309ads.com Open in urlscan Pro
172.67.201.170 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://309ads.com/
Submission: On September 13 via manual (September 13th 2021, 2:48:39 am UTC) from NL — Scanned from DE

Summary HTTP 48 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 48 HTTP transactions. The main IP is 172.67.201.170, located in United States and belongs to CLOUDFLARENET, US. The main domain is 309ads.com.

This is the only time 309ads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	172.67.201.170 172.67.201.170	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	74.125.133.95 74.125.133.95	15169 (GOOGLE) (GOOGLE)
1 1	52.117.22.28 52.117.22.28	36351 (SOFTLAYER) (SOFTLAYER)
5	52.117.22.24 52.117.22.24	36351 (SOFTLAYER) (SOFTLAYER)
5	172.67.218.137 172.67.218.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	66.102.1.94 66.102.1.94	15169 (GOOGLE) (GOOGLE)
1	104.21.85.111 104.21.85.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.130.41 172.67.130.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.87.44 104.21.87.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.213.17 172.67.213.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.208.180 172.67.208.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	10

21 172.67.201.170 (United States)

ASN13335 (CLOUDFLARENET, US)

309ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.133.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.117.22.28 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 1c.16.7534.ip4.static.sl-reverse.com

mylivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.117.22.24 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.16.7534.ip4.static.sl-reverse.com

a5.mylivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.218.137 (United States)

ASN13335 (CLOUDFLARENET, US)

adcaixa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 66.102.1.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.85.111 (None, )

ASN13335 (CLOUDFLARENET, US)

geoptc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.130.41 (United States)

ASN13335 (CLOUDFLARENET, US)

sahigroups.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.87.44 (None, )

ASN13335 (CLOUDFLARENET, US)

urduwrite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.213.17 (United States)

ASN13335 (CLOUDFLARENET, US)

pirucas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.208.180 (United States)

ASN13335 (CLOUDFLARENET, US)

zompress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	309ads.com 309ads.com	2 MB
6	gstatic.com fonts.gstatic.com	131 KB
6	mylivechat.com 1 redirects mylivechat.com a5.mylivechat.com	72 KB
5	adcaixa.com adcaixa.com	10 KB
5	googleapis.com fonts.googleapis.com	4 KB
2	pirucas.com pirucas.com	207 KB
1	zompress.com zompress.com	115 KB
1	urduwrite.com urduwrite.com	113 KB
1	sahigroups.com sahigroups.com	15 KB
1	geoptc.com geoptc.com	17 KB
48	10

	Domain	Requested by
21	309ads.com	309ads.com
6	fonts.gstatic.com	fonts.googleapis.com
5	adcaixa.com	309ads.com
5	a5.mylivechat.com	309ads.com mylivechat.com
5	fonts.googleapis.com	309ads.com mylivechat.com
2	pirucas.com
1	zompress.com
1	urduwrite.com
1	sahigroups.com	309ads.com
1	geoptc.com	309ads.com
1	mylivechat.com	1 redirects
48	11

This site contains links to these domains. Also see Links.

Domain
adcaixa.com
sahigroups.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.mylivechat.com Go Daddy Secure Certificate Authority - G2	`2021-09-05` - `2022-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-18` - `2022-08-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://309ads.com/
Frame ID: 562DA79C1C984DFD85703E194FB514EE
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

309Ads - Ads That Pay Real Cash

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

48
Requests

54 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

10
IPs

2
Countries

2714 kB
Transfer

3334 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://adcaixa.com/
Title: Ads by ADCaixa

Search URL Search Domain Scan URL

URL: https://adcaixa.com/ads/double_click/281/23/70

Search URL Search Domain Scan URL

URL: https://adcaixa.com/ads/double_click/103/23/71
Title: Spring Handbag Trends For over a year now

Search URL Search Domain Scan URL

URL: https://adcaixa.com/ads/double_click/249/23/71
Title: The Cutest Cat Species Ever we just found

Search URL Search Domain Scan URL

URL: https://adcaixa.com/ads/double_click/192/23/71
Title: Salah can prove loyalty Liverpool in Real Madrid showdown

Search URL Search Domain Scan URL

URL: https://adcaixa.com/ads/double_click/187/23/71
Title: our guide to breakfast and brunch things are finally looking

Search URL Search Domain Scan URL

URL: https://adcaixa.com/ads/double_click/239/23/72
Title: .BorderColorChangeElement { animation: BorderColorChange 1s ease-out 0s infinite alternate none running; } @keyframes BorderColorChange{ 0% { border: 10px solid #ffc0cb;} 100% { border: 10px solid #ff69b4;} } @keyframes scaler { 0% { transform: scale(1); } 100% { transform: scale(1.5); } } .imgAnim854 { animation: scaler 10s linear 0s infinite alternate none running; } .btnAnim854 { animation: scaler 1s linear 0s infinite alternate none running; } .btnAnim854:hover{ animation-play-state: paused; }

Search URL Search Domain Scan URL

URL: https://sahigroups.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700 HTTP 307
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

Request Chain 15

https://mylivechat.com/chatinline.aspx?hccid=53641025 HTTP 302
https://a5.mylivechat.com/livechat2/livechat2.aspx?hccid=53641025&apimode=chatinline

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
309ads.com/ 8 KB
3 KB 135ms
97ms Document
text/html 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a465f65a3d49aa4831570c11d05176403268ceaaa69355d627596efda2d0656

Request headers

Host: 309ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65; path=/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyTBAER59DPTcEGRFQMpc%2BJRs8UfgIDEXv%2FQtAMWGU%2BJp5qdwH8iymlcArnOaVfsI1Tuxn2sO8E4O0%2FtvHdYlUwyFPf16L3%2FxXy0bTvjk1yaxWUkBF2%2BgwMfyZmo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 68de0e8f4f744119-PRG
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 53ms
20ms Stylesheet
text/css 74.125.133.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Requested by

Host: 309ads.com
URL: http://309ads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f95.1e100.net

Software

ESF /

Resource Hash

b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 01:35:22 GMT
server: ESF
date: Mon, 13 Sep 2021 02:48:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 02:48:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
695 B 54ms
20ms Stylesheet
text/css 74.125.133.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:400,300,500,600,700

Requested by

Host: 309ads.com
URL: http://309ads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f95.1e100.net

Software

ESF /

Resource Hash

3ae048abb6e403e8f8e73fe5eb0fca35edfbb9a2a7ddb8dadcb3ffc58233b6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 02:48:29 GMT
server: ESF
date: Mon, 13 Sep 2021 02:48:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 02:48:29 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
642 B 54ms
21ms Stylesheet
text/css 74.125.133.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,300,700

Requested by

Host: 309ads.com
URL: http://309ads.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f95.1e100.net

Software

ESF /

Resource Hash

cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 01:25:02 GMT
server: ESF
date: Mon, 13 Sep 2021 02:48:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 02:48:29 GMT

GET
H/1.1 200
OK bootstrap.min.css
309ads.com/templates/ModernBlue/styles/ 95 KB
17 KB 130ms
129ms Stylesheet
text/css 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/templates/ModernBlue/styles/bootstrap.min.css
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66f813dd45b463f9af775319d6616de527d884a6f54d1bb3519c87d3e9e5c35e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 13:59:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UCdjmj61n8FnVv4xnKLdTlg0bapmKhjHVRSb%2Fv5MgfGYfW%2FaAoe9TPrVlRUHZQ%2BwlZjido8iIs30tr7%2BzrpmxoGQ1kOQCiankqjlZ28lWdgtsRB9q1xVRNxuUiS"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e900fec4119-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK global.css
309ads.com/templates/ModernBlue/css/ 18 KB
5 KB 103ms
90ms Stylesheet
text/css 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/templates/ModernBlue/css/global.css
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a186a3f945ff14bcf7925160e39bd31715de510ca273711af54c3bec21367774

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 14:00:13 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5wPpBqnHToV8ny0BKlYQxhylxpSrxmZlR5Sqhi2XDqzAFjrgoxF7EidctMUg9IOp2pe5YWqh7JY1DYxW7v9XzV5JztUvj%2BYnUrSTUc0pispvZnDw2c1wlyvX1ie"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e901ad72788-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK custom.css
309ads.com/templates/ModernBlue/styles/ 18 KB
4 KB 106ms
92ms Stylesheet
text/css 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 752a5ff4bc4884c64b42cd1d75589e5ec682f3a918d9da12133547a1c3394fa0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Fri, 08 Feb 2019 20:49:53 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrMLrLrpYk8il1e%2FZAlheMBrO0daqMHlaSKuW%2FQwhjcTSYpCVHbRTHlUrbqzapgDABvIuWNbx925O7f7Z2KLxbvmE21y5E4ISypTKNOuYyZszES%2BTtTZg6aqeH0E"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e901f6a412b-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK jquery.min.js Show response
309ads.com/js/ 91 KB
33 KB 141ms
126ms Script
application/javascript 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/js/jquery.min.js
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Wed, 29 Nov 2017 18:46:02 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCrgN9gs6wVWDZZ7dFR32UCyClObHMPCbhql62asb1MlFtcogD8%2BVlBkJgxu%2BMM4YYmkpofKlEeySAIgUay2ThL3fYOTU217kUhAXOT%2BCSKQm526VV7H0wHlrN%2FS"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e901b69413e-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK jquery-ui-1.9.1.custom.min.js Show response
309ads.com/js/ 232 KB
61 KB 173ms
154ms Script
application/javascript 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/js/jquery-ui-1.9.1.custom.min.js
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ad2ef6106ceaae60bd93933cb3cc6defe63a5ec00188493227327260d2bf6c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Wed, 29 Nov 2017 18:46:02 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWj3tVwDcDxJKbIQ4bK3bo5F0Uu2Kt4gYsfsyLZkpRlel1M7tD4WivYkHvUAFZqtMsmCqLBO1BKoBzD0q4DSI2WgbxfY0R7JxVM7g8D9mOuUZFYBuypgt%2BUh%2B82f"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e901ce84114-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK bootstrap.min.js Show response
309ads.com/templates/ModernBlue/styles/ 20 KB
6 KB 192ms
88ms Script
application/javascript 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/templates/ModernBlue/styles/bootstrap.min.js
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb27879c669b3efe26467e7cc0168d7955b73aa22ca9fe786cc41458566545a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 14:02:02 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBLtzPC%2BGdiZO2DqvXU8Ppji8Ud1XOJHjlLxvoyIa6j%2Bp%2BoTjIC79c%2BnHj5WRuirPgB9vV6tjPuCDUzHyOJnyAG2QAzvYkS%2BF99JyIdlS4zgGrbWBWNKIfzP%2F6JZ"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e90ab142788-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK jquery-ui-1.9.2.custom.css
309ads.com/templates/ModernBlue/css/evolutionscript/ 32 KB
7 KB 113ms
100ms Stylesheet
text/css 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/templates/ModernBlue/css/evolutionscript/jquery-ui-1.9.2.custom.css
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6f0da38c51dad3950f91cff629d2e2a636cbc6d638d6b83c9828cf060581e6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Wed, 29 Nov 2017 18:46:10 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpKe01HiKEPMmGixhaO35zCuVk0xqqH0PeCFhA1lXWKS1%2FdWHwUGZDKJqXm5evuqVytmLo%2B8TGeaecDjZiLKGN8PmOc0NIOmiRu5eaXk1T9XuxcbBKJ42iz8JSqF"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e901c8ef9de-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK evolutionscript.js Show response
309ads.com/js/ 15 KB
5 KB 214ms
101ms Script
application/javascript 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/js/evolutionscript.js
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c947b389bbaed325944aa7d1d78621a976e14ce3b5dc4f97eb5bef0127732140

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Wed, 29 Nov 2017 18:46:02 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52%2BuA0LR142OQjvzqub61GdbXM4zNN%2BM2Qyl%2FokbGX%2FsnvZjHD9M%2F%2BI8r2KgGcutdSoC34eHtWbB%2Fti81dNGGOOXBXpS8RlT%2BmIQEAmbupkwzWlCYqP%2BKNTd%2BJMj"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e90bcd7f9de-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK l2blockit.js Show response
309ads.com/js/ 4 KB
2 KB 460ms
329ms Script
application/javascript 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/js/l2blockit.js
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 909d4834f826d70ef8dd03efd71147f89da38be4307e42dd146e2189b39152ac

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Wed, 29 Nov 2017 18:46:02 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIhdetXPWjItzMFF7G1hqIVNQqkPxWpHHm3PP7aViF8c8uA%2F78ptKgramhP%2BPB9iacROfT8ZU2KhAYSrAQKKBPk%2BzP%2FwmGQ2Rui%2FYkmgC1vfCazfEzkfcYOjYdjr"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e90d84d4119-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK payment.png
309ads.com/ 52 KB
52 KB 284ms
284ms Image
image/png 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/payment.png
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5d1a2ab62c196a0c52e001d4856049d440531497b28b7ed6bd89c2e53c8f616

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
CF-Cache-Status: MISS
last-modified: Mon, 15 Jun 2020 17:47:52 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HoyEuzPykPn%2BJ2n5%2F%2Fw5ooWeD5WWH0uxJpps%2B8JAiqPeYmVJfuPLX%2BA8OXGKQa9wa2Whi139cUPCUZcy12Z9OUNLgKr5GJgeEhRdC0SOOGzwfPV4fSFUwAxD6KY"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e91780c412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 52893

GET
H2

200

css
fonts.googleapis.com/
Redirect Chain

http://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

8 KB
802 B

17ms
17ms

Stylesheet
text/css

74.125.133.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

Requested by

Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/css/global.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f95.1e100.net

Software

ESF /

Resource Hash

60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 02:02:06 GMT
server: ESF
date: Mon, 13 Sep 2021 02:48:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 02:48:29 GMT

Redirect headers

Location: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK uicons.css
309ads.com/templates/ModernBlue/css/ 71 KB
8 KB 125ms
124ms Stylesheet
text/css 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://309ads.com/templates/ModernBlue/css/uicons.css
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/css/global.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3e012f4506ee657c139ef677a5b5e8ce4504655cb7ac403a2cfe6e5a1af425

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://309ads.com/templates/ModernBlue/css/global.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/css/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Wed, 29 Nov 2017 18:46:10 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=notYxSTFKEa1BtLDmaVDLDjXH6V5oEQGcMWxVJYNSIygJRiTe627zNu289v3yog%2Bx4yaGTs56q36reNbdHajtvwBFuwlfd8SfSCzX1%2BMkYvtUOs4s0YfL8cFLAsZ"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 68de0e90afa9412b-PRG
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1

200
OK

livechat2.aspx Show response
a5.mylivechat.com/livechat2/
Redirect Chain

https://mylivechat.com/chatinline.aspx?hccid=53641025
https://a5.mylivechat.com/livechat2/livechat2.aspx?hccid=53641025&apimode=chatinline

8 KB
4 KB

752ms
221ms

Script
text/javascript

52.117.22.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://a5.mylivechat.com/livechat2/livechat2.aspx?hccid=53641025&apimode=chatinline
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.24 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3c45986d64571b097db722796a6154200e52f7b1aa568e5d1a1f713bcd1f1407

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Sep 2021 02:48:44 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Length: 3490
Expires: -1

Redirect headers

Date: Mon, 13 Sep 2021 02:48:44 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://a5.mylivechat.com/livechat2/livechat2.aspx?hccid=53641025&apimode=chatinline
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 205

GET
H2 200 2 Show response
adcaixa.com/ads/site/23/70/ 2 KB
2 KB 1207ms
1135ms XHR
text/html 172.67.218.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adcaixa.com/ads/site/23/70/2
Requested by: Host: 309ads.com
URL: http://309ads.com/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33
Resource Hash: b5d422f5988578e94a3eceeb3337348cc81e06c0ec3d96f421955a485680ac3a

Request headers

Accept: */*
Referer: http://309ads.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.0.33
x-via: FRA1
x-cdn-cache-status: MISS
x-backend-server: web50.hosting.stackcp.net
x-origin-cache-status: MISS
x-service-level: standard
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBwtb76YjofhzT6X%2BdqhTK59e1ic6gwrfan30l5tcIN9dqyZqPXsycJET8O5zoYGpoChtZFeLy2S8%2F6h0G8BUJYJByD%2FtWc7rqszdqZrOHvP1bttpDOhnFbMigo3Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
x-provided-by: StackCDN
cf-ray: 68de0e935f524113-PRG
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK lixilogo.png
309ads.com/templates/ModernBlue/styles/images/ 44 KB
45 KB 1086ms
1086ms Image
image/png 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/templates/ModernBlue/styles/images/lixilogo.png
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93d7e46cac641002b89a931529b59d072a36c040f6802f0b72bf0bff2acb578

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:30 GMT
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 16:23:12 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XCTDWoFdJ8wovNQbX2oZSHoNmhnpl6Byi%2BiB0SR%2FlKMnkDdLou4eSaWxoNQ4TiIz%2FhkMMU9y0sxOXy690xcpaxfeI%2BIt8rUzKq2GgXUHBjWADqQQanBbcZqZD%2Fg"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e92e9244119-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 45197

GET
H/1.1 200
OK h1.jpg
309ads.com/templates/ModernBlue/styles/images/ 1 MB
1 MB 70ms
70ms Image
image/jpeg 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/templates/ModernBlue/styles/images/h1.jpg
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d15ef1bd6da37aaa8ee267da7f6382aef767c79a31e05782d7575fd66198005

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:29 GMT
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 16:20:20 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZ72KNTDfVqtt20HIyYzjvP7ist8hZWjyT%2BQ%2FFnRWD3RPZsAxNmR5f%2FJ27%2ByvhymtXfpcHUBlk5nhjZsVqmwSEcM0u8HZxWwhxnYYuLREOPKNpq0%2BPr1dl7cip23"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e92edd2f9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 1494570

GET
H/1.1 200
OK h2.jpg
309ads.com/templates/ModernBlue/styles/images/ 275 KB
276 KB 2072ms
2072ms Image
image/jpeg 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/templates/ModernBlue/styles/images/h2.jpg
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7417876a2de1f398c5722f2ee39bffdbf0d12fe6263bbb6a7d645615bb699ecc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:31 GMT
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 16:57:15 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNQj5DMDyZ3x%2B445geQGmzS%2FR86dLxR5TmZ%2BvEAledzmrQaF%2F5NiZSckjJwZYZyskzMAo1mIYjXkekPnNy3eal%2FP4RIYevsxDMcNKF5UMzoTItHsfS9jtefTZRG9"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e92edc54114-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 281438

GET
H/1.1 200
OK home4.png
309ads.com/templates/ModernBlue/styles/images/ 9 KB
9 KB 1040ms
1039ms Image
image/png 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/templates/ModernBlue/styles/images/home4.png
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3983dcf88cf1f9706bbebe78520475e03f3da0a9cd59600d5b61cb405033cde2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:30 GMT
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 15:47:00 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8k8xNX6yDG5a6upfb%2BsFAzYrgWy%2B4mlTIlfPWuQK6QtjcKPGMh3GzHSsBaWApiqW4v7qMD418uhucPio4LzE5M%2FudYay8b2vi4ghO8pBW0LZq0i%2FkozNoKr5euEl"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e92ec272788-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 8896

GET
H/1.1 200
OK home2.png
309ads.com/templates/ModernBlue/styles/images/ 9 KB
10 KB 809ms
809ms Image
image/png 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/templates/ModernBlue/styles/images/home2.png
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294d0aa59e61afe0642044190a75d67995a3e1d088d4b2a9316df19ab06129d0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:30 GMT
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 15:47:06 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iK1jVJp8hX91lmeRGtNa6OA8XfLWxd8bazcRFifqGiPts%2BfBQWJcUpuq65ICkZJCj44vSGJx0bdWoUxXUYYhoM8cqDww%2B673BCVwcEtqWIfGB8jp%2BbIVSvjsN%2FNK"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e92ecb3413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 9464

GET
H/1.1 200
OK home3.png
309ads.com/templates/ModernBlue/styles/images/ 9 KB
10 KB 2009ms
1957ms Image
image/png 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/templates/ModernBlue/styles/images/home3.png
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c486414690a2f1bb069d945d5f3536ced24c018e2e1adc98bdc6db4a81237a09

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:31 GMT
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 15:47:03 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=su%2Fr2sehhyUngHk1yZ87ujnftoEKpldThidTmWxIXnQV0NykCjELOum%2BLQQm6whV4ubMdR%2B46n7Fgfe3sTyx8RUY3A7IVqb4uB6VncZpOjPDPL0u%2BmC2IKoDBMp4"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e9348ed412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 9410

GET
H/1.1 200
OK ico3.png
309ads.com/templates/ModernBlue/styles/images/ 5 KB
5 KB 1720ms
1720ms Image
image/png 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/templates/ModernBlue/styles/images/ico3.png
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f2cb852908393454bfb85ab124078008bdf5733de83dc59034a2c83e83d0092

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:31 GMT
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 15:46:49 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdsTj7ziiQW6EHYtuN2SzX%2BhTc8fq7QdFwMLFvEgxIYjOYqljEsE7aldMXmNMMAeb%2FffdRt%2F88pyS3DcO0EQfEW0WD2cJ%2Bx0%2B8akx3iRCdMW3USXwUW9VBe19%2Bhm"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e94ce9ef9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 4734

GET
H/1.1 200
OK ico4.png
309ads.com/templates/ModernBlue/styles/images/ 4 KB
4 KB 2290ms
2290ms Image
image/png 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/templates/ModernBlue/styles/images/ico4.png
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81f14a26068f572e042cf8756d46f82d42ebd34b5ce8d91e60707bab3beb0161

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:32 GMT
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 15:46:46 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kB0icswhp%2BbyjVkjIakPpil%2BpViMCGf4%2FA9t7V58ZEXoCnF3T74Ul95UF1tIsu3%2B%2BB68BVLQYUElVr4iI5YvCJ%2BXyN2omMmLVdsyyPQ9uJWujmhY%2B0SgOAZZOgv0"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e97ff57413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 3614

GET
H/1.1 200
OK ico2.png
309ads.com/templates/ModernBlue/styles/images/ 5 KB
6 KB 2073ms
2073ms Image
image/png 172.67.201.170
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://309ads.com/templates/ModernBlue/styles/images/ico2.png
Requested by: Host: 309ads.com
URL: http://309ads.com/templates/ModernBlue/styles/custom.css
Protocol: HTTP/1.1
Server: 172.67.201.170 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ee0a60467142c8a7262aa0377a401719b6eee53765d0f28a01ed9e651a856b3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
Cookie: PHPSESSID=prrq6c7evblsl9934ohe4e1k65
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/templates/ModernBlue/styles/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:33 GMT
CF-Cache-Status: MISS
last-modified: Thu, 07 Feb 2019 15:46:53 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdzyDuAWXRx1KFIbqioPjCmrUzVwQlwcuJVDIUOy4210kYxBEtwjk5LzRXqdrNOPlV64vWsjrPldPKZGfTn5MCz%2FJcgbDluyRnBtSj4rLhAL7nsb%2BqC4SpNZhqqj"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0e996f0a2788-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 4959

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ 31 KB
31 KB 48ms
13ms Font
font/woff2 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 00:00:09 GMT
x-content-type-options: nosniff
age: 355700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31624
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 00:00:09 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 64ms
30ms Font
font/woff2 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:400,300,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 12:20:27 GMT
x-content-type-options: nosniff
age: 224882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 12:20:27 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 76ms
42ms Font
font/woff2 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 01:28:46 GMT
x-content-type-options: nosniff
age: 4783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 01:28:46 GMT

GET
H2 200 7 Show response
adcaixa.com/ads/site/23/71/ 3 KB
2 KB 3556ms
3497ms XHR
text/html 172.67.218.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adcaixa.com/ads/site/23/71/7
Requested by: Host: 309ads.com
URL: http://309ads.com/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33
Resource Hash: 1957ec0ae8c682f9e49c5d20a5f1883b7daefebcd30efcaff43bf8ab69d26897

Request headers

Accept: */*
Referer: http://309ads.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.0.33
x-via: FRA1
x-cdn-cache-status: MISS
x-backend-server: web50.hosting.stackcp.net
x-origin-cache-status: MISS
x-service-level: standard
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZy4JtHVGOhM6kOLfe5JFDHaIkb5qT9L0%2FEYVy5GRoNL7l69PApx4tnIxA3p6fUjKhcQe%2BWRZZZnF%2FGvxG50Ru2yUGRpfheywWTc8o6A0z821E0ItLOka1HZ7Epk%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
x-provided-by: StackCDN
cf-ray: 68de0e935f534113-PRG
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 4 Show response
adcaixa.com/ads/site/23/72/ 3 KB
2 KB 2081ms
2023ms XHR
text/html 172.67.218.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adcaixa.com/ads/site/23/72/4
Requested by: Host: 309ads.com
URL: http://309ads.com/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.218.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.33
Resource Hash: 8c6c2aae692e34b1b2f0631014afe1ed0156e194cb2502fbf85703d6851f028c

Request headers

Accept: */*
Referer: http://309ads.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:31 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.0.33
x-via: FRA1
x-cdn-cache-status: MISS
x-backend-server: web50.hosting.stackcp.net
x-origin-cache-status: MISS
x-service-level: standard
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MktJf1fBv6T8dqQUSIG662ffF5dGdLURf%2FvdQtqH7W9dB0yHN3WlmMBk1jml0Z77RRAS82Iy2uhUglwHtQ6LUaUoDh5eZ4rGy5pAcdSJ3b5d8A0jaNedHOYgJoosQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
x-provided-by: StackCDN
cf-ray: 68de0e935f544113-PRG
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 info.png
adcaixa.com/js/ 2 KB
3 KB 169ms
149ms Image
image/png 172.67.218.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adcaixa.com/js/info.png
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ac3cb28feda1bff0d869bf13177946a2f583309276a4065a11d61507800f1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:31 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cdn-cache-status: MISS
x-service-level: standard
x-via: CDG1
x-backend-server: web50.hosting.stackcp.net
content-length: 1984
x-origin-cache-status: MISS
x-provided-by: StackCDN
last-modified: Wed, 18 Aug 2021 11:55:18 GMT
server: cloudflare
etag: "7c0-5c9d41bab1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZAFvhpE0MpItVySrlqVXj6MzPj5TivlKOP1kAHhxk8qUdIqBd1ZP4X2T58LrjI8cIsvNCeJH8mLK4zYK1h50%2BAwrvjbghb4Rj2kgBwyEaKvdZSZKd7rd3zV7r46cqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 68de0e9a9e1b4108-PRG

GET
H2 200 banner728.gif
geoptc.com/ 16 KB
17 KB 858ms
804ms Image
image/gif 104.21.85.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geoptc.com/banner728.gif
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.85.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7717bd56ac9f80aec1399538fc7d3853560a47cd026700d9ae0035af82c317a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:31 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Jul 2020 16:06:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9cSEohQ9MuxqKnWZ1ihlS8q8dbu7aZBEtdjgJ9n0xqboAwEMlRiC7eg8vkwCwnkM%2ByGYPCCQXrr5g1fq%2BYcwjEzB03sJTkmBnvr3GwqqDnk%2F8VtBeETQDDxYMKc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 68de0e9ac8444138-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16537

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 43ms
21ms Font
font/woff2 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:32:10 GMT
x-content-type-options: nosniff
age: 162981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sun, 11 Sep 2022 05:32:10 GMT

GET
H3 200 css
fonts.googleapis.com/ 5 KB
537 B 16ms
16ms Stylesheet
text/css 74.125.133.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Requested by

Host: mylivechat.com
URL: https://mylivechat.com/chatinline.aspx?hccid=53641025

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.133.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f95.1e100.net

Software

ESF /

Resource Hash

4806fbf823b46dcffd67e4cf0580f77b9e436dc2657d2ccaed92d79ca6159082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 02:14:19 GMT
server: ESF
date: Mon, 13 Sep 2021 02:48:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 02:48:31 GMT

GET
H/1.1 200
OK chatinline.css
a5.mylivechat.com/livechat2/ 35 KB
6 KB 130ms
129ms Stylesheet
text/css 52.117.22.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://a5.mylivechat.com/livechat2/chatinline.css?&culture=de-DE&mlcv=3017&template=5
Requested by: Host: mylivechat.com
URL: https://mylivechat.com/chatinline.aspx?hccid=53641025
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.24 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dbf8470aa84d8b3e72dd085fcaf5d414533929101037fd9e30166f1d2f088783

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:45 GMT
Content-Encoding: gzip
ETag: "80ade3816083d71:0"
Last-Modified: Wed, 28 Jul 2021 03:27:35 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2160000
Accept-Ranges: bytes
Content-Length: 6077

GET
H/1.1 200
OK resources2.aspx Show response
a5.mylivechat.com/livechat2/ 116 KB
44 KB 277ms
146ms Script
text/javascript 52.117.22.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://a5.mylivechat.com/livechat2/resources2.aspx?HCCID=53641025&culture=de-DE&mlcv=3017&template=5
Requested by: Host: mylivechat.com
URL: https://mylivechat.com/chatinline.aspx?hccid=53641025
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.24 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 41946b3dd5d0e6fbaa5e804b2fa1f8069ea81b6f3401e152e161168080bad03b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:45 GMT
Content-Encoding: gzip
ETag: "79D02pULHLs1f2kgohESxOHPOFuhsQjtNumBPEIvVrk="
Last-Modified: Sun, 12 Sep 2021 05:00:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Content-Length: 44821
Expires: Tue, 13 Sep 2022 02:48:45 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 22ms
22ms Font
font/woff2 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 07:49:04 GMT
x-content-type-options: nosniff
age: 241167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:49:04 GMT

GET
H/1.1 200
OK livechatinit2.js Show response
a5.mylivechat.com/livechat2/script/ 62 KB
17 KB 129ms
129ms Script
application/javascript 52.117.22.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL: https://a5.mylivechat.com/livechat2/script/livechatinit2.js
Requested by: Host: mylivechat.com
URL: https://mylivechat.com/chatinline.aspx?hccid=53641025
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.24 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8044be2d3f5fae0c44a3bdc2bb390c97a28101f416123d90fd9bbe8758011b43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:45 GMT
Content-Encoding: gzip
ETag: "07944b7b475d71:0"
Last-Modified: Sat, 10 Jul 2021 17:55:06 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2160000
Accept-Ranges: bytes
Content-Length: 16637

GET
H/1.1 200
OK InlineChatRoundOffline_18.png
a5.mylivechat.com/Customization/Template/ 332 B
643 B 129ms
129ms Image
image/png 52.117.22.24
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5.mylivechat.com/Customization/Template/InlineChatRoundOffline_18.png
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.117.22.24 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 18.16.7534.ip4.static.sl-reverse.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a6deebe8c28de9966fffb7f00e01f54468f0fb65e79ccdac3829719c0c9b8ed9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:45 GMT
Last-Modified: Tue, 05 Dec 2017 23:01:33 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e4f78dfe1c6ed31:0"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2160000
Accept-Ranges: bytes
Content-Length: 332

GET
H/1.1 200
OK logo-light-normal.png
sahigroups.com/images/ 15 KB
15 KB 1041ms
1015ms Image
image/png 172.67.130.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://sahigroups.com/images/logo-light-normal.png
Requested by: Host: 309ads.com
URL: http://309ads.com/
Protocol: HTTP/1.1
Server: 172.67.130.41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4459c837f00580f6ee43038af235fa07801642d2f5ccb013542315e1304387c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 02:48:33 GMT
CF-Cache-Status: MISS
last-modified: Sun, 26 Apr 2020 18:27:27 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QqdXZonBjTTfIs%2FIzb%2FJkwiEmCM8ebnd6HFkbUa0Q746dJRmT4vUZMUnCA2AluZKZ5tmz5f6iC1WOurSPqzdiqef%2FLbFg9ibZBtUGB4RykWPrLjolUZOp0yPau42W68j%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 68de0ea02c636961-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 15053

GET
H3 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 21ms
21ms Font
font/woff2 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://309ads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 05:31:02 GMT
x-content-type-options: nosniff
age: 163050
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Sep 2022 05:31:02 GMT

GET
H3 200 info.png
adcaixa.com/js/ 2 KB
3 KB 20ms
20ms Image
image/png 172.67.218.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adcaixa.com/js/info.png
Requested by: Host: 309ads.com
URL: http://309ads.com/js/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ac3cb28feda1bff0d869bf13177946a2f583309276a4065a11d61507800f1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-cdn-cache-status: MISS
x-service-level: standard
x-via: CDG1
x-backend-server: web50.hosting.stackcp.net
content-length: 1984
x-origin-cache-status: MISS
x-provided-by: StackCDN
last-modified: Wed, 18 Aug 2021 11:55:18 GMT
server: cloudflare
etag: "7c0-5c9d41bab1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zm3VUd0fJzu%2BWvsZgDqNBHRcmiAVFm9yUC4rjasJzNlhav%2FKL%2BRsFidwn3NdNpVAvBWBzZEGb0MN%2Fsm9Q7SKbGlFaF4ZlLnaomKnx%2BlsX6ikwBraiyldYtvtSiWBAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 68de0ea93c494108-PRG

GET
H2 200 1623678068-dzhennifer-lourens-jennifer-lawrence-aktrisa-blondinka-prich-1024x615.jpeg
urduwrite.com/uploads/2021/06/ 112 KB
113 KB 69ms
20ms Image
image/jpeg 104.21.87.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://urduwrite.com/uploads/2021/06/1623678068-dzhennifer-lourens-jennifer-lawrence-aktrisa-blondinka-prich-1024x615.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.87.44 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

702fe7b199197e20bb131b56e09a4f1662311ea9c9d11863aef70cccfb59689c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38509
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 114950
x-xss-protection: 1; mode=block
last-modified: Mon, 14 Jun 2021 13:41:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mL6XyJef%2B9Jg2jrRVUAQOoZULEREgWGmecUG51kBg9JNYG6DXK5rda4nF4%2FyF1Ni%2FjtOVycx2eQcnZrR9OtIlXRiQfPJbgI40qoXN9f4xQi3oVaxuT3tboaLsv%2FFwmuA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68de0ea98a0b27b4-PRG
expires: Mon, 12 Sep 2022 16:06:44 GMT

GET
H2 200 1619272133-thumbs-b-c-fb8263ce4f9f43ebdc7634b0d1eb0a08-1024x615.jpeg
pirucas.com/uploads/2021/04/ 109 KB
110 KB 71ms
21ms Image
image/jpeg 172.67.213.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pirucas.com/uploads/2021/04/1619272133-thumbs-b-c-fb8263ce4f9f43ebdc7634b0d1eb0a08-1024x615.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.213.17 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ccc7df822d78675db6534788a9be293ea7658acc49d7bc0132632a3c8611bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 69735
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 111333
x-xss-protection: 1; mode=block
last-modified: Sat, 24 Apr 2021 13:48:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8kC5CZCJXXszKRJI%2FfBDGhmRrElMFmnztGnD%2Bx5vvNdmCee5tx4k6ggsIX4VWEa2FfVGOJqG4bpDtFzRZW9iAGrrhzD6rl9ZIPNtSiMcsNWEL7ZQp5Xehr9%2FfMdxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68de0ea98ddf27c0-PRG
expires: Mon, 12 Sep 2022 07:26:18 GMT

GET
H2 200 1617882830-mohamed-salah-1024x615.jpeg
zompress.com/uploads/2021/04/ 114 KB
115 KB 76ms
21ms Image
image/jpeg 172.67.208.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zompress.com/uploads/2021/04/1617882830-mohamed-salah-1024x615.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.180 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1744e4fcdc9fc1c61efe5c81607b0c39a93a74d3f498b8deb4ba20e8324971bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1002110
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 117136
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Apr 2021 11:53:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06kbB%2BrdKJEOttC3gIPB9YlwaZQdVjK7cOph%2FySfat44qhGrAi%2BUtMAh9IOjsoGSHg9y%2FruBtFPJVOl2EhdvwgAxXUIE4ru6t0MJ3GMYeaKJ4Nj5Zr5oijhw%2BzmR6Jk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68de0ea98fcf2788-PRG
expires: Thu, 01 Sep 2022 12:26:43 GMT

GET
H2 200 1623324657-couple-making-breakfast-in-kitchen-caif01545-1024x615.jpeg
pirucas.com/uploads/2021/06/ 97 KB
98 KB 197ms
148ms Image
image/jpeg 172.67.213.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pirucas.com/uploads/2021/06/1623324657-couple-making-breakfast-in-kitchen-caif01545-1024x615.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.213.17 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8384ba991b9b948c7813ce0f5bf098963b3faeb8c572e2b4db715af8abf71e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://309ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 99819
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Jun 2021 11:30:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4lOq%2BgsbfXybGwZjAPf%2FiaihSx8gNIfjRZnksvrQyTv5p4TQ%2B8E%2FGOQblNK6AtX41VpmiAVS2rFGMWlA0cPZ5RNSICl30LtYERZ%2Ba4o8YmVAkXITxwzbrL%2BNVmMAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 68de0ea98de027c0-PRG
expires: Tue, 13 Sep 2022 02:48:33 GMT

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			309ads.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: prrq6c7evblsl9934ohe4e1k65

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

309ads.com
a5.mylivechat.com
adcaixa.com
fonts.googleapis.com
fonts.gstatic.com
geoptc.com
mylivechat.com
pirucas.com
sahigroups.com
urduwrite.com
zompress.com
104.21.85.111
104.21.87.44
172.67.130.41
172.67.201.170
172.67.208.180
172.67.213.17
172.67.218.137
52.117.22.24
52.117.22.28
66.102.1.94
74.125.133.95
05ac3cb28feda1bff0d869bf13177946a2f583309276a4065a11d61507800f1d
0d15ef1bd6da37aaa8ee267da7f6382aef767c79a31e05782d7575fd66198005
1744e4fcdc9fc1c61efe5c81607b0c39a93a74d3f498b8deb4ba20e8324971bc
1957ec0ae8c682f9e49c5d20a5f1883b7daefebcd30efcaff43bf8ab69d26897
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
294d0aa59e61afe0642044190a75d67995a3e1d088d4b2a9316df19ab06129d0
3983dcf88cf1f9706bbebe78520475e03f3da0a9cd59600d5b61cb405033cde2
3ae048abb6e403e8f8e73fe5eb0fca35edfbb9a2a7ddb8dadcb3ffc58233b6bc
3c45986d64571b097db722796a6154200e52f7b1aa568e5d1a1f713bcd1f1407
41946b3dd5d0e6fbaa5e804b2fa1f8069ea81b6f3401e152e161168080bad03b
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4459c837f00580f6ee43038af235fa07801642d2f5ccb013542315e1304387c1
4806fbf823b46dcffd67e4cf0580f77b9e436dc2657d2ccaed92d79ca6159082
4a465f65a3d49aa4831570c11d05176403268ceaaa69355d627596efda2d0656
4ccc7df822d78675db6534788a9be293ea7658acc49d7bc0132632a3c8611bbe
60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05
66f813dd45b463f9af775319d6616de527d884a6f54d1bb3519c87d3e9e5c35e
6b3e012f4506ee657c139ef677a5b5e8ce4504655cb7ac403a2cfe6e5a1af425
702fe7b199197e20bb131b56e09a4f1662311ea9c9d11863aef70cccfb59689c
7417876a2de1f398c5722f2ee39bffdbf0d12fe6263bbb6a7d645615bb699ecc
752a5ff4bc4884c64b42cd1d75589e5ec682f3a918d9da12133547a1c3394fa0
8044be2d3f5fae0c44a3bdc2bb390c97a28101f416123d90fd9bbe8758011b43
81f14a26068f572e042cf8756d46f82d42ebd34b5ce8d91e60707bab3beb0161
87ad2ef6106ceaae60bd93933cb3cc6defe63a5ec00188493227327260d2bf6c
8c6c2aae692e34b1b2f0631014afe1ed0156e194cb2502fbf85703d6851f028c
8ee0a60467142c8a7262aa0377a401719b6eee53765d0f28a01ed9e651a856b3
8f2cb852908393454bfb85ab124078008bdf5733de83dc59034a2c83e83d0092
909d4834f826d70ef8dd03efd71147f89da38be4307e42dd146e2189b39152ac
a186a3f945ff14bcf7925160e39bd31715de510ca273711af54c3bec21367774
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a5d1a2ab62c196a0c52e001d4856049d440531497b28b7ed6bd89c2e53c8f616
a6deebe8c28de9966fffb7f00e01f54468f0fb65e79ccdac3829719c0c9b8ed9
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
b5d422f5988578e94a3eceeb3337348cc81e06c0ec3d96f421955a485680ac3a
c486414690a2f1bb069d945d5f3536ced24c018e2e1adc98bdc6db4a81237a09
c947b389bbaed325944aa7d1d78621a976e14ce3b5dc4f97eb5bef0127732140
cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d7717bd56ac9f80aec1399538fc7d3853560a47cd026700d9ae0035af82c317a
dbf8470aa84d8b3e72dd085fcaf5d414533929101037fd9e30166f1d2f088783
e8384ba991b9b948c7813ce0f5bf098963b3faeb8c572e2b4db715af8abf71e3
ecb27879c669b3efe26467e7cc0168d7955b73aa22ca9fe786cc41458566545a
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
f93d7e46cac641002b89a931529b59d072a36c040f6802f0b72bf0bff2acb578
fa6f0da38c51dad3950f91cff629d2e2a636cbc6d638d6b83c9828cf060581e6

309ads.com Open in urlscan Pro 172.67.201.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

54 %HTTPS

0 %IPv6

10 Domains

11 Subdomains

10 IPs

2 Countries

2714 kBTransfer

3334 kBSize

1 Cookies

8 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

309ads.com Open in urlscan Pro
172.67.201.170 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

54 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

10
IPs

2
Countries

2714 kB
Transfer

3334 kB
Size

1
Cookies

48 HTTP transactions
0 data transactions