%2BGmYsA59DJb3hGNFD8LaSTvK0HFzpUaYdtRMIa23Hg8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 826d46f08d5c37de-FRA
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK add Show response
datatechone.com/log/ Frame 82FB 2 B
468 B 31ms
31ms XHR
text/plain 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=6003953
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://ak.deephicy.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Nov 2023 05:19:06 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://ak.deephicy.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 2

GET
H2

200

/ Show response
ak.deephicy.net/4/6118780/ Frame 9FE8
Redirect Chain

https://lidsaich.net/?z=6003953&syncedCookie=true&rhd=false
https://ak.deephicy.net/4/6118780/?var=6003953

2 KB
2 KB

102ms
101ms

Document
text/html

193.108.153.22
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.deephicy.net/4/6118780/?var=6003953
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-22.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ddaecdb3d0473e13e141ceb23af9d7b0d82f75c061457bcc6f78742d753f131

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://lidsaich.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace Accept, Content-Type, Content-Length, Accept-Encoding, favicon
access-control-allow-methods: GET, POST, OPTIONS POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: * *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 768
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:06 GMT
expires: Thu, 16 Nov 2023 05:19:06 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://track.routes.name>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
pragma: no-cache
timing-allow-origin: *
vary: Accept-Encoding
x-trace-id: 04a94c4f9322895bd4ee42cc1bf9239c

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://lidsaich.net
access-control-max-age: 86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
content-length: 0
date: Thu, 16 Nov 2023 05:19:06 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://ak.deephicy.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://ak.deephicy.net/4/6118780/?var=6003953
pragma: no-cache
referrer-policy: no-referrer
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: c9118c5109a477e1e38795027305cb0d

GET
H3 200 / Show response
totaltopwords.com/19/4662728/ Frame 5B3A 3 KB
3 KB 55ms
54ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/19/4662728/?abt_opts=1&var=6003953&var3=748886376082321659&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f66253bc80d52abea7a40188aaf20a241183874d9465cece7004e375c3d04bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 3fe993b8100a536f4dab7b531940f502
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZ5SU0gPUk5PRU3ugbrAoS60qCGb7v3X955cPDeeDopD3ktY48Er%2FSsbFBWfjuu3%2BgAEvEee%2BgRVPSZxMX%2FQJP2YfjCbE7Eiwgd5yBKdRKZQbNB3ACqq5N1UZ4mdS8TIh0Rb5g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f0fdb837de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5B3A 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 / Show response
totaltopwords.com/ Frame 5B3A 2 B
534 B 48ms
47ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DcvdUVpSBjg%2F02YNGgqwL5YOcH%2Fp9BQkMQFb7EvlngNwNVSrN2CacqZ3dU8lxx2%2B%2FNa6PJhQzFHxMkFFcwvPYNeBIVyxgzl5E0lxzhRwFcTmRVASa4grBCIgLrb7toVsNUQ3w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 826d46f11ddd37de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
totaltopwords.com/19/4662728/ Frame 7ECF 3 KB
3 KB 53ms
53ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/19/4662728/?abt_opts=1&var=6003953&var3=748886375650308480&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d80b546960d11693e7becaf453cc0d066f4ffcf2330bd7741287769072f6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 0818da31e9c4b662cda6c353a03babd4
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2F0%2BOOb1Ctcpc9jC8Yvreiv863oKtHkqiWmN%2BXDXNFBTBhUG2u2La%2BeUlJsQlMm6q7CjHZ%2FQlbNEvGRvp%2BgjFbPyejfSjdI1CupAPfagkXgo7UwQ1EZ59gee1XhKrPJ7NZyAnw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f12dea37de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7ECF 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 / Show response
totaltopwords.com/ Frame 7ECF 2 B
533 B 62ms
61ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIcV5VVYuOG%2FYJ41BmdxZJ86JxcTdeE2OmbKLrWvCs%2BXZtME346bzXNe8T%2FSOrNTxAknqssge4eZ3duJzsJsQzK9bEwvbELzlQxtJQlZwGYngYYMURXoX7p6UAC31A1mUJXGfw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 826d46f13dfc37de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
totaltopwords.com/19/4662728/ Frame 6BA6 3 KB
2 KB 55ms
54ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/19/4662728/?abt_opts=1&var=6003953&var3=748886375960678725&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06c69c232d0770490574af2c1d7951d5461e8283be6feddbb734671436daf6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: aea29728cf0ee11da2fbff82859af99b
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPeTGPuxwYAdXcvaoiXv6MOJIZfQs%2FerAygTr1Py7CFNQSeqBnPABFr6u0OHXcrIUGHg0dz4Znt8%2BbwtNRhzqhQ%2BQWFJVIt94wsYUpKQ0skTR3BlRPhzzKTjW8hfjOLe3ENGwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f14e1237de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6BA6 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 / Show response
totaltopwords.com/ Frame 6BA6 2 B
535 B 49ms
48ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMHprCSaFM85jTrZ2L8BW1OMP8Epcx2Ufl8U%2FsrCIcCBFJG6cKQWohhlVmGY%2BxRGMwqCSOXXU6eGtDMHmaIYMdnENpETekd0tG9pw%2B0DGT%2B5r%2B22nIzXDzP4u80AfuNjJY5afA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 826d46f16e2237de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
totaltopwords.com/19/4662728/ Frame 5549 3 KB
2 KB 49ms
48ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/19/4662728/?abt_opts=1&var=6003953&var3=748886376082321658&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12fa8287e766f065d72fca852f7c6ceee77df08dfe1a00b051e2e4f5d209954c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 5a3c69020c0df4c725707c43fbb06cdb
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtLs7RTaYsb0P2GhafWzfmh5P4c7si8KmEV1JlUADDwxt%2BhdV4w2XVKled7SeaFzr70Z923%2F%2BG4rr5LmH0vGUehNtKa9MNi%2B1KrWBSlv23OjzbiJmi%2BiSSQtGgGtRBNifdIb9w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f16e2937de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5549 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 / Show response
totaltopwords.com/ Frame 5549 2 B
534 B 56ms
56ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmyEvFHIshVr5czZVyz%2Fc84Ud7SG7sBy2kdDyHb6smeAQ%2FuzyBmQ9VdOt3%2FG9N1HsYJc7i0QW77fanf8J%2BlRAAXbPyWMNwvuDNSSTZsd2KrpT7faRJsfVXl9ZZloZe1hTmSk%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 826d46f18e3e37de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 / Show response
totaltopwords.com/19/4662728/ Frame D2CC 3 KB
2 KB 45ms
45ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/19/4662728/?abt_opts=1&var=6003953&var3=748886374266180552&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f708906623693e3bd530beaaa77d35ef778d11a57cc8e706aa0ead472119a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 7a3b10d25a2fa6b48028bd5c9b8fea69
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4ViVzZ020JOJpWR3I7BjZ1bMzjY2179Xgznc9ZRCgUglSRLZ9fq8oMoSm1lLZ5qazCcCsQN9xxQR%2BaUGdi4LiMwkwGisMd0U%2BDCBAaIwigHmW5uk2WDi45Al7fM2Xe5qm%2Ftcg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f1ce6937de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D2CC 327 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 / Show response
totaltopwords.com/ Frame D2CC 2 B
529 B 62ms
59ms XHR
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb&mprtr=1&os_version=10.0
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqHnQ02UUrxaCEqXiw6r7hnunft1pOf2eDo5tOULVBRzEzpgjZh89lOPNIq4C68%2FHvkeA5bOxr5ieisIWR3zvpIlykrj92dofRRZd77JTsa3nKIYoeu1zB1xPXNxsqHxQSu%2Fjg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 826d46f23ec837de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc: h3=":443"; ma=86400

GET
H2

200

/ Show response
yonmasqueraina.com/ Frame 82FB
Redirect Chain

https://ak.deephicy.net/?z=6118780&syncedCookie=true&rhd=false
https://yonmasqueraina.com/?t=0&ymid=748886384483512688

20 KB
5 KB

407ms
249ms

Document
text/html

139.45.197.168
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yonmasqueraina.com/?t=0&ymid=748886384483512688

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.168 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4ac8c1d09e42e0362fcde9dbfa6baa5127a1a9901a207b030a1736bf4cf3c8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ak.deephicy.net
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Nov 2023 05:19:07 GMT
etag: W/"50f6-18a8e452dc8"
last-modified: Wed, 13 Sep 2023 11:20:13 GMT
server: nginx
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ak.deephicy.net
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Thu, 16 Nov 2023 05:19:06 GMT
expires: Thu, 16 Nov 2023 05:19:06 GMT
link: <https://yonmasqueraina.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location: https://yonmasqueraina.com/?t=0&ymid=748886384483512688
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=1
timing-allow-origin: * *
x-content-type-options: nosniff
x-trace-id: 2b86ebc79137b8dc42e91e1234c3139f

POST
H2 200 img.gif
my.rtmark.net/ Frame 9FE8 43 B
506 B 41ms
25ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=40305dc809014f92b987827e6e0d06ee

Requested by

Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=6003953

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://ak.deephicy.net
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H/1.1 200
OK 6517545af1a71e0001de416a Show response
track.routes.name/ Frame 9FE8 936 B
2 KB 368ms
74ms Document
text/html 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://track.routes.name/6517545af1a71e0001de416a?sub1=6118780&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886382638011205&cost=0.000559
Requested by: Host: ak.deephicy.net
URL: https://ak.deephicy.net/4/6118780/?var=6003953
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 250798e4a4752bb11d45d9676d5c0bb52a1a8f7c5f4c320300f24b042104986f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 936
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Nov 2023 05:19:07 GMT
Server: nginx/1.20.2

GET
H3 200 4662709
totaltopwords.com/sw-check-permissions/ Frame 5B3A 0
957 B 48ms
47ms Other
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/sw-check-permissions/4662709?var=6003953&ymid=748886376082321659&uhd=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886376082321659&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hhxbwjd%2BQfIQaDBQTaZubBoWvHjmBfk02TLN7yYc26eG6maFOB7eNTEKysZVP%2BLIS9cnw4H6NQrQPHk2iMJUnxC2%2B7SUb4rmKSJQaWYUT%2FAxPTRTQbhJfxBoJW7Lp2LnH82t%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 826d46f31f9b37de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
totaltopwords.com/ Frame 5B3A 0
491 B 58ms
57ms Ping
text/plain 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totaltopwords.com&var=6003953&ymid=748886376082321659&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886376082321659&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-trace-id: 31fc8597dd875538437c4e7a505da06b
date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0azivrgYFLEl1toTDO0aLeoEv2h4MpUE3HjJ%2FG2%2BntGKY%2BHQiiCYkDB6hqwcabu60N8hW4MwUvFc0ydTwsNnrqQIHtAaFvmte1GohX4U8BgomWeCFdwTLCfVOjv1xNg8k7pMuA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
access-control-allow-credentials: true
cf-ray: 826d46f32fa237de-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 4662709
totaltopwords.com/sw-check-permissions/ Frame 7ECF 0
962 B 68ms
66ms Other
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/sw-check-permissions/4662709?var=6003953&ymid=748886375650308480&uhd=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886375650308480&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.27
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.27
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CabxxDN%2Ferw%2BWBLgjhTLjapLMjtTUIfBh%2BJhYMqYsUg2j0%2B9%2Fql5Y%2BIMUh9hhGnFfqV8Ek7TNObNKGPyvF6tF8Oio420YmOmSh6K%2FVEecXFlpELKfRJnLXsBKIKwdZD8Aut%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 826d46f34fbb37de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
totaltopwords.com/ Frame 7ECF 0
493 B 70ms
59ms Ping
text/plain 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totaltopwords.com&var=6003953&ymid=748886375650308480&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886375650308480&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-trace-id: 20559bd79e3a74038a5584d5f3aa663d
date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niIfTvC8zVlLKOD4Tc%2FqmXiSXNv8ZciMNjbTAQdti9q1tWvP13IDiJQcbPAPymd8%2FhtpGiplKzM7wsubpoOOMcK7mx9XaL1zbx8NevvEoF%2B%2FXtfvkob4SaW54ey1s6AeQrOaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
access-control-allow-credentials: true
cf-ray: 826d46f35fcb37de-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
totaltopwords.com/ Frame 7ECF 3 KB
3 KB 94ms
84ms Fetch
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/rhd?rb=3SHpdhxsOr2TxiGbA_lcYxtrXDbnGaLh_11VK6phQCgo5QiDy9_QQyrC-KOU25QSs-8z6aevJN6923Xu5VR0lmY3FmwBYx2IXpbrLaUJj3s52t8nRBD8n-cxBSvfhH8uWH9z3Tl5dEDrY1BfbJ0Z8LJ_IPn968ZHfOXvtebXV3d6I1_ghSe5IftfU7Ja40MenZcY1aEjeBqiqFfLVjWNxEJR8XKllyNLyjFY-jCvlqmxgzq-HG3yYLQsahV_5UPIYAxivwgrsTE1Ko30psFKVFyk7bYhZXaQdWmSdL3oo4EdbTDCY-nM70BwtU5rDXSfc9kxEQyj1IayyTSIkbEmDNOe4txmC-h7uE6Vd0KvXuG-H0hpmSRUHRcHXS8b_RJau7weAiuHcRiC-wvxVcYGvqgP2B_z3JVvRJoL8zfZXYQO_Kzws-fUiW7SK9frNpcC_eTj325Ev5x5nTY2eLwL5OuVnwMAkXByC6B_9CpxbWJyqrkh&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=375&wih=603&wiw=375&wfc=10&pl=https%3A%2F%2Ftotaltopwords.com%2F%3Fs%3D748886375650308480%26ssk%3D5471f764f1e6319b116caee3162b02e7%26svar%3D1700111944%26z%3D6003953%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-unknown&var=6003953&var3=748886375650308480&ymid=&rhd=1&m=link

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e8582550ba3a47f61ee0978b6cf4b4325beae57ab91b5424172440da3e28310

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 7ba4899cb5169fff238301b309afc2d0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6wewJkjKB7RBXuFBYbrsw9gsJ54XMbmuEABRVQR7tZhUPCSzbqrCIfbIj0GY749Mk3o86WZNV2lDmLU4Rl4zyvxsz6STiU23INO3poHwnVt0e8IXaJl%2Bayju9lNCTRinlVHCA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f35fce37de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
totaltopwords.com/sw-check-permissions/ Frame 6BA6 0
953 B 60ms
58ms Other
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/sw-check-permissions/4662709?var=6003953&ymid=748886375960678725&uhd=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886375960678725&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wz6HUmgwa3p0r2yGc6sWIFvtEzwyW4xH2kcsaSLAfidVLOXLVrOMP7%2FPl6ZhxmdLAMNDEtvGq68PrYzIX7oiGL55G7WzEx4Ead2jfnBTIFUrjx0GxT%2Fo4V5mtBF%2BztQKta4rSw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 826d46f36fdd37de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
totaltopwords.com/ Frame 6BA6 0
494 B 57ms
55ms Ping
text/plain 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totaltopwords.com&var=6003953&ymid=748886375960678725&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886375960678725&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-trace-id: 36464ab4c75fc8c93f9937734fc055cc
date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yHDdE5KIxRgu2k%2Bn6eBjAYOa2UawPveY4JsmMH77gBV%2FC02VjDfwUVgtqjcGGtoL6LORQqM88OWTmZ5EZ87piWU%2BwcMZwuDewUm02IrJOTcdRcD2c%2BP75NEn6oirXNs2PvsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
access-control-allow-credentials: true
cf-ray: 826d46f36fde37de-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
totaltopwords.com/ Frame 6BA6 3 KB
3 KB 87ms
86ms Fetch
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/rhd?rb=G0AbRNyF6N3anUt9H3EiNJ_KFA-8-wqckOXxqGcg7B_hUyaYmXW_JgtSZm_Nl1Hcjh5PRoTI7HoeEcObJOV-0tc44Cw8suGWf-4MEDweWY5gkZqHHQj9TkNZCp4IkqeY_mhGF5INWtDcuAy3Cc0Nd4UTAVsgNtKqFzCxzK7YPwI5B1tD5UAHuEjGc0kCCsHsi-5XVQzOc0pn1AYXrXNoWShN7sxuRGOliwGdwfR8l_OfROitHLvO1An5xq9OrFgYnwKCzh7Jzljluxv5OVwzl_hD5PbXMt5rw66dl_GR-p-1TIqYtJ4Kqmx5KgzDLIrJ8ZzunkCsp5B5OJzjb5T1-Rx0hqKzmH-3QWAsrC7GNN2rWwbYGvH6EG6ZbEBsZgGcf4VTXPVv5yo87DlfH3zVCcS5aJzValmmKwsg-Y2C_6zGMzwU-fRxuHErWxgjhjaa2RJse9FXLCSnSsUgBuHKtnUcwY_FTmnDML3HplXMiF0%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=684&wih=389&wiw=684&wfc=10&pl=https%3A%2F%2Ftotaltopwords.com%2F%3Fs%3D748886375960678725%26ssk%3D5471f764f1e6319b116caee3162b02e7%26svar%3D1700111944%26z%3D6003953%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-unknown&var=6003953&var3=748886375960678725&ymid=&rhd=1&m=link

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893b2a54fac77e71e74f014ba1849542ce01412732f8dad76606cb9d824596b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: f8dcaf96dc53cc22dddde31f4bbedec8
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7zbiaXd4HjNtss9LtGlJXBV8p414pCz03saf3TH2fuzw2OBwEJT7ySXubKwruvl24O%2Fo6pPIRLZHTHVtilxquNGL%2B7XUf%2FCNYqH7DHR77oTR4xiKtgtlWcGhP5b4JUZBWfhVw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f36fe037de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
totaltopwords.com/sw-check-permissions/ Frame 5549 0
959 B 74ms
71ms Other
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/sw-check-permissions/4662709?var=6003953&ymid=748886376082321658&uhd=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886376082321658&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B75MKrqYy8SqJtSGloNzE8Fzh%2BJZVy1wzBD1r6b%2FiQ3dK2m6ap6bLesJqkQ%2FGds%2FukoIhrny3IZd5LegyDRsFdE9RF%2FzLUq7kVLNAoO8aL%2B%2F72moyfPAlMZQxvwoxcUF1TWrwg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 826d46f37ff837de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
totaltopwords.com/ Frame 5549 0
496 B 52ms
48ms Ping
text/plain 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totaltopwords.com&var=6003953&ymid=748886376082321658&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886376082321658&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-trace-id: 9cfc17a62e8b081f8abb504bf866875f
date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5Gf24Avc7lZeelVNwR6l1VLwYDGfEA%2B9BasxncN%2FPECC%2BaCwXy0hrSJe7%2FjJCtwVprwMrYekaEJao%2BDoJ3EGfaAoDvOkWYD7HNmfeA%2Bbjx7lgr4iR5DsXf9uemxQ0aIdEAdgg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
access-control-allow-credentials: true
cf-ray: 826d46f38ffd37de-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3 200 rhd Show response
totaltopwords.com/ Frame 5549 3 KB
3 KB 78ms
70ms Fetch
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/rhd?rb=gVoV-iCS63dGZDHLI-DjnHupQnnNlwd1pt3lfI5ngxAbiVrDNc6YHdPbIhrWOirR1qisKukwv-o_yQOR-XIi_AMcNBJMAhZQQIWxzD5lfCXCZ33zI21YXyIbOOyrrWhiMFDndEwxA4S_JIoLxFuPQjndJMsE08x8PevgsDLmG80JVnTxDK_5IfiXdSdnrj1BCVHB71gWxq5N-b9lDmAENZvTWnW0BI-3OqN372obG_WUCrdTkEP8d6eFWlyNufjQw4PYOHVKr4KoiPXqDS-ad0PEdDnGtvlC3qHA_n4iHEdHMH9ddLAR5D0V4ouzW83cvvVtL96kkg_24gldC1VTJfJqiSi8E61Dnho3sK7pwZeYx5kNAZQoX6NpGf6UWEVncrV-LGWnbbauQ6IL_laQ9_qjRuocwvdkz_zZcK7MjcUbce3jBZVA6gyyEuVVKtuZk8qg1ZNZtxPhCkPjMSjMbCU-xn9WZeoTKkgDTmTi6N4%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=375&wih=685&wiw=375&wfc=10&pl=https%3A%2F%2Ftotaltopwords.com%2F%3Fs%3D748886376082321658%26ssk%3D5471f764f1e6319b116caee3162b02e7%26svar%3D1700111944%26z%3D6003953%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-unknown&var=6003953&var3=748886376082321658&ymid=&rhd=1&m=link

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

825e0857991384819cab685362b85e16cc23fccb8430aa742a201707ea7687b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 92efdcdce8d4b7339387d6d4cb6ec324
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOJ7%2BMsktldcrZ92owUAoS9Mq7z8SesB9ZRxbi%2BM1qrVWtMz%2BirdHXdWKPgAsdom2Cwguzuj4Cp27yJam%2B0lEIpbY3847zjmf3Ua7LgCrod73klikCtc3JugvZVA1r9WKAUG1g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f3881037de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 rhd Show response
totaltopwords.com/ Frame D2CC 3 KB
3 KB 181ms
162ms Fetch
application/json 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/rhd?rb=9GqKPtD1T3i-mbPwEjbjrBpptjVmyJ6MV_YnLEgJQq-3WJIYzesFqqNeQtsLilZ9RPet1LPw16vdCcDj7f9557nsjCPmGt63rvAiTX6GYbfqrXJZEqdbZu2k51RbVB4ZRjvketXOAAc4qhkVlUbNQvXm9TwMmQmr2Q9-p4gzgMuo1PFkoBeIDel0NvXTpGWkymGvdqxEiCA-BOmCTWQGdtocwxj4tQXPHi3B9WGPEPjLa1us51FBiNkp2Gofc8E3k7OcuR4jZqoQua87Ch9A4cmeMqMyM5Qd9gAaS5xb_IK-_n7flQiMdl6JnmZccEs9axeWlGUbbdaQiBA37t69UOKmTAvupeikgicbA7W7LC3z1aIuPvgCM9jsVI3qvH-7NS-jFYutbJPbfctU6WX3Ow1tlkZKQFdPrRgvca2nAjy5GreB29x_pMxpdN6Yz8muSjBeOr3Vuo5lFr89B32SCOnWocu-Wx_ogoe325qdloE%3D&request_ab2=0&zoneid=4662728&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=734&wih=375&wiw=734&wfc=10&pl=https%3A%2F%2Ftotaltopwords.com%2F%3Fs%3D748886374266180552%26ssk%3D5471f764f1e6319b116caee3162b02e7%26svar%3D1700111944%26z%3D6003953%26pz%3D4662709%26tb%3D4662728%26l%3DWGYVPKNMPvY53zb&drf=&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-unknown&var=6003953&var3=748886374266180552&ymid=&rhd=1&m=link

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d6889f875bb7d6de4ba563aed908c91218b06ef8fd89e6ba533db550b568c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-trace-id: 5e3c0425a6399ba5a175ada6ded6f76f
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cioBwckp6ueLv%2FPZKWrGsEP%2F7MFTTSqhkExQQQWHGOCvAq2ES1JIyjgBAeh4d4jahmsM5yY62n22%2F%2BqkXBD7RkuYAHh7eeCQFcKsz8hfzf8oc2%2FKeFj6QflG9NKfwHtl8a87gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f3b83337de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H3 200 4662709
totaltopwords.com/sw-check-permissions/ Frame D2CC 0
952 B 156ms
144ms Other
application/javascript 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://totaltopwords.com/sw-check-permissions/4662709?var=6003953&ymid=748886374266180552&uhd=1
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886374266180552&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLaFs1gg5o2OBGcFkMXl9cu1DLLoHJzHJM6tfgW1OyRDutchNC53VHljHwBFR3iwZ0WZ4Aeh00sftPloa3SZOt%2B4RxIByz4SbY4bI%2B81cJWKpq7zAhEvrAeK3FjNdntkzbG8%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray: 826d46f3e85f37de-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=86400

POST
H3 200 zone
totaltopwords.com/ Frame D2CC 0
495 B 150ms
141ms Ping
text/plain 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/zone?&pub=0&zone_id=4662709&is_mobile=false&domain=totaltopwords.com&var=6003953&ymid=748886374266180552&var_3=&var_4=&dsig=&tg=1&sw=3.1.471&action=prerequest

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/pfe/current/micro.tag.min.js?z=4662709&ymid=748886374266180552&var=6003953&sw=/sw-check-permissions/4662709&uhd=1&os_version=10.0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-trace-id: 3f9780be2bda35e087c80a739f82b646
date: Thu, 16 Nov 2023 05:19:06 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRPPSlBD2kSqlFWOv%2FtmQTWpaeHMxD3R2Ts01npeGm44EDENdTySt5%2FwoC4NcumQK%2BK26Vmj3sIeUGt6%2FG7EpMhfQ%2FSWStafQsbUxq9bJ4bqk4L9lVAMyTaLte3E6KUL0TGqCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
access-control-allow-credentials: true
cf-ray: 826d46f3e86037de-FRA
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H2 200 animate.css
yonmasqueraina.com/Attention_files/ Frame 82FB 78 KB
4 KB 66ms
53ms Stylesheet
text/css 139.45.197.168
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yonmasqueraina.com/Attention_files/animate.css

Requested by

Host: yonmasqueraina.com
URL: https://yonmasqueraina.com/?t=0&ymid=748886384483512688

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.168 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yonmasqueraina.com/?t=0&ymid=748886384483512688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 11:20:13 GMT
server: nginx
content-encoding: br
etag: W/"1361f-18a8e452dc8"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 qrcode.js Show response
yonmasqueraina.com/ Frame 82FB 32 KB
9 KB 68ms
55ms Script
application/javascript 139.45.197.168
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://yonmasqueraina.com/qrcode.js

Requested by

Host: yonmasqueraina.com
URL: https://yonmasqueraina.com/?t=0&ymid=748886384483512688

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.168 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yonmasqueraina.com/?t=0&ymid=748886384483512688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 11:20:13 GMT
server: nginx
content-encoding: br
etag: W/"80f0-18a8e452dc8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 new_free.svg
yonmasqueraina.com/Attention_files/ Frame 82FB 2 KB
2 KB 92ms
79ms Image
image/svg+xml 139.45.197.168
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yonmasqueraina.com/Attention_files/new_free.svg

Requested by

Host: yonmasqueraina.com
URL: https://yonmasqueraina.com/?t=0&ymid=748886384483512688

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.168 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yonmasqueraina.com/?t=0&ymid=748886384483512688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 11:20:13 GMT
server: nginx
etag: W/"609-18a8e452dc8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1545

GET
H2 200 loading.svg
yonmasqueraina.com/Attention_files/ Frame 82FB 386 B
600 B 52ms
42ms Image
image/svg+xml 139.45.197.168
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yonmasqueraina.com/Attention_files/loading.svg

Requested by

Host: yonmasqueraina.com
URL: https://yonmasqueraina.com/?t=0&ymid=748886384483512688

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.168 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yonmasqueraina.com/?t=0&ymid=748886384483512688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 11:20:13 GMT
server: nginx
etag: W/"182-18a8e452dc8"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 386

GET
H2

200

/ Show response
smarter-surf.com/landing/ Frame 9FE8
Redirect Chain

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b1c06c900017b39da&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Er...
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b1c06c900017b39da&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+Whic...

17 KB
8 KB

158ms
154ms

Document
text/html

2606:4700:3035::6815:e80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b1c06c900017b39da&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eaf31f565c9dde92c7fe1158308fad8ba972e55c8a1071f3efa804b5c8961ba

Request headers

Referer: https://track.routes.name/6517545af1a71e0001de416a?sub1=6118780&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886382638011205&cost=0.000559
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46f949005896-IAD
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 16 Nov 2023 05:19:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE95GKl%2FJmNpYeQpeId9BmJBjwQDtRGCs%2BwIq1%2B%2BlTLZs3obJU8bLoUCkCTR4N5%2FfcUbCciM%2FQ%2FSCGyTu9EsDl6xCiOxPXrVe4jI6M1FbtnhFX1pKB8sBqBKcVDc2X0eGMxcEeknLcCatzBNICDQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46f8482b5896-IAD
content-length: 0
date: Thu, 16 Nov 2023 05:19:07 GMT
location: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b1c06c900017b39da&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPpf6yWN59NasL%2BRfhnfc60hVUdcDzDJRETn92sKF%2FXmS%2FHqCphKvagsuJ9s8Ro8ZWzsWO69%2BL2aFVM8wwCsm7%2FLnagZ1Sr2HsW7SOKiIL2jWsOrq6UYy8uS%2FUbENtLngEkMYe8YDNez10AkOrbS"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 / Show response
totaltopwords.com/submenu/4662728/ Frame 5B3A 1 KB
2 KB 69ms
67ms Document
text/html 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/submenu/4662728/?rhd=1&var=6003953&var3=748886376082321659&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321659&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda4ae2191ebb0a879dc56c18fec23de99cc61851fbe4310d6b95a9d39e5cd4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 826d46f66a7137de-FRA
content-encoding: gzip
content-type: text/html; charset=utf8
date: Thu, 16 Nov 2023 05:19:07 GMT
expires: Tue, 11 Jan 1994 10:00:00 GMT
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://promo.pixelsee.app>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAqSSidZDGRaQdRgFnERruDsbh60vniqleZ9xH%2BfPovk8U1mgw8TmvFVcp8mRqPbJQI30ZPspRCXcB7VsWP7fYReityfpN%2BdjcbxSGlXbgH%2BUaqWGVxCkk9InDI5EIlg1XUGhg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-trace-id: 75a80b31860849e375e9d6135011cd63

GET
H/1.1 200
OK 6517545af1a71e0001de416a Show response
track.routes.name/ Frame 7ECF 936 B
2 KB 74ms
73ms Document
text/html 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886384483512873&cost=0.000237&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: d9d98c8be78536972c63b22ea7dde350b5d9247d6d44d7764c26704af4833224

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 936
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Nov 2023 05:19:07 GMT
Server: nginx/1.20.2

POST
H3 200 cat.php
totaltopwords.com/ Frame 7ECF 0
765 B 60ms
55ms Ping
text/plain 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/cat.php?userId=95e5bd4657d541e1adbde9a6ff1863a3&zoneid=4662728&rb=3SHpdhxsOr2TxiGbA_lcYxtrXDbnGaLh_11VK6phQCgo5QiDy9_QQyrC-KOU25QSs-8z6aevJN6923Xu5VR0lmY3FmwBYx2IXpbrLaUJj3s52t8nRBD8n-cxBSvfhH8uWH9z3Tl5dEDrY1BfbJ0Z8LJ_IPn968ZHfOXvtebXV3d6I1_ghSe5IftfU7Ja40MenZcY1aEjeBqiqFfLVjWNxEJR8XKllyNLyjFY-jCvlqmxgzq-HG3yYLQsahV_5UPIYAxivwgrsTE1Ko30psFKVFyk7bYhZXaQdWmSdL3oo4EdbTDCY-nM70BwtU5rDXSfc9kxEQyj1IayyTSIkbEmDNOe4txmC-h7uE6Vd0KvXuG-H0hpmSRUHRcHXS8b_RJau7weAiuHcRiC-wvxVcYGvqgP2B_z3JVvRJoL8zfZXYQO_Kzws-fUiW7SK9frNpcC_eTj325Ev5x5nTY2eLwL5OuVnwMAkXByC6B_9CpxbWJyqrkh&var=6003953&var3=748886375650308480&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://totaltopwords.com/?s=748886375650308480&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 3e42478010ef2c465113986d03958121
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUzG1YMY2vNSEI%2FNjbkokFM2heqzr9IslDRXw70yCWoluW4BJaoqDe5TDnw5iZU6q%2B44kk9niTFcvxV7GhKjd8XS2BOipwaesV6S0Hy4YDZO2z%2F%2BLvttqvdqkov1UYS%2B9t%2FFlg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f67a8937de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET cc6qrjabi7a
yonmasqueraina.com/w/ Frame 82FB 0
0

GET
DATA 200
OK truncated
/ Frame 82FB 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 404 bg.gif
yonmasqueraina.com/assets/ Frame 82FB 152 B
152 B 54ms
49ms Image
text/html 139.45.197.168
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yonmasqueraina.com/assets/bg.gif

Requested by

Host: yonmasqueraina.com
URL: https://yonmasqueraina.com/?t=0&ymid=748886384483512688

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.168 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ddf752a709ef05084d8373b3a377fe1971fc1338ce81d4ab3a16d00ed5f1a46a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yonmasqueraina.com/?t=0&ymid=748886384483512688
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
content-security-policy: default-src 'none'
x-content-type-options: nosniff
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 82FB 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31a588cce30fb88d505354b8aebab15aa721017eb8dad82f746522781d1df83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 6517545af1a71e0001de416a Show response
track.routes.name/ Frame 6BA6 936 B
2 KB 77ms
76ms Document
text/html 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886385381089578&cost=0.000237&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886375960678725&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: df1fd28b156eb19b576007bdc13f6d1f4cfde6e138688025c54e0b39ea40957a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 936
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Nov 2023 05:19:07 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK 6517545af1a71e0001de416a Show response
track.routes.name/ Frame 5549 936 B
2 KB 163ms
69ms Document
text/html 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886384911331846&cost=0.000237&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 337629bc0cf51d0161aa128ab5b00d55d3d94ccfa9ed3841182bcb585edd5ed3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 936
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Nov 2023 05:19:07 GMT
Server: nginx/1.20.2

GET
H/1.1 200
OK 6517545af1a71e0001de416a Show response
track.routes.name/ Frame D2CC 936 B
2 KB 146ms
55ms Document
text/html 37.48.87.182
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886384911331885&cost=0.000237&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.87.182 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.20.2 /
Resource Hash: 06460b908a77eb787c603b0c4576dd5ab921d95d37907768930c9a1df54c805e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 936
Content-Type: text/html; charset=utf-8
Date: Thu, 16 Nov 2023 05:19:07 GMT
Server: nginx/1.20.2

POST
H2 200 img.gif
my.rtmark.net/ Frame 5B3A 43 B
507 B 41ms
38ms Ping
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=40305dc809014f92b987827e6e0d06ee

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/submenu/4662728/?rhd=1&var=6003953&var3=748886376082321659&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: https://totaltopwords.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 / Show response
promo.pixelsee.app/ Frame 5B3A 18 KB
5 KB 225ms
103ms Document
text/html 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
Requested by: Host: totaltopwords.com
URL: https://totaltopwords.com/submenu/4662728/?rhd=1&var=6003953&var3=748886376082321659&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28dbc1fc8e70fce6d4418507399d189ca984f42659f90649f04ecb3097abb603

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 826d46f83cc35d90-FRA
content-encoding: br
content-type: text/html
date: Thu, 16 Nov 2023 05:19:07 GMT
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3%2BWbNAnIrtvVsRboUEg9BT1gu43a2OBuWY5ZdcQuOBd2bHg4zP%2BdfUQr7lk7z1jU2dktRySYDr5JlKAWiErS57vFNhASxyPeK8O%2FGSi7u3pq1qJ2gcRbx9jZXZF0L7zJ5WQ8atesLYULL9K%2BHxb%2FvM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-amz-id-2: tx474655d1e6a54b99a2e14-006555a64b
x-amz-request-id: tx474655d1e6a54b99a2e14-006555a64b
x-amz-version-id: 1698407678549900

POST cat.php
totaltopwords.com/ Frame 6BA6 0
0

POST
H3 200 cat.php
totaltopwords.com/ Frame 5549 0
758 B 64ms
63ms Ping
text/plain 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/cat.php?userId=95e5bd4657d541e1adbde9a6ff1863a3&zoneid=4662728&rb=gVoV-iCS63dGZDHLI-DjnHupQnnNlwd1pt3lfI5ngxAbiVrDNc6YHdPbIhrWOirR1qisKukwv-o_yQOR-XIi_AMcNBJMAhZQQIWxzD5lfCXCZ33zI21YXyIbOOyrrWhiMFDndEwxA4S_JIoLxFuPQjndJMsE08x8PevgsDLmG80JVnTxDK_5IfiXdSdnrj1BCVHB71gWxq5N-b9lDmAENZvTWnW0BI-3OqN372obG_WUCrdTkEP8d6eFWlyNufjQw4PYOHVKr4KoiPXqDS-ad0PEdDnGtvlC3qHA_n4iHEdHMH9ddLAR5D0V4ouzW83cvvVtL96kkg_24gldC1VTJfJqiSi8E61Dnho3sK7pwZeYx5kNAZQoX6NpGf6UWEVncrV-LGWnbbauQ6IL_laQ9_qjRuocwvdkz_zZcK7MjcUbce3jBZVA6gyyEuVVKtuZk8qg1ZNZtxPhCkPjMSjMbCU-xn9WZeoTKkgDTmTi6N4=&var=6003953&var3=748886376082321658&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://totaltopwords.com/?s=748886376082321658&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: b9bc7d65b2779cd3ad74942c154de356
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sVRek67Fm4eOa5qTwGHViDGjx707MRiw8J7xA4dNutTczFxbdS%2FNJ4jV8ogzMFht84Abi%2BuAX9ihwCiAPyuL3DHl2GuysVEPrYABu6jF3GLEG4zEqItiIZo3ShKvNi46e89Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f76b4437de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

POST
H3 200 cat.php
totaltopwords.com/ Frame D2CC 0
763 B 84ms
84ms Ping
text/plain 172.64.200.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://totaltopwords.com/cat.php?userId=95e5bd4657d541e1adbde9a6ff1863a3&zoneid=4662728&rb=9GqKPtD1T3i-mbPwEjbjrBpptjVmyJ6MV_YnLEgJQq-3WJIYzesFqqNeQtsLilZ9RPet1LPw16vdCcDj7f9557nsjCPmGt63rvAiTX6GYbfqrXJZEqdbZu2k51RbVB4ZRjvketXOAAc4qhkVlUbNQvXm9TwMmQmr2Q9-p4gzgMuo1PFkoBeIDel0NvXTpGWkymGvdqxEiCA-BOmCTWQGdtocwxj4tQXPHi3B9WGPEPjLa1us51FBiNkp2Gofc8E3k7OcuR4jZqoQua87Ch9A4cmeMqMyM5Qd9gAaS5xb_IK-_n7flQiMdl6JnmZccEs9axeWlGUbbdaQiBA37t69UOKmTAvupeikgicbA7W7LC3z1aIuPvgCM9jsVI3qvH-7NS-jFYutbJPbfctU6WX3Ow1tlkZKQFdPrRgvca2nAjy5GreB29x_pMxpdN6Yz8muSjBeOr3Vuo5lFr89B32SCOnWocu-Wx_ogoe325qdloE=&var=6003953&var3=748886374266180552&ymid=&rhd=1

Requested by

Host: totaltopwords.com
URL: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb

Protocol

Security

QUIC, , AES_128_GCM

Server

172.64.200.26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://totaltopwords.com/?s=748886374266180552&ssk=5471f764f1e6319b116caee3162b02e7&svar=1700111944&z=6003953&pz=4662709&tb=4662728&l=WGYVPKNMPvY53zb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
x-trace-id: 9bb48b8f744b69ddc319e5b530dc9204
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGzxWZ1i%2Bd%2BHroyqX57AJnLGp1JVOe3BF7TuBFvZrgKckijuwpgizJPcEpIHDVDRRMgVOexPXDkxMOmMjoKqgTHgVcKp3UKbGRch3B18Q82LCVzP2LHY%2FbTkJDTOV6dQ7p67Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://totaltopwords.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 826d46f76b4737de-FRA
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2

200

/ Show response
smarter-surf.com/landing/ Frame 7ECF
Redirect Chain

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Er...
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+Whic...

17 KB
8 KB

162ms
160ms

Document
text/html

2606:4700:3035::6815:e80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65e87d0c688db815f85c2929eb912c7d99864ea19010bffd50bb260d9f9bf37e

Request headers

Referer: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886384483512873&cost=0.000237&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46f949035896-IAD
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 16 Nov 2023 05:19:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=honfTKi5cl0sseddfeap%2BSmZF6O5yj%2F0Cxy%2BUJiG59x2wjIMreE7S3TFViflQCfRUk0y4m%2FBwv7%2BK0E3okkp5E8m1shG%2BmlUriM%2B6VFGdo%2BVAtGajSqYLD9wjPVq9%2FwRI%2FPrBxyTIKGQhzFMHCmf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46f8482c5896-IAD
content-length: 0
date: Thu, 16 Nov 2023 05:19:07 GMT
location: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8q6%2F5PsMzt1N4yM%2F5hJPzGcPuL7jvBnOmSg5u7KmGfCuuBlxtedIoleHlql2pAJ%2BD680sZffnRyXzfcpxNk07xTFNlb95ZjolE1Az0pvnJ7jPaEFvOpoKsvrmY%2BXeUkLop2Kk6TB3wpOo4WTeiw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

/ Show response
smarter-surf.com/landing/ Frame 6BA6
Redirect Chain

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e0&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Er...
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e0&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+Whic...

17 KB
8 KB

145ms
143ms

Document
text/html

2606:4700:3035::6815:e80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e0&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e8b7b8a6c1cbfe9120115c6a5c304b8884a7aff7cb866be7cc8036ee8db582b

Request headers

Referer: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886385381089578&cost=0.000237&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46f949015896-IAD
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 16 Nov 2023 05:19:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oKGShs4pDvLb3k6ptRe8kH6J%2F8gQiZvXXGRBw3mld37%2FZzdgpsZNQy%2BhPUzhRngg%2B%2BjJMXOSjy32wcLx8ECaezcGVibUKCo2gOkxZDPkkdhx0gQr%2FRwPIyOwkyhyvdptcj9kck0JwZOynOndBqo8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46f8582e5896-IAD
content-length: 0
date: Thu, 16 Nov 2023 05:19:07 GMT
location: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e0&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVD2G4M4LYbegLYKmHRfNyYUDorgz53%2FjPQG03ACIyg9o0fGiUOlsFVYc0xvEITMQHdqwpKv63U54Q13CbZ8TIJPh7MsFwsUM4THhZ76fzwSdJTCwqxjv1z5ycISbCWkeTewVCrQC8MzZibXwPp0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

/ Show response
smarter-surf.com/landing/ Frame D2CC
Redirect Chain

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Er...
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+Whic...

17 KB
8 KB

148ms
148ms

Document
text/html

2606:4700:3035::6815:e80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e82ff094e25d23a233de6e746954ab5167b41541038e3899a35b092823c31658

Request headers

Referer: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886384911331885&cost=0.000237&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46fad9ad5896-IAD
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 16 Nov 2023 05:19:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djw2y4kBqznOjzCXnWz6tNt3V%2FVYTM84Q%2Bz3MdTlVPrSeTFouGgfT%2BO2I6gpXoLymTvlVgm%2FD7YP51vYH4h1FLZ3dL5dMohDvFp9gOMlBiEwQzz24z51aG%2FJ%2FjBUGwul9kMIzxfnZuEo6rfE%2BlJg"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46f908ca5896-IAD
content-length: 0
date: Thu, 16 Nov 2023 05:19:07 GMT
location: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTW3%2B5RtzwOoiIz5yQ9%2F93uZNyZXgY%2BL0c8rz4DKNxZZAYkTxA3tjjSQrL8d7%2FOUqddKJRWMguJvIg8EMu5llmvR0TWvIwx1n2g3GXGq67g%2BsAWORNGNv%2FFIwtnQ3SulfCOCnGYpC0jurx6R9YDx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

/ Show response
smarter-surf.com/landing/ Frame 5549
Redirect Chain

https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d4&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&subid=master&text1=Smarter+Er...
https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d4&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+Whic...

17 KB
8 KB

136ms
135ms

Document
text/html

2606:4700:3035::6815:e80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d4&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
Requested by: Host: www.responsinator.com
URL: http://www.responsinator.com/?url=https%3A%2F%2Fiqfmvj.com%2Fchecking-browser%3Fh%3DwaWQiOjExNjkyMjgsInNpZCI6MTI5NTQwMCwid2lkIjo1MTA2OTMsInNyYyI6Mn0%3DeyJ%26si1%3D%26si2%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:e80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3398d30b556b6e0881755cb7dacaf7dbced37dc3673d4c55bc72a581ae9c1a84

Request headers

Referer: https://track.routes.name/6517545af1a71e0001de416a?sub1=4662728&sub2=7481977&sub3=broadband&sub4=chrome&sub5=windows&sub6=DE&sub7=19120475&sub8=31173%20services%20ab&sub9=desktop&ref_id=748886384911331846&cost=0.000237&os_version=10.0&oaid=40305dc809014f92b987827e6e0d06ee
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46fad9ae5896-IAD
content-encoding: br
content-type: text/html;charset=UTF-8
date: Thu, 16 Nov 2023 05:19:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5gCsNndpCuoeESNTPCwO%2BvlXCGrZRqxUp2y2Zqh6JaxSCoIjzGprPvgvkjOfa%2BVSWVkxMFOYZi63B62anjWnmeuZJt%2FClOHzusSFu6%2B45bKLPe1EQgRL7PhuWnvjoMPCjeBjsmB0W7K7MMIoxIw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 826d46f938f95896-IAD
content-length: 0
date: Thu, 16 Nov 2023 05:19:07 GMT
location: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d4&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zn2mzWNdFHH4NM9hfFiBVELamKu8A5VrgV0oaYAwLHCE312vBP6mGy5y9nILd05f9FDledxlcMqlpTx9KJT7r2dncRA0rFnymQnOGQ%2FkGhYrlwj1nNZ4R8JjzxFYaB9le%2FHa4rJqgyejSn%2BMnPgU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
fonts.googleapis.com/ Frame 5B3A 7 KB
1 KB 352ms
81ms Stylesheet
text/css 2a00:1450:4001:827::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

481ae7ff0d53d45d9d93b8247dd3a3f7c0e901954851bb6350aeccd0bd54938f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 05:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 03:34:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 05:19:07 GMT

GET
H2 200 style.min.css
promo.pixelsee.app/css/ Frame 5B3A 31 KB
6 KB 58ms
56ms Stylesheet
text/css 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91228866dbbc573944d948402536e1b470d67c5ae67e1c5cdfcb15cb5eb984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
x-amz-version-id: 1698407678343351
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txa17b568edf4847eaa18d0-00654b69d9
age: 2690
alt-svc: h3=":443"; ma=86400
x-amz-id-2: txa17b568edf4847eaa18d0-00654b69d9
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: W/"583046cc62873e13de5979a19472fefb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FUZ%2FpVnsR7d%2BpDtPUNOsLYzT6q5gjdd14YrZw6HhMS4Ska71K9sPx5%2Fj2P%2FTnsa%2BZ%2FzxsZ8QgynuEdsS8NY8VEhRTRNCtCrf9h1e%2BIThSKEi%2FdHUp25SZ5ExUvuykeJjR9xUJwEzSjGpftZUodyDSA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 826d46f8fd2a5d90-FRA

GET
H2 200 baloon.min.css
promo.pixelsee.app/css/ Frame 5B3A 4 KB
2 KB 44ms
43ms Stylesheet
text/css 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/css/baloon.min.css?ver=1
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf0481bb01e37a5b5cb2388e817decdc4f90e7cbd5994c55b05d7d4dbd86815f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
x-amz-version-id: 1698407678328515
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txc24c49bfa42d472b97f03-006543264a
age: 4261
alt-svc: h3=":443"; ma=86400
x-amz-id-2: txc24c49bfa42d472b97f03-006543264a
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: W/"e38b048988db68478be49dda0683fa7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Prp2IqjivyTyQNEEvUq7Hp0XGI6GzYl0Q%2FJFo3Nj9Rs5Mhdo5Vq0eYY8PPlY9unUSpWv%2FkISvWYlvy%2FEKj59hf0MggMFOy5NgGEKf2FlnScsxVSqlqKp2KymLK3LLmhiYvdrw5RT7L%2F%2BGlRiQt5y0ks%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 826d46f8fd2b5d90-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5B3A 278 KB
92 KB 255ms
90ms Script
application/javascript 2a00:1450:4001:806::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8a6183dc103ba390d85c33cc265f30d4127c8d3ee0c407b0bb14e27f8df1e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93790
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 05:19:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5B3A 149 KB
52 KB 278ms
101ms Script
text/javascript 2a00:1450:4001:830::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

966fb851b30a5de85a96bf1093fc34837e01305944887ce39b3689fc916cc09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Origin: https://promo.pixelsee.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52684
x-xss-protection: 0
server: cafe
etag: 4045744232113490368
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 05:19:08 GMT

GET
H3 200 logo.svg
promo.pixelsee.app/images/ Frame 5B3A 2 KB
1 KB 49ms
42ms Image
image/svg+xml 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/logo.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407678480852
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx6b419180de684667969f0-0065418b74
age: 5692
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx6b419180de684667969f0-0065418b74
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: W/"9bb77a42ae4c13b0a557d3496c62af46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sngt44b5yvInSSgdyRKM1SPciW0ulX%2FkQI%2FtuLbXoKg%2BZmQiHycnqChAmofk3Yqhisrqgy7%2BjYcaZnym%2FGlx8jvBozNorV0Vev0RD2j2uEzIJ%2FkGe4o4F2se9vmoILHpr6mWjpQdYw4v0D9%2BwRmSYY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 826d46fb48c5198f-FRA

GET
H2 200 email-decode.min.js Show response
promo.pixelsee.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 5B3A 1 KB
1 KB 35ms
34ms Script
application/javascript 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://promo.pixelsee.app/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 16:24:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654bb64b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqtX2cImcaVtyifnemV0J6VS6S%2Br0hd6CV4xRJKJosbg28MxEnX6n50%2FvZCenjdqM1jiuWTK34f4Wu9fUzV7OAPJCIJsS4Efq36f8fHXac%2FIE4BsF8R3sK2WGKQHm5scPBwcYbJ0KvNJ5nvI4oJb2xM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 826d46f8fd2c5d90-FRA
expires: Sat, 18 Nov 2023 05:19:07 GMT

GET
H2 200 application.js Show response
promo.pixelsee.app/js/ Frame 5B3A 126 KB
40 KB 47ms
46ms Script
application/javascript 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/js/application.js?ver=5
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3df092eaae166da10816677a4f0ce9806109f31b5ce60630688da3bb9aecdaf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
x-amz-version-id: 1698407678565766
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txa33271b5ee1e4d94a058d-00653ba4ff
age: 343
alt-svc: h3=":443"; ma=86400
x-amz-id-2: txa33271b5ee1e4d94a058d-00653ba4ff
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: W/"ef97b9847829ea219d404ed496472fa0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHHsf56ODrGw5F1k%2Fu6M4P2EX%2BE%2BxPcZidpuKr%2Brbp9Fa17S7yDmGx9B1MqbN%2F0Zf5cm45jHfaXyKKNJsGYOeMDHAofs8dzD8xNJAEDDBoNj3QT%2B34my4nrA2x2gWsueKC5UCE%2FVZg%2FUDOskvRR7Yy0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 826d46f8fd2d5d90-FRA

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ Frame 6BA6 152 KB
24 KB 86ms
30ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: smarter-surf.com
URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e0&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1821165
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FDAdVdN7z%2FVtws%2FzGGIT73IFQ88ZnsxccU1LoUGJTGjV8i4bbWRfQBJFFEhm8fpCCwkKoMgS2kXPhdBqMot3E7BiWkBquMRwoDXnFT283JbewDoOABLp1Di7iWl7ma4jaMOohFNN0%2B5eeXRMHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46faf89e6a78-TXL

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ Frame 6BA6 79 KB
11 KB 86ms
31ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54401
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230078-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbiJ8AqrHCPm5u3J1vDfdy0Q1U%2FIgLnrjxtQUO0uI0MzZe7%2FIHGryFqjmD8XIdoF9MzQlxUdXDZJIxwIRWAOIpkmlR548dH6%2BcWHXk%2B3jwsHkJvAajmlieyxxVT8akQpEpF69Gs%2F2unLfXX7ZIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46fafe4c58d8-TXL

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ Frame 6BA6 77 KB
23 KB 103ms
48ms Script
application/javascript 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1575317
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230080-FRA, cache-yyz4577-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvaHHIydtjx8l91ezumXXthdBV24LV2L%2B7rQ1JsRcTHsfOKvM1ivejdNJbdVBEqYQwr0JozEnLM3h3j2l%2F5mydpw1cqGBI9g8KG3e3CevBowDcbQEHR4fmnxfTYymCJa%2Fs2cNTVGoOQYcPWbGug%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46faf8ab6a78-TXL

GET
H2 200 ua-parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ Frame 6BA6 14 KB
6 KB 69ms
24ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ua-parser.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5456
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-38ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kX71xZPaDaRzXlC1PMUuKP1BpmMpfxitMqT42nR63Nhkz3RNv8BCjAQ2m01xn4%2FnT7ut8semx8K%2FG6XZli2IXqGTTJuYEPOvl6FY8d90kzRZAQmweUf%2BWfJRuoOta%2FMJ7qJH%2BJ55UcnnEAk3TjFY0taA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46faecafaca9-TXL
expires: Tue, 05 Nov 2024 05:19:07 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ Frame 9FE8 152 KB
24 KB 89ms
46ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: smarter-surf.com
URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b1c06c900017b39da&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1821165
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lruoJDDKWTRRdbC5VB4%2B1Qt1Rov%2ByQw%2BkjAa5tlAZkuiacbfhOu3nEslO45Qg%2FqtBtG4YSqq%2BBKFY4QlNBkg1w3ouzObALbtwuA4fdZpSURJcb7KnizHMGHX2VpF5OD3P4Rt2z7onMFjs6NGvsA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46faf8a36a78-TXL

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ Frame 9FE8 79 KB
11 KB 76ms
34ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54401
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230078-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FxsJX2MweA9I3pzMN3IfGJQ5PIQwIVj7h9EjXxtvxUXMNLPxIrmRO9S7rMiRM1xludtzQJtcasSDkUx8VdHgzJlIW14As3KWrexx%2FB8RBe9%2BdvtuJ0qr%2BPEUvPAAvOgZGoFBOC2In3r0x1MUdA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46fafe4f58d8-TXL

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ Frame 9FE8 77 KB
23 KB 79ms
37ms Script
application/javascript 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1575317
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230080-FRA, cache-yyz4577-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NAIlYd%2Bly%2B5F6D9NwQaEJbdDRYrP0qMU0eTOh8u8k4yNyjojZQLDi5Bywx3IfYXQlKcuQAIJ6BdxdaVf56epxG10uMwZHn%2BqRC2H3t1xfcSQmCrPBd0kSir1wExWH067YdC%2FKJLDxhdtOANROs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46faf8a76a78-TXL

GET
H2 200 ua-parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ Frame 9FE8 14 KB
6 KB 56ms
26ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ua-parser.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5456
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-38ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8DnJjmFa2CD52g1a232sIwgmqqdumAiwEwb0N4VZbk51zkWO7w3NTxFCRzkyF%2BpU6IVtczU0MUuw9c0042wcfZnRbPUhxZfaEFnGC9g4ptZAq5q76SdCB%2BSrQAPlDTqhS35Y%2BPvnRJFOSvDZqNe4aSn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46faecb2aca9-TXL
expires: Tue, 05 Nov 2024 05:19:07 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ Frame 7ECF 152 KB
24 KB 78ms
48ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: smarter-surf.com
URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1821165
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTSXM%2FxOTOKoO9Y7P9xSeuYe5kWGavvVODmo7brY9UqaTrVxPYmLTto4KKybFefbLJRgFqI79vzADNwFISXfBaZrfSHsBY1t4G1XI6i6NPnGx0Rgc1w3Pe4lZMtb425FCBtKFnt%2BNZzj30CuhI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46faf8a46a78-TXL

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ Frame 7ECF 79 KB
11 KB 56ms
27ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54401
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230078-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dCv29uKKy9%2Fu9Mz7P6IflyDt84cDzK67431IWMvqYj0DHIpey0w3JG8p6zwUfb2XtOQ8QbTTphAxvR0n77d0Ubjg%2BuCFSveBj9WAC64wUmz2uaH1aw2ALDdxCWGOiA2kfgYjoBsWYwkaAEPzedE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46fafe5058d8-TXL

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ Frame 7ECF 77 KB
23 KB 57ms
29ms Script
application/javascript 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1575317
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230080-FRA, cache-yyz4577-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPvkC4ifILmNeVZyhBbRJVvb6klVUAg1T7fq3IUbsmtnsv4P7zNzNstjblWhu3AcdebOyM25FOhTe3VhCVGkAoDAQ7KrRqFIucvuyWtB%2BOUcfN7cj1exuHvsG3%2BLq6tOnMzGIdzUXu9MkLWiANk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46faf8a96a78-TXL

GET
H2 200 ua-parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ Frame 7ECF 14 KB
6 KB 45ms
28ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ua-parser.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5456
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-38ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTnc0gBTbOquAfPy1PRZiGfAvaw6p6%2BSKJyRFTeKu2iWvI5qbZKcReFB5XYeAM6%2BWsT5gPZGsG2BrgvRFybR1GJiThX7T1RD5gcqzZJp%2B%2BHi8FAv8z%2BIoA0eip2cKNAp0A4WKkZuaU2CYr2cuBuyaCFl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46faecb3aca9-TXL
expires: Tue, 05 Nov 2024 05:19:07 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 5B3A 202 KB
54 KB 98ms
29ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Nov 2023 05:19:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8rc5W5vxB7PCWvIGj+EidfeD0AaWJ+NXTtS2+/sO4rjynlmO8focKIxs0hxNe1AeZa04+eyyYxWTsQzyzqB2ow==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 5B3A 200 KB
70 KB 307ms
143ms Script
application/javascript 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Nov 2023 10:50:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6553510e-11399"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70553
expires: Thu, 16 Nov 2023 06:19:08 GMT

GET
H3 200 sprite.svg
promo.pixelsee.app/images/ Frame 5B3A 1 KB
1 KB 45ms
40ms Other
image/svg+xml 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.pixelsee.app/images/sprite.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e2eeed07fc3c528683b99c4228190009025c38148de912b6407791ae59b5fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407678500862
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txcf119117d45749f296066-0065503790
age: 3972
alt-svc: h3=":443"; ma=86400
x-amz-id-2: txcf119117d45749f296066-0065503790
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: W/"4e5148bc1a0851551c8ada00c5701ed8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y08gHyVNJItTL0UwkA1nX%2BUO%2BWGMCsNLdtnnVDXOZT2mY2Vv2dw2c093vVDJFpAuanvKfWr%2BPXS4tqD99FvWKzbUTwhac5IqZPZqV5OeDSm4z3fJjDIeY8iKRcBmkzNgNbROZsSe1rZcc0%2FZmZqvNBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 826d46fb48c6198f-FRA

GET
H3 200 logo.svg
promo.pixelsee.app/images/ Frame 5B3A 2 KB
1 KB 46ms
40ms Image
image/svg+xml 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/logo.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407678480852
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx6b419180de684667969f0-0065418b74
age: 5692
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx6b419180de684667969f0-0065418b74
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: W/"9bb77a42ae4c13b0a557d3496c62af46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvBEa%2BCwRvNmez9D4UebFKGSuO43hZ%2BBvUiXF6tC%2FT8Yi91F6ECaNdNm3fKBsQxz7XQw%2FDJyR%2BwgE4TY%2FOCd3VpiX9NheP0%2BbwRptW11n3lTXbP8lzcm5%2BSbdyQ32jFcWXVzkfsPa5d0oJE1gtIglBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 826d46fb48c7198f-FRA

GET
DATA 200
OK truncated
/ Frame 5B3A 288 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c1707b307f1584c490c249330da68d304fdedd73422b6328fa440442f52e97e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 icon-play.svg
promo.pixelsee.app/images/icons/ Frame 5B3A 231 B
765 B 48ms
42ms Image
image/svg+xml 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/icons/icon-play.svg
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495358f422e19339e0c53ded45e198a434592da355c58b53451810e239a62169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407677581600
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx271a01c10c264556825a9-00654c6198
age: 6677
alt-svc: h3=":443"; ma=86400
x-amz-id-2: tx271a01c10c264556825a9-00654c6198
last-modified: Fri, 27 Oct 2023 11:54:37 GMT
server: cloudflare
etag: W/"9fa059b1263d655c92304062c10cc3ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1PIr2AKxyb0i6qb%2Bz0vnMP2BbWtG79OIwnrpgauDiWzcvSa%2FXIPD7xLDmX2nmqR0kmG0YJFM2IWwVCZNlpZdUuIec4%2F5rjQ87iW0hPkB85ppcW%2BKWHB6wEctZVHjbP%2FiHuTx%2BujqkemVHdoegjYw60%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 826d46fb78ec198f-FRA

GET
H3 200 tv.png
promo.pixelsee.app/images/load/ Frame 5B3A 476 B
1 KB 50ms
44ms Image
image/png 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/tv.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8724a4ae6581bb3559a23b285a6c4628e339a6b719cf8ffcb5d91cdaf2fe0bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407678466356
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx49ae7257cf404f5387d80-00654aedff
age: 1889
alt-svc: h3=":443"; ma=86400
content-length: 476
x-amz-id-2: tx49ae7257cf404f5387d80-00654aedff
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: "03be608276b4b9c8d314812f18a9feed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAmAIzUe9zlHdEgWWtvsARrrC0f4TBHs%2FqKpb3h%2F78UuODGjhaOdO7YhnWolKyge6X2P6GCne7fkLmYor%2FpMiH9MDqhVonvNNee3HQXSF40g7iGL4RJDGXafBas3aljukIGiy7%2BEH6SROVubs3flhJE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826d46fb78ed198f-FRA

GET
H3 200 playlist.png
promo.pixelsee.app/images/load/ Frame 5B3A 215 B
799 B 48ms
42ms Image
image/png 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/playlist.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b8fbaded24ceaa6e1c817e2a3cd84c3a3344eba0fad1f146720dfc995ed77b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407678441886
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx486f0bd9e5204def925af-006541aa40
age: 6676
alt-svc: h3=":443"; ma=86400
content-length: 215
x-amz-id-2: tx486f0bd9e5204def925af-006541aa40
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: "38868742975def4cf1abe3c2034c968e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aq1n%2BzPNVMet%2FPNS8B9E1yaNYUDWsZN2m7ZzzIAvu%2BXP2VpbOiWfYrCH6ck6u5FUfT8eLpRTtLNS0wh00ET6pm3MkHoPCvgVdBGaxLWm9n3k4%2F1nL989btDiYOvfoGIDBODyWG3IN%2BB3ba2gPSlEd00%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826d46fb78ee198f-FRA

GET
H3 200 pause.png
promo.pixelsee.app/images/load/ Frame 5B3A 552 B
1 KB 48ms
43ms Image
image/png 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/pause.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7673c1ead17d751d2b588c6f8089b0fff26ae90ce8d14e704a0965a6ff37b57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1694514661973689
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: txfa675513bbdf427a825bc-0065164131
age: 6676
alt-svc: h3=":443"; ma=86400
content-length: 552
x-amz-id-2: txfa675513bbdf427a825bc-0065164131
last-modified: Tue, 12 Sep 2023 10:31:01 GMT
server: cloudflare
etag: "7f147decd06cd1ab5a8f539d55ceffe6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGZAl8HAG%2BZm2tEuDsmRALB%2Fdi8D%2BWucxqcpaXd6qTXJ3OKSyQavZGHh9oY68D91CYVBmU4Sr3SMPxdhWPGd2b0XkLHShlYp3dl0ZOwn%2BZ4IRBR3hFP%2B3ba1HPE6jWDzGhqCMrDOKqahmEnu1MFTHeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826d46fb78ef198f-FRA

GET
H3 200 subtitles.png
promo.pixelsee.app/images/load/ Frame 5B3A 193 B
772 B 50ms
45ms Image
image/png 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/subtitles.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27554c42cd0c0bac487ef78447d427d5e5ba8bd24bb94289a9f9d435df468897

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407678465863
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx9001bb63705244c593ab1-00654c5415
age: 3971
alt-svc: h3=":443"; ma=86400
content-length: 193
x-amz-id-2: tx9001bb63705244c593ab1-00654c5415
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: "a47325f449f3eb00d2f47d61f39eb065"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qoK4Sv1fj208H3Q7d44%2BPMdQlJ3ecVwyxfLKLW0OK%2BOxZ1evO5yLCIQnEpikfDq9CUD9teoxlldHvtPYcx2wlxrL17xaAfSH2m0Xfpgy9gsaszWFpcqWj7ZIeNDw2pOL8995poPU90D1rpEld2DfjkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826d46fb78f0198f-FRA

GET
H3 200 windows.png
promo.pixelsee.app/images/load/ Frame 5B3A 214 B
793 B 48ms
43ms Image
image/png 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/windows.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c45931772e5bb04bb6e0d142a114a3bbe2ebb28c94ed4c0eb58cbbd4ab58ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407678488312
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx37945049b1674658a2985-006540931c
age: 5692
alt-svc: h3=":443"; ma=86400
content-length: 214
x-amz-id-2: tx37945049b1674658a2985-006540931c
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: "1982b726d7da6c46b504c6d859edb218"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2PdvtO885EvHDFvMuvMipkBUg2I9ZlxqNPp5tqdpp2Y3ldnGni9EFEkF5o7LKNP6stwVZ71y5VJDiA4ev6gBa8Zgu7bGGf61Xhf45TTigAa8ySX9pSU8nnET6bGJTBtwxVYtfjCmmAFyldmMnVk1Vk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826d46fb78f1198f-FRA

GET
H3 200 play.png
promo.pixelsee.app/images/load/ Frame 5B3A 411 B
999 B 51ms
46ms Image
image/png 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/load/play.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3440aae42853188c66d8631208b1fad7b580e2b7e065403d1387306d6e7ef558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407678462718
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx4a396e749057483894a52-00655019b3
age: 835
alt-svc: h3=":443"; ma=86400
content-length: 411
x-amz-id-2: tx4a396e749057483894a52-00655019b3
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: "152bad15fdcef8e2dc4248fd58794e7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sg8ekCl%2FyjK62yP9zSD%2B4rEcvYOaD9FdA5kTObS3g0IxQrBy%2BhLoRCXLkYN%2B%2Fi24Mej8ixr9Jg2a3pRkddKn6RqQ3KpDZbBgS7qdcKv07VjGljyZSSzOIxTwOZ2UucaUvjaEaoBEDCZKqwr0hPqk%2FBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826d46fb78f2198f-FRA

GET
H3 200 footer-decor.png
promo.pixelsee.app/images/footer/ Frame 5B3A 3 KB
4 KB 47ms
44ms Image
image/png 2606:4700:3031::ac43:88f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://promo.pixelsee.app/images/footer/footer-decor.png
Requested by: Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/css/style.min.css?ver=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:88f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b75d4c73aa7751c553a5191f8cff5d139a9f77717701f6157963e810bdb937c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/css/style.min.css?ver=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
x-amz-version-id: 1698407678355330
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx71d8e1a170c443c7b14d9-00654b962c
age: 5692
alt-svc: h3=":443"; ma=86400
content-length: 3474
x-amz-id-2: tx71d8e1a170c443c7b14d9-00654b962c
last-modified: Fri, 27 Oct 2023 11:54:38 GMT
server: cloudflare
etag: "af15b8bc22a4d8aa6166d1f8e1ff4c67"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mg5WHZo5em%2FnlDsr52WxZwqFlOOyd8M9dVEKMyUaQ%2BimeCvCGwog1RwOHuvy4nmkfPAQ8bCkNCDPDFkUGxWD6thfCGJetqn9CoITNITFSxQe%2BI7jRM4Iuyg5tSN%2Fn8NhULvXwxhEpbY5aCoSbjvaCWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 826d46fb78f3198f-FRA

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 5B3A 32 KB
33 KB 234ms
76ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://promo.pixelsee.app
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:41:35 GMT
x-content-type-options: nosniff
age: 113853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 21:41:35 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ Frame 5549 152 KB
24 KB 32ms
28ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: smarter-surf.com
URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64b77be6d00012358d4&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1821165
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87DMLz2ZyPNLDocNdUKd4JOeUxh8ocgDE7rpR7nL2shHDkBHy2WXYxt3Hh4pLW4XqbfIU5ESS9m7fgCbSdLqbwmGDJDuCsR%2FDvXBWHFPSFi3x%2FWb4QK%2F5XwAdu39kaH3ckROPdUGPkl%2BwVhe2Eo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46fbd9e26a78-TXL

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ Frame 5549 79 KB
11 KB 34ms
31ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54401
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230078-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Agwbn7N6SsF%2F7COqtk10P7r%2B13Uo%2Fk0pq4HIhI5GLSdfKenYznZpjRPie4w8bof4uHQTGU%2FYGKTmFj0T280fqguW0PleVEpsM1gDOGof1LPZ2AFtkGrWHDKiGzIGBuM0hJQb4icEaeCFlrEB4TA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46fbdfb758d8-TXL

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ Frame 5549 77 KB
23 KB 32ms
31ms Script
application/javascript 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1575317
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230080-FRA, cache-yyz4577-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyYe0mxe%2B8jolevXvepwjksxoOpVEzt9lJ3xI1AR1KGh0nWXJh%2B7PF6ZFIRoV14QeBOnvBeZyE3q2gdcbllVDXyHyOfHhOhNbHEtoZE%2Fe33rU8JSKsJeTnKveL40QIvIEtRkXOzGWxYOAmsE8dI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46fbd9e46a78-TXL

GET
H2 200 ua-parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ Frame 5549 14 KB
6 KB 34ms
33ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ua-parser.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5456
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-38ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4gvQo0%2Fa%2FY6hBQIi4Sr8kqLSHKp181LM2xHqxJY3iDcGbSHVqyVlVn8yEXgUraSZZsgBK7wL6F3SNrn5t1CmgeTTh%2FUzd3%2FLbCZzZcalfjlb1ZgDV5ZhJzfCDq3beZMpyXIQF40%2FpRG5ZiTGEiD47OgI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46fbddf1aca9-TXL
expires: Tue, 05 Nov 2024 05:19:08 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ Frame D2CC 152 KB
24 KB 33ms
30ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: smarter-surf.com
URL: https://smarter-surf.com/landing/?a=domain-ab&utm_source=3&utm_campaign=6555a64ba8d07a00017479e2&title=Upgrade+Your+WhichBrowser+Experience.&incogdomain=suggestive.com&text1=Smarter+Errors+For+WhichBrowser&text2=Click+continue+to+open+the+WhichBrowser+Web+Store+in+a+new+tab+and+install+our+WhichBrowser+Extension.+This+Extension+modifies+your+browser+to+improve+annoying+internet+error+pages%2C+provide+useful+information%2C+and+give+you+a+much+more+enjoyable+internet+experience.+This+extension+is+monetized+by+providing+multiple+search+options+from+Google%2C+Bing%2C+and+Yahoo+in+multiple+tabs+along+with+other+affiliate+offers.+Using+the+extension+allows+you+to+contribute+to+our+project+that+is+working+to+minimize+internet+errors+and+improve+awareness+of+internet+outages.

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1821165
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2FB2mv6hqbsO8KbbQrWRZvhOeQTkYuJV331yopM%2BaE24%2BUHRVJT1AF8PHHEvmvXiqFd47jW1UwQhvBTcrvk10t6btW1fGphLbgbYuO9Tf%2FWt3mSp8bOT0oNiNiwSFkDvuEzEaNE20VpkTP5WCNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46fbf9fb6a78-TXL

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ Frame D2CC 79 KB
11 KB 30ms
27ms Stylesheet
text/css 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54401
x-jsd-version: 1.8.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230078-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9MCQ86ZebzwCzWYOJvzIhppL6aVWEHIMxgVLMDZyAlN8pfJNAQywRh2H%2FHzf1hVAziXjJ0VpFz9ypBHw2ZBnrI42iFSlgl0rhz9HwHnSPVeWyU860b68JciifQ6gHGv8xPSFX1kfQKkqZLAdGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46fbffdb58d8-TXL

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ Frame D2CC 77 KB
23 KB 29ms
29ms Script
application/javascript 2606:4700::6810:5814

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://smarter-surf.com/
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1575317
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230080-FRA, cache-yyz4577-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILHy4xdWHDrGBioSFHROSRULjwB59cIq4dj5WZcvrx5MUvSXqoQEafksSAV7Hdgk%2FtaE7FG%2Bs3fWLKAu%2Bk6%2FTVFceMLnLeQbKrHHsyIV87I3e%2Fr0ukoN5tguug240K9Ib9HNev0Iqs8KeOELie4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 826d46fbf9fc6a78-TXL

GET
H2 200 ua-parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ Frame D2CC 14 KB
6 KB 34ms
33ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.20/ua-parser.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://smarter-surf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489212
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5456
last-modified: Mon, 04 May 2020 16:04:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf3-38ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48oNmWx6nfRETIJzstIP3EHJiOhLkF%2BnaNFFLGvYhVSrq3ZtW2k3HO8w5mdjU7WLfalhKMWqcWK09boYI0fE4iYEiKSBDybH%2B69KbRmWEUoLngRoH58PzpgnN7nL4w7PZ0I3gz3hixkx7SYfAJPQ3sNF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46fbfe15aca9-TXL
expires: Tue, 05 Nov 2024 05:19:08 GMT

GET
DATA 200
OK truncated
/ Frame 7ECF 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9FE8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6BA6 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9FE8 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6BA6 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7ECF 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 chrome_48x48.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/ Frame 7ECF 3 KB
4 KB 50ms
25ms Image
image/png 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/chrome_48x48.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3171
last-modified: Thu, 07 Apr 2022 06:36:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "624e8672-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObFUXPZEJC1j3OrKee5KNLueoSbnQnUXog8NVUpjiiE%2FWlXVu%2BQn2icEFX5Z8kh7BzwhVpwwO9659aKQRGLwDudMYiiOt1pYaOH%2FG3oJiYZZG2%2BgG9tB2mzQRSKWxdBV0oBACT39Tf23PW6VywyoD7ag"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46fc8e9f58f0-TXL
expires: Tue, 05 Nov 2024 05:19:08 GMT

GET
H3 200 chrome_48x48.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/ Frame 9FE8 3 KB
4 KB 50ms
27ms Image
image/png 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/chrome_48x48.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3171
last-modified: Thu, 07 Apr 2022 06:36:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "624e8672-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B2bx0inbQrYyVhLRIOTHyDImquEAcw3lAxmextwlDyivzwgXkhqb%2BtSp1xpoc5bAYp1HpKVvHdQ2uFWamYF%2B%2FYsjtbNZuNX4qaiDDZbY6HlXMgZiofEcn58qGHEF28dIO52jsooa%2BOLFiMU7N65%2BMDz"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46fc8ea358f0-TXL
expires: Tue, 05 Nov 2024 05:19:08 GMT

GET
H3 200 chrome_48x48.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/ Frame 6BA6 3 KB
4 KB 34ms
26ms Image
image/png 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/chrome_48x48.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3171
last-modified: Thu, 07 Apr 2022 06:36:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "624e8672-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYsSUggjFdxOBaSsu0cQXqf8qDMt0ftDWzPie%2F3lxqJHG9V51mK03Yil8R8u%2FLcVollAJOf%2B%2FQ4vah8lbPj9wO4VOFLPrTPkXi8odiaEIQx7l2B%2Bc1uFvv4S8JW%2BAOPH1WUQx2G37pQrZexj9m2FHDyW"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46fc8ea058f0-TXL
expires: Tue, 05 Nov 2024 05:19:08 GMT

GET
H2 200 787001845751676 Show response
connect.facebook.net/signals/config/ Frame 5B3A 134 KB
35 KB 33ms
30ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/787001845751676?v=2.9.138&r=stable&domain=promo.pixelsee.app

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

bbd1144d78ff1aa2d0a69e6981658cd23e417436e56223ffcfa69fbd778964bf

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Nov 2023 05:19:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35836
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: sP6zZwV23Zm6k2FwwmWDLkk++LVIHXhpfQFbMq7NwvsN4t5TLJXzu8k46xKc/XJccDf3DwG2P+iESQRlWH9JMg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5549 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D2CC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5549 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 chrome_48x48.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/ Frame 5549 3 KB
4 KB 28ms
27ms Image
image/png 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/chrome_48x48.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3171
last-modified: Thu, 07 Apr 2022 06:36:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "624e8672-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TZBM3bVpzYvW%2FnvKLaj6VPo6UlpFZxoFX0o5mUTiRks5QfaGS5VPa7iqVB%2Fa9ku4SlfO0R%2FZOgsAyxmWO0sgX%2BNDvpqQCQps00O5gGkT6kig5yjun1ak8v6h%2FeVYQPVrPPFqv2hyH5OuG8fsjcHIgFZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46fd0f5058f0-TXL
expires: Tue, 05 Nov 2024 05:19:08 GMT

GET
DATA 200
OK truncated
/ Frame D2CC 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 chrome_48x48.png
cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/ Frame D2CC 3 KB
4 KB 25ms
24ms Image
image/png 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/browser-logos/72.0.0/chrome/chrome_48x48.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://smarter-surf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1489211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3171
last-modified: Thu, 07 Apr 2022 06:36:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "624e8672-c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhgnrReZSbShsnzC%2BlFjFZjW0cd9Gj1dRrFBOCng5Tfb%2B72pyoSFTBtW67GL1Fx2Ab1jU5eOAWEdlk2%2Bh%2BPFLQovQJGCr%2BkP7dpdAmxPa1bzfSXlY3ZSV6SZx1PNmp7MHFk5aMJaTwKN7VGremee304l"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826d46fd1f5e58f0-TXL
expires: Tue, 05 Nov 2024 05:19:08 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 5B3A 0
185 B 515ms
29ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=787001845751676&ev=PageView&dl=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023%26sub2%3Dpropeller%26sub6%3D748886387130118436&rl=&if=true&ts=1700111948484&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&ler=empty&it=1700111948288&coo=false&rqm=GET

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 Nov 2023 05:19:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5B3A 186 KB
67 KB 85ms
84ms Script
application/javascript 2a00:1450:4001:806::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TKL2XXV026

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e9022fa60088b55dc138e383418381425b6394322946c9d0a9debe9fc3140b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 05:19:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 5B3A 400 KB
135 KB 270ms
117ms Script
text/javascript 2a00:1450:4001:830::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5826337412698082&plah=promo.pixelsee.app

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

25be323791f93a6fb181efbfd8cc63f4c20d4927ea64bbcd5a8d351b24138e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138525
x-xss-protection: 0
server: cafe
etag: 5865063493733901530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Nov 2023 05:19:08 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 1445 9 KB
4 KB 250ms
78ms Document
text/html 2a00:1450:4001:828::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5826337412698082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 17:19:37 GMT
etag: 16674218716276178799
expires: Wed, 29 Nov 2023 17:19:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/95374876/ Frame 5B3A
Redirect Chain

https://mc.yandex.com/watch/95374876?wmode=7&page-url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023%26sub2%3Dpropeller%26sub6%3D748886387130118436&cha...
https://mc.yandex.com/watch/95374876/1?wmode=7&page-url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023%26sub2%3Dpropeller%26sub6%3D748886387130118436&c...

445 B
603 B

73ms
72ms

Fetch
application/json

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/95374876/1?wmode=7&page-url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023%26sub2%3Dpropeller%26sub6%3D748886387130118436&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A696547093864%3Ahid%3A825801889%3Az%3A60%3Ai%3A20231116061908%3Aet%3A1700111949%3Ac%3A1%3Arn%3A444634223%3Arqn%3A1%3Au%3A1700111949314660086%3Aw%3A736x350%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C91%2C102%2C1%2C6%2C0%2C%2C506%2C11%2C%2C%2C%2C739%3Aco%3A0%3Acpf%3A1%3Ans%3A1700111947409%3Arqnl%3A1%3Ast%3A1700111949%3At%3APIXELSEE%20%7C%20Your%20file%20ready%20to%20download&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

386fef9e804732bcc78833fa5363f421d45e940244e06f15b05b77e052db6d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 05:19:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 16-Nov-2023 05:19:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://promo.pixelsee.app
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 445
x-xss-protection: 1; mode=block
expires: Thu, 16-Nov-2023 05:19:09 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 16-Nov-2023 05:19:08 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/95374876/1?wmode=7&page-url=https%3A%2F%2Fpromo.pixelsee.app%2F%3Fr%3DPropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023%26sub2%3Dpropeller%26sub6%3D748886387130118436&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A696547093864%3Ahid%3A825801889%3Az%3A60%3Ai%3A20231116061908%3Aet%3A1700111949%3Ac%3A1%3Arn%3A444634223%3Arqn%3A1%3Au%3A1700111949314660086%3Aw%3A736x350%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C91%2C102%2C1%2C6%2C0%2C%2C506%2C11%2C%2C%2C%2C739%3Aco%3A0%3Acpf%3A1%3Ans%3A1700111947409%3Arqnl%3A1%3Ast%3A1700111949%3At%3APIXELSEE%20%7C%20Your%20file%20ready%20to%20download&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://promo.pixelsee.app
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 16-Nov-2023 05:19:08 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 5B3A 43 B
477 B 135ms
121ms Image
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:08 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Nov 2023 10:50:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6553510e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 16 Nov 2023 06:19:08 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5B3A 52 KB
21 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-229973687-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 03:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5368
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 16 Nov 2023 05:49:41 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 000B 603 B
245 B 241ms
239ms Document
text/html 2a00:1450:4001:828::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5826337412698082&output=html&adk=522671305&adf=2681834968&plat=1%3A520%2C2%3A16777736%2C3%3A2163200%2C4%3A2163200%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.responsinator.com&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&dt=1700111948645&bpp=5&bdt=999&idt=465&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&nras=1&correlator=5837008031970&frm=8&ife=1&pv=2&ga_vid=1827934561.1700111949&ga_sid=1700111949&ga_hid=1520747732&ga_fc=0&nhd=1&u_tz=60&u_his=50&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=736&ish=350&ifk=1124752372&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C44806141%2C44807763%2C44808148%2C44808285%2C44809055%2C44809071%2C318512602&oid=2&pvsid=3006620264674615&tmod=895213188&uas=0&nvt=1&fsapi=1&usrc=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C736%2C350&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.chk1t6fv6fx0&fsb=1&dtd=495

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5826337412698082&plah=promo.pixelsee.app

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 05:19:09 GMT
expires: Thu, 16 Nov 2023 05:19:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B3A 0
20 B 111ms
110ms Image
image/gif 2a00:1450:4001:830::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=header&ign=false&pw=736&ph=350&x=0&y=0

Requested by

Host: promo.pixelsee.app
URL: https://promo.pixelsee.app/?r=PropellerAds_VT_Popunder_Conv_Tier1_0.2_12_10_2023&sub2=propeller&sub6=748886387130118436

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 05:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5B3A 16 KB
12 KB 94ms
91ms XHR
application/json 2a00:1450:4001:830::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a9ed68d7e6e0b2bfe23e072a051c77f492bad248e0bd3cf5629379500b3d4fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12380
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B3A 17 KB
7 KB 330ms
91ms Script
text/javascript 2a00:1450:4001:812::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Nov 2023 05:19:09 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7247 13 KB
5 KB 84ms
78ms Document
text/html 2a00:1450:4001:812::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34393
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Nov 2023 19:45:56 GMT
expires: Thu, 14 Nov 2024 19:45:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 06E0 829 B
1 KB 1130ms
113ms Document
text/html 2a00:1450:4001:830::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

c8c32050d7692b6c25aff9684909ce506f002f3480e7e8affa69e301dd2b3c22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bS76CELiWr41BfiDwpK_Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://promo.pixelsee.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bS76CELiWr41BfiDwpK_Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 05:19:10 GMT
expires: Thu, 16 Nov 2023 05:19:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 7247 39 KB
15 KB 114ms
104ms Script
text/javascript 2a00:1450:4001:830::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 10:54:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Nov 2024 10:54:13 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 06E0 0
0 109ms
108ms Image
text/html 2a00:1450:4001:830::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3006620264674615&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7247 0
10 B 74ms
73ms Image
text/plain 2a00:1450:4001:812::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?q-xtfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:19:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5B3A 0
0 113ms
113ms Image
text/html 2a00:1450:4001:830::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3006620264674615&bg=!8POl87zNAAZxrfrxUa07ADQBe5WfOHVH95qOI7a7u6os0qdRQG7nu5znNDy13_MJakbOlqQm5gB26uP1MLzr3V-2qgc1AgAAAQJSAAAAB2gBB5kC3DBRIf4NOE7A2A2ETmdrD4VfzzVY8C9wiEgAK7lgEluR7EO6EQfWXN5DzfBe_J9UxFYWrdNzTYoW6El8fWCQrWZ3kIW5fCIHcw6aqDmuLBB6ke8wwUhyRHwUyCoCNwnkb6NhcppjLJqPOJFqetLZdw-X_8ozeyjHJWrGsMhVw0ek8Ngy5J8gz0XV3FVhVhKQk6prJvMrJq7Xv4LifwcRcy5gmD50JAhpw0N5J97lOrfUXnL8b9n_yIGoISzgKpal9jm8skSf36LCjwxUZRMuAoNcBgS0lfcYyiLVOATFMYuq53hSkhXwGXQpqWN4BZngWpN16dUcZiCsRlaJJ8oPKt99UqvlAKoGGM3lP0pgk_S9Ec3srKNjh5I_6tJZ9RorE6QauqTa8E1sjcaNKwX4ndG4qSo9P-EdmZ8oDNP0BenqBJOu5VBNpx9oN2L0NQ4AW0rSUQCREswlRtjc4IanDLCn-mJkFmoB_3--yQrZ_y2dPG8BtyDS4EyfjkBIOs2j362KnpXndw_z4sny8KkNn9E65mHGDR582ha9tfuXFpeniFG8X9DzGHAxIZAi3nQjeyhUUP3AjP8asmcPcDEhxQuFsSTA6GIJZK5C6dZuytIOlbkjdpUsSlEwPD7_Kl_waWe6yUn6DY9tRTiSY63FFW94VppySkBNg3775_hw0-PM0FDMYL7vgWfTw8oaAmIFOuWhW-XVHbPK6yuMJPh39sfVDeQLUbLSpkTKwhhu-NLgcjtcxaz-5h1nVnvQvAxBD5cWT78VTZSxJChO3-gvWXTffcOYU_TejIQhRF8JjZcA93lvfTSPoZc3hApUegaZqlLmYecI4Dz-_WW2hd7aowSOccoZV3ENjEDwxnsrc7cx4OyRgxhFEWvYhBRBJeTfiYa_L_oTo1BkghL0uwkKcLWDQiOkR7uWfoPEp2TAvFOMlw65lyvVXTn4FRNg6E0pWq_rtL4SDdrjYgwHaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://promo.pixelsee.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: yonmasqueraina.com
URL: https://yonmasqueraina.com/w/cc6qrjabi7a

Domain: totaltopwords.com
URL: https://totaltopwords.com/cat.php?userId=95e5bd4657d541e1adbde9a6ff1863a3&zoneid=4662728&rb=G0AbRNyF6N3anUt9H3EiNJ_KFA-8-wqckOXxqGcg7B_hUyaYmXW_JgtSZm_Nl1Hcjh5PRoTI7HoeEcObJOV-0tc44Cw8suGWf-4MEDweWY5gkZqHHQj9TkNZCp4IkqeY_mhGF5INWtDcuAy3Cc0Nd4UTAVsgNtKqFzCxzK7YPwI5B1tD5UAHuEjGc0kCCsHsi-5XVQzOc0pn1AYXrXNoWShN7sxuRGOliwGdwfR8l_OfROitHLvO1An5xq9OrFgYnwKCzh7Jzljluxv5OVwzl_hD5PbXMt5rw66dl_GR-p-1TIqYtJ4Kqmx5KgzDLIrJ8ZzunkCsp5B5OJzjb5T1-Rx0hqKzmH-3QWAsrC7GNN2rWwbYGvH6EG6ZbEBsZgGcf4VTXPVv5yo87DlfH3zVCcS5aJzValmmKwsg-Y2C_6zGMzwU-fRxuHErWxgjhjaa2RJse9FXLCSnSsUgBuHKtnUcwY_FTmnDML3HplXMiF0=&var=6003953&var3=748886375960678725&ymid=&rhd=1

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.responsinator.com/	1970-01-21 01:51:11	Name: __utma Value: 249645061.393179501.1700111944.1700111944.1700111944.1
.responsinator.com/	1969-12-31 23:59:59	Name: __utmc Value: 249645061
.responsinator.com/	1970-01-20 20:37:59	Name: __utmz Value: 249645061.1700111944.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.responsinator.com/	1970-01-20 16:15:12	Name: __utmt Value: 1
.responsinator.com/	1970-01-20 16:15:13	Name: __utmb Value: 249645061.1.10.1700111944
lidsaich.net/	1970-01-21 01:00:47	Name: oaidts Value: 1700111944
www.gemutliches-familienleben.com/	1970-01-20 16:16:38	Name: uclick Value: ghj6c8fe
www.gemutliches-familienleben.com/	1970-01-20 16:16:38	Name: uclickhash Value: ghj6c8fe-ghj6c8fe-hedz-0-ojfe-17sc-176j-6fd3bb
lidsaich.net/	1970-01-21 01:00:47	Name: OAID Value: ec494d6c96a243e6a20cfffee33c8401
my.rtmark.net/	1970-01-21 01:00:47	Name: ID Value: 40305dc809014f92b987827e6e0d06ee
ak.deephicy.net/	1970-01-21 01:00:47	Name: oaidts Value: 1700111945
lidsaich.net/	1970-01-20 16:25:16	Name: syncedCookie Value: true
ak.deephicy.net/	1970-01-21 01:00:47	Name: OAID Value: 40305dc809014f92b987827e6e0d06ee
ak.deephicy.net/	1970-01-20 16:25:16	Name: syncedCookie Value: true
.track.routes.name/	1970-01-20 16:16:38	Name: redcmps Value: W3siaWQiOiI2NTE3NTQ1YWYxYTcxZTAwMDFkZTQxNmEiLCJ0IjoiMjAyMy0xMS0xNlQwNToxOTowNy4wNTEzNjAzMjZaIn1d
totaltopwords.com/	1970-01-21 01:00:47	Name: OAID Value: 40305dc809014f92b987827e6e0d06ee
totaltopwords.com/	1970-01-21 01:00:47	Name: oaidts Value: 1700111947
totaltopwords.com/	1970-01-20 16:25:16	Name: syncedCookie Value: true
.track.routes.name/	1970-01-21 01:00:47	Name: redhash Value: NjU1NWE2NGI3N2JlNmQwMDAxMjM1OGQ0fDB8NjUxNzU0NWFmMWE3MWUwMDAxZGU0MTZhfHwxODY4OTkwYi05ZjNhLTQzYjMtODQ1Zi0zMDUwNDQ1NGM0YWN8MTcwMDExMTk0Nw==
.yandex.ru/	1970-01-21 01:51:11	Name: i Value: aalR/zhPaqttyjxKJUgRq6YypP/ycADNH80OijrWSPKzT8rtirIP7l4yH8HKkTLxp3qwPCoxT9ShpDqdJfBrqzofkgo=
.yandex.ru/	1970-01-21 01:51:11	Name: yandexuid Value: 1516565331700111948
.pixelsee.app/	1970-01-21 01:00:47	Name: _ym_uid Value: 1700111949314660086
.pixelsee.app/	1970-01-21 01:00:47	Name: _ym_d Value: 1700111949
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2284558121700111948
.yandex.com/	1970-01-21 01:00:47	Name: yuidss Value: 5922528021700111948
.yandex.com/	1970-01-21 01:00:47	Name: ymex Value: 1731647948.yrts.1700111948#1731647948.yrtsi.1700111948
.yandex.com/	1970-01-21 01:51:11	Name: i Value: M3yZBuumt/+VKgYMG1p+Ekx7PSBMJS8HGbsXkBNA51qEYTHZbPmZXb3IpLSlkDX6iZgfUbaBn+pwUGnNhiBi/JRUbFA=
.yandex.com/	1970-01-21 01:51:11	Name: yandexuid Value: 2672956251700111948
.pixelsee.app/	1970-01-20 16:16:23	Name: _ym_isad Value: 2
.pixelsee.app/	1970-01-20 16:15:13	Name: _ym_visorc Value: b
.doubleclick.net/	1970-01-20 16:15:12	Name: test_cookie Value: CheckForPermission

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://lidsaich.net/4/6003953(Line 40) Message: getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120
security	error	Message: Refused to frame 'https://www.outlet-teppiche.de/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
security	error	Message: Refused to frame 'https://de.bluettipower.eu/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.lexa-pferdefutter.de/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://yonmasqueraina.com/assets/bg.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.deephicy.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
datatechone.com
de.bluettipower.eu
ecrwqu.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iqfmvj.com
lidsaich.net
m.servedby-buysellads.com
mc.yandex.com
mc.yandex.ru
mdakky.com
my.rtmark.net
pagead2.googlesyndication.com
promo.pixelsee.app
ripplestreams4u.xyz
smarter-surf.com
srv.buysellads.com
totaltopwords.com
tpc.googlesyndication.com
track.routes.name
track.webgains.com
wachsendefamilie.de
www.facebook.com
www.gemutliches-familienleben.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.lexa-pferdefutter.de
www.outlet-teppiche.de
www.responsinator.com
yonmasqueraina.com
totaltopwords.com
yonmasqueraina.com
104.234.25.171
13.42.237.35
139.45.195.8
139.45.197.168
139.45.197.244
151.139.128.10
172.64.200.26
193.108.153.22
209.250.227.32
23.227.38.74
2606:4700:3031::ac43:88f3
2606:4700:3034::ac43:b510
2606:4700:3035::6815:e80
2606:4700::6810:5814
2606:4700::6811:180e
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a02:6b8::1:119
2a02:b4a:1:7::9165:1
2a02:b4a:1:7::9168:1
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
31.220.27.98
37.48.68.71
37.48.87.182
45.33.40.48
62.113.230.87
64.227.70.247
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
06460b908a77eb787c603b0c4576dd5ab921d95d37907768930c9a1df54c805e
06c69c232d0770490574af2c1d7951d5461e8283be6feddbb734671436daf6fe
0b44dd9e42b4f31a1230fc566b3c5f59e5c6a6d20e133697be6220caf1ce7e0b
0c1707b307f1584c490c249330da68d304fdedd73422b6328fa440442f52e97e
0d6889f875bb7d6de4ba563aed908c91218b06ef8fd89e6ba533db550b568c0a
11ac518da4c3bab1ab905231310f39ef05ad87a56d28d48e1c2171387dadef81
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12fa8287e766f065d72fca852f7c6ceee77df08dfe1a00b051e2e4f5d209954c
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a5a498ff355690fa37d2f1cf667d113e0a268fbd2e37cd9b590c5e7bf45ce89
250798e4a4752bb11d45d9676d5c0bb52a1a8f7c5f4c320300f24b042104986f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25be323791f93a6fb181efbfd8cc63f4c20d4927ea64bbcd5a8d351b24138e2a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27554c42cd0c0bac487ef78447d427d5e5ba8bd24bb94289a9f9d435df468897
28dbc1fc8e70fce6d4418507399d189ca984f42659f90649f04ecb3097abb603
2b75d4c73aa7751c553a5191f8cff5d139a9f77717701f6157963e810bdb937c
2bf339b4730ed9df2865f724168bcb3578f01bb836a4d47e7ab9084f447f4857
2e8b7b8a6c1cbfe9120115c6a5c304b8884a7aff7cb866be7cc8036ee8db582b
337629bc0cf51d0161aa128ab5b00d55d3d94ccfa9ed3841182bcb585edd5ed3
3398d30b556b6e0881755cb7dacaf7dbced37dc3673d4c55bc72a581ae9c1a84
3440aae42853188c66d8631208b1fad7b580e2b7e065403d1387306d6e7ef558
36c849cf278594ebfb7283cbed34fc67734b040bfc9d96fd16b3b4f15d4a8131
386fef9e804732bcc78833fa5363f421d45e940244e06f15b05b77e052db6d06
3df092eaae166da10816677a4f0ce9806109f31b5ce60630688da3bb9aecdaf1
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e2eeed07fc3c528683b99c4228190009025c38148de912b6407791ae59b5fa7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4599b86cc302ff9e71af3f96aa4926097178fa048a2c0922c0e5d2f8d79169fe
47b6906b1c63a60db7ad684ec7ab622ade6d888d751d560bdd2f236efd64abf9
481ae7ff0d53d45d9d93b8247dd3a3f7c0e901954851bb6350aeccd0bd54938f
495358f422e19339e0c53ded45e198a434592da355c58b53451810e239a62169
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4a7547ed8ce1cf622bba41c6cc4d1745861c85a51943a81ccadc2c7b04bc8fab
4ac8c1d09e42e0362fcde9dbfa6baa5127a1a9901a207b030a1736bf4cf3c8f2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9022fa60088b55dc138e383418381425b6394322946c9d0a9debe9fc3140b7
51d80b546960d11693e7becaf453cc0d066f4ffcf2330bd7741287769072f6f7
542ed2fddf342faad6c0b5e667c6908394c04b8da7ae62c8504fe186f04fdfc6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c09cdddbb52eff660021ca91896cde47f956f91be4b43601d8224873bdcbcc
5a00259d10af8d8da81ef0381456da60da753f49c22ad16e9e22502abbfcf54c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
63f708906623693e3bd530beaaa77d35ef778d11a57cc8e706aa0ead472119a8
65e87d0c688db815f85c2929eb912c7d99864ea19010bffd50bb260d9f9bf37e
6e08f2bd37f54d13a90be55b530541b3316cd22f439c1aa971552bdee1812566
72a3b94157a8df70e87d77a7c293c5e37e2e1c9dcc6b747e0609b32261c22065
7326eace7b7a4b6f5a5113e3c26272ad0a73c639e28679e169b65ea497fd5d49
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
79bccc6b05b2515c956ca7f11889c309da76e3e90fea1f6296b6c3729092756d
7c49e859519173476bef5f89108326af4f3c38a7046875798d7bbc80c68d788f
7ddaecdb3d0473e13e141ceb23af9d7b0d82f75c061457bcc6f78742d753f131
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
825e0857991384819cab685362b85e16cc23fccb8430aa742a201707ea7687b3
82e736267a28134ceab9b1c2399d78115ec4074a694b1eccb32a2b0e8bdc8ca1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85035853ec4a25b718afdcde13e0ffe59b86ba0e7125d07b5e2857cfdad0d741
8724a4ae6581bb3559a23b285a6c4628e339a6b719cf8ffcb5d91cdaf2fe0bf9
891b9caf2978900353c4cd01ca86c7b82c12ac7c50bdc9b0a03c4a6ea0a4cafe
893b2a54fac77e71e74f014ba1849542ce01412732f8dad76606cb9d824596b5
89bcc9a26f3ed7fb196ca1d744395e6fb79f4561ced17605eb27105a9f67e56e
8e8582550ba3a47f61ee0978b6cf4b4325beae57ab91b5424172440da3e28310
8eaf31f565c9dde92c7fe1158308fad8ba972e55c8a1071f3efa804b5c8961ba
966fb851b30a5de85a96bf1093fc34837e01305944887ce39b3689fc916cc09c
9a1a80dae6a97aff9aa45a6225640d6b299d25eb4f7689055afb9dfd60ba4e7b
9c45931772e5bb04bb6e0d142a114a3bbe2ebb28c94ed4c0eb58cbbd4ab58ffe
9eb534c432866ba3d2dccc21cbd1f4d7d025d162d697a7c59afc9e83569dc10e
9fa63a1487e9dabb90ece211f9d1ae0e082fdd6efd254b8189f57acd39eec36e
9fc2aa21f3a7bfe66783d35fdbb48147f73e72a41f87aea848f64a8cb4518eba
9fcb8529fd0da55a58223147901444062cd6e734633500c75b9d66398485cab8
a4aa796bf2e6d6da0e3548c641e8a617c0e9599c439e2a87438b81af66df41b9
a9ed68d7e6e0b2bfe23e072a051c77f492bad248e0bd3cf5629379500b3d4fae
aa29e946feaf5abaab48702c5d71342e37c6f4424732aaff10ade12f34364f0a
ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb
adaa3eccf56747a88cba8dd0fb0aebda667b876a315f836e0bdcb120f18186c1
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
af925430e16a935250ff8fefd08b9013451c67b9187087057ebe342db596f12c
b266de2122c09ce7e0842a01205260fca57995c419f3b32cd6f0e5528bbe7181
b727fd355cca5c48e32d7d6d9a652e8528a8e1e5c0101914c7cc54e520e8f2c6
b83e28db12f2cbdd7597cad90b77fc29399ef2f3146c58c850aa1fc6d0ec5922
b9947f0395ce5534159dfe081481e599d7da5f2027734fe98bfc6f1c88902e5f
bb0cd98eff73a71cc04c43416d5b8b0d0ada966656c9b2868a45807ae087bb6f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbd1144d78ff1aa2d0a69e6981658cd23e417436e56223ffcfa69fbd778964bf
be4f721b01bfa63cb75579f56e1ec00426f9c1c963eb76a84ff3ee10c8aba27a
c40a508fcf1f3323c8502c2c616f8a7a19b698f23c2eb32ff3639cc31e7e743c
c8c32050d7692b6c25aff9684909ce506f002f3480e7e8affa69e301dd2b3c22
c906068563fd24ff258d506399d807859cc3fc5cfac6d072381076235f1c177b
ca27d1c781da498dbf268b7516b04c48026d9090ca0011355eadab749d1b0983
cabe1e4f9e88fb4c6a6b731b4ffeea55513bc83790103875b508817e10cf390d
cba05ec4b9ec039e6e59ca44e23fa1710b666d94d4f99465631ee21e9877a90f
cf0481bb01e37a5b5cb2388e817decdc4f90e7cbd5994c55b05d7d4dbd86815f
d1413e8c95a61b36e4ea9441e9ead3cce29089e85043b0706453597016c01fdb
d2079946b3e68504ca4b983b90947803dba2fb32c48c20383e566ecee7db0ad7
d2b8fbaded24ceaa6e1c817e2a3cd84c3a3344eba0fad1f146720dfc995ed77b
d31a588cce30fb88d505354b8aebab15aa721017eb8dad82f746522781d1df83
d3ea3a7a8fca774bc0df4bd897da772f00e8362fad39e10d6ef6f0144915d2d6
d4d917c84ef07493d6dc83306cb754ddddc1cdb4fc879e09f5b54a0b6f11d451
d91228866dbbc573944d948402536e1b470d67c5ae67e1c5cdfcb15cb5eb984a
d9687f03179306124bdfa38fcb7363346bf5406d956cc06b0121ae970c230be2
d9d98c8be78536972c63b22ea7dde350b5d9247d6d44d7764c26704af4833224
dce5b4a0c334b4a05df4e0488dbacb8d7785ebb978b9f9b318809ffc620fca54
ddf752a709ef05084d8373b3a377fe1971fc1338ce81d4ab3a16d00ed5f1a46a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df1fd28b156eb19b576007bdc13f6d1f4cfde6e138688025c54e0b39ea40957a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52c6ed3820b52febc3ea64f3443790360da17919d1ea960a7b23ea21cdb64f2
e57cfb6c364785359ce3bb95459e4a43dad921a1aec8421fe2cae34a7b369845
e7673c1ead17d751d2b588c6f8089b0fff26ae90ce8d14e704a0965a6ff37b57
e82ff094e25d23a233de6e746954ab5167b41541038e3899a35b092823c31658
e8a6183dc103ba390d85c33cc265f30d4127c8d3ee0c407b0bb14e27f8df1e15
eccdfe9d867373e2da66eedfcaaab40cbcdf6a221b83d6ee1400895a3e4c8046
eda4ae2191ebb0a879dc56c18fec23de99cc61851fbe4310d6b95a9d39e5cd4d
ee0304f6065fd4ad4164b39e8d7012342baab37702659811a617262575335e58
f5669db302db6872c5347049f30f1a367694c3a08e3fe9db0abbe553e2d0dad2
f66253bc80d52abea7a40188aaf20a241183874d9465cece7004e375c3d04bbc
f8a229ff866665d6849cca42f07af07b72b9fbca9afdab69986f19e2fb9fef58
f8c35331ecb5d4134aadf61a7c584125c52628ab4194a894b4d786995be4470a
f951efa8701ec7ccdd15fcbdd710dde52826e4ae255c627a612619db42682d11
fc4affa779fb354fb891e4726ad66dc6ae255f2d06798f74f2c7f5a23326db07

www.responsinator.com Open in urlscan Pro 45.33.40.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

210 Requests

90 %HTTPS

53 %IPv6

35 Domains

36 Subdomains

33 IPs

5 Countries

2594 kBTransfer

5787 kBSize

31 Cookies

1 Outgoing links

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.responsinator.com Open in urlscan Pro
45.33.40.48 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

90 %
HTTPS

53 %
IPv6

35
Domains

36
Subdomains

33
IPs

5
Countries

2594 kB
Transfer

5787 kB
Size

31
Cookies

210 HTTP transactions
18 data transactions