139.59.106.242 Open in urlscan Pro
139.59.106.242  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 139.59.106.242/	60 KB 14 KB	729ms 723ms	Document text/html	139.59.106.242 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://139.59.106.242/ Protocol HTTP/1.1 Server 139.59.106.242 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software LiteSpeed / Resource Hash 912b3825c299e1e3fa307486a3e5e9ac6dafca0c071074e5d1c31550eff14dcc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes connection Keep-Alive content-encoding gzip content-length 13902 content-type text/html date Thu, 28 Sep 2023 11:09:05 GMT etag "ef2e-6061bf2ccdcd3-gzip" last-modified Sun, 24 Sep 2023 14:49:27 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	v0.js Show response cdn.ampproject.org/	278 KB 72 KB	664ms 85ms	Script text/javascript	142.250.186.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0.js Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f1.1e100.net Software sffe / Resource Hash eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 28 Sep 2023 11:09:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73010 x-xss-protection 0 server sffe etag "b44d49b4390daba4" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3000, stale-while-revalidate=1206600 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 28 Sep 2023 11:09:06 GMT
GET H2	200	amp-carousel-0.1.js Show response cdn.ampproject.org/v0/	38 KB 11 KB	688ms 110ms	Script text/javascript	142.250.186.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-carousel-0.1.js Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f1.1e100.net Software sffe / Resource Hash 7a492ab47d0ecf0391f1ac2e69aaa7972aad9332de4b82ab6c79937f9afd3f6c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 28 Sep 2023 11:09:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11513 x-xss-protection 0 server sffe etag "eb83e56ca9c8d086" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 28 Sep 2023 11:09:06 GMT
GET H2	200	amp-sidebar-0.1.js Show response cdn.ampproject.org/v0/	31 KB 10 KB	700ms 126ms	Script text/javascript	142.250.186.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-sidebar-0.1.js Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f1.1e100.net Software sffe / Resource Hash 2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff date Thu, 28 Sep 2023 11:09:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9649 x-xss-protection 0 server sffe etag "72b1ab72fa86fbb7" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=604800, stale-while-revalidate=604800 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 28 Sep 2023 11:09:06 GMT
GET DATA	200 OK	truncated /	82 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	logo.png i.ibb.co/NYXqC3b/	14 KB 15 KB	197ms 72ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/NYXqC3b/logo.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 98bcfa4e3ebe140037e8056e8e599d47c837ae78f0bb3cb315aba648f21dc1f4 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 06:29:14 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 14627 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	togel.png i.ibb.co/7rCMHQh/	10 KB 11 KB	243ms 118ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/7rCMHQh/togel.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 9ca580d91e6c397049642bf3dd719a53ab46ec09ed58aa2d78ab44ffaa42f3e5 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 08:00:13 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 10649 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	slot.png i.ibb.co/k1jsQn8/	7 KB 7 KB	195ms 71ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/k1jsQn8/slot.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 47ad5fadc1275802488c9435fdc88eb8756d1105f58bd36185256f8f1fe39fb1 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 08:20:03 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 7155 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	roulette.png i.ibb.co/vkXD2pY/	22 KB 22 KB	188ms 64ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/vkXD2pY/roulette.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash f837db3ea1517eb51e9fe424064b14a25747b3be714346a33fd23f07b4301ae2 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 08:20:03 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 22108 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	sport.png i.ibb.co/X4qtkkB/	12 KB 12 KB	188ms 64ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/X4qtkkB/sport.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash f534089081dd56cb27b14caccec7715c4708314ed6e6dc4650d609e0dfdb448d Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 08:22:22 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 12180 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	poker.png i.ibb.co/7GSgH9g/	19 KB 19 KB	189ms 65ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/7GSgH9g/poker.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 012525925c80e46fb829b1c51e9d44a6f879bf4cf765225f0b3cfd2584e7a32f Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 08:22:22 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 19395 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	fish.png i.ibb.co/PN9BYnJ/	11 KB 11 KB	186ms 64ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/PN9BYnJ/fish.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash fdc5943225026602586be07d6b11334b96e02fd51fd2e5b1adca50fe2eafe17a Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 08:23:16 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 10820 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	homex.png i.ibb.co/ypKJjY8/	1 KB 1 KB	185ms 63ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/ypKJjY8/homex.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 91fad6761438f976bbdaa72709a5401849f5a4114cdbfe02d39e382f8522eac7 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Sun, 26 Jun 2022 13:57:15 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 1215 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	joinx.png i.ibb.co/BtsCvsM/	2 KB 2 KB	192ms 70ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/BtsCvsM/joinx.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash e6a83845d6ea2a864b8ad0b23199e2dbed7d9c83e4cdfc33f5ff1ffdf64278b4 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Sun, 26 Jun 2022 13:57:14 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 2091 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	loginx.png i.ibb.co/bJXSWQJ/	3 KB 3 KB	192ms 70ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/bJXSWQJ/loginx.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 65b26be343859a975ffcd1669eaecabc9cccf30554a558a58e51f3ae0f7eccc8 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Sun, 26 Jun 2022 13:57:14 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 2874 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	promoX.png i.ibb.co/ZmzY32K/	2 KB 3 KB	187ms 65ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/ZmzY32K/promoX.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash a9d177ef309af7342937bd0de2eb0697d5ed09e631c094b87b7c92a751a06bd8 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Sun, 26 Jun 2022 13:57:15 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 2391 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	livechatx.png i.ibb.co/QptpZCr/	2 KB 2 KB	186ms 65ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/QptpZCr/livechatx.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash fbc6e5b7fd710e7d7fff1d09fd70ff9a5178c9069ce7d2de55ea40cfa2876386 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Sun, 26 Jun 2022 13:59:57 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 1793 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	WA.png i.ibb.co/TTBF7kK/	3 KB 3 KB	124ms 124ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/TTBF7kK/WA.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash f07edd34fb702d21123d58e5eb0e36cd0904b10361a1365e7ddfc3eb43ad6f05 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 08:27:37 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 2577 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	chat.png i.ibb.co/xCv3vWR/	2 KB 3 KB	125ms 124ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/xCv3vWR/chat.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 58fcc13f97f6a627b25bbacf38cafc7245d85d091c18d7132f902d29065d6b08 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 08:27:37 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 2535 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	amp-auto-lightbox-0.1.js Show response cdn.ampproject.org/rtv/012309151607000/v0/	8 KB 4 KB	616ms 67ms	Script text/javascript	142.250.186.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309151607000/v0/amp-auto-lightbox-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f1.1e100.net Software sffe / Resource Hash 141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://139.59.106.242/ Origin http://139.59.106.242 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 26 Sep 2023 19:31:14 GMT age 142673 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2976 x-xss-protection 0 server sffe etag "07fb3dc7eac63481" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 25 Sep 2024 19:31:14 GMT
GET DATA	200 OK	truncated /	157 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	149 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	amp-loader-0.1.js Show response cdn.ampproject.org/rtv/012309151607000/v0/	12 KB 4 KB	592ms 69ms	Script text/javascript	142.250.186.161 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012309151607000/v0/amp-loader-0.1.js Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.161 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f1.1e100.net Software sffe / Resource Hash ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://139.59.106.242/ Origin http://139.59.106.242 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 26 Sep 2023 19:31:14 GMT age 142673 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3936 x-xss-protection 0 server sffe etag "3d96bab6a7d5a37d" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 25 Sep 2024 19:31:14 GMT
GET H2	200	banner2-roda4d.png i.ibb.co/cwgQqPJ/	541 KB 542 KB	125ms 125ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/cwgQqPJ/banner2-roda4d.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash 02fcdd84a6a79b55a44d7e6c1bfefa2e59feae221b7b40f37e30609f0af7fce1 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 06:35:37 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 554441 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	banner1-roda4d.png i.ibb.co/PW8DFsG/	457 KB 458 KB	123ms 71ms	Image image/png	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/PW8DFsG/banner1-roda4d.png Requested by Host: 139.59.106.242 URL: http://139.59.106.242/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash a620a30458d227c042433ed1d0f7e738523fa318f65eba923eed9a402be825c5 Request headers accept-language de-CH,de;q=0.9 Referer http://139.59.106.242/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 28 Sep 2023 11:09:06 GMT last-modified Wed, 13 Sep 2023 06:35:36 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 467794 expires Thu, 31 Dec 2037 23:55:55 GMT

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
i.ibb.co
139.59.106.242
142.250.186.161
162.19.58.160
012525925c80e46fb829b1c51e9d44a6f879bf4cf765225f0b3cfd2584e7a32f
02fcdd84a6a79b55a44d7e6c1bfefa2e59feae221b7b40f37e30609f0af7fce1
141a9b0b0492c8b4e7deb1e0537c69d01a3af169bf0c6e3a70c027856fdcedf4
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
2f97dcb53f7c00ce36a806c30a217f8976a4b9bcfedd517be479ef8cc843a9b2
47ad5fadc1275802488c9435fdc88eb8756d1105f58bd36185256f8f1fe39fb1
58fcc13f97f6a627b25bbacf38cafc7245d85d091c18d7132f902d29065d6b08
65b26be343859a975ffcd1669eaecabc9cccf30554a558a58e51f3ae0f7eccc8
7a492ab47d0ecf0391f1ac2e69aaa7972aad9332de4b82ab6c79937f9afd3f6c
912b3825c299e1e3fa307486a3e5e9ac6dafca0c071074e5d1c31550eff14dcc
91fad6761438f976bbdaa72709a5401849f5a4114cdbfe02d39e382f8522eac7
98bcfa4e3ebe140037e8056e8e599d47c837ae78f0bb3cb315aba648f21dc1f4
9ca580d91e6c397049642bf3dd719a53ab46ec09ed58aa2d78ab44ffaa42f3e5
a620a30458d227c042433ed1d0f7e738523fa318f65eba923eed9a402be825c5
a9d177ef309af7342937bd0de2eb0697d5ed09e631c094b87b7c92a751a06bd8
ce5d2c5db39edc66c10096838a6c9c92a20e3d2b3f1f19a274bbd2848a8f2e07
e6a83845d6ea2a864b8ad0b23199e2dbed7d9c83e4cdfc33f5ff1ffdf64278b4
e6e91c65c98775cc3e65a39d1c11708343f9509517a8a73983bb331e1ec021fa
eb674de5636ad731f83bbd141aaac1337fd1539cf7976b59f7dbf17730c1dac6
f07edd34fb702d21123d58e5eb0e36cd0904b10361a1365e7ddfc3eb43ad6f05
f534089081dd56cb27b14caccec7715c4708314ed6e6dc4650d609e0dfdb448d
f837db3ea1517eb51e9fe424064b14a25747b3be714346a33fd23f07b4301ae2
fbc6e5b7fd710e7d7fff1d09fd70ff9a5178c9069ce7d2de55ea40cfa2876386
fc4f8977a88c766f201137149a9cd77d9b588975de8b416c6cca798314c34457
fdc5943225026602586be07d6b11334b96e02fd51fd2e5b1adca50fe2eafe17a