eu.safe-clicks.org Open in urlscan Pro
2606:4700:3031::ac43:cb0b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://eu.safe-clicks.org/
Submission: On March 27 via automatic, source certstream-suspicious (March 27th 2023, 8:04:47 pm UTC) — Scanned from DE

Summary HTTP 64 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 13 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3031::ac43:cb0b, located in United States and belongs to CLOUDFLARENET, US. The main domain is eu.safe-clicks.org.
TLS certificate: Issued by GTS CA 1P5 on February 22nd 2023. Valid for: 3 months.

This is the only time eu.safe-clicks.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3031::ac43:cb0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
13	2606:4700:303... 2606:4700:3033::ac43:dc7f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
64	16

23 2606:4700:3031::ac43:cb0b (United States)

ASN13335 (CLOUDFLARENET, US)

eu.safe-clicks.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3033::ac43:dc7f (United States)

ASN13335 (CLOUDFLARENET, US)

assets-nld1.from-ditto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

api-nld1.addsales.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	safe-clicks.org eu.safe-clicks.org	326 KB
13	from-ditto.com assets-nld1.from-ditto.com	67 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	202 KB
4	gstatic.com fonts.gstatic.com	165 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2339	37 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8820	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	607 B
1	addsales.com api-nld1.addsales.com	576 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	44 KB
64	13

	Domain	Requested by
23	eu.safe-clicks.org	eu.safe-clicks.org
13	assets-nld1.from-ditto.com	eu.safe-clicks.org
6	pagead2.googlesyndication.com	eu.safe-clicks.org pagead2.googlesyndication.com tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com eu.safe-clicks.org
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.googleapis.com	eu.safe-clicks.org
2	stackpath.bootstrapcdn.com	eu.safe-clicks.org
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	api-nld1.addsales.com	eu.safe-clicks.org
1	www.googletagmanager.com	eu.safe-clicks.org
64	15

This site contains links to these domains. Also see Links.

Domain
safe-clicks.org
www.dlapiperdataprotection.com
www.rgpd.es
www.cnpd.pt
idpc.org.mt

Subject Issuer	Validity	Valid
*.safe-clicks.org GTS CA 1P5	`2023-02-22` - `2023-05-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.addsales.com GTS CA 1P5	`2023-02-03` - `2023-05-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://eu.safe-clicks.org/
Frame ID: 1F516F831802769E92356248ED86EC1E
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230323/r20190131/zrt_lookup.html
Frame ID: 1470F2046233D2E7F202F3D039D84B57
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7291932246181559&output=html&adk=1812271804&adf=3025194257&lmt=1679947481&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Feu.safe-clicks.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679947481087&bpp=3&bdt=663&idt=267&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5720470420993&frm=20&pv=2&ga_vid=1506974291.1679947481&ga_sid=1679947481&ga_hid=1970241874&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44777876%2C44759875%2C42532089%2C31073099%2C31073107%2C44774292%2C44787456&oid=2&pvsid=3682769835378459&tmod=703197682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=310
Frame ID: 58F9F2BFED4CBC8DA791570A4AA4AFD6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B40FCCFBBE702724344DAB181B5B213
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F5DCFF919CC7CFDA399962B0CE0A578
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SafeClicks

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

100 %
HTTPS

100 %
IPv6

13
Domains

15
Subdomains

16
IPs

2
Countries

871 kB
Transfer

1648 kB
Size

7
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://safe-clicks.org/

Search URL Search Domain Scan URL

URL: https://www.dlapiperdataprotection.com/index.html?t=law&c=AR&c2=
Title: https://www.dlapiperdataprotection.com/index.html?t=law&c=AR&c2=

Search URL Search Domain Scan URL

URL: https://www.dlapiperdataprotection.com/index.html?t=law&c=CO&c2=
Title: https://www.dlapiperdataprotection.com/index.html?t=law&c=CO&c2=

Search URL Search Domain Scan URL

URL: https://www.rgpd.es/index.php
Title: aqui

Search URL Search Domain Scan URL

URL: https://www.cnpd.pt/bin/legis/leis_nacional.html
Title: aqui

Search URL Search Domain Scan URL

URL: https://www.dlapiperdataprotection.com/index.html?t=law&c=BR&c2=
Title: https://www.dlapiperdataprotection.com/index.html?t=law&c=BR&c2=

Search URL Search Domain Scan URL

URL: https://www.dlapiperdataprotection.com/index.html?t=law&c=MX&c2=
Title: aqui

Search URL Search Domain Scan URL

URL: https://www.dlapiperdataprotection.com/index.html?t=law&c=CL&c2=
Title: https://www.dlapiperdataprotection.com/index.html?t=law&c=CL&c2=

Search URL Search Domain Scan URL

URL: https://www.dlapiperdataprotection.com/index.html?t=law&c=PE&c2=
Title: https://www.dlapiperdataprotection.com/index.html?t=law&c=PE&c2=

Search URL Search Domain Scan URL

URL: https://idpc.org.mt/en/Pages/gdpr.aspx
Title: aqui

Search URL Search Domain Scan URL

URL: https://www.dlapiperdataprotection.com/index.html?t=law&c=AE
Title: aqui

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
eu.safe-clicks.org/ 30 KB
7 KB 305ms
95ms Document
text/html 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9534679cf12341417329217442023c0581abd0c182c1f216403f74514219a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7aea3e681bc1360f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 27 Mar 2023 20:04:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s59e%2B66nD5LqmfYHTvmB7Z4CSkmeTnVInfAxDDzv%2B3VNYfe3GnrhNb9TlOrRcK%2FPa6Xqjm3BXJt%2FLDnFt%2FM%2B09HLitNxsDX9UdXFuhlVkbsoCZie5PGD2U%2F1v%2BzKCSH5klpWnlZNso%2FNGXV7SikYkMk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 184ms
78ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.safe-clicks.org/
Origin: https://eu.safe-clicks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 756
cdn-cachedat: 11/21/2022 20:38:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 11cbeaf26e8db8f0c97e3544b5d9275e
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7aea3e697a6a9180-FRA
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
961 B 150ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 18:14:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Mar 2023 20:04:40 GMT

GET
H2 200 style.css
eu.safe-clicks.org/css/ 11 KB
3 KB 78ms
75ms Stylesheet
text/css 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.safe-clicks.org/css/style.css

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64383a3970a3a6e5336f0894757a41f71eff77cafb250a7bd7d5943a8d8fa81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"626fdcc3-2d6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtEkOpqxl6Ta9oUcr18vr42Qy5CdH7D%2Fz6JaR6vFuM586NEAu4hEUjf8NAfWLtlruTNs%2BVHd6iiD6tu0DwT%2FrA7QCLRgtl3o3%2BM5wY8iYcNyQXNKnZVAwNezo8FhvWZQFo7zCv7LqXS%2Bf19%2FT%2FDLGfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7aea3e68ccd6360f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 5 KB
697 B 151ms
49ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f1d0ad08e99fd94041679d0a55a90426162b0305ab5daaf9fcb1d58867381ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 20:04:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Mar 2023 20:04:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 271ms
118ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c92d5e1f186196d0a43deaacfb9f672000075559ef5dad3e4e9b7490d247526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48693
x-xss-protection: 0
server: cafe
etag: 6511199056168128338
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 20:04:40 GMT

GET
H3 200 logo-clicksafe.png
eu.safe-clicks.org/img/ 24 KB
24 KB 231ms
216ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/logo-clicksafe.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2352530e4f65a08c4f700f0fe11cc7aa77666e23512e9329529661b955474050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-5fdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIPWhVyMO3ZwL3KRQpdjqcwd%2FLDxs8tPs7gdT6%2FL1MmguXOMNdBWnp%2FL2xcP7IRGxMPYY%2BpqxFCU%2F5RGkETgsESp0K680jA0qXF1IJmqlTkpso4Xyr9nvDMYSvnFPbbj4xVUaDFqkDEBMfthj%2FyyL4w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1833046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24540

GET
H3 200 fingerprint-w.png
eu.safe-clicks.org/img/ 13 KB
14 KB 242ms
228ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/fingerprint-w.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2589a323e4f1adef2017e0590b23583553b58085e698cc225862b06b1fde234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-355f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkqQDJLRbQQujuN7JuhNTTC%2B3XCd2o51Y0Mdn7Pv2jEa9iwIw%2FzHQH6KCwdyiBo1WErit%2BS%2BpqW50z6G%2BM%2BjZzY2FJqf%2BgEYncJ3bbD8dWciGaI%2FVaeAa1BKyaK9q8v74n1wOkX7orPyLPkdmmXJTKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1835046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13663

GET
H3 200 rgpf-compilant.png
eu.safe-clicks.org/img/ 7 KB
7 KB 83ms
69ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/rgpf-compilant.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be9e7bb0298fbbb8f16d9209dc4d3dd0ecf8706b91dd1b07dafd8d06f82702aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-1b13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=976iNtpgXqDE2OKjYLCBj8Da7eKliuiB8fJGZXY8vsy4exI4ec%2F7xCnP67l7cWNqhO4s%2FoemEsJ1bAco3cC0iqSdW6YvpPpweTKqSNbfzLDyLp2NSr3DGdvYSIdZ08PQKE4WrzQuq8Z29VLtv6SoZgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1838046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6931

GET
H3 200 1-validacion-informacion.png
eu.safe-clicks.org/img/ 6 KB
6 KB 75ms
61ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/1-validacion-informacion.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87a8e55263da8fd797660d33329ca72805b6c72e2c3ada1dba37aa616c4f4f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-17cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7OjAuj9%2F7MmEHdHXmXUTgpzqrm3Jyd20SibjSKArjCHQdoyj6GJxnPfefmUJcTa2GwU3elK3cvFwt2AmO06vasZfnwxnH%2BJDqNfM%2FvqZLUHL%2BYliSSisCEGwSXnwdTJTxlCdgDdC%2FEwGzqHRcw4pM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1839046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6095

GET
H3 200 2-control-errores.png
eu.safe-clicks.org/img/ 9 KB
10 KB 126ms
111ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/2-control-errores.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14a51b026603f6f39f5477a3395cb18e67a2eab453cd776453ad8c4cf22543b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-256c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIAXSJs2JPJW5lH8hqvVDdB8UG8Qj0u%2BR1O3CjK9ybqFChCQC4ofi0Qfw8teMzsmh0FhnYbPUuJe1RkyGmSJWiGPeBfsn%2FE1KsL%2BVONUIuU4qySo50b7HA5nsS8Auct9ppHKvHMZiMgh3pJ%2Fod2ywII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a183b046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9580

GET
H3 200 bandeira-argentina.png
eu.safe-clicks.org/img/ 3 KB
3 KB 80ms
65ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-argentina.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58c86674e33917bb061d6fbe3f601f2da9f58e856841c2cb698481f0ce9210a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-b4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpPuSP4k13K3NAgB8a9ix0jaCxqicikWbHa%2BQKMSMfLGPWMkrgBDtx6b36GCj54ha6tDNCpJz%2BUG9gax3%2Bkyf8R2gXiYfiRKhm8dVl13WPOqdV59WyeCm0Mjgfxn6nRec07hz3c9m%2BQac29Tizs6PD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a183c046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2890

GET
H3 200 bandeira-colombia.png
eu.safe-clicks.org/img/ 1 KB
2 KB 125ms
111ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-colombia.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f18a45791eaed01f8cf3a23d31019b05c9097f162b2b25ca5bc482ef4c442ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-4bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9npozyhtDQ4%2FMNeuCNr08LnaE72PQ2SwNki%2BTcbAFYYC0dcNv5H%2FQviijpU0SEJqIBCyhFpYCs6fI7R8e2NDJ3RsZJDG%2Fn4rwdVCVEQMVkSwl1nMn09xSnc4p6Ec6e4AYarCIe%2BC0FsTxcxLvGO7kw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a183f046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1212

GET
H3 200 bandeira-espanha.png
eu.safe-clicks.org/img/ 4 KB
5 KB 291ms
277ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-espanha.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756e309dcd9ef16efe1a04fd3b08bd7eef4e6113441786375ed2fcae143fd450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-11d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt1VuCEA5JX1zd70g9r16FIyfipVPiCyIG3a21K1MY8mPj3te0KeRRu5jTXmxMhxLqIcNtT7GHyjFjPoEYfoDBfPAvtyTGYx2MCZa8kzfuNMRzXvauDg8r%2BnIZU36e9r6d%2FJsd4H9uXFuBOhg3WXZDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1841046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4568

GET
H3 200 bandeira-portugal.png
eu.safe-clicks.org/img/ 5 KB
6 KB 286ms
271ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-portugal.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8884f0c62069fe452f935a7b5297212f2a1c63b5efd12bdb8bc3f1b378f553e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-1586"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ok1pI9YwjC7xN7LC40Udbkd3GOz8F88rb4a26SXvJlCz1jPGmTJVohgjvFNKQ%2B0gYVyjnnE22GoegU2AjdWloPqHwTsMCFZg6M%2BSxGq%2BwEYW7Vgdh94Co3eMMy53hFynVLqwhHJhqMxsSRs69dieD8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1849046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5510

GET
H3 200 bandeira-brasil.png
eu.safe-clicks.org/img/ 6 KB
7 KB 292ms
278ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-brasil.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af7918bb24d742a3d9b060dadb156beb1316784e6da7009b266df62c8a49ebbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-1890"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISD%2FejurhU5tWyqvtKaagokG%2FzpbGHF9WbRsRCSNGaautc7C%2FpMDhPeMl6D3d5MDeMAYpmq%2BtLOYQxIk4GBhFKBN7IXYjD0s3DqYsWdbBetw8GK2IVz5fLQoYvt0ts4dX8f%2ByZ7xanGC%2BpLyEeLap%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a184b046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6288

GET
H3 200 bandeira-mexico.png
eu.safe-clicks.org/img/ 3 KB
4 KB 175ms
161ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-mexico.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42901260df69064390e7b8345672a8df9f5a9a84734f6fd27fe72e6d016c0196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-d5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VD3vGqKotEx%2BsEq0%2FAwIKgCx%2B%2B6PEUivPtZfePQ4o6WQB81%2BoR7dJO5KCVUBKJm1XlEu4wTYhkd0FfzovHlBv4JkiVxO6uvZ6i0eIsRR2ev1hS%2BccIF%2BBzGPllFygxs%2BAoWA1dzKTpXKFxhCH3ZYbS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a184d046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3420

GET
H3 200 bandeira-chile.png
eu.safe-clicks.org/img/ 2 KB
2 KB 126ms
112ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-chile.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127cdb1ca58a40a1286adcf5c8bba2130b48a340667b85071987a5bfaa0665d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-782"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAtJcNqGAuGkTaMLkoyCcEbztTJrjWgS5DOxnCYWiCZixReCE%2F6%2BqAO8jEQi970q7SQW5acdKgnxb8Kbb3gSH2OYgvL8GK198oMweU%2BqlWwn1Ndo%2BTC9eZW8GgxKtF9QrhRxyJSSDzYp3VZ336T5nyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a184f046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1922

GET
H3 200 bandeira-peru.png
eu.safe-clicks.org/img/ 4 KB
5 KB 129ms
114ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-peru.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb51ddef38daed6c513339201d9532c0dd2923b83d487eea8f6733449b8615d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-1128"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geEBifTyhjn6l3OUCTDsYymGB%2Fs6wLmfYQ%2BtN1pEzjljjCXfXrDsabReL4%2BcZXISpHDHbp9jHIylKKZAPl%2FrzrYjyydIOzRWpyJx304a6EG3yOXOd7MrEu9NY5Bc3Oa6IdSOHvoU0oIG5R40h%2BGmGwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1851046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4392

GET
H3 200 bandeira-malta.png
eu.safe-clicks.org/img/ 2 KB
3 KB 155ms
140ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-malta.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0d404333e8bc5fae85f7898ee3261bb7026db3d6525e32733dde617b6f13b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-970"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cD%2FZ%2BcaikO0011tT%2BDwrmAJW7UBlyhm2uNLdjlqusW3QT4FutNnAyT%2FDJLRM2iSw%2BMJKP379mMpWHdUAiCzrNRJbi2kWvE5TZ%2BoGLirG7loeidLNybwKQUfXjyLe9%2FQvg1PhmL7wSfyCSOZeZKgJlo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1853046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2416

GET
H3 200 bandeira-uae.png
eu.safe-clicks.org/img/ 3 KB
3 KB 129ms
114ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/bandeira-uae.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6713501962cd068dfa81a85b90ddd6bba9540cfd53a2c9f7b783a89687a894c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-a55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DG4cOoGueYBmIIeQ00kHW2gNhNzw41CgK3HiYURmiBueMLMk5%2Bix5bDWGgDUxI4jPAEm3nTecI6uQRTd%2BiI0wUg3mfqrl4DPAW9yIf05jqOcWY9gsrVy9uhPjoVWhANWnc7tVG4XOQgdbYxDkPAzSco%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1854046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2645

GET
H3 200 content-background-991.jpg
eu.safe-clicks.org/img/ 46 KB
47 KB 291ms
277ms Image
image/jpeg 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/content-background-991.jpg

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618bcd45542ee2d8837e844ed10c708bcc8f787f2bcb577ef0cd4b92d42fccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-b964"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETZUCiUqqxc1C72%2Ba4zuG6IeEcD7lTcK1TeLgiY3%2FaC6kQLFcFSRt6pGqtFUwHuPuRd8vyh7rQK3tWuwBXEDu3iYjp%2BsrSRlB2BlRgoat6rOhBCRODWYWizhMBR%2FKhiK6wj1fsJAOrq9ABOHaOVbQTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1855046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47460

GET
H3 200 clicksafe-legal.png
eu.safe-clicks.org/img/ 24 KB
24 KB 332ms
317ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/clicksafe-legal.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2352530e4f65a08c4f700f0fe11cc7aa77666e23512e9329529661b955474050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-5fdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qiNS83RwXYQdFMrBwlP5beSPSjyrimhMUIFs2opF6BNywdDhOu5I41EW6y2BeUg1ut1zw04XqKF%2Fshp6Wu1p8wG0%2F67583byTdulvh6eOB6E%2FzE%2F9cneTnwFUBt%2BUJfT6le2p3hBK8Td4YJ43Z0OlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a1857046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24540

GET
H2 200 jquery-3.3.1.min.js Show response
assets-nld1.from-ditto.com/frontend/ 85 KB
31 KB 286ms
86ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/frontend/jquery-3.3.1.min.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 16 Mar 2023 13:51:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64131eeb-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrzC9HUNaxLc6JMNsSJwMCCq808DgQT4pnjoaB5xM1unQfh6nHIkLE5X0DoOmOHVzWNsTQewySFNRzInzF0RijhTOmwpqZiZZ0C9VOt3XrnTl4QjkVtZaJUcP5fp25iRHxHxNeoZca6idQBqxSXmSZwtqmb6ttjLDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6af9e7366d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 slick.min.js Show response
assets-nld1.from-ditto.com/frontend/slick/ 42 KB
11 KB 225ms
67ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/frontend/slick/slick.min.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f9431227ec51bf47a6eb408adb8c9c49561a634bf457c984940f38d1d4890d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 13:51:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64131eee-a76f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSroNFlyiU6oxooz5Wey8NOgFOj1v3Ax%2F8oHrbs7SfkgsEyXiITTSWfAAaPfpgubGtStnEv%2BuGzjSu69xq9v6riTd4LpoxDu9OOyj%2Fn0UIMDK3%2BWUK7qDUPFrMdddhzPrgl68yV3SYnMwcT37Iy1DSiZiPfHh8XxLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6af9ea366d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
14 KB 82ms
57ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.safe-clicks.org/
Origin: https://eu.safe-clicks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 1048
cdn-cachedat: 11/11/2022 02:42:40
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 34b6e8b5d218c630f8e2343d1fa736e3
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7aea3e6a1b8c9180-FRA
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 212ms
66ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-121789603-3

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

699de0efe15b51c3573ea1b138c2f99ac33db7f009f84a3996d4ee8d3ff5ad35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44813
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 19:23:19 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Mar 2023 20:04:40 GMT

GET
H2 200 ga4Analytics.js Show response
assets-nld1.from-ditto.com/js/ 989 B
1 KB 197ms
43ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/js/ga4Analytics.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d907e3ac5c91b95d554f3d216beeb20eef78ab4ee08d7aa56f71c07cbf25d8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1271
cf-polished: origSize=1668
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 13:51:42 GMT
server: cloudflare
etag: W/"64131eee-684"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AjiGRa6uCQfNLu7QVK7fvrO6knKy7KGcHvi9P%2FxsQGYmvCNWUAfVlWY9zh5IeO91OJt8CwaBr4LGa8etIQnZ2hXkO%2B8DQXCc%2FHkXOXmH0oUwI1aHUzMPcfHuFdZuYQnvswkh7NFVCc9qr%2BSytat1R%2B3kF%2FCprhgpRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6af9ec366d-FRA

GET
H2 200 jquery.mask.min.js Show response
assets-nld1.from-ditto.com/dist/jquery-mask-1.14.16/ 8 KB
4 KB 199ms
45ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/dist/jquery-mask-1.14.16/jquery.mask.min.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 13:51:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1271
etag: W/"64131eeb-2087"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o98cENVUP8n2MHp0ZTfA4rEok8%2F2OE3Cql8iumib3xXE35kunHGT3XGGvR3%2BbH6iJ%2F5RGRFl1S6fOhKKQbdtvf6bqrCITSWvohIZbcRUVm1f6YqmUzUkfkYqoFSNRxGmg3UOaqY6as%2FCGgSJjNYH5fKqzrhhrnhyEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6af9ee366d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.validate.min.js Show response
assets-nld1.from-ditto.com/dist/jquery-validation-1.19.5/ 24 KB
8 KB 199ms
46ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/dist/jquery-validation-1.19.5/jquery.validate.min.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 13:51:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1271
etag: W/"64131eeb-6019"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAbnMQI4AU3thonwcT0evB%2BA5mV%2BasqyJ8fntk4p5qJLU%2Fk0EWDh%2B054KBJ9JX7KH5NKiQ1m%2F6ntZA0B%2F86DKpjo7ksQYk4tIfM5hi6cEF2aQZQsU5oYhAYsi%2FvOqizQNBJ1pCbyX1PhJuUTPoYqrK5ARIrbdyPgrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6af9ef366d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 additional-methods.min.js Show response
assets-nld1.from-ditto.com/dist/jquery-validation-1.19.5/ 22 KB
7 KB 206ms
53ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/dist/jquery-validation-1.19.5/additional-methods.min.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 13:51:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1271
etag: W/"64131eeb-569e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sT429hzDJdyz2IYyyxfehlHf%2FKaVaOJ3KwnPdeI2iZs0Q7R0%2FlF0SROpvcqBD4I6Z7UbLuT9tYXaYdwHTH6P1eBx9Y%2FZ3iHw%2FjLhww0Xk5Ix469VognCFej8a8NCwiwGpxC4ByWi%2By8vl2x5Ck8v%2BPYQlgIPHiG6BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6af9f0366d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 global.js Show response
assets-nld1.from-ditto.com/lpv3/jquery/validate/methods/ 2 KB
1 KB 54ms
53ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/lpv3/jquery/validate/methods/global.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a28b55a68f2dcaac449e9f43601e04e641ae84ae244215f8082d27fa974ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1271
cf-polished: origSize=2023
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 13:51:42 GMT
server: cloudflare
etag: W/"64131eee-7e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZV66OWOA%2FrG4uZ%2BdlWDA3p1A%2FtdC6ZEQ27frmnDcb6zeUy%2BYI6TSxACQ4%2BuYU6uVl0SecXRWg%2FYnqrJU%2BvC28673%2F%2FDaD7dhZggRo5AZlJDQK7dzH26LT8Y%2Fre7sP%2BXSp9JqcgIwW%2BZsnQPaZ8Z%2FCFF13dUj0lVHzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6af9fb366d-FRA

GET
H2 200 es.js Show response
assets-nld1.from-ditto.com/lpv3/jquery/validate/messages/ 376 B
519 B 114ms
112ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/lpv3/jquery/validate/messages/es.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82592715184c128c5f312ad05c3881d632fe419e6f47054117b65b288680ceb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=415
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 13:51:42 GMT
server: cloudflare
etag: W/"64131eee-19f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iX2L3PPThO493Ee%2FKFlUQoHMUqSndbYVe6smhncvijnUp2t83hGtlqjKbqAa%2BQfaRK0ZwilguVEbDR0eGixld4ppzMI71JhzGTK3zql8Nsh9xz6pXU2Gd16TQOkOkAF2bavAqgSwClNaueYiew7cMqD30qrmVMt16A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6af9fd366d-FRA

GET
H2 200 es.js Show response
assets-nld1.from-ditto.com/lpv3/jquery/validate/masks/ 171 B
425 B 108ms
107ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/lpv3/jquery/validate/masks/es.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c5e34bcbd5b313a0fef80eb862c11cbf4d26caeb66809ccc961f3d95085527f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=176
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 13:51:42 GMT
server: cloudflare
etag: W/"64131eee-b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cELmlqlw48lt8Din4TPQuOIW9uJBE8txh8pfmasgPiVmDBVcQVXhar0%2F84IV8Wd5JelcE770AlwQpgGYOFX%2Fm5Ijgp18de0qpCRIDTnyH%2FuG%2FJvvNVUeVzDMporfzPcX80Fd2cASN0byTRrgs03W065usrzXZtNxHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6b1a2f366d-FRA

GET
H2 200 es.js Show response
assets-nld1.from-ditto.com/lpv3/jquery/validate/methods/ 0
515 B 109ms
108ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/lpv3/jquery/validate/methods/es.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 13:51:42 GMT
server: cloudflare
etag: "64131eee-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rb5BvpiKaCk7yF4tEKptyDjQCZ6%2BRvdHQ0gCPC26cxvCMGDnfIGVk5N5lCe04apsLIVvqh2ZLgYpMqbDYwZ8VgP58a6EmOxCA7xIeRIPaqKRZrunB1drFpasSUY25x1I0o5aO620ptWQvafg1bP0JVMhGd9U2KNjVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6b1a31366d-FRA

GET
H2 200 jquery.auto-complete.min.css
assets-nld1.from-ditto.com/frontend/autocomplete/ 589 B
640 B 111ms
110ms Stylesheet
text/css 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/frontend/autocomplete/jquery.auto-complete.min.css
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3054d34ad1599894fb0aa6413f2455689b48d8ff68bcd05bc26af4fca12b7c47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 13:51:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64131eeb-24d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYv2sYkB%2BT76JA8w%2F5PDaq741RKNgJeOMuJXR888o2YdTDEfB65yQOrI8qs6PgOHjA6C1Cp6pDJsyR7vwFGHIUYNUekkkm2%2FN8JsUbX04bN9vE%2BGDhyvX4ZzdUanpu0J%2B6osxLQSGAe8hobPwIedVF0Qn6Pa3N69Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6b1a33366d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.auto-complete.min.js Show response
assets-nld1.from-ditto.com/frontend/autocomplete/ 4 KB
2 KB 129ms
128ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/frontend/autocomplete/jquery.auto-complete.min.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4747cac232fa6bf9eb95efc4a522b6df0b7dd6a6ce43de45c0aa64c92b596828

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 16 Mar 2023 13:51:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64131eeb-f54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgGXu0RvT2ji7eFpYOBYk7LS5xbWwevpEuNN3xZwam3SBtrvKNCyZUI%2BiO6hAEhCN7XKl8VjKd7WorFPsA0LiDCQAZ9pKkckHDJfZIDYoaWlUJSEMpAHQI31RiZxDcn%2BMkXqZVl%2Fulav1Fh2qE6nTeLxXWp%2BH369kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6b1a34366d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 es.js Show response
assets-nld1.from-ditto.com/lpv3/jquery/emailAutoComplete/ 490 B
586 B 113ms
111ms Script
application/javascript 2606:4700:3033::ac43:dc7f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-nld1.from-ditto.com/lpv3/jquery/emailAutoComplete/es.js
Requested by: Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:dc7f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65414b8c77a424215faf2080e4970766e2d695dc77a4a8b185842e6aa709fbee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=683
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 13:51:42 GMT
server: cloudflare
etag: W/"64131eee-2ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCUyAyURkU95tTYOXtftaFjEDyfxAKvf4jetqvbxTTFv7NXag5ysE%2B8ucMVd8LTGHdYbQ9n7lHC2sgQMoiSFk%2FG9jXpAwb8Qw5Knqtbi0MBFDp8RatZyTxsMDaqn6ji2DA5SJNkJEo6%2FRL53t0yObVpfUdCukJBTlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7aea3e6b1a36366d-FRA

GET
H3 200 scripts.js Show response
eu.safe-clicks.org/js/ 12 KB
3 KB 291ms
276ms Script
application/javascript 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.safe-clicks.org/js/scripts.js

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87799939da0090aa6bb4d591c60d88d08cdee637b800ab5ee79c95252181b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"626fdcc3-3138"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XvYPvJmE%2FrPEMIpJDsiC7b2q3fUeL5FgV%2F6Fc6HBM4ziESgbGbui6EFHNx95qbZhuwWa0E2eqYSd6yGXpXO1A5QDNwSBF2u9IC4GGZYQEvObWJ6oOapDKOpxC95sIRHE%2BURVUaBzt%2Bad5DNVBWcwhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 7aea3e6a1830046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 registerCampaignClick
eu.safe-clicks.org/ 0
562 B 332ms
317ms Image
text/html 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/registerCampaignClick

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dqpQ7QYTxADepTDGEH4B2pKKugpGFSnKR4CRjQpLIoX7mv9WSO1fQxbpAm%2FpiHyHjSgsPmYMo8tv3xt%2FS57tlFKNxD39TM93RRNLt28K%2BGvq1M%2BKAeEvxqWI2NsPxxi0%2Fjv16sxtdq2x2wpyuf95fYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, no-cache, private
cf-ray: 7aea3e6a185a046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 content-background.jpg
eu.safe-clicks.org/img/ 138 KB
138 KB 169ms
154ms Image
image/jpeg 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/content-background.jpg

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

044496cc9b69955e48b31d9dcc83c0e3c810027c30682bda92f243dabaaea8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-226ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7czice4aRbo70OI6Jo2yA4TNmCp%2BC2jJFCO9cer38d77XtuGzqf2Ms3Y3CbeoupkprhQ3TWfLyjJvRt448GDpWwjOL48TeCAAUER4pZXg0O4skCL3WkKvWJxnQBa8af07SakWgHcuKWzxD1s0BHLO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a185e046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140971

GET
H3 200 gradiente-row.png
eu.safe-clicks.org/img/ 1 KB
2 KB 433ms
418ms Image
image/png 2606:4700:3031::ac43:cb0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu.safe-clicks.org/img/gradiente-row.png

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:cb0b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39a5eaed67bb253e083eac07d1ac0f9d440ca20c3ba343b06cc5bf70db333991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 02 May 2022 13:29:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "626fdcc3-419"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHZCe8ljzsUpkoar40DsTjK2QCm%2Fexcbv5nxkfnOF3NwlEZ8etRI%2FC%2FJONpZ58Ll7ePuSaoZlnusyklzuYsBtiXUBJoqJJteZxokhjwGhy30iHtXmoQjTuuWT7DGly2bJyXMpl40EGKiexdBTnHGHIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aea3e6a185f046e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1049

GET
DATA 200
OK truncated
/ 147 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd635a67abfa8304e0688c19f33c41207dfadb79c8c8cc7703939b464ab5247e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 46 KB
46 KB 319ms
178ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eu.safe-clicks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:46 GMT
x-content-type-options: nosniff
age: 559614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:46 GMT

GET
H2 200 jizdRExUiTo99u79D0e8fOydLxUd.woff2
fonts.gstatic.com/s/ptsans/v17/ 32 KB
32 KB 246ms
105ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizdRExUiTo99u79D0e8fOydLxUd.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eu.safe-clicks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:47 GMT
x-content-type-options: nosniff
age: 559613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32964
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:47 GMT

GET
H2 200 jizYRExUiTo99u79D0e0x8mI.woff2
fonts.gstatic.com/s/ptsans/v17/ 42 KB
42 KB 317ms
177ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eu.safe-clicks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:52:57 GMT
x-content-type-options: nosniff
age: 364303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42500
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:01:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Mar 2024 14:52:57 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 44 KB
45 KB 179ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://eu.safe-clicks.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 559620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 198ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-121789603-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 27 Mar 2023 18:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 7170
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 27 Mar 2023 20:05:11 GMT

GET
H2 200 debug-toolbar-v4 Show response
api-nld1.addsales.com/v4/panel/ 0
576 B 503ms
77ms Fetch
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-nld1.addsales.com/v4/panel/debug-toolbar-v4?page_id=7813&multitest=2&at_version=actualtrade

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BVtDNiyraGsDAoy5Ul1GBRIDcm1R3tx2Fcx8HOkHxr0OYlFxexIT0CNF7Tyq7qkjdlJrCk4QcIZ8TkkJWeN8SKoMlnSTDKnS%2Bnk4GfHaTgOc65nHpc%2BOuuDwt4O8mqVm2mFERIyRZMIUI30Pt9IvoLqmVDw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html;charset=UTF-8
access-control-allow-origin: https://eu.safe-clicks.org
charset: UTF-8
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7aea3e6f1cc09241-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/ 350 KB
117 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7291932246181559&plah=eu.safe-clicks.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7d4c870ae0865e6ea8c29e27fb7d634282ed18d6d6c85872653eaf090baf8b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119751
x-xss-protection: 0
server: cafe
etag: 17781745200001003813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 20:04:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230323/r20190131/ Frame 1470 10 KB
5 KB 385ms
51ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230323/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eu.safe-clicks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11073
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 17:00:08 GMT
etag: 2378337311435320485
expires: Mon, 10 Apr 2023 17:00:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
146 B 55ms
46ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1970241874&t=pageview&_s=1&dl=https%3A%2F%2Feu.safe-clicks.org%2F&ul=en-us&de=UTF-8&dt=SafeClicks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1095751287&gjid=344076353&cid=1506974291.1679947481&tid=UA-121789603-3&_gid=100212809.1679947481&_r=1&gtm=457e33m0&jsscut=1&z=946379739

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://eu.safe-clicks.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 20:04:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eu.safe-clicks.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
189 B 43ms
39ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1970241874&t=event&_s=2&dl=https%3A%2F%2Feu.safe-clicks.org%2F&ul=en-us&de=UTF-8&dt=SafeClicks&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Version%20B&ea=form_view&el=View&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1506974291.1679947481&tid=UA-121789603-3&_gid=100212809.1679947481&gtm=457e33m0&jsscut=1&z=1984132626

Requested by

Host: eu.safe-clicks.org
URL: https://eu.safe-clicks.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7170
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
607 B 193ms
51ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=eu.safe-clicks.org&callback=_gfp_s_&client=ca-pub-7291932246181559

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7291932246181559&plah=eu.safe-clicks.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8967fd5cae2faaf4fb30a51eae29c0eb1c918335aa92f6e06aede4da82cf3420

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 197ms
48ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=eu.safe-clicks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 183ms
49ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eu.safe-clicks.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58F9 603 B
245 B 135ms
111ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7291932246181559&output=html&adk=1812271804&adf=3025194257&lmt=1679947481&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Feu.safe-clicks.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679947481087&bpp=3&bdt=663&idt=267&shv=r20230323&mjsv=m202303210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5720470420993&frm=20&pv=2&ga_vid=1506974291.1679947481&ga_sid=1679947481&ga_hid=1970241874&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44777876%2C44759875%2C42532089%2C31073099%2C31073107%2C44774292%2C44787456&oid=2&pvsid=3682769835378459&tmod=703197682&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=310

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eu.safe-clicks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 20:04:41 GMT
expires: Mon, 27 Mar 2023 20:04:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 172ms
90ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230323&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

574c952fdf05eee0ff1cf74afa821469643d29db28bc3b1cf84b280a70a18514

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11162
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 178ms
56ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 27 Mar 2023 20:04:41 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B40 13 KB
5 KB 79ms
68ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eu.safe-clicks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 19:17:52 GMT
expires: Tue, 26 Mar 2024 19:17:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0F5D 783 B
1 KB 182ms
55ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d37db4909bf025ee30db0a40e2dc6459ba7efbb0ed71138093ba1affc29cd3c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cD46yvtp9uGo3h9V_-grXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu.safe-clicks.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-cD46yvtp9uGo3h9V_-grXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 27 Mar 2023 20:04:42 GMT
expires: Mon, 27 Mar 2023 20:04:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B40 36 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3b1Q3-2ktxseIVt-HK-LDpEKRyl8KDIxhU6os0UJEUg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 19:14:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 19:14:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0F5D 0
0 73ms
73ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230323&jk=3682769835378459&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1B40 0
10 B 41ms
39ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ktfaFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 20:04:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
92ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230323&jk=3682769835378459&bg=!eXqlei7NAAbO2UOH7tk7ADkAdvg8WqznIj3BgAM4lgwcXszJ0fO10wRftgFNqX_tKHB2uOO_QtzBhGYhISwH0Yd_9hPJat-dsacCAAABK1IAAAAFaAEHCgDGy9ff5AJpRpIrG12ksZUY9gvBgFWd4xpceXwJFOdszL0IGPv7_TlGli76UlFFW4s3lpIVRcaG3mrnBhwbyDqSBxLZbs6PQTrVVdn09lYPs1BEnTIsZmbFuExtAHusRzP5QiFcBWbdQmy-nFMCHSOV268NIYGCPngOPohOEWzrJzo675d4jUHYNbc5stwwL6woNo8LHciTHc2OhTPkelXs76fvYx5Amsd1fJj3Ru8UW407OmYe-BwMRV2v0kdY7HVDue5ZO7gymQK9nyOu79-x3kvD5CPSzVve6vAuL0P5lB4h2jCTG1V8O6KnrcJHCgar05cXpyLB7Gw_PVd7nLU90lVXBCMEeVA8ItCHM9BBJSYrFQaK8AGuzuP4HYSRsziZC7kxL_4dIHpeuvjtq90eWp_ypWn-px9UUAEbunFffRu0AEhu-Vp78xcnZVDRBWb19P-QA1Ufx1MigVdPkyS3Ui6oWphf6g-r1S-32Sv6KBivMA2uJWFHQer0pOb_yL9ue2aKHjBI8JgVobv5GjHPv8zo3VKCuLGZrg_QBir89b1Uah_YqXI2b4qhHGZoz6dKQScnjT3WwTfvcnkqZm5afZWvLmJrP1dmHlzmkOIAe5cSMHOMOodYF6C3kvahtTRhIcpmcHM3wxNxTUCE_9Jg4NrSmytbJhgkq6_O7BRlYTLLkZLMdAL--sjLAHKq-ZXTund-4COSo-ONB0FvJnNeggAMobO-jQ8TjWmcKD4vh9F-OAKp6fCsjDeSrcJSnFLwFBG00WlucQ2wB9nvn6QGYASmaO2AVTwtsSOzu1n-anBJl-nALNQWWPJoiehHPo5ebiuaKXS5Kfu1NgpItF348j2ry7bkHg5Zvkob_Q2kYfGZXT6PxzMSFDzwXCIVY4trlLtkd1DXQ8i2E7svDB6MylYjhrUs9Lv55GGc0DL6s-EwQFqof1qyBUNYXxauWAIXAEGG8kzIigN3QyH5nFBpq0AWhT8KBG2vRpBUhbV0fjSofSlDzL9M_OW0UNKdnA8vLDX7ttdFsDhxT0X5GBH9a6FcxIhMybWZ-PY8WibSKT219UEMXCl9oe5HjaLZ5EPvbBueOvlzzd8_g5t74WEzowJUfOZTWVgwtqCaVzxfo9kil5gu_GbAi4-U2la5eKqkEyCGJjYzvcGwxwfxUSMpkDLqE25aEMcf3FOYbDDlrP5VFxoc-UE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eu.safe-clicks.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.eu.safe-clicks.org/	1969-12-31 23:59:59	Name: SID Value: m3vhv79fp29oo7cn328hk5jddv
.safe-clicks.org/	1970-01-20 20:15:07	Name: _ga Value: GA1.2.1506974291.1679947481
.safe-clicks.org/	1970-01-20 10:40:33	Name: _gid Value: GA1.2.100212809.1679947481
.safe-clicks.org/	1970-01-20 10:39:07	Name: _gat_gtag_UA_121789603_3 Value: 1
.doubleclick.net/	1970-01-20 10:39:08	Name: test_cookie Value: CheckForPermission
.safe-clicks.org/	1970-01-20 20:00:43	Name: __gads Value: ID=85b409bf63a2c946-227bc5a971dd004a:T=1679947481:RT=1679947481:S=ALNI_MYyGRfoynemNy4Al3ukNU7kBFCs5Q
.safe-clicks.org/	1970-01-20 20:00:43	Name: __gpi Value: UID=00000bcd603e45fc:T=1679947481:RT=1679947481:S=ALNI_MYHKH_LJ1fqHliskykNxDfeejjujg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api-nld1.addsales.com
assets-nld1.from-ditto.com
eu.safe-clicks.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2606:4700:3031::ac43:cb0b
2606:4700:3033::ac43:dc7f
2606:4700::6812:bcf
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2002
2a06:98c1:3121::3
001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
044496cc9b69955e48b31d9dcc83c0e3c810027c30682bda92f243dabaaea8fe
127cdb1ca58a40a1286adcf5c8bba2130b48a340667b85071987a5bfaa0665d7
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
14a51b026603f6f39f5477a3395cb18e67a2eab453cd776453ad8c4cf22543b4
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c5e34bcbd5b313a0fef80eb862c11cbf4d26caeb66809ccc961f3d95085527f
2352530e4f65a08c4f700f0fe11cc7aa77666e23512e9329529661b955474050
24a28b55a68f2dcaac449e9f43601e04e641ae84ae244215f8082d27fa974ec9
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
2a0db34dc14ef4b5ce73b230701c7561e5012667a4c9cb274ecab646e1474995
3054d34ad1599894fb0aa6413f2455689b48d8ff68bcd05bc26af4fca12b7c47
39a5eaed67bb253e083eac07d1ac0f9d440ca20c3ba343b06cc5bf70db333991
3d37db4909bf025ee30db0a40e2dc6459ba7efbb0ed71138093ba1affc29cd3c
3f18a45791eaed01f8cf3a23d31019b05c9097f162b2b25ca5bc482ef4c442ee
42901260df69064390e7b8345672a8df9f5a9a84734f6fd27fe72e6d016c0196
4747cac232fa6bf9eb95efc4a522b6df0b7dd6a6ce43de45c0aa64c92b596828
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
574c952fdf05eee0ff1cf74afa821469643d29db28bc3b1cf84b280a70a18514
58c86674e33917bb061d6fbe3f601f2da9f58e856841c2cb698481f0ce9210a5
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5f9431227ec51bf47a6eb408adb8c9c49561a634bf457c984940f38d1d4890d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64383a3970a3a6e5336f0894757a41f71eff77cafb250a7bd7d5943a8d8fa81d
65414b8c77a424215faf2080e4970766e2d695dc77a4a8b185842e6aa709fbee
6713501962cd068dfa81a85b90ddd6bba9540cfd53a2c9f7b783a89687a894c7
699de0efe15b51c3573ea1b138c2f99ac33db7f009f84a3996d4ee8d3ff5ad35
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
756e309dcd9ef16efe1a04fd3b08bd7eef4e6113441786375ed2fcae143fd450
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7f1d0ad08e99fd94041679d0a55a90426162b0305ab5daaf9fcb1d58867381ad
82592715184c128c5f312ad05c3881d632fe419e6f47054117b65b288680ceb8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8884f0c62069fe452f935a7b5297212f2a1c63b5efd12bdb8bc3f1b378f553e8
8967fd5cae2faaf4fb30a51eae29c0eb1c918335aa92f6e06aede4da82cf3420
9c92d5e1f186196d0a43deaacfb9f672000075559ef5dad3e4e9b7490d247526
a2589a323e4f1adef2017e0590b23583553b58085e698cc225862b06b1fde234
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a87a8e55263da8fd797660d33329ca72805b6c72e2c3ada1dba37aa616c4f4f6
af7918bb24d742a3d9b060dadb156beb1316784e6da7009b266df62c8a49ebbb
bd635a67abfa8304e0688c19f33c41207dfadb79c8c8cc7703939b464ab5247e
be9e7bb0298fbbb8f16d9209dc4d3dd0ecf8706b91dd1b07dafd8d06f82702aa
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d618bcd45542ee2d8837e844ed10c708bcc8f787f2bcb577ef0cd4b92d42fccc
d907e3ac5c91b95d554f3d216beeb20eef78ab4ee08d7aa56f71c07cbf25d8e7
dc9534679cf12341417329217442023c0581abd0c182c1f216403f74514219a5
ddbd50dfeda4b71b1e215b7e1caf8b0e910a47297c283231854ea8b345091148
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d4c870ae0865e6ea8c29e27fb7d634282ed18d6d6c85872653eaf090baf8b3
e87799939da0090aa6bb4d591c60d88d08cdee637b800ab5ee79c95252181b87
f0d404333e8bc5fae85f7898ee3261bb7026db3d6525e32733dde617b6f13b98
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0
fb51ddef38daed6c513339201d9532c0dd2923b83d487eea8f6733449b8615d3

eu.safe-clicks.org Open in urlscan Pro 2606:4700:3031::ac43:cb0b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

100 %IPv6

13 Domains

15 Subdomains

16 IPs

2 Countries

871 kBTransfer

1648 kBSize

7 Cookies

11 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

eu.safe-clicks.org Open in urlscan Pro
2606:4700:3031::ac43:cb0b Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

100 %
IPv6

13
Domains

15
Subdomains

16
IPs

2
Countries

871 kB
Transfer

1648 kB
Size

7
Cookies

64 HTTP transactions
1 data transactions