ebesucher-klicker.de Open in urlscan Pro
144.126.134.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ebesucher-klicker.de/
Submission: On February 27 via manual (February 27th 2024, 6:59:08 am UTC) from DE — Scanned from DE

Summary HTTP 148 Redirects Behaviour Indicators

Summary

This website contacted 39 IPs in 5 countries across 39 domains to perform 148 HTTP transactions. The main IP is 144.126.134.105, located in St Louis, United States and belongs to NL-811-40021, US. The main domain is ebesucher-klicker.de.

This is the only time ebesucher-klicker.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	144.126.134.105 144.126.134.105	40021 (NL-811-40021) (NL-811-40021)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 16	2a00:6800:3:a... 2a00:6800:3:a0b::2	42730 (EVANZOAS) (EVANZOAS)
1 1	103.224.212.213 103.224.212.213	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
4	199.59.243.225 199.59.243.225	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	144.76.28.254 144.76.28.254	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700:303... 2606:4700:3032::ac43:ab44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3032::6815:47b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	195.90.208.185 195.90.208.185	42730 (EVANZOAS) (EVANZOAS)
6	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
2	178.254.33.33 178.254.33.33	42730 (EVANZOAS) (EVANZOAS)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:6800:3:5... 2a00:6800:3:591::2	42730 (EVANZOAS) (EVANZOAS)
1	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	35.176.232.93 35.176.232.93	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.135.32 18.195.135.32	16509 (AMAZON-02) (AMAZON-02)
1	188.165.150.178 188.165.150.178	16276 (OVH) (OVH)
2	216.239.32.3 216.239.32.3	15169 (GOOGLE) (GOOGLE)
1	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3032::6815:855	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a0d:da00:a:4... 2a0d:da00:a:401c::	205072 (LAYERSHIFT) (LAYERSHIFT)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a0d:da00:a:4... 2a0d:da00:a:4019::	205072 (LAYERSHIFT) (LAYERSHIFT)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	3.9.107.215 3.9.107.215	16509 (AMAZON-02) (AMAZON-02)
4	2a0d:da00:a:4... 2a0d:da00:a:4035::	205072 (LAYERSHIFT) (LAYERSHIFT)
148	39

28 144.126.134.105 (St Louis, United States)

ASN40021 (NL-811-40021, US)
PTR: h105.hubuhost.com

ebesucher-klicker.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
netzwerk-ad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:6800:3:a0b::2 (Germany) 1 redirects

ASN42730 (EVANZOAS, DE)

media.hubuhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adnade.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go2.do	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
deliver.adnade.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.224.212.213 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-213.above.com

aliasmails.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.59.243.225 (United States)

ASN16509 (AMAZON-02, US)

ww25.aliasmails.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

bitspush.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 144.76.28.254 (Bad Bellingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.254.28.76.144.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:ab44 (United States)

ASN13335 (CLOUDFLARENET, US)

free-btc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3032::6815:47b2 (United States)

ASN13335 (CLOUDFLARENET, US)

adsluffa.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.90.208.185 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: h109.hubuhost.com

cdn-binance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.chatlotto.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

consent.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.254.33.33 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: h115.hubuhost.com

sparkasse-fickmuehlen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
deli.misaglam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

video.onetouch8.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:6800:3:591::2 (Germany)

ASN42730 (EVANZOAS, DE)

tool.hubu.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

edge.cookiefirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.232.93 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-232-93.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.135.32 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-135-32.eu-central-1.compute.amazonaws.com

imp.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.165.150.178 (France)

ASN16276 (OVH, FR)
PTR: lb02.net.royalcactus.com

grow-platform.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:855 (United States)

ASN13335 (CLOUDFLARENET, US)

gobits.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a0d:da00:a:401c:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

appsha-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0d:da00:a:4019:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

ctracking.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.107.215 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-107-215.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0d:da00:a:4035:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

apps-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	ebesucher-klicker.de ebesucher-klicker.de	2 MB
14	adnade.net adnade.net deliver.adnade.net	81 KB
12	ctengine.io appsha-pnd.ctengine.io — Cisco Umbrella Rank: 244852 apps-pnd.ctengine.io — Cisco Umbrella Rank: 300045	32 KB
12	ad4m.at ad4m.at — Cisco Umbrella Rank: 11989 as.ad4m.at — Cisco Umbrella Rank: 31126 assets.ad4m.at — Cisco Umbrella Rank: 44017	144 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com	289 KB
7	cookiefirst.com consent.cookiefirst.com — Cisco Umbrella Rank: 31335 edge.cookiefirst.com — Cisco Umbrella Rank: 36690	35 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32 ajax.googleapis.com — Cisco Umbrella Rank: 362 imasdk.googleapis.com — Cisco Umbrella Rank: 491	409 KB
6	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34950 static.a-ads.com — Cisco Umbrella Rank: 49313	1 MB
5	aliasmails.xyz 1 redirects aliasmails.xyz ww25.aliasmails.xyz	38 KB
4	ctracking.io ctracking.io — Cisco Umbrella Rank: 196545
4	onetouch8.info video.onetouch8.info — Cisco Umbrella Rank: 202109	16 KB
4	adsluffa.online adsluffa.online	37 KB
3	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2525	55 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28155 api.webgains.io — Cisco Umbrella Rank: 68369	19 KB
3	free-btc.org free-btc.org	202 KB
2	gobits.me gobits.me	2 KB
2	tradedoubler.com 1 redirects imp.tradedoubler.com — Cisco Umbrella Rank: 190198 grow-platform.tradedoubler.com	168 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	153 KB
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 19067	36 KB
2	hubu.link tool.hubu.link	25 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	52 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 67825	4 KB
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 54227	1 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55564	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16826	704 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106	14 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 317	17 KB
1	chatlotto.de embed.chatlotto.de	626 B
1	misaglam.com deli.misaglam.com	484 B
1	sparkasse-fickmuehlen.de sparkasse-fickmuehlen.de	531 B
1	cdn-binance.com cdn-binance.com	531 B
1	go2.do 1 redirects go2.do	322 B
1	bitspush.io bitspush.io	11 KB
1	netzwerk-ad.de netzwerk-ad.de	2 KB
1	hubuhost.com media.hubuhost.com	237 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	11 KB
0	muggel.net Failed eu4-de84.muggel.net Failed
0	bitporno.de Failed bitporno.de Failed
148	39

	Domain	Requested by
27	ebesucher-klicker.de	ebesucher-klicker.de
12	adnade.net	netzwerk-ad.de adnade.net deliver.adnade.net
8	appsha-pnd.ctengine.io	gobits.me appsha-pnd.ctengine.io
7	fonts.gstatic.com	fonts.googleapis.com
6	assets.ad4m.at	as.ad4m.at
6	consent.cookiefirst.com	adnade.net consent.cookiefirst.com
4	apps-pnd.ctengine.io	appsha-pnd.ctengine.io
4	ctracking.io	appsha-pnd.ctengine.io
4	ad4m.at	deli.misaglam.com ad4m.at
4	video.onetouch8.info	free-btc.org imasdk.googleapis.com
4	adsluffa.online	netzwerk-ad.de adsluffa.online
4	ww25.aliasmails.xyz	ebesucher-klicker.de ww25.aliasmails.xyz
4	fonts.googleapis.com	ebesucher-klicker.de ad.a-ads.com
3	www.adsensecustomsearchads.com	www.google.com www.adsensecustomsearchads.com
3	static.a-ads.com	ad.a-ads.com
3	free-btc.org	netzwerk-ad.de free-btc.org
3	ad.a-ads.com	netzwerk-ad.de
2	api.webgains.io	analytics.webgains.io
2	gobits.me	adsluffa.online
2	csi.gstatic.com	imasdk.googleapis.com
2	www.googletagmanager.com	adsluffa.online www.googletagmanager.com
2	js.wpadmngr.com	adsluffa.online js.wpadmngr.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	imasdk.googleapis.com	video.onetouch8.info imasdk.googleapis.com
2	tool.hubu.link	adnade.net tool.hubu.link
2	deliver.adnade.net	adnade.net
1	www.google.com	ww25.aliasmails.xyz
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	na.nawpush.com	js.wpadmngr.com
1	grow-platform.tradedoubler.com	as.ad4m.at
1	imp.tradedoubler.com	1 redirects
1	track.webgains.com	as.ad4m.at
1	www.google-analytics.com	adsluffa.online
1	www.awin1.com	as.ad4m.at
1	pagead2.googlesyndication.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	edge.cookiefirst.com	consent.cookiefirst.com
1	embed.chatlotto.de	cdn-binance.com
1	deli.misaglam.com	sparkasse-fickmuehlen.de
1	sparkasse-fickmuehlen.de	adnade.net
1	cdn-binance.com	adnade.net
1	go2.do	1 redirects
1	bitspush.io	netzwerk-ad.de
1	aliasmails.xyz	1 redirects
1	netzwerk-ad.de	ebesucher-klicker.de
1	media.hubuhost.com	ebesucher-klicker.de
1	ajax.googleapis.com	ebesucher-klicker.de
1	cdnjs.cloudflare.com	ebesucher-klicker.de
0	eu4-de84.muggel.net Failed	deliver.adnade.net
0	bitporno.de Failed	deliver.adnade.net
148	51

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
media.hubuhost.com R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
netzwerk-ad.de R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
adnade.net R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
bitspush.io GTS CA 1P5	`2024-02-11` - `2024-05-11`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2023-12-27` - `2025-01-26`	a year	crt.sh
free-btc.org GTS CA 1P5	`2024-02-02` - `2024-05-02`	3 months	crt.sh
adsluffa.online GTS CA 1P5	`2024-02-13` - `2024-05-13`	3 months	crt.sh
cdn-binance.com R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
*.cookiefirst.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2024-12-16`	a year	crt.sh
sparkasse-fickmuehlen.de R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
deliver.adnade.net R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
onetouch8.info E1	`2024-01-24` - `2024-04-23`	3 months	crt.sh
deli.misaglam.com R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
embed.chatlotto.de R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
tool.hubu.link R3	`2024-02-03` - `2024-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
js.wpadmngr.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
na.nawpush.com R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
gobits.me GTS CA 1P5	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.ctengine.io Gandi RSA Domain Validation Secure Server CA 3	`2024-01-13` - `2025-01-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
ctracking.io R3	`2024-02-18` - `2024-05-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 24 frames:

Primary Page: http://ebesucher-klicker.de/
Frame ID: 31EE7694AF17BCEE32B1653DA4BD028C
Requests: 35 HTTP requests in this frame

Frame: https://netzwerk-ad.de/webbi_traffic.php
Frame ID: 9C181A5282214A3A186CD2A0C98A3400
Requests: 4 HTTP requests in this frame

Frame: http://ww25.aliasmails.xyz/?subid1=20240227-1759-0330-a280-6e596e4b9a5a
Frame ID: 568216A37CD47400FFD95FCB21D6E77E
Requests: 6 HTTP requests in this frame

Frame: https://ad.a-ads.com/1551779?size=468x60
Frame ID: B33AB7C2A3F2E7A795A25252AF825298
Requests: 5 HTTP requests in this frame

Frame: https://adnade.net/ptp/?user=frechdax&subid=1
Frame ID: 73BDC29CB35F11FD54A366DA9F700241
Requests: 20 HTTP requests in this frame

Frame: https://ad.a-ads.com/2296927?size=300x250
Frame ID: F4926AC083763E5FE920770BCA59A5A8
Requests: 5 HTTP requests in this frame

Frame: https://ad.a-ads.com/2271580?size=250x250
Frame ID: 7862F1B65F4AEC27550C03220CDEC218
Requests: 5 HTTP requests in this frame

Frame: https://free-btc.org/banner/u=frechdax/size=468x60
Frame ID: 89D927D17DE5784E65300282A0D7F955
Requests: 6 HTTP requests in this frame

Frame: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Frame ID: E9E49864DF9A7DE87284C370BD5533A1
Requests: 8 HTTP requests in this frame

Frame: https://sparkasse-fickmuehlen.de/partner/
Frame ID: 93DC3B88AEE540066FE2711DF9CE2510
Requests: 1 HTTP requests in this frame

Frame: https://deliver.adnade.net/?id=8v0d8DF1KeuMGJwkuyBzUgZJLhb97cfE&d=wUZyaqLZuykan7jCJy8kaNAVV08RU0vn
Frame ID: 65B80A4B7E7FDA31805781CB51728229
Requests: 2 HTTP requests in this frame

Frame: https://bitporno.de/
Frame ID: BA048A0665678B811DEDEAD20BFEF366
Requests: 1 HTTP requests in this frame

Frame: https://eu4-de84.muggel.net/?nr=1&d=LX5w9HmlOwZHBF30Id0vF7RVIsbAHwcS
Frame ID: CF3BFBF4A7F2BF4AC6ACEFB3E81A4320
Requests: 1 HTTP requests in this frame

Frame: https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Frame ID: 6582B9CDE3015C9E32B705A6903EBB21
Requests: 3 HTTP requests in this frame

Frame: https://embed.chatlotto.de/?chatroom=933d54ca722de8eb
Frame ID: 0AD65D9F747287A04C4ADBCBED54DA5D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 0DE7C190D32EEE38C5395AF7BBF31742
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html
Frame ID: EFC1442276402AA97BCACF261283D581
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 619B3439E6C4FBC1BEC8D883BC7A28C3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Frame ID: D28C8A2087923D98F56AEDE08176D522
Requests: 14 HTTP requests in this frame

Frame: https://adsluffa.online/ads.php
Frame ID: 1191A89580BD6667F6E9EEA85E597E7D
Requests: 1 HTTP requests in this frame

Frame: https://adsluffa.online/allads.php
Frame ID: D9508C205F4734A99E2C9CAF54ADC2FF
Requests: 1 HTTP requests in this frame

Frame: https://gobits.me/cointraffic.io.php
Frame ID: 572B511A30F3630CD4B8ADE2C0154C23
Requests: 7 HTTP requests in this frame

Frame: https://gobits.me/cointraffic.io.php
Frame ID: 9ED552B7DA0809E222EFA454F6ED6EB9
Requests: 7 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol306%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol427&client=dp-bodis30_3ph&r=m&sc_status=0&hl=de&ivt=1&rpbu=http%3A%2F%2Fww25.aliasmails.xyz%3Fcaf%26subid1%3D20240227-1759-0330-a280-6e596e4b9a5a&terms=email%20account&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383%2C17301418%2C17301437%2C17301439%2C17301442%2C71847096&format=r3&nocache=2911709017144190&num=0&output=afd_ads&domain_name=ww25.aliasmails.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=60&dt=1709017144191&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=112&frm=2&uio=-&cont=rs&drt=0&jsid=caf&jsv=608724745&rurl=http%3A%2F%2Fww25.aliasmails.xyz%2F%3Fsubid1%3D20240227-1759-0330-a280-6e596e4b9a5a&referer=http%3A%2F%2Febesucher-klicker.de%2F&lao=http%3A%2F%2Febesucher-klicker.de
Frame ID: F37AEF379C90E15F84179FE1DEAB0F73
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | ebesucher-klicker

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

148
Requests

76 %
HTTPS

60 %
IPv6

39
Domains

51
Subdomains

39
IPs

5
Countries

5186 kB
Transfer

7991 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://aliasmails.xyz/ HTTP 302
http://ww25.aliasmails.xyz/?subid1=20240227-1759-0330-a280-6e596e4b9a5a

Request Chain 40

https://go2.do/rB HTTP 301
https://adnade.net/ptp/?user=frechdax&subid=1

Request Chain 74

https://billigerscheiss.de/?t=1709017143&ln=1 HTTP 302
https://bitporno.de/

Request Chain 75

https://adnade.net/surfbar/?p=1 HTTP 302
https://billigerscheiss.de/?g=0 HTTP 302
https://eu4-de84.muggel.net/?nr=1&d=LX5w9HmlOwZHBF30Id0vF7RVIsbAHwcS

Request Chain 111

https://imp.tradedoubler.com/imp?type(img)g(25525506)a(3040636)epi(oneidK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fqoneid__Influencer_TT_advancedad_300x250)839071860 HTTP 302
https://grow-platform.tradedoubler.com/uploads/organizations/2367815/c-8a7bb10d2224764bb13a2f47d7db9ecd.png

148 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ebesucher-klicker.de/ 23 KB
7 KB 267ms
131ms Document
text/html 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

f2a28aaf1aa6ea07a8f0fd73855622ba3b06d2cc6e620c512d5d1066d2e1644d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Feb 2024 06:59:01 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=15768000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 71 KB
3 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

979ef1b2b39c11c8caad3a850cc68005f6a43b6f92edca42b970d64d89ce7488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 06:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 05:39:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 06:59:01 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 32ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: http://ebesucher-klicker.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 376118
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chEc62KcOPZ0xDnCo5qvPCjKt8qbV4oQCqtfTGULfgrY2tx84Wrl3ZM2FMsoom%2BOJWcamTJoc4wQALiiklu1YOx9dVbNRA5d9GjZJdxfy8%2ByobQNO4QquOJJkAv8NMf6IFrCS9L4BjUywpCWVvvuMbj%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85be8af16f7c9c07-FRA
expires: Sun, 16 Feb 2025 06:59:01 GMT

GET
H/1.1 200
OK aos.css
ebesucher-klicker.de/assets/new/vendor/aos/ 25 KB
3 KB 122ms
121ms Stylesheet
text/css 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/aos/aos.css

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:49 GMT
Server: nginx
ETag: W/"65676d15-65c5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.css
ebesucher-klicker.de/assets/new/vendor/bootstrap/css/ 160 KB
32 KB 266ms
152ms Stylesheet
text/css 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/bootstrap/css/bootstrap.min.css

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:57 GMT
Server: nginx
ETag: W/"65676d1d-28021"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap-icons.css
ebesucher-klicker.de/assets/new/vendor/bootstrap-icons/ 72 KB
12 KB 246ms
133ms Stylesheet
text/css 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/bootstrap-icons/bootstrap-icons.css

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

be31fb55d198f0a2bc969e70857e7ab9388e6dce6f26c2bea85a6cd827eae666

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:49 GMT
Server: nginx
ETag: W/"65676d15-11e37"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK boxicons.min.css
ebesucher-klicker.de/assets/new/vendor/boxicons/css/ 62 KB
13 KB 239ms
125ms Stylesheet
text/css 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/boxicons/css/boxicons.min.css

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:56:04 GMT
Server: nginx
ETag: W/"65676d24-f925"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK glightbox.min.css
ebesucher-klicker.de/assets/new/vendor/glightbox/css/ 13 KB
3 KB 243ms
125ms Stylesheet
text/css 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/glightbox/css/glightbox.min.css

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:56:05 GMT
Server: nginx
ETag: W/"65676d25-35d9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK swiper-bundle.min.css
ebesucher-klicker.de/assets/new/vendor/swiper/ 15 KB
5 KB 249ms
127ms Stylesheet
text/css 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/swiper/swiper-bundle.min.css

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:51 GMT
Server: nginx
ETag: W/"65676d17-3ccb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK custom.css
ebesucher-klicker.de/newassets/css/ 3 KB
1 KB 268ms
146ms Stylesheet
text/css 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/newassets/css/custom.css

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

a2bca1b2de6b989887cabb170d918cd219fa3f0c32750f16344a5ffdf9768e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:56:08 GMT
Server: nginx
ETag: W/"65676d28-a16"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
ebesucher-klicker.de/assets/new/css/ 21 KB
5 KB 374ms
130ms Stylesheet
text/css 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/css/style.css

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

8862af684ac64dd7a94f59316e9026e6c42ec696509e1d57ab96b3cad6357901

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:42 GMT
Server: nginx
ETag: W/"65676d0e-53f4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 04:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 04:12:52 GMT

GET
H/1.1 200
OK sweetalert.min.js Show response
ebesucher-klicker.de/assets/js/webjs/ 71 KB
22 KB 379ms
130ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/js/webjs/sweetalert.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

bd3f0a55ed9a38ab3288129d8915fce8332c05026716fc37778104a7f2918541

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:43 GMT
Server: nginx
ETag: W/"65676d0f-11c99"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ltc.png
ebesucher-klicker.de/assets/images/currencies/ 7 KB
7 KB 225ms
121ms Image
image/png 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ebesucher-klicker.de/assets/images/currencies/ltc.png

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

635cbd5c4f2676a4f9287331eddb4fdae18114878cf9f45fefc068922628f368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Wed, 29 Nov 2023 16:55:26 GMT
Server: nginx
ETag: "65676cfe-1a1e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6686
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.min.js Show response
ebesucher-klicker.de/newassets/js/core/ 86 KB
35 KB 116ms
116ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/newassets/js/core/jquery.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:56:14 GMT
Server: nginx
ETag: W/"65676d2e-15851"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK popper.min.js Show response
ebesucher-klicker.de/newassets/js/core/ 20 KB
8 KB 120ms
120ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/newassets/js/core/popper.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

4b0f43a41a22937586d9dcfb1a83acb9e352846843188049c87613a17f688fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:56:14 GMT
Server: nginx
ETag: W/"65676d2e-51c6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.min.js Show response
ebesucher-klicker.de/newassets/js/core/ 59 KB
20 KB 122ms
121ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/newassets/js/core/bootstrap.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

feaf27fdddabe92bfbbe2a1493c53a3bf017fd225854c3e7c1dd2539da667ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:56:14 GMT
Server: nginx
ETag: W/"65676d2e-ea6b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK captcha.js Show response
ebesucher-klicker.de/assets/js/webjs/ 280 B
621 B 116ms
116ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/js/webjs/captcha.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

66b8a61cf672cf919954172915bc218b163ecaa3eac06773115298357a4c5a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Wed, 29 Nov 2023 16:55:42 GMT
Server: nginx
ETag: "65676d0e-118"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 280
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK purecounter.js Show response
ebesucher-klicker.de/assets/new/vendor/purecounter/ 5 KB
2 KB 123ms
122ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/purecounter/purecounter.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

11a933100ccfe156b93199371bebe899d4239553e208c19401039756baf0a360

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:51 GMT
Server: nginx
ETag: W/"65676d17-1357"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK aos.js Show response
ebesucher-klicker.de/assets/new/vendor/aos/ 14 KB
5 KB 115ms
114ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/aos/aos.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:49 GMT
Server: nginx
ETag: W/"65676d15-3962"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
ebesucher-klicker.de/assets/new/vendor/bootstrap/js/ 76 KB
27 KB 124ms
123ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/bootstrap/js/bootstrap.bundle.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:59 GMT
Server: nginx
ETag: W/"65676d1f-13131"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK glightbox.min.js Show response
ebesucher-klicker.de/assets/new/vendor/glightbox/js/ 55 KB
18 KB 118ms
118ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/glightbox/js/glightbox.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:56:06 GMT
Server: nginx
ETag: W/"65676d26-db9e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK isotope.pkgd.min.js Show response
ebesucher-klicker.de/assets/new/vendor/isotope-layout/ 35 KB
12 KB 119ms
119ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/isotope-layout/isotope.pkgd.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:50 GMT
Server: nginx
ETag: W/"65676d16-8a75"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK swiper-bundle.min.js Show response
ebesucher-klicker.de/assets/new/vendor/swiper/ 132 KB
45 KB 116ms
116ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/swiper/swiper-bundle.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:52 GMT
Server: nginx
ETag: W/"65676d18-211c1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK typed.min.js Show response
ebesucher-klicker.de/assets/new/vendor/typed.js/ 12 KB
4 KB 122ms
122ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/typed.js/typed.min.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

5154391ed1d39ada814f7298e5c77802f238ee9a74809c0833eab8e470fda0b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:51 GMT
Server: nginx
ETag: W/"65676d17-2e10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK noframework.waypoints.js Show response
ebesucher-klicker.de/assets/new/vendor/waypoints/ 21 KB
6 KB 119ms
119ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/waypoints/noframework.waypoints.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

c8f4833e03df3d72f1fc0717b502538300c6f51d316d180d023ff47e2ceee39e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:52 GMT
Server: nginx
ETag: W/"65676d18-5278"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.js Show response
ebesucher-klicker.de/assets/new/js/ 6 KB
2 KB 114ms
114ms Script
application/javascript 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/js/main.js

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

a7c7ab874946e194daa6761331e46cfc9af58a2c049f5c1fb6e07194aa00c1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 29 Nov 2023 16:55:42 GMT
Server: nginx
ETag: W/"65676d0e-1782"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H2 200 / Show response
media.hubuhost.com/ 0
237 B 60ms
7ms Script
text/html 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://media.hubuhost.com/?key=17A178

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:02 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: deny
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 webbi_traffic.php Show response
netzwerk-ad.de/ Frame 9C18 4 KB
2 KB 396ms
116ms Document
text/html 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

https://netzwerk-ad.de/webbi_traffic.php

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

2312fdfcdfa6789647755651ac4e029172ab516a978e0eaa8d134da64ecb9379

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebesucher-klicker.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:02 GMT
server: nginx
strict-transport-security: max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
ww25.aliasmails.xyz/ Frame 5682
Redirect Chain

https://aliasmails.xyz/
http://ww25.aliasmails.xyz/?subid1=20240227-1759-0330-a280-6e596e4b9a5a

1 KB
2 KB

423ms
60ms

Document
text/html

199.59.243.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.aliasmails.xyz/?subid1=20240227-1759-0330-a280-6e596e4b9a5a
Requested by: Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/
Protocol: HTTP/1.1
Server: 199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ffa3a6a98ab43734c2f97006b9ddbb277f8e2bbe4428bb6c0df6f793f979c0cb

Request headers

Referer: http://ebesucher-klicker.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-prefers-color-scheme
cache-control: no-store, max-age=0
content-length: 1234
content-type: text/html; charset=utf-8
critical-ch: sec-ch-prefers-color-scheme
date: Tue, 27 Feb 2024 06:59:03 GMT
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_IzmoqfWz7xCw+xeFx+oDOtlifzBFHqihidU+I7Y4vIa221ILb4gkus12fnCmiVMGc8GL+XgQ6qdUpDYIePqE8A==
x-request-id: cbcf638d-d29c-4fad-916a-1aa16125e4e4

Redirect headers

connection: close
content-length: 2
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:03 GMT
location: http://ww25.aliasmails.xyz/?subid1=20240227-1759-0330-a280-6e596e4b9a5a
server: Apache

GET
H/1.1 200
OK d662e81746550880028ddd2048973353.jpg
ebesucher-klicker.de/assets/upload/hero_image/ 1 MB
1 MB 233ms
130ms Image
image/jpeg 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://ebesucher-klicker.de/assets/upload/hero_image/d662e81746550880028ddd2048973353.jpg

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

cad0318c3fb4979d4a1eb3c047a028f19d26868967049919c815606878486b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ebesucher-klicker.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Wed, 29 Nov 2023 16:55:56 GMT
Server: nginx
ETag: "65676d1c-170b14"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1510164
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK boxicons.woff2
ebesucher-klicker.de/assets/new/vendor/boxicons/fonts/ 101 KB
101 KB 208ms
114ms Font
application/octet-stream 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/boxicons/fonts/boxicons.woff2

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/assets/new/vendor/boxicons/css/boxicons.min.css

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

df8458262a7d3d4dad2851655de2b3ba3b711f52e2bfce63ce0348730bb819c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebesucher-klicker.de/assets/new/vendor/boxicons/css/boxicons.min.css
Origin: http://ebesucher-klicker.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Wed, 29 Nov 2023 16:56:04 GMT
Server: nginx
ETag: "65676d24-1924c"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102988
X-XSS-Protection: 1; mode=block

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 47 KB
47 KB 42ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ebesucher-klicker.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:29:38 GMT
x-content-type-options: nosniff
age: 516564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48208
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:29:38 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ebesucher-klicker.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 11:08:14 GMT
x-content-type-options: nosniff
age: 330648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 11:08:14 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ebesucher-klicker.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 04:08:42 GMT
x-content-type-options: nosniff
age: 528620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 04:08:42 GMT

GET
H/1.1 200
OK bootstrap-icons.woff2
ebesucher-klicker.de/assets/new/vendor/bootstrap-icons/fonts/ 90 KB
90 KB 226ms
121ms Font
application/octet-stream 144.126.134.105
NL-811-40021

General

Check archive.org

Show headers Download Go to

Full URL

http://ebesucher-klicker.de/assets/new/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?a74547b2f0863226942ff8ded57db345

Requested by

Host: ebesucher-klicker.de
URL: http://ebesucher-klicker.de/assets/new/vendor/bootstrap-icons/bootstrap-icons.css

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (NL-811-40021, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

6e30be95c88e3acf121f68a271f54b13af21cd26e311fe37df694874edfd48c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ebesucher-klicker.de/assets/new/vendor/bootstrap-icons/bootstrap-icons.css
Origin: http://ebesucher-klicker.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 06:59:02 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Wed, 29 Nov 2023 16:56:02 GMT
Server: nginx
ETag: "65676d22-16764"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92004
X-XSS-Protection: 1; mode=block

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 49 KB
49 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ebesucher-klicker.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:48:45 GMT
x-content-type-options: nosniff
age: 569417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50296
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:10:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 16:48:45 GMT

GET
H2 200 01.gif
adnade.net/images/ Frame 9C18 5 KB
5 KB 40ms
7ms Image
image/gif 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/01.gif
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 39857e01d4d4f756029ecb3a0963d161ef857ef5a573d734c982badefbb9f973

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 01:49:07 GMT
server: nginx
etag: "651b7313-1364"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 4964
expires: Wed, 26 Feb 2025 06:59:02 GMT

GET
H2 200 02.gif
adnade.net/images/ Frame 9C18 5 KB
5 KB 39ms
7ms Image
image/gif 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/02.gif
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d525bbc62853a3dd657416f2e9e69959936ee4e488191e55f16bd946dc557662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 01:49:07 GMT
server: nginx
etag: "651b7313-1390"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 5008
expires: Wed, 26 Feb 2025 06:59:02 GMT

GET
H2 200 items.php Show response
bitspush.io/display/ Frame 9C18 61 KB
11 KB 100ms
43ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bitspush.io/display/items.php?357&239&468&60&0&0&0
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c03bab3231e0ca0865aff5ed29ed1c719c5319301fd5a9ed35bec5098474d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 06:59:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 27 Feb 2024 06:59:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJ3huTDQxxnFc3PpBfxU%2FlwwqPOvl6uzgNeqJJA0w1rrm5k4QxqpQTjFjZzsnNX6iIplhOk%2BVfSrq5HCH6%2BEo7%2FTygSwASAnbQ8T%2FQBZv8dR84zd9S3wEmFSMiO7l5r9ArxUnCo%2BxYbVPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 85be8af7597c663f-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 1551779 Show response
ad.a-ads.com/ Frame B33A 13 KB
5 KB 74ms
37ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1551779?size=468x60

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.28.254 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

ab02aa69457a210a01183dfdbe6fa1a195305741bdbd04d964d153368f5b18a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 27 Feb 2024 06:59:02 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
adnade.net/ptp/ Frame 73BD
Redirect Chain

https://go2.do/rB
https://adnade.net/ptp/?user=frechdax&subid=1

8 KB
3 KB

19ms
19ms

Document
text/html

2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://adnade.net/ptp/?user=frechdax&subid=1
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5246937bb93047e623da39a190ce37105c363943dea9a082b6f3de13a9e14fc7

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:02 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://adnade.net/ptp/?user=frechdax&subid=1
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 2296927 Show response
ad.a-ads.com/ Frame F492 14 KB
5 KB 48ms
28ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2296927?size=300x250

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.28.254 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

b380e6459b59b8938311cdf1a1d781234e346c5cfdea50f28b9d29d63c8c59ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 27 Feb 2024 06:59:02 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 2271580 Show response
ad.a-ads.com/ Frame 7862 14 KB
5 KB 46ms
27ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/2271580?size=250x250

Requested by

Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.28.254 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

07db5026d3d047a4bd2fd0dcfea2f4e5a1fd7cfde261cb8250d71d680a07ed79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 27 Feb 2024 06:59:02 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://netzwerk-ad.de/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 size=468x60 Show response
free-btc.org/banner/u=frechdax/ Frame 89D9 2 KB
1 KB 128ms
77ms Document
text/html 2606:4700:3032::ac43:ab44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://free-btc.org/banner/u=frechdax/size=468x60
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bce6ce46ef589072bde2c069da7ba012816af387bdc4f2b489ceb8e2c28d08

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85be8af76fa26612-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF97B8Gly7Q0pub6RDnWu9fBbT1QBlF3EdWA1F78jUbWohhthSk3tIe4PWalEy90nY84mppR4%2BfEk2eAooGo5onuhUjRm31Y7wGGIy8%2BIL636Q6YMCn%2FIDctsFmTpUpZztVVlJFd8gmxWZs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bits-ads.php Show response
adsluffa.online/ Frame E9E4 6 KB
2 KB 580ms
530ms Document
text/html 2606:4700:3032::6815:47b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Requested by: Host: netzwerk-ad.de
URL: https://netzwerk-ad.de/webbi_traffic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:47b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 638122f9afafcd3a8e4ba528612571fbbad494a0bdbe96fb0d79f5525a23514f

Request headers

Referer: https://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85be8af76a7822b7-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sY%2BybNWTjUgYD%2FXB6jctpfa8ZT7f92jXU4a6UL%2Bb9utUsPJKMLFvnex0VAyh2GUuMztO%2FudaXV%2FWhaOvRjQvDbGjRoUcp65w82pGadis0rGaCRCcticlrzxGBluCDFmcC88MPIapoRQTc7faid8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 css2
fonts.googleapis.com/ Frame 7862 5 KB
766 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: https://ad.a-ads.com/2271580?size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 06:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:48:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 06:59:02 GMT

GET
H2 200 250x250
static.a-ads.com/a-ads-banners/393748/ Frame 7862 593 KB
594 KB 19ms
10ms Image
image/gif 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393748/250x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2271580?size=250x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.28.254 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 86e5b7e8d1d9360d06c8bbeed2584da7d7a8546cea642a018ab4564e735866b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:02 GMT
x-amz-version-id: MkhgYX9YR17oU7DeeB0aCAbi40mxW4r7
last-modified: Tue, 31 May 2022 13:28:30 GMT
server: nginx
x-amz-request-id: MKGAFQXRFDBZ9FWY
etag: "bc68ae6f18a2d7f6a8e4bd5dca23a7d7"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 606750
x-amz-id-2: KB+4SvKhUYrw4F4rOtdwji18dSC8MPuZJVxbcrla40o2+5mu8EWwqfMNPEtlqyXNmrEeSYHdxNo=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame F492 5 KB
743 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: https://ad.a-ads.com/2296927?size=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 06:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:50:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 06:59:02 GMT

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393746/ Frame F492 609 KB
610 KB 29ms
21ms Image
image/gif 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393746/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/2296927?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.28.254 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:02 GMT
x-amz-version-id: FOGynYQlla8njUZxgta1uuTSww4lT2p7
last-modified: Tue, 31 May 2022 13:28:30 GMT
server: nginx
x-amz-request-id: W41M5XB6VZ597BRC
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: Xl6/1kNmWru3v2242JI6CSoUidCV2ySJhKnhwGKsdGcUs0s4EQvzay0CJbKnQnM7LJ1o3z/BSl4=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame B33A 5 KB
743 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Feb 2024 06:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:50:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Feb 2024 06:59:02 GMT

GET
H2 200 468x60
static.a-ads.com/a-ads-banners/485505/ Frame B33A 126 KB
126 KB 21ms
21ms Image
image/gif 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/485505/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.28.254 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 9594adfee670a9de7fff74593f8097b6a605f89c2cc34383a11f73d2978635cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:02 GMT
x-amz-version-id: Wse9NJCAowP54fOrofHFsGqhDXvoIvyT
last-modified: Thu, 26 Oct 2023 11:59:15 GMT
server: nginx
x-amz-request-id: JS9SB0F0GKVZ955A
etag: "e2ef84d86dd0bf9b14bdabe7374665c7"
x-amz-server-side-encryption: AES256
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 128764
x-amz-id-2: NMKVJB4HXDuTan6jiQG2ptf//FkPTSfTeR3B1Z5SkO+fFsyBusuJSIkcCUli2GSsJkjzAxFFV4w=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame F492 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame F492 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 03:13:55 GMT
x-content-type-options: nosniff
age: 186307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Feb 2025 03:13:55 GMT

GET
DATA 200
OK truncated
/ Frame 7862 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 7862 46 KB
46 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 03:13:55 GMT
x-content-type-options: nosniff
age: 186307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Feb 2025 03:13:55 GMT

GET
DATA 200
OK truncated
/ Frame B33A 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame B33A 46 KB
46 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ad.a-ads.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Sun, 25 Feb 2024 03:13:55 GMT
x-content-type-options: nosniff
age: 186307
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Feb 2025 03:13:55 GMT

GET
H2 200 logo.png
adnade.net/images/ Frame 73BD 21 KB
21 KB 9ms
7ms Image
image/png 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/logo.png
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d0963e266a793bcf10ba3e5e75fd4a8f3cce1eab2d2899cbb741079edbdcdb18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 14 Dec 2023 03:50:38 GMT
server: nginx
etag: "657a7b8e-543e"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 21566
expires: Wed, 26 Feb 2025 06:59:02 GMT

GET
H2 200 ptp.png
adnade.net/ptp/ Frame 73BD 343 B
581 B 9ms
8ms Image
image/png 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/ptp/ptp.png
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 01:49:11 GMT
server: nginx
etag: "651b7317-157"
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 343
expires: Wed, 26 Feb 2025 06:59:02 GMT

GET
H2 200 jquery-3.6.4.min.js Show response
adnade.net/ptp/ Frame 73BD 88 KB
36 KB 9ms
7ms Script
application/javascript 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://adnade.net/ptp/jquery-3.6.4.min.js
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: f4302dca380ee69b5fc3ac2db66bd9838c5ba6f34373e6442dc3d2d14b6f187c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:02 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 30 Dec 2023 20:17:08 GMT
server: nginx
etag: W/"65907ac4-15e6a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Wed, 26 Feb 2025 06:59:02 GMT

GET
H2 200 jquery.js Show response
cdn-binance.com/ Frame 73BD 763 B
531 B 79ms
21ms Script
text/javascript 195.90.208.185
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-binance.com/jquery.js?de=idg1W46L9F2rAEUV

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.90.208.185 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

92c5526ae1d95c81531d59ae4bbe86fc55657ebc97b8ba5c663b2d50cea8189f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *, *
x-xss-protection: 1; mode=block

GET
H2 200 consent.js Show response
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame 73BD 2 KB
2 KB 41ms
7ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1082 /
Resource Hash: 26b8db0717b2470b952a3124e7054ca7b71d78951d98c2ac263ce14ef5bb8b9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-679
cdn-cachedat: 02/26/2024 12:47:31
cdn-pullzone: 236985
visitor-location: DE
last-modified: Thu, 08 Feb 2024 01:32:58 GMT
server: Cookie First CDN-DE1-1082
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65c42f4a-9a3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=30
cdn-requestid: 61b681bc8d4ac54f4b185b2b109527ba
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
sparkasse-fickmuehlen.de/partner/ Frame 93DC 333 B
531 B 60ms
12ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://sparkasse-fickmuehlen.de/partner/

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

h115.hubuhost.com

Software

nginx /

Resource Hash

aa8e3adbf0b5c901a3909a38faa3cddd4ae183dff1fec4c954d2bab3aa40f3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adnade.net/ptp/?user=frechdax&subid=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 333
content-type: text/html
date: Tue, 27 Feb 2024 06:59:03 GMT
etag: "63e99d0e-14d"
last-modified: Mon, 13 Feb 2023 02:14:38 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
deliver.adnade.net/ Frame 65B8 2 KB
969 B 58ms
18ms Document
text/html 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://deliver.adnade.net/?id=8v0d8DF1KeuMGJwkuyBzUgZJLhb97cfE&d=wUZyaqLZuykan7jCJy8kaNAVV08RU0vn

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

17b7b30c91fb5568706774f985e4f199f43b3c941b412dbfb6e91b1899065675

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adnade.net/ptp/?user=frechdax&subid=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:03 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 page_bg.jpg
adnade.net/images/ Frame 73BD 2 KB
2 KB 8ms
8ms Image
image/jpeg 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/page_bg.jpg
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: fd6bf4f74881850baa384bed84f6dfb9b5258c6771524a4a226b2b344a61f096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 01:49:07 GMT
server: nginx
etag: "651b7313-6f1"
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1777
expires: Wed, 26 Feb 2025 06:59:02 GMT

GET
H2 200 main_bg_oben2.gif
adnade.net/images/ Frame 73BD 3 KB
3 KB 8ms
8ms Image
image/gif 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/main_bg_oben2.gif
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: aba329695897af7bffa4d282dcf3573d0463f847a01f28efe7c41aa51beb41ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 01:49:07 GMT
server: nginx
etag: "651b7313-c00"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 3072
expires: Wed, 26 Feb 2025 06:59:02 GMT

GET
H2 200 main_bg_mitte2.gif
adnade.net/images/ Frame 73BD 1007 B
1 KB 9ms
9ms Image
image/gif 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/main_bg_mitte2.gif
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 843cf53ffec1cba4d93bc2bcc54e6570b7995d1be89015902df534357b9268b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 01:49:07 GMT
server: nginx
etag: "651b7313-3ef"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1007
expires: Wed, 26 Feb 2025 06:59:02 GMT

GET
H2 200 main_bg_unten2.gif
adnade.net/images/ Frame 73BD 2 KB
2 KB 8ms
7ms Image
image/gif 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/images/main_bg_unten2.gif
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 97205041759d0463b2c2849f7275898fd81a783165f9ad4b22162b6f2beeceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 01:49:06 GMT
server: nginx
etag: "651b7312-7f2"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 2034
expires: Wed, 26 Feb 2025 06:59:02 GMT

GET
H2 200 index.php Show response
adnade.net/ptp/ Frame 73BD 4 B
156 B 20ms
20ms XHR
text/html 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://adnade.net/ptp/index.php?tsp=8v0d8DF1KeuMGJwkuyBzUgZJLhb97cfE&a=d9014cfacb7831bf91422f11f8adc112&d=1709017143008
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/jquery-3.6.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 561b2814d3c09e62a92442c946307918f7f63f833c84876c08bd4c406767e53b

Request headers

Accept: */*
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
deliver.adnade.net/api/ Frame 73BD 0
220 B 27ms
13ms Script
text/html 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://deliver.adnade.net/api/?param=8v0d8DF1KeuMGJwkuyBzUgZJLhb97cfE

Requested by

Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adnade.net/ptp/?user=frechdax&subid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 d-video.js Show response
video.onetouch8.info/ Frame 89D9 92 KB
13 KB 148ms
38ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/d-video.js?b=27
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b50253e2ef3c7a42aaa8544693349332aeba8f9caa05b0cd4652f11b46760000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 16:20:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2067
etag: W/"654d06d4-17051"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4oE9InuOG%2BKDDY2tio0RxnaOV25hgdcQCFQUv7HT68H%2BQY27b6rYDGf49XNDUW%2FDa6xnI58%2B8yPuR%2FmxXAZnNcTfZzpueKvKurayy1sJ8mq8yg%2Fp8D0cZfCKgXbSE1bQz8NuEpgVSksskzts7mVGjQ4ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85be8af89ce1b906-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 bico.gif
free-btc.org/img/ Frame 89D9 32 KB
32 KB 22ms
22ms Image
image/gif 2606:4700:3032::ac43:ab44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-btc.org/img/bico.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/banner/u=frechdax/size=468x60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51752
alt-svc: h3=":443"; ma=86400
content-length: 32521
last-modified: Sat, 19 Feb 2022 15:54:05 GMT
server: cloudflare
etag: "6211129d-7f09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDb3GakVefXSP%2F1fJN3gE3U1FGlc9I%2BodqKyICHSj5OsMO3Yt%2F554YhxP%2BfL%2FxXslV%2FoglOlfCy3Polr4ILiX4ipNOLVlRLe27pwaUI6cBuuff6smb1sQsqc685AB0g2Q82cmXu3ugQpVyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 85be8af7e8226612-AMS
expires: Tue, 27 Feb 2024 16:36:31 GMT

GET
H2 200 468x60.gif
free-btc.org/banner/ Frame 89D9 167 KB
168 KB 25ms
25ms Image
image/gif 2606:4700:3032::ac43:ab44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-btc.org/banner/468x60.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a323ef02fe1933eedd0b0127f9526080ca6b98353da15dbd7181797d0df8d71f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/banner/u=frechdax/size=468x60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49334
alt-svc: h3=":443"; ma=86400
content-length: 171382
last-modified: Tue, 01 Feb 2022 18:00:14 GMT
server: cloudflare
etag: "61f9752e-29d76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXi1qvhNPhf6M7yocKFHcs2V7T1GQNCPIA0NXxx4PKhQLTYQNo%2FF0gG9Mfac8e%2BHk84eoeDhQEXXfDYztopZpDBJB3RzyPFnyyYsiA%2FSxy8%2BTwaRUQ9j1FXGaJDf9e50%2BNID1rldy7jWwPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 85be8af7e8236612-AMS
expires: Tue, 27 Feb 2024 17:16:49 GMT

GET
H2 200 empty.gif
adnade.net/ptp/ Frame 65B8 43 B
279 B 8ms
7ms Image
image/gif 2a00:6800:3:a0b::2
EVANZOAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adnade.net/ptp/empty.gif
Requested by: Host: deliver.adnade.net
URL: https://deliver.adnade.net/?id=8v0d8DF1KeuMGJwkuyBzUgZJLhb97cfE&d=wUZyaqLZuykan7jCJy8kaNAVV08RU0vn
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:a0b::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2c9c5820db6f7a8a6c3912b60454a491326c2712a0db3ba10c751b0bc3816469

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 06:59:03 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 Oct 2023 01:49:11 GMT
server: nginx
etag: "651b7317-2b"
content-type: image/gif
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 43
expires: Wed, 26 Feb 2025 06:59:03 GMT

GET

/
bitporno.de/ Frame BA04
Redirect Chain

https://billigerscheiss.de/?t=1709017143&ln=1
https://bitporno.de/

0
0

GET

/
eu4-de84.muggel.net/ Frame CF3B
Redirect Chain

https://adnade.net/surfbar/?p=1
https://billigerscheiss.de/?g=0
https://eu4-de84.muggel.net/?nr=1&d=LX5w9HmlOwZHBF30Id0vF7RVIsbAHwcS

0
0

GET
H2 200 / Show response
deli.misaglam.com/prepare/channel/ Frame 6582 424 B
484 B 95ms
22ms Document
text/html 178.254.33.33
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://deli.misaglam.com/prepare/channel/?chilli=tiktok

Requested by

Host: sparkasse-fickmuehlen.de
URL: https://sparkasse-fickmuehlen.de/partner/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

h115.hubuhost.com

Software

nginx /

Resource Hash

e9fc8d6674aeafb947323cae49be6b79b03e4b1d11bd0c93d447e347016f6a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sparkasse-fickmuehlen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:03 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
embed.chatlotto.de/ Frame 0AD6 701 B
626 B 74ms
12ms Document
text/html 195.90.208.185
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.chatlotto.de/?chatroom=933d54ca722de8eb

Requested by

Host: cdn-binance.com
URL: https://cdn-binance.com/jquery.js?de=idg1W46L9F2rAEUV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

195.90.208.185 , Germany, ASN42730 (EVANZOAS, DE),

Reverse DNS

h109.hubuhost.com

Software

nginx /

Resource Hash

147c9c607f033ccd2bcb751c06b49e3163cf29517b6233ab53cdd69e998c6f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: * *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:03 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 matomo.js Show response
tool.hubu.link/ Frame 73BD 64 KB
25 KB 70ms
9ms Script
application/javascript 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://tool.hubu.link/matomo.js
Requested by: Host: adnade.net
URL: https://adnade.net/ptp/?user=frechdax&subid=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 10:11:46 GMT
server: nginx
etag: W/"6565bce2-10132"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Wed, 26 Feb 2025 06:59:03 GMT

GET
H2 200 banner.no-autoblock.js Show response
consent.cookiefirst.com/ Frame 73BD 63 KB
24 KB 12ms
12ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/consent.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1082 /
Resource Hash: 1cb2390cd9b4ce160f8c8361430b7b0e270ee56ef2a663418a05ef5de864f7cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
cdn-edgestorageid: 1082
cdn-storageserver: DE-165
cdn-cachedat: 02/26/2024 12:54:17
cdn-pullzone: 236985
visitor-location: DE
last-modified: Mon, 26 Feb 2024 12:54:16 GMT
server: Cookie First CDN-DE1-1082
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65dc89f8-faee"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=300
cdn-requestid: 4a4cbe744108ad8b01e7dd57705e02a7
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 version.json Show response
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame 73BD 44 B
781 B 31ms
17ms Fetch
application/json 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/version.json?v=1709017143099
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1082 /
Resource Hash: 902d8fb13200a5d2faece2c9307ebf2e309370cb27ff89020001a4e2940fd249

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cdn-edgestorageid: 1082
cdn-storageserver: DE-51
cdn-cachedat: 02/27/2024 06:59:03
cdn-pullzone: 236985
content-length: 44
visitor-location: DE
last-modified: Thu, 08 Feb 2024 01:32:59 GMT
server: Cookie First CDN-DE1-1082
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65c42f4b-2c"
content-type: application/json
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=15
cdn-requestid: c3487a390673a44d21ec52be1d630400
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 location Show response
edge.cookiefirst.com/prod/ Frame 73BD 67 B
468 B 96ms
9ms Fetch
application/json 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.cookiefirst.com/prod/location?origin=adnade.net
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 64a4383f30ec2cc2dab9b882da9e82b659aa23b6a0b2ee1118dda32f7a43059f

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 02/27/2024 06:59:03
cdn-pullzone: 717911
content-length: 67
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://adnade.net
cdn-cache: BYPASS
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
cache-control: public, max-age=1200
cdn-requestid: f3b651c912b35526399e03012c753e0d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 400 matomo.php
tool.hubu.link/ Frame 73BD 410 B
542 B 378ms
378ms Ping
text/html 2a00:6800:3:591::2
EVANZOAS

General

Check archive.org

Show headers Download Go to

Full URL: https://tool.hubu.link/matomo.php?action_name=AdNade.net%20-%20PTP%20link&idsite=VlA4an6aWb5e&rec=1&r=034528&h=7&m=59&s=3&url=https%3A%2F%2Fadnade.net%2Fptp%2F%3Fuser%3Dfrechdax%26subid%3D1&urlref=https%3A%2F%2Fnetzwerk-ad.de%2F&_id=10e097e6f3c54c63&_idn=1&send_image=0&_refts=1709017143&_ref=https%3A%2F%2Fnetzwerk-ad.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=fg9fwM&pf_net=0&pf_srv=19&pf_tfr=1&pf_dm1=84&uadata=%7B%7D
Requested by: Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:6800:3:591::2 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
Software: nginx /
Resource Hash: cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://adnade.net
date: Tue, 27 Feb 2024 06:59:03 GMT
access-control-allow-credentials: true
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 89D9 380 KB
131 KB 107ms
57ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.onetouch8.info
URL: https://video.onetouch8.info/d-video.js?b=27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7274ba10554801c2589a0461ef72855be2ac1463f95598dd237822016a4de06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133089
x-xss-protection: 0
expires: Tue, 27 Feb 2024 06:59:03 GMT

GET
H2 200 wgpizbdq.js Show response
ad4m.at/ Frame 6582 24 KB
10 KB 51ms
20ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/wgpizbdq.js
Requested by: Host: deli.misaglam.com
URL: https://deli.misaglam.com/prepare/channel/?chilli=tiktok
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9455bc7fa2544fea83bbe69418fa2231819e0f57b899aecf711d4e94b7ffb2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://deli.misaglam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 10:48:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 72581
etag: W/"f0be4bb62117dc5dfef3ce3dc9072e09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwfeAQavMFvCnnnfn5vM0MN4t%2BjXYVdE1PW2JsvO1TsdDd1%2BP0EsJ6QUyCdPCZOM5H20Tulxma4CM5APGiBLWCOVkexHfKJzTVoAXvZxh89qpamZwVTkyYcXGiND2B9euzzD3b0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 85be8af95c0e3732-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Feb 2024 10:48:49 GMT

GET
H2 200 cookie-frame.html Show response
ad4m.at/ Frame 0DE7 2 KB
1 KB 18ms
17ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2167862
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 85be8af98c343732-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 27 Feb 2024 06:59:03 GMT
expires: Tue, 30 Jan 2024 11:19:13 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUEHw3HR0yq8Wnbn%2BdcNdusIuRARUaejEow5Vayscdz6wJojY9LWq0%2BpWW3SxH7m%2B2a%2FVI7mdLxqXULwqvvHbGV6DTuqankjU3Q%2BOG4rcEVmSihZIPJG7PPk%2BkCyvrAoNLtbYTk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 36ms
28ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://deli.misaglam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://deli.misaglam.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85be8af9b8f29be0-FRA
content-length: 24
content-type: text/plain
date: Tue, 27 Feb 2024 06:59:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFy4zr8PhWiPcVIzX5Jc5wEbQn89aVjBdEMm5OqurBZVop5rC4SKVRLHH9MFSjh2xi%2FGSGQ3OQ2VEVtlQCw83MtSK54rGv3uh90tHS2oPiLnzokDPOjq1Mp%2BCtzI8IBFBXDKlps%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-9x1f

POST
H3 200 rs Show response
ad4m.at/ Frame 6582 481 B
842 B 34ms
34ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4afdfe5b5c04f5f508f6805eb4d820cc6bbdc3efb535ef864bd23c70f1ff894a

Request headers

Referer: https://deli.misaglam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfOx6Cuo2v47fqbbZkleQ7AfGN%2BJ3AsYqQlYdV4hO6IMsrOYSsRY8kPHDFSFZycTxM3KAueWmQBL8yEysS9D1Eq1GUBkZQB9jgINQbUcybqg14w5%2B4J3%2FXl3QEd2f4soTa420J8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://deli.misaglam.com
access-control-allow-credentials: true
cf-ray: 85be8af9e9159be0-FRA
x-backend-server: aa-reachservice-group-europe-west1-xj47
alt-svc: h3=":443"; ma=86400

GET
H2 200 lang-widget-en.json Show response
consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/ Frame 73BD 12 KB
5 KB 7ms
7ms Fetch
application/json 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/sites/adnade.net-8bef7a5b-3ad9-49e7-9cd7-ed896f96fa60/lang-widget-en.json?v=11974f17-f093-4171-9edc-210a9185cd58
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1082 /
Resource Hash: 069fd47df71ce88d5b5f3237c11d3a6ec5346e0fc934e2ce9f7b13e60d7d8575

Request headers

Accept: application/json
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
cdn-edgestorageid: 1081
cdn-storageserver: DE-164
cdn-cachedat: 02/08/2024 01:33:02
cdn-pullzone: 236985
visitor-location: DE
last-modified: Thu, 08 Feb 2024 01:32:58 GMT
server: Cookie First CDN-DE1-1082
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65c42f4a-31ae"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=31919000
cdn-requestid: 82f00ef4d367fc52c877ef91f88095e5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bridge3.621.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EFC1 756 KB
242 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89dd617f06b5cde21926c8f2560c7f882b74f1a3fd8845830d6a68d83cc4618c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://free-btc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 514764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 247675
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 07:59:39 GMT
expires: Thu, 20 Feb 2025 07:59:39 GMT
last-modified: Thu, 15 Feb 2024 17:12:44 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 89D9 44 KB
17 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 27 Feb 2024 06:59:03 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 619B 40 KB
14 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 07:17:27 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame D28C 7 KB
4 KB 43ms
29ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

944a80601d5732132c9dbb62eb3e76afc0cb4ddfdfbeb9cd0c512e441992466d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deli.misaglam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 85be8afa4cbc3732-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 06:59:03 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame D28C 115 KB
14 KB 19ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 958502
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFYq3SshNvDR1cyE3hrGZjfk9S%2BCBhExB8s%2FfLIHDxuv29IjLROuEnm4ugCE9vYYBl0pxZia1kqCPsz2Scu4zwFkQn5SGDhwW5049JLhmFT3JCTD3IgGJ725uTdtX54lvvXLIp8dhBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 85be8afa89e5912e-FRA
expires: Wed, 28 Feb 2024 06:59:03 GMT

GET
H2 200 120F96A75D6F4DFA8C180C0B166F56DE52DF6CCE7132AA81A0F39370D0B66A11D11DF772A5F37667D848D1EFAD34C7BB21F4F1EC3CC3BACAA138FC27CB46D84C
assets.ad4m.at/logo/ Frame D28C 4 KB
5 KB 36ms
19ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/120F96A75D6F4DFA8C180C0B166F56DE52DF6CCE7132AA81A0F39370D0B66A11D11DF772A5F37667D848D1EFAD34C7BB21F4F1EC3CC3BACAA138FC27CB46D84C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c331eb86d87b1684540ddb6544a96d3f9b975141681f028ae97b0c5bcf4b64b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 370090
cf-polished: origFmt=png, origSize=12853
alt-svc: h3=":443"; ma=86400
content-length: 4258
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:42:23 GMT
server: cloudflare
etag: "40eca896a1af9011ff26d05bf97e80fc"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMqS1Q6Rbv1lqrangVIqiRWAxItlwykHvMOQWAYuNIzX4Zl4V6ZuAjlEaxuwjRa2O1SpEcnoOIEbMELMOwl3A7FdwcGM%2FKoATPRlTWfvwmmx8JiZ3wjagbZ%2FdiBMMRmHOMKjNAkVUQxL1KV2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 85be8afaacf83732-FRA

GET
H2 200 71613ACF08169DC6086C040AE52307CEF098D4B356E4B796716A9DBCF0EC1F05DFBCD36FB6577E1AFB510DCB27E1A87ABB105BDF2D2322D292DF64F8BA6C23F2
assets.ad4m.at/product_image/ Frame D28C 35 KB
36 KB 37ms
20ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/71613ACF08169DC6086C040AE52307CEF098D4B356E4B796716A9DBCF0EC1F05DFBCD36FB6577E1AFB510DCB27E1A87ABB105BDF2D2322D292DF64F8BA6C23F2
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81bb9ca7f132df1282fb961eb59ce5e0bfb23c3946f578d046088da672650d12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9430350
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 36053
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:15:37 GMT
server: cloudflare
etag: "d5b42731623c7d6d385a5ed6ec6d805a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmndPPy0YX44f9Gfj7e07YVHUeCJkZZBDITbm2lhy88bmuBpoDShq0JZfq19qDPe%2FXiW4Lke5IDB5%2FwvxU1UnJjxK04BsVRpHFwovNwxyGxLSAaPKnOHVXUbSsobHVriZ%2BZ1WhvtiO2XFx7b"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 85be8afaacf93732-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame D28C 43 B
704 B 413ms
352ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2974903&v=22835&q=421902&r=412871&pv=1&pref3=oneidbGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJoneid__Influencer_TT_advancedad_300x250&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Feb 2024 06:59:03 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame D28C 10 KB
10 KB 26ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 365881
cf-polished: origFmt=png, origSize=10653
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 11:11:38 GMT
server: cloudflare
etag: "ca1cf24fc82b7541b262f0d4b15a8100"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uDakmlNYFIhfi5wTluLHnyIr2Sqa3VOCp%2F6dR%2BIvHHrxZuzQgmcgIPZyxJvTvk9E3yd6GI7pMWixICRVx1qOrthVVry8P8ieNkv13O00fo84ZjfwATzgQTSvHj4zghpYBwW%2BVypKsJ1yjma"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 85be8afaacf53732-FRA

GET
H2 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame D28C 28 KB
28 KB 35ms
27ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2167859
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28452
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:10:32 GMT
server: cloudflare
etag: "ad60aab65075d58e4390c75c7ea7b04e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNUoE7hu6d5czOc9mW69jvJAfpPw5rW3IbKXY3oM01es9m0Vvbj6jbK8HwlG7i%2F9lWzyPJQc%2B39iZiihVnJiBKssQLRkzp96XPo3958td8E7V0g7a2rT%2BrNDk6vXdek%2BgyBl%2BV2HmK7gWp5w"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 85be8afaacf63732-FRA

GET
H2 200 B428F1136C7C2A0587399672B3E6257AFBE1C9DD6F781EC1A381E21233C0B16DCFB425855B6D579A455E639BDCAFFE9E9A793DA2C8B4F065188F1CFBA3ED6A69
assets.ad4m.at/logo/ Frame D28C 9 KB
9 KB 29ms
21ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B428F1136C7C2A0587399672B3E6257AFBE1C9DD6F781EC1A381E21233C0B16DCFB425855B6D579A455E639BDCAFFE9E9A793DA2C8B4F065188F1CFBA3ED6A69
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4d67d29cfa8ed5e468b0b9bd02bf5e66ef8994b4b0245b0e31cb72f642b4d1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 440529
cf-polished: origFmt=png, origSize=29753
alt-svc: h3=":443"; ma=86400
content-length: 9198
cf-bgj: imgq:85,h2pri
last-modified: Mon, 15 Jan 2024 16:01:56 GMT
server: cloudflare
etag: "782ab1e273b6d319b466918a1c87b5d5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DG%2FlOJ9YPzvBhrsJOVA%2BDwNNaKsPQZuvLMy9LKzEe7yVcKq2fpyHcxVHCuX2Mv0lgJOXDjtHBHFOdA1TjAJDi7PiuRy9OeVhhCBi28fYOsGWFAUKjGl6eqJFWQgtMD4DRQAmE%2Fzv9ovNpM%2FM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 85be8afaacf73732-FRA

GET
H2 200 81D0EA2F097268FF1B36B08EB2C852313F8741135400716E24A77047660B4D70ADDD46F8C779075EBA74C35BADD103A1536E2B79C4165C5F97E3BBF43DE1B94D
assets.ad4m.at/ Frame D28C 26 KB
27 KB 30ms
22ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/81D0EA2F097268FF1B36B08EB2C852313F8741135400716E24A77047660B4D70ADDD46F8C779075EBA74C35BADD103A1536E2B79C4165C5F97E3BBF43DE1B94D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8b8c4c304be3320fd41260be7e00fcd381499e76bb239e397894c752de77378

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2850675
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 26868
cf-bgj: imgq:85,h2pri
last-modified: Thu, 25 Jan 2024 07:07:40 GMT
server: cloudflare
etag: "77192cebc3b4c3fd3021020869d3f21b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EENglI7Zr%2FMCxc5qsIRQJsK4xm%2F1T7cxUDZjK4kDICTBMC%2B0kAL0Z7TPM1LkoVNyBptSOgZSeFYHZuMItad8hYPkhIVp7CR0Ng8HnCtVMMp4aZjVTfBQYYCvf9r9RKOZQhba4cA2GWKzaLJ7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 85be8afaacfa3732-FRA

GET
H2 200 tag Show response
video.onetouch8.info/api/video/ Frame EFC1 42 B
814 B 31ms
30ms XHR
application/xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=51617&tmax=500&video-skipafter=5&count=3&tagId=7v2czcwwhcvouiru
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7GHRYQJchAZGOK0byRFQyNgDf2%2B2i%2B6zrrgY97XltULCu0pJCl%2B%2FuZc61wttLsaGgahx%2B1F92Jmwb9jXeESr172sHqx6VL%2BMCz%2BNfGPY%2BynektsS2uT9GGIqpE3IS8kR6Ux%2Btgtcqi8INOZAbPHMMhc9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 85be8afa9f6ab906-AMS
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 233.362b.c.css
consent.cookiefirst.com/banner/v2.14.9/static-main-no-autoblock/ Frame 73BD 127 B
881 B 11ms
11ms Stylesheet
text/css 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/v2.14.9/static-main-no-autoblock/233.362b.c.css
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1082 /
Resource Hash: e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cdn-edgestorageid: 1080
cdn-storageserver: DE-167
cdn-cachedat: 02/26/2024 12:54:16
cdn-pullzone: 236985
content-length: 127
visitor-location: DE
last-modified: Mon, 26 Feb 2024 12:54:16 GMT
server: Cookie First CDN-DE1-1082
cdn-fileserver: 750
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65dc89f8-7f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=31919000
cdn-requestid: 4f6eec78c94303e3152116d1671c7908
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 233.8420.c.js Show response
consent.cookiefirst.com/banner/v2.14.9/static-main-no-autoblock/ Frame 73BD 96 B
859 B 12ms
12ms Script
application/javascript 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiefirst.com/banner/v2.14.9/static-main-no-autoblock/233.8420.c.js
Requested by: Host: consent.cookiefirst.com
URL: https://consent.cookiefirst.com/banner.no-autoblock.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: Cookie First CDN-DE1-1082 /
Resource Hash: b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cdn-edgestorageid: 1080
cdn-storageserver: DE-663
cdn-cachedat: 02/26/2024 12:54:16
cdn-pullzone: 236985
content-length: 96
visitor-location: DE
last-modified: Mon, 26 Feb 2024 12:54:15 GMT
server: Cookie First CDN-DE1-1082
cdn-fileserver: 728
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65dc89f7-60"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: d602dab6-3f92-4809-a378-608fd2b89403
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, visitor-location
cache-control: public, max-age=31919000
cdn-requestid: 81d989c84882c50b2e6cf64b35f7571a
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match, traceparent
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame E9E4 52 KB
21 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Feb 2024 05:32:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5220
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 27 Feb 2024 07:32:03 GMT

GET
H2 200 b-2_728x90_b7v623q3h76.jpg
adsluffa.online/files/banners/ Frame E9E4 34 KB
34 KB 34ms
34ms Image
image/jpeg 2606:4700:3032::6815:47b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adsluffa.online/files/banners/b-2_728x90_b7v623q3h76.jpg
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:47b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40a0064b6078c8faef30b799c94a9a81a6378d590ea7ff3176f316dd3ca2741

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 533931
alt-svc: h3=":443"; ma=86400
content-length: 34680
last-modified: Thu, 24 Aug 2023 19:26:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPPsIpn%2FwdQFleRIbwXz9F0K70A54s3CngzCzGMVP6kwxe1gE6oMAApwDNh448VVak0Lu5P%2Fx4SsT8YTpwq1CZksTAcSPGVa%2F46o8Gr9xPoPZMAbCyZjMH8ORfqwvmKnNMw2XHC50ZdA8HazGm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85be8afacdaa22b7-CDG
expires: Wed, 28 Feb 2024 02:40:12 GMT

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ Frame E9E4 2 KB
1 KB 45ms
12ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b78c5c3f93b9d9d8dcb46d08d4f67cbcf71ff8b2ec96c03543fc377ce446b6e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 07:04:03 GMT
date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2024 12:25:33 GMT
server: nginx/1.18.0
etag: W/"65d73d3d-6c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E9E4 193 KB
70 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c23f81b4b96fc42b49465db3b5b7c24551a581796fb897b54f75333b97e9199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71655
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Feb 2024 06:59:03 GMT

GET
H2 200 ads.php Show response
adsluffa.online/ Frame 1191 188 B
398 B 187ms
186ms Document
text/html 2606:4700:3032::6815:47b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsluffa.online/ads.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:47b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 593d4133adeb54b18ac3974a1a78e0aa6e2c9f0f054a96be5db7d929ebb57baf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85be8afacdab22b7-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FooJHu4JemZMZG1caw433Ifvp0BZV6lcdW7vUV3Z1nHPhVWGPgZx5yGu3oWU2mu5taH2CIQ39eNcDjax%2BbnE0kWCvbMSdI%2BZ64k9BHKOVPrMBwGHcto8PE20vPnxRXqSj9A3KMgnLdN317lEK6s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 allads.php Show response
adsluffa.online/ Frame D950 173 B
407 B 345ms
345ms Document
text/html 2606:4700:3032::6815:47b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsluffa.online/allads.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/bits-ads.php?type=1&&ids=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:47b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: cb3b4e37f1adfbbc5e25705783f8fb937c04182841a83511ce3293307b9badef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85be8afacdac22b7-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoZqpr7yjNqjijBlcxwgP82vqGPLRSzax2ydAcnI%2F0bPDd0zR1gRLTwWjgUuN9sCytvO2%2BCeDHjWIJMhH4KXaF%2FoEPXhAdr14jtEhJXoyRTg9rw6Jv%2Ba8bY6ekZvsbibkTW5Ti%2Fbz6IAG5McnNw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 link.html Show response
track.webgains.com/ Frame D28C 2 KB
2 KB 130ms
72ms Script
text/html 35.176.232.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hxjknsysq7p0n9jdsz4zf6wvxxbw1meqzxravescva91scx52r2nrbhk1tkff7met9j8s4gs5d3h4x9maxp1khm3yj1fc647krvtrxjfmhy8ynf46zd2ftevpkte5c7e07zkea6qzxktvwjz7habjhk34z3jb802r7kxmesqw5vn3m4z1c34b9pds7zn2n5xpvq4hdantfj65cp4k4eng58b84gv628msgra2h8gtg4ana0jm0p1f741sbkdknwtds8ep8%26a%3D&clickref=oneidwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5oneid__Influencer_TT_advancedad_300x250&viewref=oneid1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcAoneid__Influencer_TT_advancedad_300x250
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.232.93 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-232-93.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: bd0610ed2450bbd81dde51bcb0639eb97569f0adad01ddf1a882569a614acf9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
last-modified: Tue, 27 Feb 2024 06:59:03 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 27 Feb 2024 07:00:03 GMT

GET
H2

200

c-8a7bb10d2224764bb13a2f47d7db9ecd.png
grow-platform.tradedoubler.com/uploads/organizations/2367815/ Frame D28C
Redirect Chain

https://imp.tradedoubler.com/imp?type(img)g(25525506)a(3040636)epi(oneidK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fqoneid__Influencer_TT_advancedad_300x250)839071860
https://grow-platform.tradedoubler.com/uploads/organizations/2367815/c-8a7bb10d2224764bb13a2f47d7db9ecd.png

167 KB
167 KB

67ms
26ms

Image
image/png

188.165.150.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://grow-platform.tradedoubler.com/uploads/organizations/2367815/c-8a7bb10d2224764bb13a2f47d7db9ecd.png

Requested by

Protocol

Server

188.165.150.178 , France, ASN16276 (OVH, FR),

Reverse DNS

lb02.net.royalcactus.com

Software

nginx /

Resource Hash

29287f0ee27b9f865409fbc1a40b1d61b7a4fadb90b7c8c38165da62d04d3958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Oct 2023 14:44:00 GMT
server: nginx
etag: "653a7b30-29bb6"
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
content-length: 170934
x-via-poph: replica1
expires: Tue, 27 Feb 2024 08:59:03 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 06:59:03 GMT
referrer-policy: origin
server: TXServerHttp
vary: Origin
content-type: text/html; charset=ISO-8859-1
location: https://grow-platform.tradedoubler.com/uploads/organizations/2367815/c-8a7bb10d2224764bb13a2f47d7db9ecd.png
access-control-allow-origin: *
cache-control: private, max-age=0
access-control-allow-credentials: true
content-length: 312

POST
H2 204 csi
csi.gstatic.com/ Frame EFC1 0
234 B 355ms
13ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lt40ojg9&c=3896904827066&slotId=1948452413533&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 06:59:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tag Show response
video.onetouch8.info/api/video/ Frame EFC1 42 B
889 B 39ms
39ms XHR
application/xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=51617&tmax=500&video-skipafter=5&count=3&tagId=7v2czcwwhcvouiru&repeat=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SI6%2FW50aIPcSSmEqvmj2CjpnjEdHwv2yhAI5xeC%2FQ1mlJlSc339wzwFS1Zn4gsFIj1Ffh41Hpc6QDJ20lfh4ZICUQuXlWUN37bQIN8NsKNRiSk26Wq7a2AWbrCflEsUGmoQQbRCXKpL688A4TWYayNWlcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 85be8afaeeddd0c9-AMS
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ Frame E9E4 104 KB
35 KB 15ms
14ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7093535c92c8b7651ca055b34c44b3686656471359c9ec3badb15b6019dcae4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 07:04:03 GMT
date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2024 12:25:38 GMT
server: nginx/1.18.0
etag: W/"65d73d42-19fa5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame E9E4 231 KB
82 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a9e891132bfd2738e9db8a893fa26d5b742e76a00ad51894cb86eea6de63dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84219
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 06:59:03 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame EFC1 0
54 B 301ms
14ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lt40oji5&c=3896904827066&slotId=1948452413533&ghmsh_eids=44772139%2C44777649%2C44781409%2C44806631%2C95321947%2C95322027%2C95324128
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 06:59:03 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 115681 Show response
na.nawpush.com/tags/ Frame E9E4 1 KB
1 KB 43ms
8ms XHR
application/json 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/115681?version_name=a
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 179d3d13b9a9f399aecf32e8986d8390cb497a148eeab34aec0b20ca6bd85f98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Feb 2024 06:59:03 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-length: 1211
x-proxy-cache: HIT

GET
H3 200 tag Show response
video.onetouch8.info/api/video/ Frame EFC1 42 B
854 B 36ms
35ms XHR
application/xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=51617&tmax=500&video-skipafter=5&count=3&tagId=7v2czcwwhcvouiru&repeat=2
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVisGrd%2BvCjJW1tbW77ezWPLbetEEC055QZOOzIQ1ETKmzieKSWtYV4x479brfbpgehTT1ZHT5sdQy8GBm%2FQYCsFxpathA%2FjrTCd847K43eIlrx6Wgon1hpayApDtNAS5smaDQWIW9J66Yr4ROAbDrpuXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 85be8afb4f55d0c9-AMS
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D28C 56 KB
19 KB 75ms
7ms Script
application/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&wgprogramid=265645&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hxjknsysq7p0n9jdsz4zf6wvxxbw1meqzxravescva91scx52r2nrbhk1tkff7met9j8s4gs5d3h4x9maxp1khm3yj1fc647krvtrxjfmhy8ynf46zd2ftevpkte5c7e07zkea6qzxktvwjz7habjhk34z3jb802r7kxmesqw5vn3m4z1c34b9pds7zn2n5xpvq4hdantfj65cp4k4eng58b84gv628msgra2h8gtg4ana0jm0p1f741sbkdknwtds8ep8%26a%3D&clickref=oneidwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5oneid__Influencer_TT_advancedad_300x250&viewref=oneid1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcAoneid__Influencer_TT_advancedad_300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4f03188bc85cffc0c30d25b3d85d409399b327bf822bd7ae334644c50d726bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 01:46:48 GMT
content-encoding: gzip
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 15:01:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 18736
etag: W/"ee061fd5b48845697bbcc6ca7ece7e5f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: cCd3u56kcvqSI2-wJA6b2DmEH8AheoIic7IyUlwVQ9boObc07HsqzQ==

GET
H2 200 1692282615_nrkxmt2VWiWvZTgzkEX59Uj0oUlxtD2O.png
cdn.track.production.webgains.team/265645/ Frame D28C 4 KB
4 KB 41ms
7ms Image
image/png 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/265645/1692282615_nrkxmt2VWiWvZTgzkEX59Uj0oUlxtD2O.png?Expires=1709017443&Signature=GVLClNBOcsfvJZlKZb7bem6Yb9U8YcnAvEl0CBEgj53bTDUBGs4kPQHhSr5mustB-pWowSdv5~mubKowRcRRfzhyFgM2v9KFflFnazmAf0er7-l1eu9UYApw3yBB7HKINTDsvNgsLWBES9Z71NBiJw-SPYcyiXZxDg-6G9QgfRzzsoLIAV5~eR4uxAQbqw-B~SRne23NHyfIPYxGT229l9jXQSM77hevrSg6xDW4Tnduh97wsaUzQ3yoVCiT2EUumzUArwxRNGyqErRiNkh02dl349Hqt75KKsBn74N6j0wuT1-5YjnZ2XWSVt4KwQwnJbNYOJpGInOpqO~P~vFZvA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=191668%2C183975%2C1668988&b=bGVmhQfZf5gY1hYHbHztKtDwMKUbS3tMdEHJ%2C1819UbfKf4qrPf9HdH9tAt2WEs2SVtGRBcA%2CK79QCRfZf8r8Vt5HMHktPtXEkAS7Srt847Fq&f=3r48Upf4fX63dc7HrHAtXCr9wPTPSztKZwCd%2CwxkwhdfjfQ96ECEHRH2tEC4g2TzS9tmrAa5%2CkzgPs5f3fJkJ7f4HwHetmC8AdMuZSmtmPwaR&c=300&d=250&e=&g=4d2c0dc4622c0451a3267c1c453ab602%2F14955806085688793095&i=75452%2C20597%2C294035&j=16%2C21%2C19&k=0&l=0&m=0&n=&p=&q=&o=Influencer_TT_advancedad_300x250&r=1709017143356&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9341de86e937a45a93d5120d0a9d94cdfdbfcbd2e4da2a1c529fdc69d6b4d2e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 10:37:03 GMT
x-amz-version-id: null
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
last-modified: Thu, 17 Aug 2023 14:30:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 73321
etag: "47f1e003b9b074a403e5469f531658f2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3904
x-amz-cf-id: 8lfFy38Ak0niEq-N56iw8NeOHdHgnPY_09lDE8TvXkZ-apnFwzsZvw==

GET
H2 200 cointraffic.io.php Show response
gobits.me/ Frame 572B 1 KB
1 KB 389ms
345ms Document
text/html 2606:4700:3032::6815:855
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gobits.me/cointraffic.io.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/ads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a5cd838fb91979e2c985cd4fd2f0ec9689f991cb92ee7aed8d89bf4f22305505

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85be8afc393a6fd0-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4U1JXERu14RPTjKY0VBz2vQguPnc0BxrHhFmPCRurv8uad1WCas%2BsiiZj0vSa8CzTQkcffyn%2BT8aEduFZsFn59zBc%2B1NkQumaQoIy%2FG0MtAYNNGsNwu4zyafiYcmylkX24HYP0fYroM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 cointraffic.io.php Show response
gobits.me/ Frame 9ED5 1 KB
847 B 353ms
352ms Document
text/html 2606:4700:3032::6815:855
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gobits.me/cointraffic.io.php
Requested by: Host: adsluffa.online
URL: https://adsluffa.online/allads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:855 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8a8111522819c7b86e344951eb6bd7118388df32dc9655551804dbab7708141f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85be8afcf9f96fd0-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 06:59:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64e17CwbeqMDZzqZs6El1TttQotfa25BbEhJLI5G9cGV8na26s%2BtkoGlfGyXSot7Oa3f0DdkZCniMMCdIqxtdlk80m%2BX8P9ay%2FDZr1TdNRlvyy4bogosFjj86LRcsRFHpGtA9MX4kXM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H/1.1 200
OK bxRkQyDGD.js Show response
ww25.aliasmails.xyz/ Frame 5682 32 KB
33 KB 33ms
33ms Script
application/javascript 199.59.243.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.aliasmails.xyz/bxRkQyDGD.js
Requested by: Host: ww25.aliasmails.xyz
URL: http://ww25.aliasmails.xyz/?subid1=20240227-1759-0330-a280-6e596e4b9a5a
Protocol: HTTP/1.1
Server: 199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 63429646a180033b26b60011bb8e0b1d1313ad9cdc89071c3a394c463c9038cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww25.aliasmails.xyz/?subid1=20240227-1759-0330-a280-6e596e4b9a5a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:03 GMT
content-length: 33068
x-request-id: 81a2efae-9510-47f2-8d8f-0eebaa138c42
content-type: application/javascript; charset=utf-8

POST
H/1.1 200
OK _fd Show response
ww25.aliasmails.xyz/ Frame 5682 5 KB
3 KB 72ms
72ms Fetch
text/html 199.59.243.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.aliasmails.xyz/_fd?subid1=20240227-1759-0330-a280-6e596e4b9a5a
Requested by: Host: ww25.aliasmails.xyz
URL: http://ww25.aliasmails.xyz/bxRkQyDGD.js
Protocol: HTTP/1.1
Server: 199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 9d73101820aecd1517ab5990d34a96b06b7d64d1dbaaef664076781442d569f3

Request headers

Accept: application/json
Referer: http://ww25.aliasmails.xyz/?subid1=20240227-1759-0330-a280-6e596e4b9a5a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

x-version: 2.114.2
date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: gzip
pragma: no-cache
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 2644
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame 572B 15 KB
6 KB 87ms
28ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Requested by

Host: gobits.me
URL: https://gobits.me/cointraffic.io.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

633a1632769c670e5a913d3765fa7f9fee169feaa6d0b082851c2c399ed1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 27 Feb 2024 07:14:04 GMT

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ Frame 5682 141 KB
52 KB 59ms
39ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: ww25.aliasmails.xyz
URL: http://ww25.aliasmails.xyz/bxRkQyDGD.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

535b1703ac5da6874ab935efd5aab8b434a39bc39a54624dc2d19e7384f0950f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww25.aliasmails.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "4270271014922708237"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Tue, 27 Feb 2024 06:59:04 GMT

GET
H2 204 check
ctracking.io/ Frame 572B 0
0 73ms
23ms Fetch 2a0d:da00:a:4019::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://ctracking.io/check

Requested by

Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:4019:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
ct-remote-token: 006aec3b-20aa-4ae3-b094-5944017175a5
server: nginx
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: null
accept: application/json
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
expires: Tue, 27 Feb 2024 07:14:04 GMT

OPTIONS
H2 204 check
ctracking.io/ Frame 0
0 134ms
23ms Preflight 2a0d:da00:a:4019::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://ctracking.io/check

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:4019:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: 5804b39d-f0d4-4052-ad97-42f51d188af0
date: Tue, 27 Feb 2024 06:59:04 GMT
expires: Tue, 27 Feb 2024 07:14:04 GMT
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame 9ED5 15 KB
6 KB 29ms
27ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Requested by

Host: gobits.me
URL: https://gobits.me/cointraffic.io.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

633a1632769c670e5a913d3765fa7f9fee169feaa6d0b082851c2c399ed1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 27 Feb 2024 07:14:04 GMT

GET
H2 200 ads Show response
www.adsensecustomsearchads.com/afs/ Frame F37A 13 KB
3 KB 130ms
96ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol306%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol427&client=dp-bodis30_3ph&r=m&sc_status=0&hl=de&ivt=1&rpbu=http%3A%2F%2Fww25.aliasmails.xyz%3Fcaf%26subid1%3D20240227-1759-0330-a280-6e596e4b9a5a&terms=email%20account&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383%2C17301418%2C17301437%2C17301439%2C17301442%2C71847096&format=r3&nocache=2911709017144190&num=0&output=afd_ads&domain_name=ww25.aliasmails.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=60&dt=1709017144191&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=112&frm=2&uio=-&cont=rs&drt=0&jsid=caf&jsv=608724745&rurl=http%3A%2F%2Fww25.aliasmails.xyz%2F%3Fsubid1%3D20240227-1759-0330-a280-6e596e4b9a5a&referer=http%3A%2F%2Febesucher-klicker.de%2F&lao=http%3A%2F%2Febesucher-klicker.de

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

ba9735589417468bddedd6d148d677b20312ab0b1c7fb5b0a8ae47e26f43add1

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-yvu_iLyR8uYRD2j-4Hyn2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Referer: http://ww25.aliasmails.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2640
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-yvu_iLyR8uYRD2j-4Hyn2Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Tue, 27 Feb 2024 06:59:04 GMT
expires: Tue, 27 Feb 2024 06:59:04 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H2 204 check
ctracking.io/ Frame 9ED5 0
0 42ms
24ms Fetch 2a0d:da00:a:4019::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://ctracking.io/check

Requested by

Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:4019:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
ct-remote-token: 5258806f-40bd-4f19-b8b3-5ca48a1edacf
server: nginx
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: null
accept: application/json
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
expires: Tue, 27 Feb 2024 07:14:04 GMT

OPTIONS
H2 204 check
ctracking.io/ Frame 0
0 23ms
23ms Preflight 2a0d:da00:a:4019::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://ctracking.io/check

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:4019:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

accept: application/json
access-control-allow-credentials: true
access-control-allow-headers: Origin,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Set-Cookie,Cookie,Range,CT-Remote-Token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range,Set-Cookie,Cookie,CT-Remote-Token
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
ct-remote-token: 57991f35-fce7-40cb-baa3-c3332386963f
date: Tue, 27 Feb 2024 06:59:04 GMT
expires: Tue, 27 Feb 2024 07:14:04 GMT
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-xss-protection: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D28C 16 B
209 B 86ms
85ms Fetch
application/json 3.9.107.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.107.215 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-107-215.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 85ms
22ms Preflight 3.9.107.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.107.215 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-107-215.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx

GET
H2 200 caf.js Show response
www.adsensecustomsearchads.com/adsense/domains/ Frame F37A 141 KB
52 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/adsense/domains/caf.js?pac=0

Requested by

Host: www.adsensecustomsearchads.com
URL: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol202%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol306%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol427&client=dp-bodis30_3ph&r=m&sc_status=0&hl=de&ivt=1&rpbu=http%3A%2F%2Fww25.aliasmails.xyz%3Fcaf%26subid1%3D20240227-1759-0330-a280-6e596e4b9a5a&terms=email%20account&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2497786236455022&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17301383%2C17301418%2C17301437%2C17301439%2C17301442%2C71847096&format=r3&nocache=2911709017144190&num=0&output=afd_ads&domain_name=ww25.aliasmails.xyz&v=3&bsl=8&pac=0&u_his=2&u_tz=60&dt=1709017144191&u_w=1600&u_h=1200&biw=-12245933&bih=-12245933&isw=1&ish=1&psw=1&psh=112&frm=2&uio=-&cont=rs&drt=0&jsid=caf&jsv=608724745&rurl=http%3A%2F%2Fww25.aliasmails.xyz%2F%3Fsubid1%3D20240227-1759-0330-a280-6e596e4b9a5a&referer=http%3A%2F%2Febesucher-klicker.de%2F&lao=http%3A%2F%2Febesucher-klicker.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b2841688eeabd7a520a3023258409c2e128e6875a909821b68d27a2d56acd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.adsensecustomsearchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "15988846488489794340"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Tue, 27 Feb 2024 06:59:04 GMT

GET
H2 200 sticky.js Show response
appsha-pnd.ctengine.io/static/ Frame 572B 15 KB
3 KB 71ms
23ms XHR
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://appsha-pnd.ctengine.io/static/sticky.js?v=1705180720032

Requested by

Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 27 Feb 2024 07:14:04 GMT

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ Frame 572B 29 KB
4 KB 94ms
47ms XHR
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://appsha-pnd.ctengine.io/static/inpage.js?v=1705180720032

Requested by

Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

06b1727a711b2d63dbb363d2998e36848e9236d4b6e7be7d51771885464bc1c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 27 Feb 2024 07:14:04 GMT

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame 572B 697 B
1 KB 92ms
45ms XHR
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://appsha-pnd.ctengine.io/static/popunder.js?v=1705180720032

Requested by

Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

762a95faa30fbd7ef70db92ce716d0bb48a33cdbdeb30ff257df17b2ed3a2e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 697
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 27 Feb 2024 07:14:04 GMT

GET
H2 200 sticky.js Show response
appsha-pnd.ctengine.io/static/ Frame 9ED5 15 KB
3 KB 71ms
24ms XHR
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://appsha-pnd.ctengine.io/static/sticky.js?v=1705180720032

Requested by

Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 27 Feb 2024 07:14:04 GMT

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ Frame 9ED5 29 KB
4 KB 70ms
23ms XHR
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://appsha-pnd.ctengine.io/static/inpage.js?v=1705180720032

Requested by

Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

06b1727a711b2d63dbb363d2998e36848e9236d4b6e7be7d51771885464bc1c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 27 Feb 2024 07:14:04 GMT

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame 9ED5 697 B
1 KB 93ms
46ms XHR
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://appsha-pnd.ctengine.io/static/popunder.js?v=1705180720032

Requested by

Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

762a95faa30fbd7ef70db92ce716d0bb48a33cdbdeb30ff257df17b2ed3a2e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 06:59:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 697
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: private, max-age=900
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Tue, 27 Feb 2024 07:14:04 GMT

POST
H/1.1 200
OK _tr
ww25.aliasmails.xyz/ Frame 5682 2 B
0 52ms
52ms Fetch
text/html 199.59.243.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ww25.aliasmails.xyz/_tr
Requested by: Host: ww25.aliasmails.xyz
URL: http://ww25.aliasmails.xyz/bxRkQyDGD.js
Protocol: HTTP/1.1
Server: 199.59.243.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Accept: application/json
Referer: http://ww25.aliasmails.xyz/?subid1=20240227-1759-0330-a280-6e596e4b9a5a
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

x-version: 2.114.2
date: Tue, 27 Feb 2024 06:59:03 GMT
content-encoding: gzip
pragma: no-cache
server: openresty
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 22
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame 9ED5 47 B
681 B 129ms
77ms XHR
text/javascript 2a0d:da00:a:4035::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4035:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4233b4d3277e95148e3a411f0f8998351682dfb723fce350fd8c46088489a4be

Request headers

Referer
CT-Remote-Token: 5258806f-40bd-4f19-b8b3-5ca48a1edacf
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Apps-Referer
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Apps-Referer
expires: 0

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 92ms
25ms Preflight 2a0d:da00:a:4035::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4035:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ct-remote-token
Access-Control-Request-Method: POST
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Apps-Referer
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Apps-Referer
access-control-max-age: 1728000
date: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 92ms
25ms Preflight 2a0d:da00:a:4035::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4035:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ct-remote-token
Access-Control-Request-Method: POST
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Apps-Referer
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Apps-Referer
access-control-max-age: 1728000
date: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame 572B 47 B
684 B 126ms
75ms XHR
text/javascript 2a0d:da00:a:4035::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=2mAo1Hwtyq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4035:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4233b4d3277e95148e3a411f0f8998351682dfb723fce350fd8c46088489a4be

Request headers

Referer
CT-Remote-Token: 006aec3b-20aa-4ae3-b094-5944017175a5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 06:59:04 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: null
access-control-expose-headers: Content-Length,Content-Range,Ct-Remote-Token,CT-Apps-Referer
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Ct-Remote-Token,CT-Apps-Referer
expires: 0

GET
H3 204 gen_204
www.adsensecustomsearchads.com/afs/ Frame 5682 0
19 B 106ms
106ms Image
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-bodis30_3ph&output=uds_ads_only&zx=jmnzxzhm2jxy&aqid=OIjdZcm9ENWwovsPsJe5eA&psid=3113057640&pbt=bs&adbx=0&adby=143&adbh=1&adbw=1&adbn=master-1&eawp=partner-dp-bodis30_3ph&errv=608724745&csala=3%7C0%7C137%7C52%7C4&lle=0&ifv=0&hpt=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-l-NdgmnT9NR-1lZSA38dVA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ww25.aliasmails.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-l-NdgmnT9NR-1lZSA38dVA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Tue, 27 Feb 2024 06:59:05 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bitporno.de
URL: https://bitporno.de/

Domain: eu4-de84.muggel.net
URL: https://eu4-de84.muggel.net/?nr=1&d=LX5w9HmlOwZHBF30Id0vF7RVIsbAHwcS

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 19:26:49	Name: userId Value: yYwH97R9kc462Ne9OL-Y2n3Ey0KT0JTs
ebesucher-klicker.de/	1970-01-20 18:43:44	Name: csrf_cookie_name Value: 1b5775b1b80c63202b110df06904677f
ebesucher-klicker.de/	1970-01-20 18:43:44	Name: ci_session Value: 4b1v8omaic6fgi5ko4ho5hsi69tam0uh
.tradedoubler.com/	1970-01-21 03:29:13	Name: PI Value: 1z11z1z15mz1WA4NKzElTCy1y26GlfyCaaCyyyBVCRy1fAsy2N2GlFyyFbva9%78P%79SYi50oIRNN5QQKBtnHj1mNKZICWTckwPbtUADqIvMNRRGt6U91w.K_rl0%79s5QQNgwHdJ52.k_mX7hpe9etvoUXu%79.O%782g2QV5tP7q93Qi2s7fhVy
.tradedoubler.com/	1970-01-21 03:29:13	Name: UI Value: 1z11zz15mzWJLtbz1aqOyQkJx
.awin1.com/	1970-01-20 18:46:29	Name: awpv22835 Value: 412871\|1709017143\|b13b9f20-d53d-11ee-9bfd-22355e113c89
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 421902:2974903
.ctracking.io/	1970-01-21 03:30:39	Name: ctuid Value: 5258806f-40bd-4f19-b8b3-5ca48a1edacf
.ctengine.io/	1970-01-20 19:26:49	Name: ctuid Value: 5258806f-40bd-4f19-b8b3-5ca48a1edacf

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://tool.hubu.link/matomo.php?action_name=AdNade.net%20-%20PTP%20link&idsite=VlA4an6aWb5e&rec=1&r=034528&h=7&m=59&s=3&url=https%3A%2F%2Fadnade.net%2Fptp%2F%3Fuser%3Dfrechdax%26subid%3D1&urlref=https%3A%2F%2Fnetzwerk-ad.de%2F&_id=10e097e6f3c54c63&_idn=1&send_image=0&_refts=1709017143&_ref=https%3A%2F%2Fnetzwerk-ad.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=fg9fwM&pf_net=0&pf_srv=19&pf_tfr=1&pf_dm1=84&uadata=%7B%7D Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.google.com/adsense/domains/caf.js(Line 200) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://ebesucher-klicker.de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
ad4m.at
adnade.net
adsluffa.online
ajax.googleapis.com
aliasmails.xyz
analytics.webgains.io
api.webgains.io
apps-pnd.ctengine.io
appsha-pnd.ctengine.io
as.ad4m.at
assets.ad4m.at
bitporno.de
bitspush.io
cdn-binance.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
consent.cookiefirst.com
csi.gstatic.com
ctracking.io
deli.misaglam.com
deliver.adnade.net
ebesucher-klicker.de
edge.cookiefirst.com
embed.chatlotto.de
eu4-de84.muggel.net
fonts.googleapis.com
fonts.gstatic.com
free-btc.org
go2.do
gobits.me
grow-platform.tradedoubler.com
imasdk.googleapis.com
imp.tradedoubler.com
js.wpadmngr.com
media.hubuhost.com
na.nawpush.com
netzwerk-ad.de
pagead2.googlesyndication.com
s0.2mdn.net
sparkasse-fickmuehlen.de
static.a-ads.com
tool.hubu.link
track.webgains.com
video.onetouch8.info
ww25.aliasmails.xyz
www.adsensecustomsearchads.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
bitporno.de
eu4-de84.muggel.net
103.224.212.213
144.126.134.105
144.76.28.254
178.254.33.33
18.195.135.32
18.66.147.98
188.165.150.178
195.90.208.185
199.59.243.225
216.239.32.3
23.56.205.163
2400:52e0:1e00::1081:1
2400:52e0:1e00::1082:1
2606:4700:20::681a:ad1
2606:4700:3032::6815:47b2
2606:4700:3032::6815:855
2606:4700:3032::ac43:ab44
2606:4700::6811:180e
2a00:1450:4001:806::2006
2a00:1450:4001:806::200e
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:6800:3:591::2
2a00:6800:3:a0b::2
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0d:da00:a:4019::
2a0d:da00:a:401c::
2a0d:da00:a:4035::
3.9.107.215
35.176.232.93
45.133.44.25
45.133.44.52
99.86.4.53
069fd47df71ce88d5b5f3237c11d3a6ec5346e0fc934e2ce9f7b13e60d7d8575
06b1727a711b2d63dbb363d2998e36848e9236d4b6e7be7d51771885464bc1c0
07db5026d3d047a4bd2fd0dcfea2f4e5a1fd7cfde261cb8250d71d680a07ed79
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c23f81b4b96fc42b49465db3b5b7c24551a581796fb897b54f75333b97e9199
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9
11a933100ccfe156b93199371bebe899d4239553e208c19401039756baf0a360
147c9c607f033ccd2bcb751c06b49e3163cf29517b6233ab53cdd69e998c6f30
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
179d3d13b9a9f399aecf32e8986d8390cb497a148eeab34aec0b20ca6bd85f98
17b7b30c91fb5568706774f985e4f199f43b3c941b412dbfb6e91b1899065675
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1cb2390cd9b4ce160f8c8361430b7b0e270ee56ef2a663418a05ef5de864f7cf
20cdda5054f7566f92a6a45682e821a8e1847e2cc772110b84af9db36a884f98
2312fdfcdfa6789647755651ac4e029172ab516a978e0eaa8d134da64ecb9379
267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741
26b8db0717b2470b952a3124e7054ca7b71d78951d98c2ac263ce14ef5bb8b9e
29287f0ee27b9f865409fbc1a40b1d61b7a4fadb90b7c8c38165da62d04d3958
2c9c5820db6f7a8a6c3912b60454a491326c2712a0db3ba10c751b0bc3816469
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
34b2841688eeabd7a520a3023258409c2e128e6875a909821b68d27a2d56acd2
39857e01d4d4f756029ecb3a0963d161ef857ef5a573d734c982badefbb9f973
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
4233b4d3277e95148e3a411f0f8998351682dfb723fce350fd8c46088489a4be
4afdfe5b5c04f5f508f6805eb4d820cc6bbdc3efb535ef864bd23c70f1ff894a
4b0f43a41a22937586d9dcfb1a83acb9e352846843188049c87613a17f688fbb
4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7
5154391ed1d39ada814f7298e5c77802f238ee9a74809c0833eab8e470fda0b9
5246937bb93047e623da39a190ce37105c363943dea9a082b6f3de13a9e14fc7
535b1703ac5da6874ab935efd5aab8b434a39bc39a54624dc2d19e7384f0950f
561b2814d3c09e62a92442c946307918f7f63f833c84876c08bd4c406767e53b
593d4133adeb54b18ac3974a1a78e0aa6e2c9f0f054a96be5db7d929ebb57baf
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
633a1632769c670e5a913d3765fa7f9fee169feaa6d0b082851c2c399ed1a07b
63429646a180033b26b60011bb8e0b1d1313ad9cdc89071c3a394c463c9038cc
635cbd5c4f2676a4f9287331eddb4fdae18114878cf9f45fefc068922628f368
638122f9afafcd3a8e4ba528612571fbbad494a0bdbe96fb0d79f5525a23514f
64a4383f30ec2cc2dab9b882da9e82b659aa23b6a0b2ee1118dda32f7a43059f
66b8a61cf672cf919954172915bc218b163ecaa3eac06773115298357a4c5a85
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6e30be95c88e3acf121f68a271f54b13af21cd26e311fe37df694874edfd48c7
7093535c92c8b7651ca055b34c44b3686656471359c9ec3badb15b6019dcae4b
762a95faa30fbd7ef70db92ce716d0bb48a33cdbdeb30ff257df17b2ed3a2e91
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4
81bb9ca7f132df1282fb961eb59ce5e0bfb23c3946f578d046088da672650d12
843cf53ffec1cba4d93bc2bcc54e6570b7995d1be89015902df534357b9268b0
86e5b7e8d1d9360d06c8bbeed2584da7d7a8546cea642a018ab4564e735866b4
8862af684ac64dd7a94f59316e9026e6c42ec696509e1d57ab96b3cad6357901
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
89dd617f06b5cde21926c8f2560c7f882b74f1a3fd8845830d6a68d83cc4618c
8a8111522819c7b86e344951eb6bd7118388df32dc9655551804dbab7708141f
8a9e891132bfd2738e9db8a893fa26d5b742e76a00ad51894cb86eea6de63dcd
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
902d8fb13200a5d2faece2c9307ebf2e309370cb27ff89020001a4e2940fd249
92c5526ae1d95c81531d59ae4bbe86fc55657ebc97b8ba5c663b2d50cea8189f
9341de86e937a45a93d5120d0a9d94cdfdbfcbd2e4da2a1c529fdc69d6b4d2e0
944a80601d5732132c9dbb62eb3e76afc0cb4ddfdfbeb9cd0c512e441992466d
9594adfee670a9de7fff74593f8097b6a605f89c2cc34383a11f73d2978635cc
97205041759d0463b2c2849f7275898fd81a783165f9ad4b22162b6f2beeceb5
979ef1b2b39c11c8caad3a850cc68005f6a43b6f92edca42b970d64d89ce7488
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
99c03bab3231e0ca0865aff5ed29ed1c719c5319301fd5a9ed35bec5098474d6
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
9cde9aa44670bcfa2e04173bcb9bc77ce7f3936000e3e95cd8f1d62ce6673f15
9d73101820aecd1517ab5990d34a96b06b7d64d1dbaaef664076781442d569f3
a2bca1b2de6b989887cabb170d918cd219fa3f0c32750f16344a5ffdf9768e56
a323ef02fe1933eedd0b0127f9526080ca6b98353da15dbd7181797d0df8d71f
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
a5cd838fb91979e2c985cd4fd2f0ec9689f991cb92ee7aed8d89bf4f22305505
a7c7ab874946e194daa6761331e46cfc9af58a2c049f5c1fb6e07194aa00c1b3
aa8e3adbf0b5c901a3909a38faa3cddd4ae183dff1fec4c954d2bab3aa40f3c4
ab02aa69457a210a01183dfdbe6fa1a195305741bdbd04d964d153368f5b18a6
aba329695897af7bffa4d282dcf3573d0463f847a01f28efe7c41aa51beb41ee
b2bce6ce46ef589072bde2c069da7ba012816af387bdc4f2b489ceb8e2c28d08
b364babb52cb930beb7e5e61f549d739c155b2f8a24415bb8b401b0d6cb3eddb
b380e6459b59b8938311cdf1a1d781234e346c5cfdea50f28b9d29d63c8c59ad
b50253e2ef3c7a42aaa8544693349332aeba8f9caa05b0cd4652f11b46760000
b78c5c3f93b9d9d8dcb46d08d4f67cbcf71ff8b2ec96c03543fc377ce446b6e6
b9455bc7fa2544fea83bbe69418fa2231819e0f57b899aecf711d4e94b7ffb2d
ba9735589417468bddedd6d148d677b20312ab0b1c7fb5b0a8ae47e26f43add1
bd0610ed2450bbd81dde51bcb0639eb97569f0adad01ddf1a882569a614acf9a
bd3f0a55ed9a38ab3288129d8915fce8332c05026716fc37778104a7f2918541
be31fb55d198f0a2bc969e70857e7ab9388e6dce6f26c2bea85a6cd827eae666
c331eb86d87b1684540ddb6544a96d3f9b975141681f028ae97b0c5bcf4b64b3
c4d67d29cfa8ed5e468b0b9bd02bf5e66ef8994b4b0245b0e31cb72f642b4d1b
c8f4833e03df3d72f1fc0717b502538300c6f51d316d180d023ff47e2ceee39e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cad0318c3fb4979d4a1eb3c047a028f19d26868967049919c815606878486b2a
cb3b4e37f1adfbbc5e25705783f8fb937c04182841a83511ce3293307b9badef
cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1
d0963e266a793bcf10ba3e5e75fd4a8f3cce1eab2d2899cbb741079edbdcdb18
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d525bbc62853a3dd657416f2e9e69959936ee4e488191e55f16bd946dc557662
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d8b8c4c304be3320fd41260be7e00fcd381499e76bb239e397894c752de77378
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
df8458262a7d3d4dad2851655de2b3ba3b711f52e2bfce63ce0348730bb819c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f03188bc85cffc0c30d25b3d85d409399b327bf822bd7ae334644c50d726bd
e7902b56545718b3f9dcc015b4acab60270239d559b0adaae9e5c81dd95a89a1
e9fc8d6674aeafb947323cae49be6b79b03e4b1d11bd0c93d447e347016f6a81
f2a28aaf1aa6ea07a8f0fd73855622ba3b06d2cc6e620c512d5d1066d2e1644d
f40a0064b6078c8faef30b799c94a9a81a6378d590ea7ff3176f316dd3ca2741
f4302dca380ee69b5fc3ac2db66bd9838c5ba6f34373e6442dc3d2d14b6f187c
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f7274ba10554801c2589a0461ef72855be2ac1463f95598dd237822016a4de06
fd6bf4f74881850baa384bed84f6dfb9b5258c6771524a4a226b2b344a61f096
feaf27fdddabe92bfbbe2a1493c53a3bf017fd225854c3e7c1dd2539da667ea5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffa3a6a98ab43734c2f97006b9ddbb277f8e2bbe4428bb6c0df6f793f979c0cb

ebesucher-klicker.de Open in urlscan Pro 144.126.134.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

148 Requests

76 %HTTPS

60 %IPv6

39 Domains

51 Subdomains

39 IPs

5 Countries

5186 kBTransfer

7991 kBSize

9 Cookies

0 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ebesucher-klicker.de Open in urlscan Pro
144.126.134.105 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

76 %
HTTPS

60 %
IPv6

39
Domains

51
Subdomains

39
IPs

5
Countries

5186 kB
Transfer

7991 kB
Size

9
Cookies

148 HTTP transactions
1 data transactions