aminoapps.visualizesitio.com Open in urlscan Pro
2606:4700:3034::6815:2565 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/...
Submission: On June 17 via manual (June 17th 2023, 8:54:55 pm UTC) from AT — Scanned from DE

Summary HTTP 147 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 34 domains to perform 147 HTTP transactions. The main IP is 2606:4700:3034::6815:2565, located in United States and belongs to CLOUDFLARENET, US. The main domain is aminoapps.visualizesitio.com.

This is the only time aminoapps.visualizesitio.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3034::6815:2565	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.84.174.55 52.84.174.55	16509 (AMAZON-02) (AMAZON-02)
13 23	2606:4700:303... 2606:4700:3038::6815:ea5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3038::6815:ea5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1 1	52.91.215.149 52.91.215.149	14618 (AMAZON-AES) (AMAZON-AES)
10	3.237.175.195 3.237.175.195	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
10	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
2 4	18.66.112.41 18.66.112.41	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
6 14	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:219... 2600:9000:219c:4c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:219c:a200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
2	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
3	139.45.197.236 139.45.197.236	9002 (RETN-AS) (RETN-AS)
6	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
4	34.160.128.137 34.160.128.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:8502	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	18.212.140.196 18.212.140.196	14618 (AMAZON-AES) (AMAZON-AES)
5	139.45.197.151 139.45.197.151	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::ac43:a62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::35	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
147	39

3 2606:4700:3034::6815:2565 (United States)

ASN13335 (CLOUDFLARENET, US)

aminoapps.visualizesitio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.174.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-55.cdg50.r.cloudfront.net

js.media-lab.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:3038::6815:ea5d (United States) 13 redirects

ASN13335 (CLOUDFLARENET, US)

image.staticpng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticpng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea5c (United States)

ASN13335 (CLOUDFLARENET, US)

staticpng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.91.215.149 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-91-215-149.compute-1.amazonaws.com

carbon-cdn.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.237.175.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-237-175-195.compute-1.amazonaws.com

carbon-cdn.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script-api.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

blubberspoiled.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)

nebsefte.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

glimtors.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.41 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-41.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:219c:4c00:6:44e3:f8c0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:219c:a200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

thaudray.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)

glizauvo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

rndskittytor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

overzubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.160.128.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.128.160.34.bc.googleusercontent.com

ads.assemblyexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8502 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.212.140.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-212-140-196.compute-1.amazonaws.com

privacy-location-edge.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.151 (United Kingdom)

ASN9002 (RETN-AS, GB)

interstitial-08.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2f9787204d447b9c7da35842fe071ef0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:a62 (United States)

ASN13335 (CLOUDFLARENET, US)

littlecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::35 (United States)

ASN15169 (GOOGLE, US)

xeno-soswcrde4a-uc.a.run.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	staticpng.com 13 redirects image.staticpng.com — Cisco Umbrella Rank: 919643 staticpng.com — Cisco Umbrella Rank: 906601	5 KB
17	googlesyndication.com 2f9787204d447b9c7da35842fe071ef0.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	244 KB
12	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	212 KB
12	ccgateway.net 1 redirects carbon-cdn.ccgateway.net — Cisco Umbrella Rank: 13324 script-api.ccgateway.net — Cisco Umbrella Rank: 12793 privacy-location-edge.ccgateway.net — Cisco Umbrella Rank: 13642	27 KB
11	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 9369	5 KB
10	glimtors.net glimtors.net — Cisco Umbrella Rank: 442814	61 KB
8	nebsefte.net nebsefte.net — Cisco Umbrella Rank: 664747	176 KB
6	rndskittytor.com rndskittytor.com — Cisco Umbrella Rank: 62891	68 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	110 KB
5	interstitial-08.com interstitial-08.com — Cisco Umbrella Rank: 157336	158 KB
4	littlecdn.com littlecdn.com — Cisco Umbrella Rank: 13747	35 KB
4	assemblyexchange.com ads.assemblyexchange.com — Cisco Umbrella Rank: 21444
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 160	3 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
3	glizauvo.net glizauvo.net — Cisco Umbrella Rank: 62003	34 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3239	74 KB
3	visualizesitio.com aminoapps.visualizesitio.com wa1.aminoapps.visualizesitio.com Failed pm1.aminoapps.visualizesitio.com Failed	67 KB
2	run.app xeno-soswcrde4a-uc.a.run.app — Cisco Umbrella Rank: 58096	102 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	112 KB
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9487	1 KB
2	thaudray.com thaudray.com — Cisco Umbrella Rank: 64129	29 KB
2	quantcount.com 1 redirects rules.quantcount.com — Cisco Umbrella Rank: 1141	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	21 KB
2	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 19610 pixel.quantserve.com — Cisco Umbrella Rank: 977	10 KB
2	blubberspoiled.com blubberspoiled.com
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	2 KB
1	gstatic.com fonts.gstatic.com	34 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 15731	497 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 17017	7 KB
1	overzubatan.com overzubatan.com	26 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	47 KB
1	media-lab.ai js.media-lab.ai — Cisco Umbrella Rank: 52189	19 KB
0	alexametrics.com Failed certify-js.alexametrics.com Failed
0	ipstatp.com Failed s0.ipstatp.com Failed
147	34

	Domain	Requested by
13	staticpng.com	aminoapps.visualizesitio.com
13	image.staticpng.com	13 redirects
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net aminoapps.visualizesitio.com tpc.googlesyndication.com
11	securepubads.g.doubleclick.net	js.media-lab.ai securepubads.g.doubleclick.net aminoapps.visualizesitio.com www.googletagservices.com
11	mc.yandex.com	4 redirects aminoapps.visualizesitio.com
10	glimtors.net	aminoapps.visualizesitio.com glimtors.net
8	nebsefte.net	aminoapps.visualizesitio.com nebsefte.net
7	script-api.ccgateway.net	carbon-cdn.ccgateway.net
6	rndskittytor.com	aminoapps.visualizesitio.com rndskittytor.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	interstitial-08.com	nebsefte.net interstitial-08.com
4	littlecdn.com	interstitial-08.com
4	ads.assemblyexchange.com	js.media-lab.ai
4	sb.scorecardresearch.com	2 redirects aminoapps.visualizesitio.com
4	carbon-cdn.ccgateway.net	1 redirects aminoapps.visualizesitio.com carbon-cdn.ccgateway.net
3	glizauvo.net	aminoapps.visualizesitio.com glizauvo.net
3	mc.yandex.ru	2 redirects aminoapps.visualizesitio.com
3	aminoapps.visualizesitio.com	aminoapps.visualizesitio.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	xeno-soswcrde4a-uc.a.run.app	js.media-lab.ai
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	my.rtmark.net	nebsefte.net aminoapps.visualizesitio.com
2	thaudray.com	aminoapps.visualizesitio.com
2	rules.quantcount.com	1 redirects aminoapps.visualizesitio.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	blubberspoiled.com	aminoapps.visualizesitio.com
2	fonts.googleapis.com	aminoapps.visualizesitio.com securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	aminoapps.visualizesitio.com
1	fonts.gstatic.com	fonts.googleapis.com
1	2f9787204d447b9c7da35842fe071ef0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	privacy-location-edge.ccgateway.net	script-api.ccgateway.net
1	fleraprt.com	tzegilo.com
1	tzegilo.com	glizauvo.net
1	overzubatan.com	aminoapps.visualizesitio.com
1	pixel.quantserve.com	aminoapps.visualizesitio.com
1	edge.quantserve.com	aminoapps.visualizesitio.com
1	www.googletagmanager.com	aminoapps.visualizesitio.com
1	js.media-lab.ai	aminoapps.visualizesitio.com
0	pm1.aminoapps.visualizesitio.com Failed	aminoapps.visualizesitio.com
0	certify-js.alexametrics.com Failed	aminoapps.visualizesitio.com
0	s0.ipstatp.com Failed	aminoapps.visualizesitio.com
0	wa1.aminoapps.visualizesitio.com Failed	aminoapps.visualizesitio.com
147	44

This site contains links to these domains. Also see Links.

Domain
aminoapps.com
i.explanation
ii.misinformation
iii.personal
pin.it
www.facebook.com
twitter.com
www.tumblr.com
.aminoapps.visualizesitio.com

Subject Issuer	Validity	Valid
*.media-lab.ai Amazon RSA 2048 M02	`2023-05-16` - `2024-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
nebsefte.net R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
rtmark.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
glimtors.net R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
ads.assemblyexchange.com GTS CA 1D4	`2023-04-26` - `2023-07-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
ccgateway.net R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
tzegilo.com GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-01-14`	a year	crt.sh
interstitial-08.com R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.a.run.app GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Frame ID: 5C800E2FF52D6C3A9DE4F18D2DE59FE5
Requests: 95 HTTP requests in this frame

Frame: data://truncated
Frame ID: D2B0579A19AE26F5FBE3CF3F05ABC11F
Requests: 1 HTTP requests in this frame

Frame: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Frame ID: 41C2D481AFFBDB4AD570ED80410E2D27
Requests: 9 HTTP requests in this frame

Frame: https://2f9787204d447b9c7da35842fe071ef0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3609639C88949E8169DD0F63AF596C4B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAtOIKj69DPI1u9axcvT5rUX6j87ngJYg8QNPzOb9zID0ADHXKdtpE_cfulVc-xDlD2EqH4mkbOSEL5CA9dS5lkn6uN504BJlx8mUqv-N4bP_C9qiI6sNQVsRHEEITciiYKtaADJfHICsuBrvQNpBfI6kV9YPFoQDNzIHuCL4xlj20HsFl1NmSO7LwlFilrOqFrfYGAt0PJuv-gz1xUsRtFWwHMzzpNVdy2h2AsNcfX0Qt2XdnXQqBpuD0NzNxxZu6zmPCOdrzszUwbuLqhXvsLVlruBjoC6ELL6-0CMazGP238hVHMeLPhrWkTqnp3cPSmCvORcnHEfbDxcgm5nJqsDvf9iBD9pbCEyp8KwlfiXPf&sai=AMfl-YRf--NhWgpebFXcAy2dxRZdJVYG1LJUy3WLPt2CceCO9Qyhqp5TQgsdZ01offeWecP4EzGdxqax0yNlgEDcpHWU0XzZQfBTxBgWCE7IDQd_b6YnzFrzwyFFgJtr6ut907bDwLp9vQ_vzHr30nU&sig=Cg0ArKJSzF-55SSCS6voEAE&uach_m=[UACH]&adurl=
Frame ID: 999304F4D62973CBEA481448EB8B191D
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTdW0z138PReiDbMzQMGZl67qkPzrX1MZCkpp_2GBVZT5xeif4642MQfLmvki126X-HFjXYb0bHCZFmpveO3amwtascuVBrdAOGf_HQPBCbtOwslCt5y-XxMAexhSCMXSDmkZvi2TbIfIC3E1kG4AKS4dZ1jpSIsssLsEOfieZHJB-3qMDDO47O_PTS_TMPnkmaQEgeWbrdL5fibv9DLa9JHRa6nirBM0wAd-BjEv-9YGQWoDA14eZl3R096D-6mT5GBGK3L3qQlmUTvA4PDFPna1LhgrSdJfVns-o1tR90K3kQ0ZteUTo_XthLlGsd77njcw5gyGM82bNOXWe6fO5qmlRzW9QZCYn7B0xcDhPTw&sai=AMfl-YQogRSCH5nmIVhzp3MF6GBA-ItKNbMMU7xL4HTn8HI2wWFT-OkurU829MUKcKYB6E7hMvx4RtBhw57zdTI8WuTBAwWJaLD4gYBT6XnrqmKmYPv4JUYqgyLQYYVfIeIO823-jdhQshKxOWe9NrA&sig=Cg0ArKJSzERybG_8Me5wEAE&uach_m=[UACH]&adurl=
Frame ID: F4E03AEC1CAF223D9B56B010F2B45182
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs
Frame ID: 27B0CCA6DFA23355234FE6AC01AC644A
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 59DF033EC2754D91245CADDCF8AD3897
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3BB3BE1F6F5594056CDDD9D05C10469C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What is Demonkin? | An Explanation, Misinformation, and Misunderstandings | Pagans & Witches Amino

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

147
Requests

63 %
HTTPS

60 %
IPv6

34
Domains

44
Subdomains

39
IPs

4
Countries

1580 kB
Transfer

3904 kB
Size

34
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://aminoapps.com/explore/
Title: Explore

Search URL Search Domain Scan URL

URL: https://aminoapps.com/get/amino/
Title: Get App

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/home/

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/
Title: Featured

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/recent/
Title: Latest

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/wiki/
Title: Wiki

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/polls/
Title: Polls

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/shared-folder/
Title: Shared Folder

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/info/
Title: About

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page//voxinabox-traveling/42z0_QaPU5fNJ0ELBZ7KG5vk1j5Gbr3mKNV

Search URL Search Domain Scan URL

URL: http://i.explanation/
Title: I.Explanation

Search URL Search Domain Scan URL

URL: http://ii.misinformation/
Title: II.Misinformation

Search URL Search Domain Scan URL

URL: http://iii.personal/
Title: III.Personal

Search URL Search Domain Scan URL

URL: https://pin.it/tuNR5zR
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u%3Dhttp://aminoapps.visualizesitio.com/p/chmwr7

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url%3Dhttp://aminoapps.visualizesitio.com/p/chmwr7%26text%3DWhat%2Bis%2BDemonkin?%2B%257C%2BAn%2BExplanation,%2BMisinformation,%2Band%2BMisunderstandings

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/share/link?url%3Dhttp://aminoapps.visualizesitio.com/p/chmwr7%26text%3DWhat%2Bis%2BDemonkin?%2B%257C%2BAn%2BExplanation,%2BMisinformation,%2Band%2BMisunderstandings

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page//mae/kw7X_ng8s4f4EMvq8pbxngBX7NBzEr710Bx

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page//lunarwing/o3Pw_4vDhJfqGNLPbbvYzmmjP4v5QblYVK4

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page//the-red-lady/J87Q_mZrs0fVkpglNpne35mBw0QzaGrvXor

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page//david-warwick-anderson/8BJL_aY0h1fjR0opl5lZoj61aQbpe65xmVR

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page//valkynaz-the-immortal/KW7b_lrvu8f0ej2XxrNvporMV2eq56VER5e

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/afterlife-in-greek-mythology/J87Q_mZrsdurojr1Y51q66gq2Mq2rgrV1BM
Title: 65 0

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/midsummer-and-the-summer-solstices/wKLe_VRWiouJ3o5QEw2DzNkbDMbkx0KK260
Title: 26 1

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/queercrafting-official-weekly-challenge/j0ow_vJ8IKurm4GnLpdwB1mpdvw75ZVLjN
Title: 65 5

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/good-plate-bad-plate-queercrafting/Z6nj_D58fBuQq2q2lKr8xBm5rozW3dZ0QZ4
Title: 11 3

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page//savor/L2Q8_1vnUYfmvY2VVPaeX44nNZPRg4kQj1

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page//p-w--team/8BJL_aY0h1flPWV6zp0D4QZwgY3XWlJJld

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/the-storm-was-never-calm/WJ0b_va8fXu7VxxMQ83D3pgxzBkqpeYNGNv
Title: The Storm Was Never Calm 47 0

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/difference-in-the-ds/z6wn_3aJfxuYM05pJW0L7gVw1n0NmB5GQDB
Title: Difference in the Ds 75 6

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/collages-for-the-demonic/2vz1_5BnINu0Earv4Xmp68GLJ8MQZn2pLa
Title: Collages for the Demonic 71 8

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page//voxinabox-traveling/42z0_QaPU5fNJ0ELBZ7KG5vk1j5Gbr3mKNV#-blog-posts
Title: See more

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/poltergeist-binding-spell/kw7X_ng8sGug00xaa6P3JMdrzvgYQ1KpVKj
Title: Poltergeist Binding Spell 131 6

Search URL Search Domain Scan URL

URL: https://aminoapps.com/c/pagans-witches/page/blog/announcing-p-w-discord/V0nV_roKI7uPNE4BN2MmW7wMLGrnL7Y1RVN
Title: Announcing: P&W Discord! 107 17

Search URL Search Domain Scan URL

URL: https://.aminoapps.visualizesitio.com/hc/en-us/articles/360004040313-Does-Amino-use-cookies-on-its-website-
Title: Cookie Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8652%2Fb813de6a9ecbf720e79c825e4f4aef2ca71f9093r1-1151-2048v2_128.jpg HTTP 302
https://staticpng.com/

Request Chain 5

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8433%2Facea2621a4a67d03b3e915e886bd91f0d63122cdr1-828-276v2_hq.jpg HTTP 302
https://staticpng.com/

Request Chain 6

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8433%2F46d81562cf97750eeb5324038bab7d203a9a60b6r1-828-276v2_hq.jpg HTTP 302
https://staticpng.com/

Request Chain 7

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8433%2Fafa44e564cef2594dbc7bca1e63af5ae4d56c367r1-828-276v2_hq.jpg HTTP 302
https://staticpng.com/

Request Chain 8

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8433%2Ff8501f2bffe20da54fca01b5e7af69bed85bdbeer1-828-276v2_hq.jpg HTTP 302
https://staticpng.com/

Request Chain 9

https://image.staticpng.com/?url=https%3A%2F%2Fwa1.aminoapps.visualizesitio.com%2Fstatic%2Fimg%2F-icon-placeholder.png HTTP 302
https://staticpng.com/

Request Chain 10

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8435%2F665edcffcd8ca971c98444e24f0ec70a015d9d54r1-600-600v2_128.jpg HTTP 302
https://staticpng.com/

Request Chain 11

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8435%2F6eb4b7e4bb1ea597ac764cab4df58730aee48b5ar1-720-730v2_128.jpg HTTP 302
https://staticpng.com/

Request Chain 12

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8644%2F17271023ce9ed0e0fc34e4e70992398b1593ad81r1-448-608v2_128.jpg HTTP 302
https://staticpng.com/

Request Chain 13

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8050%2F27677722fd701429fdba60593c91af770c96f61dr1-1078-1840v2_128.jpg HTTP 302
https://staticpng.com/

Request Chain 14

https://image.staticpng.com/?url=https%3A%2F%2Fwa1.aminoapps.visualizesitio.com%2Fstatic%2Fimg%2Flazy.png HTTP 302
https://staticpng.com/

Request Chain 15

https://image.staticpng.com/?url=https%3A%2F%2Fcm1.aminoapps.visualizesitio.com%2F8613%2F42c618796f8434ad2eb302bd058b1d40f63747d6_120.jpg HTTP 302
https://staticpng.com/

Request Chain 16

https://image.staticpng.com/?url=https%3A%2F%2Fcm1.aminoapps.visualizesitio.com%2F8613%2Fb3cf784a84be5bd1738ff1db5ba0bd95b2a95a2c_375.jpg HTTP 302
https://staticpng.com/

Request Chain 19

http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090 HTTP 301
https://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090

Request Chain 28

https://sb.scorecardresearch.com/cs/22489583/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 34

http://rules.quantcount.com/rules-p-3bDtRer0SSNWT.js HTTP 301
https://rules.quantcount.com/rules-p-3bDtRer0SSNWT.js

Request Chain 35

https://sb.scorecardresearch.com/b?c1=2&c2=22489583&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687035288890&ns_c=UTF-8&c7=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&c8=What%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=22489583&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687035288890&ns_c=UTF-8&c7=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&c8=What%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&c9=

Request Chain 38

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10037.0UrigStr6fAcxR8z7I6WQ9WF2jzAaBTC2Df9BaB9-zuJBzlLxNjGwsG9xlOCzNhY.8SPC1AAEo2PTuYM_MPjcHJpIG-I%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10037.PUz8nv6jbj6dSp22inmzaK4k1s2efPvICOC3M19rPNZXUJbbscIDH8E1EIV6zITO0UYQw1650dokXLQNk5MD7u7OSAtF7iRGrrkl58sr_gc%2C.MUtblamSlpi5Jta2J6u6KJ5YN7Q%2C

Request Chain 68

https://mc.yandex.com/watch/90922940?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A2583%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A2%3Adp%3A0%3Als%3A23466664274%3Ahid%3A118555851%3Az%3A0%3Ai%3A20230617205449%3Aet%3A1687035289%3Ac%3A1%3Arn%3A347723479%3Arqn%3A1%3Au%3A1687035289595790938%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C31%2C2435%2C40%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1687035285965%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687035290%3At%3AWhat%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&t=gdpr(14%2C14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/90922940/1?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A2583%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A2%3Adp%3A0%3Als%3A23466664274%3Ahid%3A118555851%3Az%3A0%3Ai%3A20230617205449%3Aet%3A1687035289%3Ac%3A1%3Arn%3A347723479%3Arqn%3A1%3Au%3A1687035289595790938%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C31%2C2435%2C40%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1687035285965%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687035290%3At%3AWhat%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 69

https://mc.yandex.com/watch/86704299?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A2583%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A877155236513%3Ahid%3A118555851%3Az%3A0%3Ai%3A20230617205449%3Aet%3A1687035289%3Ac%3A1%3Arn%3A412994144%3Arqn%3A1%3Au%3A1687035289595790938%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C31%2C2435%2C40%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1687035285965%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687035290%3At%3AWhat%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/86704299/1?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A2583%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A877155236513%3Ahid%3A118555851%3Az%3A0%3Ai%3A20230617205449%3Aet%3A1687035289%3Ac%3A1%3Arn%3A412994144%3Arqn%3A1%3Au%3A1687035289595790938%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C31%2C2435%2C40%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1687035285965%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687035290%3At%3AWhat%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 70

http://nebsefte.net/?rb=9BqGDLknaJQIIkfRrTqUkeyxC0pcrQVtD-6Eup7pVARf2YsUS25LoVnibjJV2XG-IASBeYUSNarw0Ez_R9QZgK2w2NY9LtHz1wPvSD96OBDLh4amevzRjOo7s51ej2JhDSB-WKoySBReTH88XOV1lEDKTnSGW2L8b6XA1JJp6girp6YDNlKXGp0MwoTIzObSU2GfjIj6VX1UfD3_V2l3suk8SCDq9GzmvddwEMMzAj-jMm9H9FSjmH3MLxsjvbmJAN4ug1wPSpIpwvi0drh0rc-C9kwJ5MJ_5LsyG5Ll_GrzEPE0&request_ab2=0&zoneid=4724942&js_build=iclick-v1.562.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.562.0&bs=fdc8bcc8-860c-462b-916c-f1b865343129&userId=297c6c88b61549f9bd629d1381c9cf91&m=link HTTP 307
https://nebsefte.net/?rb=9BqGDLknaJQIIkfRrTqUkeyxC0pcrQVtD-6Eup7pVARf2YsUS25LoVnibjJV2XG-IASBeYUSNarw0Ez_R9QZgK2w2NY9LtHz1wPvSD96OBDLh4amevzRjOo7s51ej2JhDSB-WKoySBReTH88XOV1lEDKTnSGW2L8b6XA1JJp6girp6YDNlKXGp0MwoTIzObSU2GfjIj6VX1UfD3_V2l3suk8SCDq9GzmvddwEMMzAj-jMm9H9FSjmH3MLxsjvbmJAN4ug1wPSpIpwvi0drh0rc-C9kwJ5MJ_5LsyG5Ll_GrzEPE0&request_ab2=0&zoneid=4724942&js_build=iclick-v1.562.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.562.0&bs=fdc8bcc8-860c-462b-916c-f1b865343129&userId=297c6c88b61549f9bd629d1381c9cf91&m=link

Request Chain 86

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10037.tMzSZrC31-siVI_7cj7BMGGfAx8xaTJAad7xmqqqAG-5XUlTe84yvaBr-T8nMBkD.g88-rzQexaivV6Q8hP_9sCy6kVY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10037.XSo0_wryTb2GoOXcBmNDa9jsiV3aByCKsLvhJJIpLNwbFv6fWg6Ljbu4rh8dhQSU_Tf35OJCiXpxofNZUUFXcYTkKvH7-yOB847knkOtEeU%2C.7ggFuPgS7y5jPePoX5aPo0Nezjk%2C

Request Chain 140

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

147 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo Show response
aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/ 242 KB
66 KB 2487ms
2435ms Document
text/html 2606:4700:3034::6815:2565
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:2565 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dfbe126982855a39e58f56ee4cfdd81dc5c4f3e5cf9bbb8ca939bd360eb6634

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
CF-RAY: 7d8e3089ae6b18da-FRA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Sat, 17 Jun 2023 20:54:48 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOmejZGWtF8vRIlSyXlctRQ1wQ7%2Bt%2Bta%2FDU2SqJxrhzaamVMR%2F71HrhunfF%2FOvhXWxEpi332otPH%2FTQ9jMTT4GsZMoPPM%2BJKKTXPNGNdYBB7OlnsOekM%2BA5kbC8%2BmYsEb%2FBLIfpfJR0UbeQYSZP3yM7FS6bxgMLGFImI"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

GET main.9a7e6671e.js
wa1.aminoapps.visualizesitio.com/static/dist/js/ 0
0

GET
H2 200 wana.2.4.5.js Show response
js.media-lab.ai/ 63 KB
19 KB 139ms
41ms Script
application/javascript 52.84.174.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.media-lab.ai/wana.2.4.5.js
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.174.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-174-55.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb0313414ba2bf321d45fdee063414a7afa76ed5f1272f34028944fe78ff7348

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: 7pL.kTT2Jzkjg.IXw7dSMRFI8INUK2r1
content-encoding: gzip
via: 1.1 0fbe9200309f14e6a7ec7ccd4461e0ea.cloudfront.net (CloudFront)
date: Wed, 14 Jun 2023 17:55:47 GMT
last-modified: Wed, 07 Jun 2023 15:06:01 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-P1
age: 269942
x-amz-server-side-encryption: AES256
etag: W/"16c0791933e65df75fac0aec15364414"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public,max-age=604800,immutable
x-amz-cf-id: 6cBQwEjYUht3yi5kSXnQf_jVDRCpe9fy0IkAEGvauAahMVjQR9T8FA==

GET desktop-style.74dc4607d.css
wa1.aminoapps.visualizesitio.com/static/dist/css/ 0
0

GET amino-logo-white.svg
wa1.aminoapps.visualizesitio.com/static/img/ 0
0

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8652%2Fb813de6a9ecbf720e79c825e4f4aef2ca71f9093r1-1151-2048v2_128.jpg
https://staticpng.com/

0
0

77ms
77ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3SWhikbdCs2%2BtubQ8CfJRT420V08bAdHhAo9zIA03Mew3Bl6kLBhNDNPzdMk3bNvbu7SglokLZIHU9LiBNuQrxyGtBy1VOHfRN7vB9RXJxawyy7vTDTtGUhuiQinfgobYp5%2FH1%2BKIAEMzL1%2FJkp7LXs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099bd78690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8433%2Facea2621a4a67d03b3e915e886bd91f0d63122cdr1-828-276v2_hq.jpg
https://staticpng.com/

0
0

91ms
91ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2KZhqZ9Fdu8v%2F4k7cDmafy2cD4hDDxcAqZB1D9lgXSDlH4oag5YmMBkPIfBIgsMgGoi8kUPc9%2FJa8Gso2dwAB4Lr81fH5nNUbYPRTQ9%2BP7AusKEAC10UJy2D%2FUI%2BE14L6QGsVkPDay4xZFNY6TRwgXZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099bd7a690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8433%2F46d81562cf97750eeb5324038bab7d203a9a60b6r1-828-276v2_hq.jpg
https://staticpng.com/

0
0

96ms
96ms

Image
text/html

2606:4700:3038::6815:ea5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H3
Server: 2606:4700:3038::6815:ea5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyJeLilxcFVt2sF3Y8%2BYUWD1JqcCm8s9RBRts84UsXDdYGSdOpSJPdATTf3aniOezcPzRgc0PJXNc32cUDr9PE0xqi79TFwGo5REclr2EpAJ6cl0OcOPpzrtL4iDaD5SImJ4B1FNx8mCjXxlhjnl4%2B9d"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099bd7b690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8433%2Fafa44e564cef2594dbc7bca1e63af5ae4d56c367r1-828-276v2_hq.jpg
https://staticpng.com/

0
0

90ms
90ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=986HVKvmsuaBnrawpV5MxOAVpirj8s4IhvyUmZcvdEfgexR1J6VELN2dkagx1QqzmowklCpUT%2FstTfxeqDBZFO%2F8Jna6HDXQFo%2F1ilsU%2BC9TWh2jSO76dMdY1H2Lp0QB11Qsw%2F2ks8OmLVeQ%2Bl86w0Ps"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099cd7e690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8433%2Ff8501f2bffe20da54fca01b5e7af69bed85bdbeer1-828-276v2_hq.jpg
https://staticpng.com/

0
0

93ms
91ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4uB4BoujGPhvI%2BZ0H2apxbZS2IFrL1f%2FqnQtP25ZFMR6WTVhomc9ZyevpUvBWDQg2ZcSBynas1Nz5bmC7AQSuJd1%2FBB%2B3jvgxD0fzoheLj%2FPaJQmaI7mid8emb0w%2Bh4c7rXLVbEExFrOrsx7mUC%2FyUO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099cd7f690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fwa1.aminoapps.visualizesitio.com%2Fstatic%2Fimg%2F-icon-placeholder.png
https://staticpng.com/

0
0

101ms
91ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siFfyFu5uL8MB%2FqViyggc%2BvlnHlsAGGrjr3VK6plxAWMndc8v5FwFZ6KRJdm7J%2Bf9WiZgBm0j9KLQJRVFdzD%2BxXjmZ1u%2B3VI4KBFddKXTyhnOipYcemX5Ki5%2FaWTxkdSbYRvOkcbQ6cQEAHtJYMVyBTu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099bd7d690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8435%2F665edcffcd8ca971c98444e24f0ec70a015d9d54r1-600-600v2_128.jpg
https://staticpng.com/

0
0

91ms
90ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woeCboZjcW4ObDJkJHJFxqPB5TmaNQFJQfvhdVC73rT0P0D9oIAK%2FFzunU7v%2Bb5MMzRwUsTwwzKe0fWtCVi5ChF9UrwrnXw34OOEDF8%2FqIUt%2FSJhwOMs22J9YRO5sOZWk10sbbxVUd5Xyx5cauXFpZd%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099edbd690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8435%2F6eb4b7e4bb1ea597ac764cab4df58730aee48b5ar1-720-730v2_128.jpg
https://staticpng.com/

0
0

93ms
93ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4zS08eLj6P3XXBP0q6HbioX1fwlyDurc1%2B8SoZ4NTmdhFj9XBOmPjmvvM5b%2FexlOhkDcS6ymdAC2%2FyfUxMLrH2JV3Bzt1mHGNsgAOb%2F%2B8eiEqBgWHPFjB6Qv3Lufl9jbv1kZrxAWQl2a6bLPKT9ndyP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099edbf690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8644%2F17271023ce9ed0e0fc34e4e70992398b1593ad81r1-448-608v2_128.jpg
https://staticpng.com/

0
0

97ms
97ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BlS4x5r6syHugZxwQmWf%2FbtqL5NtQ08UI0HneKNhtDEg5uV%2FBVckdhOgisC3aqoEBoNeYr1dZC35Ksj79NzsxQgd5ep4A3bd3Yg1kyJEN%2F3OUvfYZ%2FGyMc25rzGSr%2BOa1e8%2BUvo0FYgOYJGM02Cu5lT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099edc2690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fpm1.aminoapps.visualizesitio.com%2F8050%2F27677722fd701429fdba60593c91af770c96f61dr1-1078-1840v2_128.jpg
https://staticpng.com/

0
0

97ms
97ms

Image
text/html

2606:4700:3038::6815:ea5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H3
Server: 2606:4700:3038::6815:ea5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKzROxzzzY1qNYkkFhE2hAc8E%2FSkh292Exi65o01Vt5nfwak1drvDmh5e982qNirjySiDhrgb2NagSvvdx2Ym%2BahWrtXd1Y%2Byji%2FjM2tOADZ1dKJLwdFjpZbzXuk1UXKc7mzM0DRCnba3o4%2F7h2X8ra3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099edc4690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fwa1.aminoapps.visualizesitio.com%2Fstatic%2Fimg%2Flazy.png
https://staticpng.com/

0
0

88ms
86ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXRa45O6tgEDBAIO6%2BzpFR6X%2FgQ%2BJIL2juHIAdHukNliYNVEavWZtqnRPP%2FM65KkaOQTFrDaS7j8Wu5lUjsCXSucMxO4MI%2FZ35fbA%2BFHdJaDnmGOco%2BHvnEzE77EhhtftkOVu%2BhqszpCQUImVOxOpF37"}],"group":"cf-nel","max_age":604800}
content-type: image/png
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099edc5690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fcm1.aminoapps.visualizesitio.com%2F8613%2F42c618796f8434ad2eb302bd058b1d40f63747d6_120.jpg
https://staticpng.com/

0
0

100ms
100ms

Image
text/html

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE3Kw4XhJ3s5OaOP%2FFqkXgHf3bELPzdeR1YLQRSzEQxZKBmNMTnH%2FX9NtnnL%2FHdRJVXQtxK%2Br2AvOTMVWbdeqKrdHxefmy2Su1%2FQe4%2BJxOBXugkPoEloXZwQJg1It%2BCOjzLaDcbIEg5vc2BBIuKasmma"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099edc6690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3

200

/
staticpng.com/
Redirect Chain

https://image.staticpng.com/?url=https%3A%2F%2Fcm1.aminoapps.visualizesitio.com%2F8613%2Fb3cf784a84be5bd1738ff1db5ba0bd95b2a95a2c_375.jpg
https://staticpng.com/

0
0

102ms
102ms

Image
text/html

2606:4700:3038::6815:ea5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticpng.com/
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H3
Server: 2606:4700:3038::6815:ea5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beIxGGa%2FkqY74uayZL%2BRMyMaF4B4DHN5%2BrIXpVjy5f0w%2BbgJcBWMgK%2FSwZO6LCXk7jfFFAvjw5areVeifMzqiL5D7KxABdE5itdCi%2FGJipKScxN8afLyLPrtEDyzgW%2FAES6HYgVk4ZXHPXtSas0AY%2Bia"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
location: https://staticpng.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 7d8e3099edc7690a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
981 B 189ms
64ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:900&display=swap

Requested by

Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0a5a056205be2802e08f35a8d681987026f689cbbf1b900dead063a98546aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 20:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 20:13:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 20:54:48 GMT

GET font-awesome.edabab9db.css
wa1.aminoapps.visualizesitio.com/static/dist/css/ 0
0

GET
H2

200

script Show response
carbon-cdn.ccgateway.net/
Redirect Chain

http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
https://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090

34 KB
10 KB

403ms
131ms

Script
text/javascript

3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 9d84f76aede61729f32dd562bc61e48f686484e3ae2f9aeaa723bee5f6ab260d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: private,max-age=900
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

Redirect headers

location: https://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 120 KB
47 KB 188ms
66ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31833046-14

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5ddf94590514832b37e853b32092b5b5ecbbebdf1efcc9a15aaaefdd8b78b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47631
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 17 Jun 2023 20:54:48 GMT

GET collect-v.3.1.32.js
s0.ipstatp.com/static_magic/pgc/tech/collect/ 0
0

GET
H/1.1 403
Forbidden 7c0a99a2c141332c4647a2b0d64dbffe.js
blubberspoiled.com/7c/0a/99/ 0
0 760ms
118ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://blubberspoiled.com/7c/0a/99/7c0a99a2c141332c4647a2b0d64dbffe.js
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:49 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 1 Show response
nebsefte.net/ 42 KB
16 KB 84ms
40ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nebsefte.net/1?z=4724958
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 48b1cd8b544593dd962fe25b8525f6f7f2fc52162276d3b9c7a22899bada1549

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:48 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: aabcbf7a7a876cb0f09f456a67ba25b6
Pragma: no-cache
X-Sc: Y65Xz6qv6c9as7lAglbVPUB8zVde3CFvGc7kVMEEG7G3V6z35msuP5sXk52apq9RVHnvkMBalurfGWp0mGcPMji_q4Q=
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 4724942 Show response
nebsefte.net/5/ 67 KB
26 KB 79ms
42ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://nebsefte.net/5/4724942
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1870b0998c68174f67f388a5b9a35b92da24043924dc074d3971fe65a92efb3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:48 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: aad551b69d6e1f7ef0531d3ec080ecc2
Pragma: no-cache, no-cache
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 403
Forbidden 876b74812be8762e152c61679c29a3f5.js
blubberspoiled.com/87/6b/74/ 0
0 761ms
119ms Script
application/javascript 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://blubberspoiled.com/87/6b/74/876b74812be8762e152c61679c29a3f5.js
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:49 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK ntfc.php Show response
glimtors.net/ 14 KB
6 KB 100ms
48ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://glimtors.net/ntfc.php?p=4717370
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0bfc1bcb2a69fb70313f142a8395aa13f057fe96cd60bbf698eddf85cb045bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 20:54:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jun 2023 13:18:05 GMT
Server: nginx
ETag: W/"648b0f8d-3841"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/22489583/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

29ms
29ms

Script
application/javascript

18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:39:47 GMT
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 10:02:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 902
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: H4zWcAqOcJP5W8pxpeelNKjsv954cHnXnJZfNYQ2IGsLiuDPt20gTQ==

Redirect headers

date: Sat, 17 Jun 2023 20:54:48 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: TyWIzu-mxgjL_B3KYwKajZjwMdr53xQM_w2pR1dv2txxZf3EK246JQ==

GET 72e0abcc186160cba5ed7378bcc06629993ee187r5-622-960_00.jpg
pm1.aminoapps.visualizesitio.com/8433/ 0
0

GET
H/1.1 200
OK quant.js Show response
edge.quantserve.com/ 22 KB
9 KB 92ms
29ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://edge.quantserve.com/quant.js
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:48 GMT
Content-Encoding: gzip
Etag: "sLp6xTjO7svFVaOemhLWUQ=="
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: private, max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Expires: Sat, 24 Jun 2023 20:54:48 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 214 KB
74 KB 231ms
75ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f8e19da72faefd872795c80a4329acd96300e88295224994e3fc8df5258d92c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Jun 2023 15:38:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6481cbd8-1249b"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74907
expires: Sat, 17 Jun 2023 21:54:48 GMT

POST
H/1.1 200
OK user.php Show response
aminoapps.visualizesitio.com/ 0
671 B 139ms
138ms XHR
text/html 2606:4700:3034::6815:2565
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://aminoapps.visualizesitio.com/user.php
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:2565 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sat, 17 Jun 2023 20:54:48 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWyzICSPG0Ds8ybqi7ZfH2jdatsdfPAj7jSQlPmnqyVruCHRaxzG67Kg2fxGuEMARDT3Xx0%2FbbrdQo1l%2B8RloRzG4CP6MQe4MWGVoFGVx%2FSqvIchay9tNoLNZDgcRp0HnToZJpcbcr7Getg1d3PfxzKbemTGZ%2FxQaJmM"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
CF-RAY: 7d8e309a898318da-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 177ms
55ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31833046-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 17 Jun 2023 20:35:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1166
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Sat, 17 Jun 2023 22:35:22 GMT

GET
H2

200

rules-p-3bDtRer0SSNWT.js Show response
rules.quantcount.com/
Redirect Chain

http://rules.quantcount.com/rules-p-3bDtRer0SSNWT.js
https://rules.quantcount.com/rules-p-3bDtRer0SSNWT.js

160 B
631 B

116ms
38ms

Script
application/javascript

2600:9000:219c:a200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-3bDtRer0SSNWT.js
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2600:9000:219c:a200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4b9d991a36c458807c808e8b388f2e47c5833b8e08a95a256c366617222f88d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:36:34 GMT
via: 1.1 81df7b82147a3b8250950ccfe02b7432.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 1095
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:08:48 GMT
server: AmazonS3
etag: "8be2c29f70dbca36e49244426b751077"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 9nhyA1PbUd1DLKP4DmqfoWT82IPTwLSHc14WaBa-Vt6KsOCpGlPc-w==

Redirect headers

Date: Sat, 17 Jun 2023 20:54:48 GMT
Via: 1.1 2be4364c1cde74eab64cab67d1de266a.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: CDG3-C2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://rules.quantcount.com/rules-p-3bDtRer0SSNWT.js
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: hbzaRCudkUNlVLUXEgTPLrpmIVbAf_h5Xmpd2DlUBaazuyoy4fhMnw==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=22489583&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687035288890&ns_c=UTF-8&c7=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fw...
https://sb.scorecardresearch.com/b2?c1=2&c2=22489583&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687035288890&ns_c=UTF-8&c7=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2F...

0
224 B

30ms
30ms

Image
text/plain

18.66.112.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=22489583&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687035288890&ns_c=UTF-8&c7=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&c8=What%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&c9=
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-41.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:48 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: lCgBxAPzR8Y0ja3SqhsVSspj0lB-xwR2sDLrfoqD571__BBG8qUd0g==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 17 Jun 2023 20:54:48 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=22489583&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1687035288890&ns_c=UTF-8&c7=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&c8=What%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&c9=
content-length: 0
x-amz-cf-id: eAceJ1XyG133ETj8YoDGcYAIliQuGzIaMa3OXvPkgJtacDVxm0Blfg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
214 B 62ms
62ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=263247687&t=pageview&_s=1&dl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&ul=en-us&de=UTF-8&dt=What%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=88170143&gjid=1070441834&cid=1741403568.1687035289&tid=UA-31833046-14&_gid=1271382032.1687035289&_r=1&gtm=457e36e0&jsscut=1&z=1515839361

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1463016890;rf=0;a=p-3bDtRer0SSNWT;url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2Fq...
pixel.quantserve.com/ 35 B
373 B 97ms
30ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1463016890;rf=0;a=p-3bDtRer0SSNWT;url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo;uh=9dcefc7e4c53dfed767e0d608faaeb042ea829ce46ed3c7aabccd8f37ba14432;uht=0;fpan=1;fpa=P0-940166972-1687035288865;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=visualizesitio.com;dst=0;et=1687035289078;tzo=0;ogl=description.%0A%20What%20is%20Demonkin%3F%20%20%20An%20Explanation%252C%20Misinformation%252C%20and%20Misunderstandings%0A%0A%20%E2%95%94%E2%95%90%2Ctitle.What%20is%20Demonkin%3F%20%7C%20An%20Explanation%252C%20Misinformation%252C%20and%20Misunderstandings%20%7C%20Paga%2Csite_name.Pagans%20%26%20Witches%20%7C%20aminoapps%252Evisualizesitio%252Ecom%2Cimage.https%3A%2F%2Fimage%252Estaticpng%252Ecom%2F%3Furl%3Dhttp%253A%252F%252Fpm1%252Eaminoapps%252Evisualizesitio%252Ecom%252;ses=fd7f2c86-46c2-4404-bcf8-399f3d0a2162;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10037.0UrigStr6fAcxR8z7I6WQ9WF2jzAaBTC2Df9BaB9-zuJBzlLxNjGwsG9xlOCzNhY.8SPC1AAEo2PTuYM_MPjcHJpIG-I%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10037.PUz8nv6jbj6dSp22inmzaK4k1s2efPvICOC3M19rPNZXUJbbscIDH8E1EIV6zITO0UYQw1650dokXLQNk5MD7u7OSAtF7iRGrrkl58sr_gc%2C.MUtblamSlpi5Jta2J6u6KJ5YN7Q%2C

43 B
67 B

81ms
81ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10037.PUz8nv6jbj6dSp22inmzaK4k1s2efPvICOC3M19rPNZXUJbbscIDH8E1EIV6zITO0UYQw1650dokXLQNk5MD7u7OSAtF7iRGrrkl58sr_gc%2C.MUtblamSlpi5Jta2J6u6KJ5YN7Q%2C

Requested by

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10037.PUz8nv6jbj6dSp22inmzaK4k1s2efPvICOC3M19rPNZXUJbbscIDH8E1EIV6zITO0UYQw1650dokXLQNk5MD7u7OSAtF7iRGrrkl58sr_gc%2C.MUtblamSlpi5Jta2J6u6KJ5YN7Q%2C
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

HEAD
H/1.1 200
OK qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo Show response
aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/ 0
826 B 262ms
261ms XHR
text/html 2606:4700:3034::6815:2565
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:2565 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 17 Jun 2023 20:54:49 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNmo9rJsl6ASWlz1SPQZV35Ud9887iuPdjR%2F4HNi%2FOZ86yhuD%2FVam8k71QUdZacriZJwkAnr1LYlJklwbCtQVZg7B8c0N9F%2FdVXtiR%2FjjgVeiK2tPmiI1oAsxwz3RE89c3DDrS2%2F2AdN8lixriQPHcAshUTr6soOS9Yz"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
CF-RAY: 7d8e309e4dc818da-FRA
alt-svc: h3=":443"; ma=86400
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 86704299
mc.yandex.com/clmap/ 43 B
71 B 81ms
81ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/clmap/86704299?page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&pointer-click=rn%3A748232844%3Ax%3A0%3Ay%3A0%3At%3A1%3Ap%3A*13%3AX%3A0%3AY%3A0&browser-info=u%3A1687035289595790938%3Av%3A1060%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Arqnl%3A1%3Ast%3A1687035289&t=gdpr(14%2C14)ti(4)

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 17-Jun-2023 20:54:49 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 17-Jun-2023 20:54:49 GMT

GET
H2 200 90922940
mc.yandex.com/clmap/ 43 B
186 B 74ms
74ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/clmap/90922940?page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&pointer-click=rn%3A601846883%3Ax%3A0%3Ay%3A0%3At%3A1%3Ap%3A*13%3AX%3A0%3AY%3A0&browser-info=u%3A1687035289595790938%3Av%3A1060%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Arqnl%3A1%3Ast%3A1687035289&t=gdpr(14%2C14)ti(4)

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 17-Jun-2023 20:54:49 GMT
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 17-Jun-2023 20:54:49 GMT

GET
H/1.1 200
OK / Show response
thaudray.com/5/4724942/ 3 KB
3 KB 91ms
41ms XHR
application/json 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://thaudray.com/5/4724942/?oo=1&aab=1
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f885e9f6192783f6362858e852e873399db4ce176f177ce374c3e32ec6e803a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: e19132e1af902fc91ae2ca42cde45e9b
Pragma: no-cache, no-cache
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://aminoapps.visualizesitio.com
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
thaudray.com/ 76 KB
27 KB 87ms
37ms Script
text/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://thaudray.com/tag.min.js

Requested by

Protocol

HTTP/1.1

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d47fd3d95f10998b20c9e29bb7a8c00caa835fbfec52cc29eb0bb380c511144a

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=1
Connection: keep-alive
Content-Length: 26336
X-Trace-Id: 6645848c3a7fab85f5bcedce1a9b9662
Pragma: no-cache
Last-Modified: Fri, 16 Jun 2023 11:47:07 GMT
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 5108418 Show response
glizauvo.net/401/ 86 KB
33 KB 86ms
40ms Script
application/javascript 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://glizauvo.net/401/5108418

Requested by

Protocol

HTTP/1.1

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

42232822308f1456c937f9fbbbdc73bab3eec05ba1fdc6277d2efb8558ab35a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:49 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b42f090f3a9610be9aeeb7fe63fa3765
Pragma: no-cache
Server: nginx
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 4724965 Show response
rndskittytor.com/400/ 86 KB
33 KB 90ms
39ms Script
application/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://rndskittytor.com/400/4724965

Requested by

Protocol

HTTP/1.1

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

08356c6264e3107b9656e6da86fddc633ba11e46215b1ab503b48808782cc8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:49 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: aca8057ff94401002accde358913e16a
Pragma: no-cache
Server: nginx
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 4837723 Show response
rndskittytor.com/400/ 86 KB
33 KB 92ms
42ms Script
application/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://rndskittytor.com/400/4837723

Requested by

Protocol

HTTP/1.1

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

382fe509025e490ddcc80d6088bf34edbec9567d640b662796981c961d4fcd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:49 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: edf8fd9261e5a4931df409758f962acf
Pragma: no-cache
Server: nginx
Vary: Origin
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H/1.1 200
OK 4724942 Show response
overzubatan.com/5/ 67 KB
26 KB 92ms
43ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://overzubatan.com/5/4724942
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: HTTP/1.1
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ce8c24dd4287dbd1e690f62bba1afdb025c21306ded4e24a51594f04752eb46c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 20:54:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: f9f584fe183599810a5ebefea61325bd
Pragma: no-cache, no-cache
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 13fa4a205678e8f27355aaf1d3b549f6 Show response
nebsefte.net/27/ 404 KB
128 KB 116ms
37ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://nebsefte.net/27/13fa4a205678e8f27355aaf1d3b549f6

Requested by

Host: nebsefte.net
URL: http://nebsefte.net/1?z=4724958

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ef970a57abf3de0dc518d7c8df3c75c42d18fabe1ca7a196b923ece178034b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 082a21a08d9aadbbb29c844fb4df6295
last-modified: Tue, 13 Jun 2023 07:14:19 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Tue, 13 Jul 2083 07:14:19 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
553 B 143ms
37ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=297c6c88b61549f9bd629d1381c9cf91

Requested by

Host: nebsefte.net
URL: http://nebsefte.net/5/4724942

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

71d85d55edd73a647bb8707a1c0c0b7642bad33e404c71abb18b0eec1c85759f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 zone Show response
glimtors.net/ 882 B
1 KB 135ms
59ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glimtors.net/zone?pub=0&zone_id=4717370&is_mobile=false&domain=aminoapps.visualizesitio.com&var=&ymid=&var_3=

Requested by

Host: glimtors.net
URL: http://glimtors.net/ntfc.php?p=4717370

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d0a04bf4973e149e3f37536da5c09c0c650edb9d790e98c88735ed023f05481f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-trace-id: 2bfab22a17e72869aa2d61e5fa0d5cf7
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 882

GET
H2 200 universal.min.js Show response
glimtors.net/pfe/current/ 101 KB
34 KB 149ms
73ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/pfe/current/universal.min.js?v=3.1.440
Requested by: Host: glimtors.net
URL: http://glimtors.net/ntfc.php?p=4717370
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4e6a7f6a765f9221293d9b89110d66de87b602fb10ccf77c2441ca0e8534d5cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 13:18:05 GMT
server: nginx
etag: W/"648b0f8d-1935f"
content-type: application/javascript
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: no-cache
access-control-allow-credentials: true

OPTIONS
H2 204 sync
ads.assemblyexchange.com/doh/ Frame 0
0 204ms
134ms Preflight 34.160.128.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.assemblyexchange.com/doh/sync?uid=c33035f5-914c-4aba-998f-c72226ff7a94&property_id=aminoapps.visualizesitio.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.128.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.128.160.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ana-api-key,content-type,lib_version,publisher_version
Access-Control-Request-Method: POST
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

allow: OPTIONS, POST
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 17 Jun 2023 20:54:49 GMT
server: istio-envoy
via: 1.1 google
x-envoy-upstream-service-time: 1

OPTIONS
H2 400 request
ads.assemblyexchange.com/wana/bids/ Frame 0
0 201ms
133ms Preflight
application/json 34.160.128.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_728x90_atf_desktop_1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.128.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.128.160.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ana-api-key,content-type,lib_version,publisher_version
Access-Control-Request-Method: POST
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
content-type: application/json; charset=UTF-8
date: Sat, 17 Jun 2023 20:54:49 GMT
server: istio-envoy
via: 1.1 google
x-envoy-upstream-service-time: 1

OPTIONS
H2 400 request
ads.assemblyexchange.com/wana/bids/ Frame 0
0 200ms
133ms Preflight
application/json 34.160.128.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_300x250_atf_desktop_2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.128.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.128.160.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ana-api-key,content-type,lib_version,publisher_version
Access-Control-Request-Method: POST
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
content-type: application/json; charset=UTF-8
date: Sat, 17 Jun 2023 20:54:49 GMT
server: istio-envoy
via: 1.1 google
x-envoy-upstream-service-time: 1

OPTIONS
H2 400 request
ads.assemblyexchange.com/wana/bids/ Frame 0
0 200ms
134ms Preflight
application/json 34.160.128.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_300x250_atf_desktop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.128.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.128.160.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ana-api-key,content-type,lib_version,publisher_version
Access-Control-Request-Method: POST
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
content-type: application/json; charset=UTF-8
date: Sat, 17 Jun 2023 20:54:49 GMT
server: istio-envoy
via: 1.1 google
x-envoy-upstream-service-time: 1

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
126 B 74ms
74ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Jun 2023 15:38:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6481cbd8-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 17 Jun 2023 21:54:49 GMT

POST sync
ads.assemblyexchange.com/doh/ 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
26 KB 242ms
107ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.2.4.5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3f7662e876d13d366e494c8ec1b80bd8e0a29e2df6057fefdcda8fd220ec5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26461
x-xss-protection: 0
server: cafe
etag: 391 / 19525 / m202306130101 / config-hash: 4553594699066521459
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 17 Jun 2023 20:54:49 GMT

POST request
ads.assemblyexchange.com/wana/bids/ 0
0

GET
H2 200 user.js Show response
script-api.ccgateway.net/script/launcher/2/ 2 KB
677 B 142ms
130ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/script/launcher/2/user.js
Requested by: Host: carbon-cdn.ccgateway.net
URL: http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: a11d3b4b6f2902037c365146ff80b5bf95923f3176f1a827355e45177314d423

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: private,max-age=604800
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 userId Show response
script-api.ccgateway.net/ 225 B
345 B 130ms
130ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/userId
Requested by: Host: carbon-cdn.ccgateway.net
URL: http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 9155b7274be8666171eded4b04466b5c78df578033f79c9f19598cb54204deeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: private,max-age=3156000
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 realtime.js Show response
script-api.ccgateway.net/script/launcher/2/ 4 KB
2 KB 130ms
130ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/script/launcher/2/realtime.js
Requested by: Host: carbon-cdn.ccgateway.net
URL: http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 188c936df498009ba8f981d76315c284bd24bb0211ebbf7b066d0322f27e7601

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: private,max-age=604800
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 spa.js Show response
script-api.ccgateway.net/script/launcher/4/ 853 B
596 B 133ms
133ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/script/launcher/4/spa.js
Requested by: Host: carbon-cdn.ccgateway.net
URL: http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 63cff3b1429b2f836e781438f3ea1218fbff5f279182ed8530c3128327875135

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: private,max-age=604800
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 api.js Show response
script-api.ccgateway.net/script/launcher/5/ 5 KB
2 KB 132ms
132ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/script/launcher/5/api.js
Requested by: Host: carbon-cdn.ccgateway.net
URL: http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 67942c522b8f0e187f291d3dde230596fa526a323a9f50a0d667b6956839d98e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: private,max-age=604800
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 stattag.js Show response
tzegilo.com/ 17 KB
7 KB 110ms
37ms Script
application/javascript 2606:4700:e2::ac40:8502
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: glizauvo.net
URL: http://glizauvo.net/401/5108418
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8502 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 08:43:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1953
etag: W/"646736cf-4447"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5A22gKOLHmxzeB6LxCOPX3cdTOVMGSd1RzXMUjARARfehgnIhMfx0yoYl5Y3p%2BWXC75WpaOtH7NfejFsrp4itHYUnNR%2FL4X4jNpb7IRyLCQulQJxQhXjzkwjZqnTvsjRSOQkxG3iW2j2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7d8e309fbc501e45-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400

GET
H2

200

1 Show response
mc.yandex.com/watch/90922940/
Redirect Chain

https://mc.yandex.com/watch/90922940?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstand...
https://mc.yandex.com/watch/90922940/1?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misundersta...

435 B
527 B

76ms
76ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90922940/1?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A2583%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A2%3Adp%3A0%3Als%3A23466664274%3Ahid%3A118555851%3Az%3A0%3Ai%3A20230617205449%3Aet%3A1687035289%3Ac%3A1%3Arn%3A347723479%3Arqn%3A1%3Au%3A1687035289595790938%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C31%2C2435%2C40%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1687035285965%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687035290%3At%3AWhat%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

936507cbe83dbae5b941510acfc5cfb8d4bd337d9c4bf214aa4d4ebd2512e026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 17-Jun-2023 20:54:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Sat, 17-Jun-2023 20:54:49 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 17-Jun-2023 20:54:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/90922940/1?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A2583%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A2%3Adp%3A0%3Als%3A23466664274%3Ahid%3A118555851%3Az%3A0%3Ai%3A20230617205449%3Aet%3A1687035289%3Ac%3A1%3Arn%3A347723479%3Arqn%3A1%3Au%3A1687035289595790938%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C31%2C2435%2C40%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1687035285965%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687035290%3At%3AWhat%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 17-Jun-2023 20:54:49 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/86704299/
Redirect Chain

https://mc.yandex.com/watch/86704299?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstand...
https://mc.yandex.com/watch/86704299/1?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misundersta...

428 B
464 B

79ms
78ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/86704299/1?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A2583%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A877155236513%3Ahid%3A118555851%3Az%3A0%3Ai%3A20230617205449%3Aet%3A1687035289%3Ac%3A1%3Arn%3A412994144%3Arqn%3A1%3Au%3A1687035289595790938%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C31%2C2435%2C40%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1687035285965%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687035290%3At%3AWhat%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fb3b3b765f2e8861cee73ccd265f904e3193ddfff08d22f197e3ecc860a44bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 17-Jun-2023 20:54:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Sat, 17-Jun-2023 20:54:49 GMT

Redirect headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 17-Jun-2023 20:54:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/86704299/1?wmode=7&page-url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A2583%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1060%3Acn%3A1%3Adp%3A0%3Als%3A877155236513%3Ahid%3A118555851%3Az%3A0%3Ai%3A20230617205449%3Aet%3A1687035289%3Ac%3A1%3Arn%3A412994144%3Arqn%3A1%3Au%3A1687035289595790938%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A20%2C31%2C2435%2C40%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1687035285965%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1687035290%3At%3AWhat%20is%20Demonkin%3F%20%7C%20An%20Explanation%2C%20Misinformation%2C%20and%20Misunderstandings%20%7C%20Pagans%20%26%20Witches%20Amino&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 17-Jun-2023 20:54:49 GMT

GET
H2

200

/ Show response
nebsefte.net/
Redirect Chain

http://nebsefte.net/?rb=9BqGDLknaJQIIkfRrTqUkeyxC0pcrQVtD-6Eup7pVARf2YsUS25LoVnibjJV2XG-IASBeYUSNarw0Ez_R9QZgK2w2NY9LtHz1wPvSD96OBDLh4amevzRjOo7s51ej2JhDSB-WKoySBReTH88XOV1lEDKTnSGW2L8b6XA1JJp6girp...
https://nebsefte.net/?rb=9BqGDLknaJQIIkfRrTqUkeyxC0pcrQVtD-6Eup7pVARf2YsUS25LoVnibjJV2XG-IASBeYUSNarw0Ez_R9QZgK2w2NY9LtHz1wPvSD96OBDLh4amevzRjOo7s51ej2JhDSB-WKoySBReTH88XOV1lEDKTnSGW2L8b6XA1JJp6gir...

2 KB
2 KB

70ms
70ms

Fetch
application/json

139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://nebsefte.net/?rb=9BqGDLknaJQIIkfRrTqUkeyxC0pcrQVtD-6Eup7pVARf2YsUS25LoVnibjJV2XG-IASBeYUSNarw0Ez_R9QZgK2w2NY9LtHz1wPvSD96OBDLh4amevzRjOo7s51ej2JhDSB-WKoySBReTH88XOV1lEDKTnSGW2L8b6XA1JJp6girp6YDNlKXGp0MwoTIzObSU2GfjIj6VX1UfD3_V2l3suk8SCDq9GzmvddwEMMzAj-jMm9H9FSjmH3MLxsjvbmJAN4ug1wPSpIpwvi0drh0rc-C9kwJ5MJ_5LsyG5Ll_GrzEPE0&request_ab2=0&zoneid=4724942&js_build=iclick-v1.562.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.562.0&bs=fdc8bcc8-860c-462b-916c-f1b865343129&userId=297c6c88b61549f9bd629d1381c9cf91&m=link

Requested by

Protocol

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0499d8384b65d52f6c25b90a23871ce0a4d1f4bde4ea2a5825398307ddb71644

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: fe75dcbec824b8c8f98cf1c13e684efa
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: null
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

Redirect headers

Location: https://nebsefte.net/?rb=9BqGDLknaJQIIkfRrTqUkeyxC0pcrQVtD-6Eup7pVARf2YsUS25LoVnibjJV2XG-IASBeYUSNarw0Ez_R9QZgK2w2NY9LtHz1wPvSD96OBDLh4amevzRjOo7s51ej2JhDSB-WKoySBReTH88XOV1lEDKTnSGW2L8b6XA1JJp6girp6YDNlKXGp0MwoTIzObSU2GfjIj6VX1UfD3_V2l3suk8SCDq9GzmvddwEMMzAj-jMm9H9FSjmH3MLxsjvbmJAN4ug1wPSpIpwvi0drh0rc-C9kwJ5MJ_5LsyG5Ll_GrzEPE0&request_ab2=0&zoneid=4724942&js_build=iclick-v1.562.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.562.0&bs=fdc8bcc8-860c-462b-916c-f1b865343129&userId=297c6c88b61549f9bd629d1381c9cf91&m=link
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Origin: http://aminoapps.visualizesitio.com
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

OPTIONS
H2 200 custom
glimtors.net/ Frame 0
0 37ms
37ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 17 Jun 2023 20:54:49 GMT
server: nginx

POST
H2 200 custom Show response
glimtors.net/ 39 B
333 B 37ms
37ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glimtors.net/custom

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: f5278f4b7b5a0feb532a62d37d8d472c
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
552 B 40ms
40ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=7fe9494968354cd8b13e5c5eff1fb2bf&zoneId=4717370&checkDuplicate=true&ymid=&var=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

71d85d55edd73a647bb8707a1c0c0b7642bad33e404c71abb18b0eec1c85759f

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
497 B 130ms
47ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sat, 17 Jun 2023 20:55:29 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://aminoapps.visualizesitio.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

OPTIONS
H2 204 9
nebsefte.net/ Frame 0
0 113ms
38ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nebsefte.net/9?z=4724958&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0&oaid=297c6c88b61549f9bd629d1381c9cf91
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 17 Jun 2023 20:54:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

POST
H2 200 9 Show response
nebsefte.net/ 6 KB
3 KB 45ms
43ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nebsefte.net/9?z=4724958&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0&oaid=297c6c88b61549f9bd629d1381c9cf91
Requested by: Host: nebsefte.net
URL: https://nebsefte.net/27/13fa4a205678e8f27355aaf1d3b549f6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 03dcbbde85d3ceb7ad357d4c78977a9473b629a29e7380ca93ad10d5487a462f

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 27e34329c375d37d279c2d95f9e064d2
pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
content-encoding: gzip
x-sc: 45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content 5108418 Show response
glizauvo.net/500/ 0
690 B 43ms
43ms XHR
text/plain 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://glizauvo.net/500/5108418?excludes=&oaid=297c6c88b61549f9bd629d1381c9cf91&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: glizauvo.net
URL: http://glizauvo.net/401/5108418

Protocol

HTTP/1.1

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 866d52d43995ba5f71cfe60f42fc3b35
Pragma: no-cache
Date: Sat, 17 Jun 2023 20:54:49 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: http://aminoapps.visualizesitio.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK 5108418
glizauvo.net/500/ Frame 0
0 76ms
40ms Preflight 139.45.197.236
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: http://aminoapps.visualizesitio.com
Access-Control-Max-Age: 600
Allow: GET, OPTIONS
Connection: keep-alive
Content-Length: 0
Date: Sat, 17 Jun 2023 20:54:49 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff

GET
H2 200 getProfileRealtime Show response
script-api.ccgateway.net/ 202 B
328 B 147ms
147ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/getProfileRealtime?ccuid=43dbeddd-7dbe-4f44-b8f1-1ef177cd6657&intent=false&demo=false&brands=false&audiences=true&parentId=e8a16a4090
Requested by: Host: carbon-cdn.ccgateway.net
URL: http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: 9764126d3d3f2389a59215c4dd0375ce0d47f80c76f043632edd5f6b09e3d0cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: private,max-age=1800
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 bundle Show response
script-api.ccgateway.net/script/ 37 KB
10 KB 134ms
134ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://script-api.ccgateway.net/script/bundle?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Requested by: Host: carbon-cdn.ccgateway.net
URL: http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: fb81e3ca2392e0996e6cef310b690184118dce8a8b8ce196b12bb6d722f0a49e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: public,max-age=1200
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 defaultSkin.min.js Show response
glimtors.net/pfe/current/ 56 KB
19 KB 38ms
38ms Fetch
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/pfe/current/defaultSkin.min.js
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
content-encoding: gzip
last-modified: Thu, 15 Jun 2023 13:18:05 GMT
server: nginx
etag: W/"648b0f8d-df63"
content-type: application/javascript
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/ 408 KB
126 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 19:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3668
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128933
x-xss-protection: 0
server: cafe
etag: 1396361306703029922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 16 Jun 2024 19:53:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 50 B
75 B 209ms
92ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=aminoapps.visualizesitio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c7584f771817d8c7b87c149d7e14245a774668b4d027ef18e4418fec673f7d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
expires: Sat, 17 Jun 2023 20:54:49 GMT

GET
H/1.1 204
No Content 4724965 Show response
rndskittytor.com/500/ 0
690 B 46ms
46ms XHR
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://rndskittytor.com/500/4724965?excludes=&oaid=297c6c88b61549f9bd629d1381c9cf91&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: rndskittytor.com
URL: http://rndskittytor.com/400/4724965

Protocol

HTTP/1.1

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 77a108fd4ad5831ec0b5466c4a30ab42
Pragma: no-cache
Date: Sat, 17 Jun 2023 20:54:49 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: http://aminoapps.visualizesitio.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK 4724965
rndskittytor.com/500/ Frame 0
0 75ms
38ms Preflight 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: http://aminoapps.visualizesitio.com
Access-Control-Max-Age: 600
Allow: GET, OPTIONS
Connection: keep-alive
Content-Length: 0
Date: Sat, 17 Jun 2023 20:54:49 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10037.tMzSZrC31-siVI_7cj7BMGGfAx8xaTJAad7xmqqqAG-5XUlTe84yvaBr-T8nMBkD.g88-rzQexaivV6Q8hP_9sCy6kVY%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10037.XSo0_wryTb2GoOXcBmNDa9jsiV3aByCKsLvhJJIpLNwbFv6fWg6Ljbu4rh8dhQSU_Tf35OJCiXpxofNZUUFXcYTkKvH7-yOB847knkOtEeU%2C.7ggFuPgS7y5jPePoX...

43 B
79 B

82ms
82ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10037.XSo0_wryTb2GoOXcBmNDa9jsiV3aByCKsLvhJJIpLNwbFv6fWg6Ljbu4rh8dhQSU_Tf35OJCiXpxofNZUUFXcYTkKvH7-yOB847knkOtEeU%2C.7ggFuPgS7y5jPePoX5aPo0Nezjk%2C

Requested by

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10037.XSo0_wryTb2GoOXcBmNDa9jsiV3aByCKsLvhJJIpLNwbFv6fWg6Ljbu4rh8dhQSU_Tf35OJCiXpxofNZUUFXcYTkKvH7-yOB847knkOtEeU%2C.7ggFuPgS7y5jPePoX5aPo0Nezjk%2C
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame D2B0 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 custom
glimtors.net/ Frame 0
0 37ms
37ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 17 Jun 2023 20:54:49 GMT
server: nginx

POST
H2 200 custom Show response
glimtors.net/ 39 B
333 B 38ms
38ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glimtors.net/custom

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: a8ef4658726238f2594c06b690970a94
date: Sat, 17 Jun 2023 20:54:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 location Show response
privacy-location-edge.ccgateway.net/privacy/ 2 B
188 B 407ms
131ms XHR
text/plain 18.212.140.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-location-edge.ccgateway.net/privacy/location
Requested by: Host: script-api.ccgateway.net
URL: https://script-api.ccgateway.net/script/bundle?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.212.140.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-212-140-196.compute-1.amazonaws.com
Software: /
Resource Hash: 9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: gzip
access-control-allow-credentials: true
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 scripts_clients_Imgur_listener.js Show response
carbon-cdn.ccgateway.net/script/cs/ 3 KB
1 KB 216ms
214ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://carbon-cdn.ccgateway.net/script/cs/scripts_clients_Imgur_listener.js
Requested by: Host: carbon-cdn.ccgateway.net
URL: http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: c151e90d0cf594cd23ff73d6ac82cb6cdcd0371db5c1a2c4ddb8ab9da31420c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: public,max-age=1200
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 scripts_clients_Imgur_spalistener.js Show response
carbon-cdn.ccgateway.net/script/cs/ 1 KB
743 B 216ms
215ms Script
text/javascript 3.237.175.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://carbon-cdn.ccgateway.net/script/cs/scripts_clients_Imgur_spalistener.js
Requested by: Host: carbon-cdn.ccgateway.net
URL: http://carbon-cdn.ccgateway.net/script?id=aminoapps.visualizesitio.com&parentId=e8a16a4090
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.237.175.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-237-175-195.compute-1.amazonaws.com
Software: /
Resource Hash: f27e062575e2cc8eab945138d762ddaf5748a82987b256de0b6c6e468023e74c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:49 GMT
cache-control: public,max-age=1200
content-encoding: gzip
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

OPTIONS
H2 204 11
nebsefte.net/ Frame 0
0 37ms
37ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nebsefte.net/11?rnd=2267104724&z=4724958&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=kFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U=&ruid=1bc77ad7-e6a2-4496-a06e-f5b7473a7e21&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0&ot=166
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-sc
Access-Control-Request-Method: GET
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Sat, 17 Jun 2023 20:54:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

GET
H2 200 11 Show response
nebsefte.net/ 0
610 B 39ms
39ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nebsefte.net/11?rnd=2267104724&z=4724958&b=5362695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=kFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U=&ruid=1bc77ad7-e6a2-4496-a06e-f5b7473a7e21&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=1&sah=1200&drf=&hil=1&ist=0&ot=166
Requested by: Host: nebsefte.net
URL: https://nebsefte.net/27/13fa4a205678e8f27355aaf1d3b549f6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://aminoapps.visualizesitio.com/
X-Sc: 45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-trace-id: 0073840143a43b0cf4e7236809dd6eee
pragma: no-cache
date: Sat, 17 Jun 2023 20:54:49 GMT
x-sc
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
interstitial-08.com/ Frame 41C2 22 KB
6 KB 190ms
98ms Document
text/html 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Requested by: Host: nebsefte.net
URL: https://nebsefte.net/27/13fa4a205678e8f27355aaf1d3b549f6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx / PHP/7.4.24
Resource Hash: dc37bd129c5af5b32645ed8fc3c6c9b3d23411721908df21f5022d4b3a828ae5

Request headers

Referer: http://aminoapps.visualizesitio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 17 Jun 2023 20:54:50 GMT
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.24

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 195ms
66ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aminoapps.visualizesitio.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
14 KB 339ms
339ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2224340686501391&correlator=2059443393670571&eid=31072020&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fifs&iu_parts=114106652%2Camino_728x90_atf_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=2542861004&sfv=1-0-40&fsbs=1&prev_scp=mlrf%3D1&eri=1&cust_params=domain%3Daminoapps.visualizesitio.com%26youtube%3Dn%26SDK%3D2.4.5%26auctionTimeout%3D2500%26carbon_segment%3D&sc=0&cookie_enabled=1&abxe=1&dt=1687035289927&lmt=1687035289&dlt=1687035288460&idt=1415&adxs=8&adys=361&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&frm=20&vis=1&psz=1483x90&msz=728x90&fws=128&ohw=0&ga_vid=1741403568.1687035289&ga_sid=1687035290&ga_hid=263247687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75d2fbaeb708894e7f69eb6eda1ec6f77926e812f6571c3a097488e3e6273938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14118
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2f9787204d447b9c7da35842fe071ef0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3609 6 KB
3 KB 227ms
62ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2f9787204d447b9c7da35842fe071ef0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aminoapps.visualizesitio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 20:54:50 GMT
expires: Sun, 16 Jun 2024 20:54:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
23 KB 312ms
312ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2224340686501391&correlator=961131230257904&eid=31072020&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fifs&iu_parts=114106652%2Camino_300x250_atf_desktop_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=3516584440&sfv=1-0-40&fsbs=1&prev_scp=mlrf%3D1&eri=1&cust_params=domain%3Daminoapps.visualizesitio.com%26youtube%3Dn%26SDK%3D2.4.5%26auctionTimeout%3D2500%26carbon_segment%3D&sc=0&cookie_enabled=1&abxe=1&dt=1687035289938&lmt=1687035289&dlt=1687035288460&idt=1415&adxs=8&adys=7388&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&frm=20&vis=1&psz=300x250&msz=300x250&fws=0&ohw=0&ga_vid=1741403568.1687035289&ga_sid=1687035290&ga_hid=263247687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

281be7569925812b50bce0b32fa131a4461e5bbc2611b647922267c452125d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23394
x-xss-protection: 0
google-lineitem-id: 6147660610
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138429467077
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 60 KB
23 KB 322ms
322ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2224340686501391&correlator=262859139872253&eid=31072020&output=ldjh&gdfp_req=1&vrg=202306130101&ptt=17&impl=fifs&iu_parts=114106652%2Camino_300x250_atf_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=3&adks=2685655568&sfv=1-0-40&fsbs=1&prev_scp=mlrf%3D1&eri=1&cust_params=domain%3Daminoapps.visualizesitio.com%26youtube%3Dn%26SDK%3D2.4.5%26auctionTimeout%3D2500%26carbon_segment%3D&sc=0&cookie_enabled=1&abxe=1&dt=1687035289941&lmt=1687035289&dlt=1687035288460&idt=1415&adxs=8&adys=8122&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&frm=20&vis=1&psz=300x600&msz=300x250&fws=0&ohw=0&ga_vid=1741403568.1687035289&ga_sid=1687035290&ga_hid=263247687&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4bf01afa5c52265bd88f8ebacc2faba4af87e02678d915d380aa84bcc67adcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23241
x-xss-protection: 0
google-lineitem-id: 6147660610
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138427411473
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/ Frame 41C2 12 KB
2 KB 125ms
54ms Stylesheet
text/css 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/css/style.css?v=1518177503492
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 09:15:03 GMT
server: cloudflare
age: 4148
etag: W/"6482ed97-30c9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 7d8e30a36c68371a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 audible.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 41C2 3 KB
3 KB 126ms
55ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/audible.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
cf-cache-status: HIT
age: 5543
content-length: 3429
last-modified: Fri, 09 Jun 2023 09:15:03 GMT
server: cloudflare
etag: "6482ed97-d65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7d8e30a36c6c371a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 0100657458245.jpeg
interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/ Frame 41C2 52 KB
53 KB 75ms
74ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/2d/3f/7f/35d1f144fa688a67ba834d0931/0100657458245.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-d0e0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 53472

GET
H2 200 0933414948049.jpeg
interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/ Frame 41C2 14 KB
15 KB 113ms
112ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/54/58/11/b0a815692a6ca16dd9a46924ab/0933414948049.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
last-modified: Wed, 15 Aug 2018 10:56:50 GMT
server: nginx
etag: "5b7406f2-393b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 14651

GET
H2 200 0350025199145.jpeg
interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/ Frame 41C2 35 KB
35 KB 114ms
113ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/4e/61/84/4a7532ee6d30450abd6bb2a1da/0350025199145.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
last-modified: Tue, 17 Jul 2018 10:46:08 GMT
server: nginx
etag: "5b4dc8f0-8b17"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 35607

GET
H2 200 01289039865190.jpeg
interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/ Frame 41C2 49 KB
50 KB 114ms
113ms Image
image/jpeg 139.45.197.151
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://interstitial-08.com/contents/s/aa/5b/71/730bd1c1e09e51bf17160def9a/01289039865190.jpeg
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.151 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
last-modified: Thu, 31 Jan 2019 11:14:34 GMT
server: nginx
etag: "5c52d89a-c502"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 50434

GET
H2 200 player.png
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/ Frame 41C2 28 KB
28 KB 110ms
47ms Image
image/png 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/images/player.png
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
cf-cache-status: HIT
age: 4988
content-length: 28527
last-modified: Fri, 09 Jun 2023 09:15:03 GMT
server: cloudflare
etag: "6482ed97-6f6f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 7d8e30a36c6e371a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 script.js Show response
littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/ Frame 41C2 1 KB
560 B 117ms
53ms Script
application/javascript 2606:4700:10::ac43:a62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://littlecdn.com/interstital/templates/inapp/Players/_gen-carousel-3d/js/script.js?v=1518177503494
Requested by: Host: interstitial-08.com
URL: https://interstitial-08.com/?l=9PjAqTQETOzNIxm&cd_meta_crid=21588&trkintimp&target_url=https%3A%2F%2Fnebsefte.net%2F12%3Frnd%3D991860865%26z%3D4724958%26b%3D5362695%26c%3D2755022%26var%3D%26d%3Dhttps%253A%252F%252Foovaufty.com%252F%253Fb%253D%257Bbannerid%257D%2526ba%253D1%2526campid%253D%257Bcampaignid%257D%2526did%253D%257Bdeviceid%257D%2526dm%253D0%2526ep%253D1%2526fp%253D0%2526g%253D%257Bgeo%257D%2526i18db%253D1%2526l%253DEf3r9LOIFX3llkF%2526oaid%253D%257Boaid%257D%2526pshr%253D0%2526s%253D%2524%257BSUBID%257D%2526ssk%253D%257Btimestamp_key%257D%2526svar%253D%257Btimestamp%257D%2526vi%253D1%2526vo%253D1%2526z%253D%257Bzoneid%257D%2526tr%253Ddefault%26cln%3D1%26btp%3D7%26rb%3DkFJvAzvKI760qnE3NIJfscpp3s2_97513cAPxgaX1rN75gNVcq3Cy9jidYQJgT56_lHanmqovnYl0SXeNeWEW6Q2KKMCRQAvApF3esQwx2FDjuQYWM5gsCg3JVUahZn3s21spe9HgVRbgpiy7GYBX_cpE7pEf5XwA7puvWK69cs2g0wtSMAqwyHoaLp0bd7MpvOIGHSoS4KYxrmlVtPLu_McpU3t2pKfGH53lF987ZTjVHXNDaYhYWNsQAc9HFpXVozgvVZjPvIXKCkaRS1xqWoLgl1SGsmrAcY7PBwSxzAkYJTxc-PFr_IA_8U%3D%26bag%3DydU9kaAfa6I%3D%26ruid%3D1bc77ad7-e6a2-4496-a06e-f5b7473a7e21%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D0%26gp%3D3%26bp%3D4%26nw%3D1%26nb%3D1%26sw%3D1600%26sh%3D1200%26pl%3Dhttp%253A%252F%252Faminoapps.visualizesitio.com%252Fc%252Fpagans-witches%252Fpage%252Fblog%252Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%252FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%26wy%3D0%26wx%3D0%26ww%3D1600%26wh%3D1200%26cw%3D1600%26wiw%3D1600%26wih%3D1200%26wfc%3D1%26sah%3D1200%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0%26X-Sc%3D45urzumAxF6y_f2xEs_2lpEfzEtlFTgVl0BRfSWRuNvUABu6e6pRfNLPynAykgwms1Ufop50_8bWz4B7AqAainyVhTY%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:a62 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://interstitial-08.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 09 Jun 2023 09:15:03 GMT
server: cloudflare
age: 4988
etag: W/"6482ed97-58b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-ray: 7d8e30a36c6a371a-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

OPTIONS
H2 200 custom
glimtors.net/ Frame 0
0 37ms
37ms Preflight
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://glimtors.net/custom
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Sat, 17 Jun 2023 20:54:50 GMT
server: nginx

POST
H2 200 custom Show response
glimtors.net/ 39 B
333 B 38ms
37ms Fetch
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://glimtors.net/custom

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 57f1dc4fdf6af53f763ec83a9fac91a3
date: Sat, 17 Jun 2023 20:54:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aminoapps.visualizesitio.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 39

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 228ms
105ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b8056f2d367b31102eb7e1e3c9e9d7090de95afbb277c909ba420c2ab3f2f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11161
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9993 0
0 92ms
92ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAtOIKj69DPI1u9axcvT5rUX6j87ngJYg8QNPzOb9zID0ADHXKdtpE_cfulVc-xDlD2EqH4mkbOSEL5CA9dS5lkn6uN504BJlx8mUqv-N4bP_C9qiI6sNQVsRHEEITciiYKtaADJfHICsuBrvQNpBfI6kV9YPFoQDNzIHuCL4xlj20HsFl1NmSO7LwlFilrOqFrfYGAt0PJuv-gz1xUsRtFWwHMzzpNVdy2h2AsNcfX0Qt2XdnXQqBpuD0NzNxxZu6zmPCOdrzszUwbuLqhXvsLVlruBjoC6ELL6-0CMazGP238hVHMeLPhrWkTqnp3cPSmCvORcnHEfbDxcgm5nJqsDvf9iBD9pbCEyp8KwlfiXPf&sai=AMfl-YRf--NhWgpebFXcAy2dxRZdJVYG1LJUy3WLPt2CceCO9Qyhqp5TQgsdZ01offeWecP4EzGdxqax0yNlgEDcpHWU0XzZQfBTxBgWCE7IDQd_b6YnzFrzwyFFgJtr6ut907bDwLp9vQ_vzHr30nU&sig=Cg0ArKJSzF-55SSCS6voEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 20:54:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame 9993 22 KB
9 KB 325ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame 9993 3 KB
1 KB 333ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 16:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 16:58:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9993 178 KB
56 KB 331ms
66ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 20:54:50 GMT

GET
H2 200 8346328006551336822
tpc.googlesyndication.com/simgad/ Frame 9993 93 KB
94 KB 417ms
153ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8346328006551336822

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

688ffbd39a8c93912dda822bae709f713c83130d8b20c466c2fcabd2ace78458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 16:12:46 GMT
x-content-type-options: nosniff
age: 189724
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95678
x-xss-protection: 0
last-modified: Thu, 06 Apr 2023 16:08:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 16:12:46 GMT

GET
DATA 200
OK truncated
/ Frame 9993 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d1121a6c048005881537674c9e4cb2dc726783d1cd049d9f20d27887578bce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4E0 0
0 92ms
92ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTdW0z138PReiDbMzQMGZl67qkPzrX1MZCkpp_2GBVZT5xeif4642MQfLmvki126X-HFjXYb0bHCZFmpveO3amwtascuVBrdAOGf_HQPBCbtOwslCt5y-XxMAexhSCMXSDmkZvi2TbIfIC3E1kG4AKS4dZ1jpSIsssLsEOfieZHJB-3qMDDO47O_PTS_TMPnkmaQEgeWbrdL5fibv9DLa9JHRa6nirBM0wAd-BjEv-9YGQWoDA14eZl3R096D-6mT5GBGK3L3qQlmUTvA4PDFPna1LhgrSdJfVns-o1tR90K3kQ0ZteUTo_XthLlGsd77njcw5gyGM82bNOXWe6fO5qmlRzW9QZCYn7B0xcDhPTw&sai=AMfl-YQogRSCH5nmIVhzp3MF6GBA-ItKNbMMU7xL4HTn8HI2wWFT-OkurU829MUKcKYB6E7hMvx4RtBhw57zdTI8WuTBAwWJaLD4gYBT6XnrqmKmYPv4JUYqgyLQYYVfIeIO823-jdhQshKxOWe9NrA&sig=Cg0ArKJSzERybG_8Me5wEAE&uach_m=[UACH]&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 20:54:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/ Frame F4E0 22 KB
9 KB 319ms
70ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: cafe
etag: 12022837384336330993
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 23:17:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/ Frame F4E0 3 KB
1 KB 360ms
112ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230614/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 16:58:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Jul 2023 16:58:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4E0 178 KB
56 KB 404ms
156ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57029
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686742752845198"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Jun 2023 20:54:50 GMT

GET
H2 200 316399148660382616
tpc.googlesyndication.com/simgad/ Frame F4E0 86 KB
86 KB 362ms
115ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/316399148660382616

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e0d86513fc0aeaf90c72e7a6ea4a85f7e050833b39a4a5d05836a9e175d0d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 16:55:48 GMT
x-content-type-options: nosniff
age: 187142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88057
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 19:42:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jun 2024 16:55:48 GMT

GET
DATA 200
OK truncated
/ Frame F4E0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5020f3547f15598ac09ab33834153823ed2e4ff0137d7e0a7828a8388cec8228

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012305252018000/ Frame 27B0 222 KB
61 KB 289ms
55ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 258207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61795
x-xss-protection: 0
server: sffe
etag: "7347aa4c83612bf7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 27B0 15 KB
5 KB 383ms
150ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 258207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5238
x-xss-protection: 0
server: sffe
etag: "6efdfbd3c81d03c9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 27B0 94 KB
28 KB 392ms
159ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Jun 2023 20:51:54 GMT
age: 172976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28864
x-xss-protection: 0
server: sffe
etag: "51fe97ef57b83921"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Jun 2024 20:51:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 27B0 5 KB
2 KB 412ms
179ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 16 Jun 2023 03:58:48 GMT
age: 147362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1896
x-xss-protection: 0
server: sffe
etag: "fbb7a7837efaff21"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 15 Jun 2024 03:58:48 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012305252018000/v0/ Frame 27B0 40 KB
13 KB 413ms
181ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012305252018000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 14 Jun 2023 21:11:23 GMT
age: 258207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "bd37dd4c3b7b688b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Jun 2024 21:11:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 27B0 14 KB
1 KB 66ms
65ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 19:50:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 20:54:50 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 27B0 2 KB
3 KB 333ms
112ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 16:41:05 GMT
x-content-type-options: nosniff
server: cafe
age: 15225
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Sun, 18 Jun 2023 16:41:05 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 27B0 295 B
665 B 277ms
57ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 10:36:44 GMT
x-content-type-options: nosniff
server: cafe
age: 37086
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sun, 18 Jun 2023 10:36:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 27B0 0
0 100ms
100ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxxaomR2OZKP_O8jlnsEPw6ikyA28-czxcLfskuS6EdnZHhABIITxyCtglfrwgYwHoAHE_rjwA8gBAeACAKgDAcgDCqoEgQNP0AGTppMzAfyWi2SD_Pnda7jYeoPxaJubfZqtN2W8mq0B8viBbRC1I9dyzYsj22G2FE_llxBkMMdmP2KbwyudPBBD3WDEMzD3aUut1QTERWvSgDXd3IdBk3b98GfXMwhjgONcWXhcixQy3sUJqohcVrpWiwdhGBnTGbUs6Q322AOTrrW5mTxCgH80qvvkuDn8hBUkO01i-8s-FQX9TD2bRItQyvnGCGggvmf0rAhvuOjvTqYqXZscVUjOCX-HbJq1jckTeI7TqtfmdmXNgTeOXOVnxwTXfL_sL-GzIiujxA5mYNLjcjVnF1hbAubZdsuDeDdOuaUxrZzGUUY-j8Fn_S4rNc7gjzdgZcz1Xk6hTXk__hc6uY62zzarcdqeEWJDb215MkOrpSFXMDE1fWY27UCvEYlrjyPupn_yS20HRMjseZuAwwSL-456ysnlWvYpQsoFXRb4sGyMDITy1S_uj9gB1IhQ6tfMiWCiLeYoCR5pppAk66PKrUwc5cTR_fKHwASxhOapuATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHpIHHD6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELeOA9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzY2MDc0NDEyNTQ3MzQ0Mhj8oyA&sigh=r9aDFlwWW2M&uach_m=[UACH]&cid=CAQSTABygQiD-gMVmu7kXAPem7QBYo6JSWdo8BPL219Gy-GNjntFKlgSvKIYW76CXaxFliOztiM-eQ3a9P4SK1vjeOlqpK9Jdb-KegjW0jAYAQ
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 27B0 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 27B0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4554bd36f0c93a6f7b67431a1554440c93da380c54d089bdb5aaa17901993990

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 events
xeno-soswcrde4a-uc.a.run.app/ Frame 0
0 318ms
137ms Preflight
text/html 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://xeno-soswcrde4a-uc.a.run.app/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
allow: OPTIONS, POST
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 17 Jun 2023 20:54:50 GMT
server: Google Frontend
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-cloud-trace-context: c0ce237fa91706fef418376e7197710f

POST
H2 200 events Show response
xeno-soswcrde4a-uc.a.run.app/ 0
102 B 134ms
133ms XHR
text/plain 2001:4860:4802:32::35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://xeno-soswcrde4a-uc.a.run.app/events
Requested by: Host: js.media-lab.ai
URL: https://js.media-lab.ai/wana.2.4.5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
server: Google Frontend
vary: Origin
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
x-cloud-trace-context: 9b6183e593d2a78af55494b32b54f40e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 27B0 33 KB
34 KB 218ms
56ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://aminoapps.visualizesitio.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 19:09:17 GMT
x-content-type-options: nosniff
age: 351933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 19:09:17 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 191ms
190ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306130101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 20:54:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9993 0
0 95ms
95ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs0L7wd7nivZpHlr2eKy2zkwq3-O51G0J3uRY40yGdYMqzHxRAKxyaU0nW1taCNhvpQVGBxR43M4uOaGlypShsoXjzvHD1mNdQpxtKvQS5wO07LsAGoxlkXbyQA9dn_-f4ZbCID7kAcxscboRejv-C9G_VDv9QzByK3BO1jDP2Nw2Fj_M1Q8U8mxOAf-W9lqFZ2Z4RRwRzJgXQcT5csCexAbKaBXeXkXdKyB8aLUMmfQo7F3NHeCGC7tpGsRh974zcDVKN_MCF8fTccpX-6JgJQb7eec8lMcJlBv1Mr1s-rUHJ6XaUayEJxtP8wAuvch9EcQ9WjUiJJHjq8I_mnkn8g60Zr9TgFeIu-rWfRhKNc5h65KI&sai=AMfl-YQhWFQQJPGQtDFFmEK6bxVFBRTV45KRKSVTqAOLRdGoSzUQi5XbEWqpEmpix-v0QfVl5QaSX5SKbAsN3sJrdGy-hIqC_BqGgXcpMlJ9QrjbPd2Knjk9IvFi-7z62zyGEjnCby5FF3FnGpfJDuw&sig=Cg0ArKJSzDSHMqn1pb4pEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 20:54:50 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 27B0
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

185ms
65ms

Image
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: aminoapps.visualizesitio.com
URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo
Protocol: H2
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

Date: Sat, 17 Jun 2023 20:54:50 GMT
X-Content-Type-Options: nosniff
Server: cafe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Cache-Control: private
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4E0 0
0 95ms
95ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_omBUoPnpOr_SX9_hm6ImZp6FHzDQlSiDjPfxFZGL_o8JAGpfMmRpZlf_pgAlk2uUcbaysQQbbiVzIcQUxcl1eKTlKFUKeKEz6XjELTimuwrIoYdKnRrX_pgRlD51w6att-vB976yd4T-jAkIlvk6F61LU6lg-9_NVRV3b6A_1WWjVRRNlLlY1DbhZpDGZSL3RhRmpV3WEh7O072XdEvxT7OehFb572zxKPNFJYoRsY0DgmIFvsa6Q6_6fe30ALhWl-vfV6dcgqCpqd700oNcoM3lW-6298UiSSZPEAAqBdYRh5h2-bWAqpoWZshk5CkUuyi7dtkYDWP74JE7XRyQwwxKsR_KmGmWRIH8pMLoiYrh&sai=AMfl-YRYFKC2073NTljkFnzF9UgWRKr89alNbvPu1XvCngD6fuIKBknOrdX-Yfzq_GfYEppJ-k-h8iKrv9ZV0_lFaFJnU_h_C0vRT38XMufg-iBobMoBOEovCicm2MhVYAlNqhWWV0MIEtUVRTc7O4A&sig=Cg0ArKJSzBUWOb1hlAw2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 17 Jun 2023 20:54:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 59DF 13 KB
5 KB 58ms
57ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aminoapps.visualizesitio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 16:58:03 GMT
expires: Sun, 16 Jun 2024 16:58:03 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3BB3 783 B
1 KB 194ms
73ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fce66ca540471083fb1fa81e655233b06736e4a6f58608b24476af098a21e423

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wQKkR1N44GDU4IgIMzEu3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aminoapps.visualizesitio.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-wQKkR1N44GDU4IgIMzEu3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 20:54:50 GMT
expires: Sat, 17 Jun 2023 20:54:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame 59DF 37 KB
14 KB 172ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 12:55:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 115143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 12:55:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3BB3 0
0 91ms
91ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306130101&jk=2224340686501391&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 59DF 0
10 B 57ms
57ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OqfCLQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 20:54:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
95ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306130101&jk=2224340686501391&bg=!DwylDFjNAAaGYqkwpmI7ADkAdvg8WhgdHgEfIS2XUgzdQchURrzMOijOLMNpk2anM2gXzSmtGFA1nURIclQtbjBTsKx5xKu8LgcCAAAAS1IAAAAJaAEHmQLsGzY961ST86ONAeWRooRzL71XCw_3wz6KyNs0rv94Gl5J9D-LhAkYgedMAnQ5fU91ezmvgsG5h6jF9RmuxP8SzzZPy2nKv-bSRtvD2piWl4165QH249NJGgvyHgRhrAqpSouokHgLx3WjoBR1EN79OXlmaG18KF0jQQc3T0EibjxuLwSV2MZ6m92NrBkjArg_e7q_A3ZLZlXTp-L8nJS83I6uWjz2JSG1LySPbakugerHu3f8qaqvEyREyMG0lGKCal5tG3nxiXmBZ8LBjuCy94USYkBVTU_Ae2Oza6oxtWklR2_ydXGaNgtvwCcv151_VU32jdV1A-7CmI4Z5TNV0wE76eUL3Qpai5LGpHHBeu43tMjqnOHtIWq4FrxAJZVXReuwUCq1R4CbtCM6RurT5qfiAlmTHA3_Psg_tRI388r1dEFKIWhO6Xz326Bgqdxyx_hJDgah_r1Hb3z4hLquLX7ss5FaitcbX2koIw-qe23Bp9YT8u_yZ9YtnBculh0KEOeeG6zD5kyZ8JxZmbbypSr2EwKjlTo5_poWDLQXzrak0Fu4OoxNdF92yzr-K-sQs7rnyJSs8-xHiIjmMWzASkC141t09MRu2vgQ4uzsIYD3UVj8HJHFm-jeETgbIoMXXR0-IH4HL4aUfLfF6wrCZJOzYjxTzCtZhncBA_hVLAqx9LGmu99Yhpp1i4ck2dIr3acx4JJkIUH_OwSvVJ51OHXarbHUCzixEhdGKTNAKuW9DXBIFeT2npeTeqOLNmStNi0EWH58f80kGQSr_nD4N8K5o5lHsliHyVvIdm3QVjJ-cepRqNNhMF4eU0AVhthgjls-e0IBozqYDdiQ7A2wXRpZmxvGyXaCIsRH7hXGBDKBNqc6nRyylh4MJfmJbfspVjLRsMmuyqKgVKUQV78Yq04HoCc5p53Wwr0dmguc0P04byN66nXPrwb9hvJn1ASAkJSBX9x_WHVQlnJMMmrQzTk89qWPvrlS9mDdPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 27B0 42 B
64 B 97ms
96ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZC9V574Hw4oVY4Ig-l5MWhtGIwe_Rkk5MqMXgAFdSpc8GNAwQ83NVHgl2r9rcjvFbj105o2gIXoCMquoIvuyQ-9_AUlietaFSGy7eb1nBZGyNGIVbK4kNrDQUeL63-1xmk4_Rac9DCJMd&sai=AMfl-YTwoxcV_X393Z7sk9KLA9qfBagPtMS7keCFVrIh4RddmkObY8qMkAlE_C9uJBUb5YTaTSbN0wlZ2A19SfH97M2C3grY_NzbU3Lm_bQu2hGCBsqOqAhz6wapQqDU692Ey1fAPdVRr_hYangdaw&sig=Cg0ArKJSzA7C32GOOhzcEAE&cid=CAQSTABygQiD-gMVmu7kXAPem7QBYo6JSWdo8BPL219Gy-GNjntFKlgSvKIYW76CXaxFliOztiM-eQ3a9P4SK1vjeOlqpK9Jdb-KegjW0jAYAQ&id=ampim&o=8,361&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=518&tls=1518&g=100&h=100&tt=1518&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aminoapps.visualizesitio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 20:54:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content 4837723 Show response
rndskittytor.com/500/ 0
690 B 43ms
42ms XHR
text/plain 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://rndskittytor.com/500/4837723?excludes=&oaid=297c6c88b61549f9bd629d1381c9cf91&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=8&pl=http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: rndskittytor.com
URL: http://rndskittytor.com/400/4837723

Protocol

HTTP/1.1

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aminoapps.visualizesitio.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: de7c8d3c39c93755e78c48890ce6a622
Pragma: no-cache
Date: Sat, 17 Jun 2023 20:54:54 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Server: nginx
Vary: Origin
Access-Control-Allow-Origin: http://aminoapps.visualizesitio.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H/1.1 200
OK 4837723
rndskittytor.com/500/ Frame 0
0 37ms
37ms Preflight 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://aminoapps.visualizesitio.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: http://aminoapps.visualizesitio.com
Access-Control-Max-Age: 600
Allow: GET, OPTIONS
Connection: keep-alive
Content-Length: 0
Date: Sat, 17 Jun 2023 20:54:54 GMT
Server: nginx
Strict-Transport-Security: max-age=1
Timing-Allow-Origin: *
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wa1.aminoapps.visualizesitio.com
URL: http://wa1.aminoapps.visualizesitio.com/static/dist/js/main.9a7e6671e.js

Domain: wa1.aminoapps.visualizesitio.com
URL: http://wa1.aminoapps.visualizesitio.com/static/dist/css/desktop-style.74dc4607d.css

Domain: wa1.aminoapps.visualizesitio.com
URL: http://wa1.aminoapps.visualizesitio.com/static/img/amino-logo-white.svg?v=2

Domain: wa1.aminoapps.visualizesitio.com
URL: http://wa1.aminoapps.visualizesitio.com/static/dist/css/font-awesome.edabab9db.css

Domain: s0.ipstatp.com
URL: https://s0.ipstatp.com/static_magic/pgc/tech/collect/collect-v.3.1.32.js

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: pm1.aminoapps.visualizesitio.com
URL: http://pm1.aminoapps.visualizesitio.com/8433/72e0abcc186160cba5ed7378bcc06629993ee187r5-622-960_00.jpg

Domain: ads.assemblyexchange.com
URL: https://ads.assemblyexchange.com/doh/sync?uid=c33035f5-914c-4aba-998f-c72226ff7a94&property_id=aminoapps.visualizesitio.com

Domain: ads.assemblyexchange.com
URL: https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_728x90_atf_desktop_1

Domain: ads.assemblyexchange.com
URL: https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_300x250_atf_desktop_2

Domain: ads.assemblyexchange.com
URL: https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_300x250_atf_desktop

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings	1970-01-20 12:38:41	Name: view Value: 1
aminoapps.visualizesitio.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: njoc8htli2k9i682rjr72n96ui
aminoapps.visualizesitio.com/	1970-01-20 12:38:41	Name: prefix_views_counter Value: 1
.scorecardresearch.com/	1970-01-20 22:13:15	Name: UID Value: 1F6eace31160133ed782cd01687035288
.visualizesitio.com/	1970-01-20 22:13:15	Name: _ga Value: GA1.2.1741403568.1687035289
.visualizesitio.com/	1970-01-20 12:38:41	Name: _gid Value: GA1.2.1271382032.1687035289
.visualizesitio.com/	1970-01-20 12:37:15	Name: _gat_gtag_UA_31833046_14 Value: 1
.quantserve.com/	1970-01-20 22:07:29	Name: mc Value: 648e1d99-276f3-88326-fa5ae
.visualizesitio.com/	1970-01-20 22:01:44	Name: __qca Value: P0-940166972-1687035288865
.visualizesitio.com/	1970-01-20 21:22:51	Name: _ym_uid Value: 1687035289595790938
.visualizesitio.com/	1970-01-20 21:22:51	Name: _ym_d Value: 1687035289
.mc.yandex.com/	1970-01-20 12:37:15	Name: sync_cookie_csrf Value: 1596465668fake
aminoapps.visualizesitio.com/	1970-01-20 12:37:17	Name: ana_client_session_id Value: 5461152f-dbb5-46a4-b07c-1a3e5565ca76
aminoapps.visualizesitio.com/	1970-01-20 12:37:16	Name: GLAM-JID Value: fb4b2be009fa41f88927da581bc1f081
aminoapps.visualizesitio.com/	1970-01-20 13:20:27	Name: GLAM-AID Value: 5926d24df6f24524879c3e76f1e49132
aminoapps.visualizesitio.com/	1969-12-31 23:59:59	Name: GLAM-SID Value: 860241e7b9324a10bbc8196eb9991b01
aminoapps.visualizesitio.com/	1970-01-20 12:37:16	Name: __j_state Value: %7B%22landing_url%22%3A%22http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%22%2C%22pageViews%22%3A1%2C%22prevPvid%22%3A%22faea64361a434580b68cb6b3dffb259b%22%2C%22extreferer%22%3A%22http%3A%2F%2Faminoapps.visualizesitio.com%2Fc%2Fpagans-witches%2Fpage%2Fblog%2Fwhat-is-demonkin-an-explanation-misinformation-and-misunderstandings%2FqkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo%22%2C%22user_worth%22%3A0%7D
.mc.yandex.ru/	1970-01-20 12:37:15	Name: sync_cookie_csrf Value: 2563112987fake
.visualizesitio.com/	1970-01-20 12:38:27	Name: _ym_isad Value: 2
my.rtmark.net/	1970-01-20 21:22:51	Name: ID Value: 297c6c88b61549f9bd629d1381c9cf91
aminoapps.visualizesitio.com/	1970-01-20 12:37:15	Name: prefetchAd_4724942 Value: true
nebsefte.net/	1970-01-20 21:22:51	Name: OAID Value: 297c6c88b61549f9bd629d1381c9cf91
nebsefte.net/	1970-01-20 21:22:51	Name: oaidts Value: 1687035289
nebsefte.net/	1970-01-20 12:47:20	Name: syncedCookie Value: true
.yandex.com/	1970-01-20 21:22:51	Name: ymex Value: 1718571289.yc.1687035289#1718571289.yrts.1687035289#1718571289.yrtsi.1687035289
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1595401191687035289
.yandex.com/	1970-01-20 22:13:15	Name: i Value: fVhwgunTCBhM5nFQc28BdeKQrjt8X8GdH74UkJGlhuezSnyg2en8rPRhTgWyCq8OXxhZTa0yEYRaPZyvKOupDetm8eI=
.yandex.com/	1970-01-20 22:13:15	Name: yandexuid Value: 4284519751687035289
.yandex.com/	1970-01-20 21:22:51	Name: yuidss Value: 4284519751687035289
nebsefte.net/	1970-01-20 21:22:51	Name: scm Value: 1
.visualizesitio.com/	1970-01-20 21:58:51	Name: __gads Value: ID=ce28be74a0362b51:T=1687035289:RT=1687035289:S=ALNI_Mb920ouFMdP_EcpGMrjqD1lcZX_5Q
.visualizesitio.com/	1970-01-20 21:58:51	Name: __gpi Value: UID=00000c4a98429c76:T=1687035289:RT=1687035289:S=ALNI_MYfvHDgiJMrs_lJzNidNzsKAqLr-w
.doubleclick.net/	1970-01-20 21:58:51	Name: IDE Value: AHWqTUkN9m_4lWZWixFxcNkBw1xhDQjoS492FPcbNhpCB8a3nR-vWayF0scVH-c6AKs
.doubleclick.net/	1970-01-20 12:37:18	Name: DSID Value: NO_DATA

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo(Line 15) Message: The key "-scalable" is not recognized and ignored.
network	error	URL: http://wa1.aminoapps.visualizesitio.com/static/dist/css/desktop-style.74dc4607d.css Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://wa1.aminoapps.visualizesitio.com/static/dist/js/main.9a7e6671e.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://wa1.aminoapps.visualizesitio.com/static/dist/css/font-awesome.edabab9db.css Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://wa1.aminoapps.visualizesitio.com/static/img/amino-logo-white.svg?v=2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://pm1.aminoapps.visualizesitio.com/8433/72e0abcc186160cba5ed7378bcc06629993ee187r5-622-960_00.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://s0.ipstatp.com/static_magic/pgc/tech/collect/collect-v.3.1.32.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://blubberspoiled.com/7c/0a/99/7c0a99a2c141332c4647a2b0d64dbffe.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://blubberspoiled.com/87/6b/74/876b74812be8762e152c61679c29a3f5.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: https://tzegilo.com/stattag.js Message: getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120
javascript	error	URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo Message: Access to XMLHttpRequest at 'https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_728x90_atf_desktop_1' from origin 'http://aminoapps.visualizesitio.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_728x90_atf_desktop_1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo Message: Access to XMLHttpRequest at 'https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_300x250_atf_desktop_2' from origin 'http://aminoapps.visualizesitio.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_300x250_atf_desktop_2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo Message: Access to XMLHttpRequest at 'https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_300x250_atf_desktop' from origin 'http://aminoapps.visualizesitio.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ads.assemblyexchange.com/wana/bids/request?uid=c33035f5-914c-4aba-998f-c72226ff7a94&ad_unit=%2F114106652%2Famino_300x250_atf_desktop Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: http://aminoapps.visualizesitio.com/c/pagans-witches/page/blog/what-is-demonkin-an-explanation-misinformation-and-misunderstandings/qkpL_lE4tRuwxLMXzJxNBNVJa62WogajREo Message: Access to XMLHttpRequest at 'https://ads.assemblyexchange.com/doh/sync?uid=c33035f5-914c-4aba-998f-c72226ff7a94&property_id=aminoapps.visualizesitio.com' from origin 'http://aminoapps.visualizesitio.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ads.assemblyexchange.com/doh/sync?uid=c33035f5-914c-4aba-998f-c72226ff7a94&property_id=aminoapps.visualizesitio.com Message: Failed to load resource: net::ERR_FAILED
security	warning	Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2f9787204d447b9c7da35842fe071ef0.safeframe.googlesyndication.com
ads.assemblyexchange.com
adservice.google.com
aminoapps.visualizesitio.com
blubberspoiled.com
carbon-cdn.ccgateway.net
cdn.ampproject.org
certify-js.alexametrics.com
edge.quantserve.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
glimtors.net
glizauvo.net
googleads.g.doubleclick.net
image.staticpng.com
interstitial-08.com
js.media-lab.ai
littlecdn.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
nebsefte.net
overzubatan.com
pagead2.googlesyndication.com
pixel.quantserve.com
pm1.aminoapps.visualizesitio.com
privacy-location-edge.ccgateway.net
rndskittytor.com
rules.quantcount.com
s0.ipstatp.com
sb.scorecardresearch.com
script-api.ccgateway.net
securepubads.g.doubleclick.net
staticpng.com
thaudray.com
tpc.googlesyndication.com
tzegilo.com
wa1.aminoapps.visualizesitio.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
xeno-soswcrde4a-uc.a.run.app
ads.assemblyexchange.com
certify-js.alexametrics.com
pm1.aminoapps.visualizesitio.com
s0.ipstatp.com
wa1.aminoapps.visualizesitio.com
139.45.195.254
139.45.195.8
139.45.197.151
139.45.197.236
139.45.197.237
139.45.197.238
139.45.197.239
139.45.197.242
139.45.197.251
18.212.140.196
18.66.112.41
192.243.59.13
2001:4860:4802:32::35
2600:9000:219c:4c00:6:44e3:f8c0:93a1
2600:9000:219c:a200:6:44e3:f8c0:93a1
2606:4700:10::ac43:a62
2606:4700:3034::6815:2565
2606:4700:3038::6815:ea5c
2606:4700:3038::6815:ea5d
2606:4700:e2::ac40:8502
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2008
2a02:6b8::1:119
3.237.175.195
34.160.128.137
52.84.174.55
52.91.215.149
01a91cef52f9849703fb84a945f9fb51b9debf7ac36730043d097c3865550e8c
03dcbbde85d3ceb7ad357d4c78977a9473b629a29e7380ca93ad10d5487a462f
0499d8384b65d52f6c25b90a23871ce0a4d1f4bde4ea2a5825398307ddb71644
08356c6264e3107b9656e6da86fddc633ba11e46215b1ab503b48808782cc8f1
0bfc1bcb2a69fb70313f142a8395aa13f057fe96cd60bbf698eddf85cb045bd9
1870b0998c68174f67f388a5b9a35b92da24043924dc074d3971fe65a92efb3f
188c936df498009ba8f981d76315c284bd24bb0211ebbf7b066d0322f27e7601
1e190fdf47cb7389e127605fc34bfb1bfc74281d5264501b79f2779008a2ae73
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
281be7569925812b50bce0b32fa131a4461e5bbc2611b647922267c452125d04
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
382fe509025e490ddcc80d6088bf34edbec9567d640b662796981c961d4fcd9f
39e0d86513fc0aeaf90c72e7a6ea4a85f7e050833b39a4a5d05836a9e175d0d2
3d1121a6c048005881537674c9e4cb2dc726783d1cd049d9f20d27887578bce1
42232822308f1456c937f9fbbbdc73bab3eec05ba1fdc6277d2efb8558ab35a1
45352935afb3119009abbfa8ed5bf7b67fc4edf64e8b718a134975410823ace9
4554bd36f0c93a6f7b67431a1554440c93da380c54d089bdb5aaa17901993990
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48b1cd8b544593dd962fe25b8525f6f7f2fc52162276d3b9c7a22899bada1549
4dfbe126982855a39e58f56ee4cfdd81dc5c4f3e5cf9bbb8ca939bd360eb6634
4e6a7f6a765f9221293d9b89110d66de87b602fb10ccf77c2441ca0e8534d5cd
5020f3547f15598ac09ab33834153823ed2e4ff0137d7e0a7828a8388cec8228
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c72f42fc6ee2c502a5f86fe215690719ce746f383ec8551af1f1fb66252b2e
5c7584f771817d8c7b87c149d7e14245a774668b4d027ef18e4418fec673f7d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63cff3b1429b2f836e781438f3ea1218fbff5f279182ed8530c3128327875135
63f957dde1ae04a83eaff7e442e693725562c4aa1062bc072b7509640ec4f663
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67942c522b8f0e187f291d3dde230596fa526a323a9f50a0d667b6956839d98e
688ffbd39a8c93912dda822bae709f713c83130d8b20c466c2fcabd2ace78458
6b8056f2d367b31102eb7e1e3c9e9d7090de95afbb277c909ba420c2ab3f2f96
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71d85d55edd73a647bb8707a1c0c0b7642bad33e404c71abb18b0eec1c85759f
75d2fbaeb708894e7f69eb6eda1ec6f77926e812f6571c3a097488e3e6273938
7a9344144d755ac52f3d8405003feb8eab3b79aebc78e330537ea10861d6f32e
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
854f47fda466ed9d7e0d438a80c3f7049575d373d5887aca71313da2b795c739
871975b8040629c7b43de81b1a0878f40991ec2f49caddd6441b5d1f8322aeed
89d93e12a15f6a5d57b5f8aca8bd1e6984dc4c8c5dec7840a8c8e8c8274c1568
9155b7274be8666171eded4b04466b5c78df578033f79c9f19598cb54204deeb
9170a8b2fb3234baa721bf8b3de5935d8d160f6f987215b83b07a49a403e5e74
936507cbe83dbae5b941510acfc5cfb8d4bd337d9c4bf214aa4d4ebd2512e026
9764126d3d3f2389a59215c4dd0375ce0d47f80c76f043632edd5f6b09e3d0cf
9d84f76aede61729f32dd562bc61e48f686484e3ae2f9aeaa723bee5f6ab260d
9e2ac756b7d18a0715d66cff4a48f4ba89882b3bcec6cd4fda5455387eaff84d
a0a5a056205be2802e08f35a8d681987026f689cbbf1b900dead063a98546aa5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11d3b4b6f2902037c365146ff80b5bf95923f3176f1a827355e45177314d423
a28b55f41413d16c71a76b7af3ff9f707323bb3906096b85f7a581415aaeff55
a4135cd61dfa379bb61b0718f3a20dc8b25d0b8f4e3f2e52ef4d0e5be736136c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bf01afa5c52265bd88f8ebacc2faba4af87e02678d915d380aa84bcc67adcc
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
be88718a0eb175ebc4385600fe4168853a2ba705d814d2f9887ca7aa8cbd9238
c151e90d0cf594cd23ff73d6ac82cb6cdcd0371db5c1a2c4ddb8ab9da31420c1
ce8c24dd4287dbd1e690f62bba1afdb025c21306ded4e24a51594f04752eb46c
d0a04bf4973e149e3f37536da5c09c0c650edb9d790e98c88735ed023f05481f
d12ec824a66b6ad652e1cf0952853b6ba3053dd76a84bbcf4bdb3c055e411c78
d1eb8cf889202f439bb6bd1a03049b2e71953c7c0a5aadddde498cbea9bcadac
d47fd3d95f10998b20c9e29bb7a8c00caa835fbfec52cc29eb0bb380c511144a
d4b9d991a36c458807c808e8b388f2e47c5833b8e08a95a256c366617222f88d
dc37bd129c5af5b32645ed8fc3c6c9b3d23411721908df21f5022d4b3a828ae5
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ddf94590514832b37e853b32092b5b5ecbbebdf1efcc9a15aaaefdd8b78b30
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9032b8e95fc74d9ce9c069e76ffe86cb4046dc6ae863ffa8410cf445e5feaf3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef970a57abf3de0dc518d7c8df3c75c42d18fabe1ca7a196b923ece178034b61
f27e062575e2cc8eab945138d762ddaf5748a82987b256de0b6c6e468023e74c
f710c2b11df9cadcb3a6d25a9dc8306172c04ff1d2fa8d96d4019d70833f695d
f885e9f6192783f6362858e852e873399db4ce176f177ce374c3e32ec6e803a1
f8e19da72faefd872795c80a4329acd96300e88295224994e3fc8df5258d92c2
fa3f7662e876d13d366e494c8ec1b80bd8e0a29e2df6057fefdcda8fd220ec5f
fb0313414ba2bf321d45fdee063414a7afa76ed5f1272f34028944fe78ff7348
fb3b3b765f2e8861cee73ccd265f904e3193ddfff08d22f197e3ecc860a44bac
fb81e3ca2392e0996e6cef310b690184118dce8a8b8ce196b12bb6d722f0a49e
fce66ca540471083fb1fa81e655233b06736e4a6f58608b24476af098a21e423
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

aminoapps.visualizesitio.com Open in urlscan Pro 2606:4700:3034::6815:2565 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

63 %HTTPS

60 %IPv6

34 Domains

44 Subdomains

39 IPs

4 Countries

1580 kBTransfer

3904 kBSize

34 Cookies

36 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

aminoapps.visualizesitio.com Open in urlscan Pro
2606:4700:3034::6815:2565 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

63 %
HTTPS

60 %
IPv6

34
Domains

44
Subdomains

39
IPs

4
Countries

1580 kB
Transfer

3904 kB
Size

34
Cookies

147 HTTP transactions
5 data transactions