paulownias.ch Open in urlscan Pro
63.250.43.129 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paulownias.ch/
Effective URL:
https://paulownias.ch/
Submission: On October 30 via manual (October 30th 2023, 3:07:09 pm UTC) from US — Scanned from CH

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 14 domains to perform 49 HTTP transactions. The main IP is 63.250.43.129, located in United States and belongs to NAMECHEAP-NET, US. The main domain is paulownias.ch. The Cisco Umbrella rank of the primary domain is 931840.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 18th 2023. Valid for: a year.

This is the only time paulownias.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.250.43.128 63.250.43.128	22612 (NAMECHEAP...) (NAMECHEAP-NET)
22	63.250.43.129 63.250.43.129	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
2 15	139.45.197.242 139.45.197.242	9002 (RETN-AS) (RETN-AS)
1	172.67.211.29 172.67.211.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
3	139.45.197.245 139.45.197.245	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2 2	3.69.182.131 3.69.182.131	16509 (AMAZON-02) (AMAZON-02)
2 2	104.21.61.39 104.21.61.39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	172.67.75.246 172.67.75.246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.5.82.77 185.5.82.77	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1 1	23.212.218.19 23.212.218.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	18.239.18.118 18.239.18.118	16509 (AMAZON-02) (AMAZON-02)
49	11

1 63.250.43.128 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: ingress-earth.ewp.live

paulownias.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 63.250.43.129 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: ingress-earth.ewp.live

paulownias.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 139.45.197.242 (United Kingdom) 2 redirects

ASN9002 (RETN-AS, GB)

ophoacit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cameesse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.211.29 (United States)

ASN13335 (CLOUDFLARENET, US)

inklinkor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)

groorsoa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.182.131 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-182-131.eu-central-1.compute.amazonaws.com

track.rinoleg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.61.39 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dikeledi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.75.246 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

linksprf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.5.82.77 (Germany) 1 redirects

ASN20546 (SOPRADO-ANY, DE)
PTR: xb905524d.host.myracloud.com

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.218.19 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-218-19.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.18.118 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-118.ams58.r.cloudfront.net

www.lebara.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	paulownias.ch 1 redirects paulownias.ch — Cisco Umbrella Rank: 931840	9 MB
8	cameesse.net 1 redirects cameesse.net — Cisco Umbrella Rank: 37132	22 KB
7	ophoacit.com 1 redirects ophoacit.com — Cisco Umbrella Rank: 85156	149 KB
4	linksprf.com 2 redirects linksprf.com — Cisco Umbrella Rank: 123082	3 KB
3	groorsoa.net groorsoa.net — Cisco Umbrella Rank: 34771	37 KB
2	lebara.ch 1 redirects www.lebara.ch	346 B
2	adcell.com 1 redirects t.adcell.com — Cisco Umbrella Rank: 64876	4 KB
2	dikeledi.com 2 redirects dikeledi.com	1 KB
2	rinoleg.com 2 redirects track.rinoleg.com	1 KB
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 18131	796 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11206	542 B
1	gstatic.com fonts.gstatic.com	16 KB
1	inklinkor.com inklinkor.com — Cisco Umbrella Rank: 92642	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
49	14

	Domain	Requested by
23	paulownias.ch	1 redirects paulownias.ch
8	cameesse.net	1 redirects inklinkor.com ophoacit.com
7	ophoacit.com	1 redirects paulownias.ch ophoacit.com
4	linksprf.com	2 redirects ophoacit.com
3	groorsoa.net	ophoacit.com inklinkor.com groorsoa.net
2	www.lebara.ch	1 redirects linksprf.com
2	t.adcell.com	1 redirects linksprf.com t.adcell.com
2	dikeledi.com	2 redirects
2	track.rinoleg.com	2 redirects
1	www.awin1.com	1 redirects
1	my.rtmark.net	ophoacit.com
1	fonts.gstatic.com	fonts.googleapis.com
1	inklinkor.com	paulownias.ch
1	fonts.googleapis.com	paulownias.ch
49	14

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
paulownias.ch Sectigo RSA Domain Validation Secure Server CA	`2023-08-18` - `2024-07-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
ophoacit.com R3	`2023-08-16` - `2023-11-14`	3 months	crt.sh
inklinkor.com GTS CA 1P5	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
groorsoa.net R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
cameesse.net R3	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.linksprf.com GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh
adcell.com Certum Domain Validation CA SHA2	`2023-07-28` - `2024-07-27`	a year	crt.sh
lebara.ch Amazon RSA 2048 M02	`2023-09-16` - `2024-10-15`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://paulownias.ch/
Frame ID: DAD6F2FE09238EAF3DF54B01670DCF19
Requests: 42 HTTP requests in this frame

Frame: https://t.adcell.com/p/click?promoId=324284&slotId=47322&param0=http%3A%2F%2Fwww.expondo.ch&subId=v030400014898bed1e0c47c6545ae82c183b6b1f5b264&referer=https%3A%2F%2Flinksprf.com%2F&fp=51611db92410e655599e39f8f89cccfa
Frame ID: A19972C634CD18D822A6F412875CE3D0
Requests: 3 HTTP requests in this frame

Frame: https://www.lebara.ch/de/?sv1=affiliate&sv_campaign_id=143466&awc=28635_1698678420_38a95a33654e9efbea96731acc68412b
Frame ID: A37A188B6B3B802AC956325EA0E8A0B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live News Pro -

Page URL History Show full URLs

http://paulownias.ch/ HTTP 301
https://paulownias.ch/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Page Statistics

49
Requests

94 %
HTTPS

0 %
IPv6

14
Domains

14
Subdomains

11
IPs

4
Countries

9771 kB
Transfer

10479 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paulownias.ch/ HTTP 301
https://paulownias.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://ophoacit.com/121?rnd=3595903123&z=6471294&b=18859516&c=7368931&var=&varid=0&d=https%3A%2F%2Ftrack.rinoleg.com%2Fb868dcf8-188e-40e6-ae91-07b1cc04a1ec%3Fzoneid%3D6471294%26subzone_id%3D%7Bsubzone_id%7D%26browser%3D%7Bbrowser%7D%26os%3D%7Bos%7D%26device%3D%7Bdevice%7D%26region%3D%7Bregion%7D%26isp%3D%7Bisp%7D%26useragent%3D%7Buseragent%7D%26language%3D%7Blanguage%7D%26connectiontype%3D%7Bconnection.type%7D%26cost%3D%7Bcost%7D%26visitor_id%3D742873729463230464&cln={CELL_NUMBER}&btp=7&rb=1FUJDRTsYlm6XejqcUvfi9Z0ZZG-VCfZzIdfkwLfGeeQ2dnBdKq7H3grdmG7hrm_M3ZpfGlvus9n8kafZOjEtGJ4uiY_WeNhedUr6MgYyyM6tfj3u_Sf4a1dUGQtYlFog9ZqOn1IQTsS2UAqXqx3kQAo5iUGqXqa9N3hdRqGxj0lf1ElohLMGuPDOkZmvH7lBlUIC1-GHzX7WtFpkYJncHcVBO_s2AA2NuvgTPi8NPDywcGeUjc4onnzxc7fWObeNNumec5GoekVXGJq-30jJZVadUE0Yts8JUWizuF1cd8LOs7gnfYYg5WRBPr64UYZhh4_p2UX-Ds8f6NV7gFlwXGG9g5wkboyPVjUP1JS-gUqxyabhruwmx8pjV10ghn5T0sk4a1TgyO2C6bie4VKWZH8uQ5DH-kXsH2zo0-I-QzJ_ucqlIerAWaPSzAvBji_ydbtF6myUnuY1CYH&bag=ydU9kaAfa6I=&ruid=49f9b701-aa38-48e8-b03d-bf2c94061e2f&subid=742873729463230464 HTTP 302
https://track.rinoleg.com/b868dcf8-188e-40e6-ae91-07b1cc04a1ec?zoneid=6471294&subzone_id=0&browser=chrome&os=windows&device={device}&region={region}&isp={isp}&useragent={useragent}&language={language}&connectiontype={connection.type}&cost=&visitor_id=742873729463230464 HTTP 302
https://dikeledi.com/dikel/?dikel=https://linksprf.com/v1/redirect?type=linkId&id=d61ed0bab3fe45249727c3ac3ca0dd1f&api_key=bb7bf1b5c6193581171557a6b1c15f13&site_id=c2dc378b17bd410d94db624bbd45101d&dch=feed&ad_t=advertiser&offerid=fb2f26ba443040d49ff88168743f7336&yk_tag=wo2phs8lo2g0jvlsiuvhir0k HTTP 302
https://linksprf.com/v1/redirect?type=linkId&id=d61ed0bab3fe45249727c3ac3ca0dd1f&api_key=bb7bf1b5c6193581171557a6b1c15f13&site_id=c2dc378b17bd410d94db624bbd45101d&dch=feed&ad_t=advertiser&offerid=fb2f26ba443040d49ff88168743f7336&yk_tag=wo2phs8lo2g0jvlsiuvhir0k HTTP 302
https://linksprf.com/v2/go?t=4t2p5%3A1%2F6.3d1e2lec5m5pcc4i0k1peo8o8d1304483%26vldtbds4h3.2dporxm.%3DwtFp%2532%25AF%252twhw0eapan%26o2c7%26%3DuIIo%3Ds0402020%3D4I9mbrd%3Feccl7%2F6%2F4oa.8lcc8abtb%2Ffsbt6h&e=1&ai=fb2f26ba443040d49ff88168743f7336&sct=0&ct=1698678419262&cu=bed1e0c47c6545ae82c183b6b1f5b264&ykuid=6769c1078c914ec6998f62376db1b882&sc=1&cs=60047b67b988fb7d6724c9fa89e62310

Request Chain 41

https://cameesse.net/121?rnd=3838403723&z=6511515&b=18859516&c=7368931&var=&varid=0&d=https%3A%2F%2Ftrack.rinoleg.com%2Fb868dcf8-188e-40e6-ae91-07b1cc04a1ec%3Fzoneid%3D6511515%26subzone_id%3D%7Bsubzone_id%7D%26browser%3D%7Bbrowser%7D%26os%3D%7Bos%7D%26device%3D%7Bdevice%7D%26region%3D%7Bregion%7D%26isp%3D%7Bisp%7D%26useragent%3D%7Buseragent%7D%26language%3D%7Blanguage%7D%26connectiontype%3D%7Bconnection.type%7D%26cost%3D%7Bcost%7D%26visitor_id%3D742873732105641984&cln={CELL_NUMBER}&btp=7&rb=uu9kYW0fqfnRWfMtsQzJPKVQ2Pjwk6bImrbG991ve7eXWzsD_8lX5ZhUo1RwtkMRlcQGz4ssdN10dCnoiprsVNV6S__pZ7gSIydKW1K_PR95dbt0z54IZPocPWDZ5_UmC8CKcnBm_lP7OwFJ8SGkYxjMw08yGi0jvU1ufWV13VhznfWxKQ7NKfU2d4X22OTV28B3hKsXRu7w3eLw7wKwVed_L7tUTcOKENTW37K4QhqfEGb5uSHELR5M1sOcCoPJixPrzek7sRkX41Bjbwl2b9zz8BpYD6lWXhHwCMA7ralQxjBBHAFm5JKbv-s4xk0drcYPCxWXsGsdXpWIBJf-KIdHdSwS0ygWNfplBzepxrSMyPVaV4cGwDpHz6t8H_JkyInSxNIFdfJg4rAP_oESM-3t6o3-tdYzjZnLH5LLrkN6nLdGIIMOaHIv3hMW54GaH3JaA_ytb1jAWJWO&bag=ydU9kaAfa6I=&ruid=14287c9a-0966-4eac-8b52-15d54ef7bd0b&subid=742873732105641984 HTTP 302
https://track.rinoleg.com/b868dcf8-188e-40e6-ae91-07b1cc04a1ec?zoneid=6511515&subzone_id=0&browser=chrome&os=windows&device={device}&region={region}&isp={isp}&useragent={useragent}&language={language}&connectiontype={connection.type}&cost=&visitor_id=742873732105641984 HTTP 302
https://dikeledi.com/dikel/?dikel=https://linksprf.com/v1/redirect?type=linkId&id=837ab3f3787842a8b60d31a77722a66a&api_key=bb7bf1b5c6193581171557a6b1c15f13&site_id=c2dc378b17bd410d94db624bbd45101d&dch=feed&ad_t=advertiser&offerid=e16da65f490b4a46b3675e559b69a9f3&yk_tag=w9prl92hh8q0kvlsiram1a8q HTTP 302
https://linksprf.com/v1/redirect?type=linkId&id=837ab3f3787842a8b60d31a77722a66a&api_key=bb7bf1b5c6193581171557a6b1c15f13&site_id=c2dc378b17bd410d94db624bbd45101d&dch=feed&ad_t=advertiser&offerid=e16da65f490b4a46b3675e559b69a9f3&yk_tag=w9prl92hh8q0kvlsiram1a8q HTTP 302
https://linksprf.com/v2/go?t=ht.pr%3Ab%2Flww.ww2nF.%25o3%2Fpwtl%3Dc%26.oh.%3Fpit%3Do8h3a%26edo1%3D3f6r%26%26l1c1r4fbl4v6fds9i0n4ibs1c8m3cdick5ed25v4334f0112898e962f9ee9f269e8982110f4334v5rdw5%26coi.kpet3ochda3e8o1%3Dbf4r0c9ld%266141b4d5b02dbc4idk1ed47lbv7fcs2i%3Dnfirscclm%26a6c1%3D5070a0b0e499e34db031130bd43e994e0b0a0705%3D1f6r-c2lc%267ob.7pdt1odh4abe2ob%3Dde5k0idcp6e414l%3Dvif5s6i2ndimspcpmkpihcta%25mAc21%25iFaww.we%2Fasatch&e=1&ai=e16da65f490b4a46b3675e559b69a9f3&sct=0&ct=1698678419377&cu=39d2091e3fb64ee992e1bfa374551d65&ykuid=7459cfdfb07442e6a07f558423e5e507&sc=1&cs=26c3b2286da772e7de52c1268354bde6

Request Chain 43

https://t.adcell.com/p/click?promoId=324284&slotId=47322&param0=http%3A%2F%2Fwww.expondo.ch&subId=v030400014898bed1e0c47c6545ae82c183b6b1f5b264 HTTP 302
https://t.adcell.com/forward?promoId=324284&slotId=47322&param0=http%3A%2F%2Fwww.expondo.ch&subId=v030400014898bed1e0c47c6545ae82c183b6b1f5b264&referer=https%3A%2F%2Flinksprf.com%2F

Request Chain 44

https://www.awin1.com/awclick.php?mid=28635&id=143466&clickref=lovefashiontips.com&clickref2=v03040001489839d2091e3fb64ee992e1bfa374551d65&clickref3=c2dc378b17bd410d94db624bbd45101d&clickref4=lovefashiontips.com&awcr=v03040001489839d2091e3fb64ee992e1bfa374551d65-c2dc378b17bd410d94db624bbd45101d&pref1=lovefashiontips.com&p=http%3A%2F%2Fwww.lebara.ch HTTP 302
https://www.lebara.ch/?sv1=affiliate&sv_campaign_id=143466&awc=28635_1698678420_38a95a33654e9efbea96731acc68412b HTTP 302
https://www.lebara.ch/de/?sv1=affiliate&sv_campaign_id=143466&awc=28635_1698678420_38a95a33654e9efbea96731acc68412b

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
paulownias.ch/
Redirect Chain

http://paulownias.ch/
https://paulownias.ch/

76 KB
16 KB

591ms
172ms

Document
text/html

63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

fc41cf700da307089b747db3af586885ea4e439b74b49bd5429d3a17f5682f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 27670
cache-control: public
content-encoding: gzip
content-length: 15538
content-type: text/html; charset=UTF-8
date: Mon, 30 Oct 2023 07:25:45 GMT
link: <https://paulownias.ch/wp-json/>; rel="https://api.w.org/"
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: HIT
x-cacheable: YES
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
location: https://paulownias.ch/

GET
H2 200 style.min.css
paulownias.ch/wp-includes/blocks/navigation/ 16 KB
3 KB 189ms
189ms Stylesheet
text/css 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-includes/blocks/navigation/style.min.css?ver=6.3.2

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

8bc38a3ba348b745e3267b8354828f3fd3a91ba2b479331567344e33bb574580

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 57999
x-cache: HIT
content-length: 2241
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Aug 2023 19:59:46 GMT
server: nginx
etag: W/"64d29eb2-3ed1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 header-footer-elementor.css
paulownias.ch/wp-content/plugins/header-footer-elementor/assets/css/ 776 B
846 B 342ms
340ms Stylesheet
text/css 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.17

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 57999
x-cache: HIT
content-length: 323
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Oct 2023 07:59:28 GMT
server: nginx
etag: W/"6530e1e0-308"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 elementor-icons.min.css
paulownias.ch/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 189ms
187ms Stylesheet
text/css 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.23.0

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

941b1493157dfb7316bcb3c7357a94e9ba173607d80559408620f4ab4c39c88d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 58000
x-cache: HIT
content-length: 4009
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Oct 2023 19:59:30 GMT
server: nginx
etag: W/"653973a2-4c4d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-lite.min.css
paulownias.ch/wp-content/plugins/elementor/assets/css/ 115 KB
14 KB 191ms
189ms Stylesheet
text/css 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.17.1

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

bce03924db334ec1c0000b5eb4a77edca62584ddc8c0dc0e3509066e7cc8ee5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 58000
x-cache: HIT
content-length: 13773
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Oct 2023 19:59:30 GMT
server: nginx
etag: W/"653973a2-1ca54"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper.min.css
paulownias.ch/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 16 KB
5 KB 340ms
339ms Stylesheet
text/css 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 58000
x-cache: HIT
content-length: 4583
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Oct 2023 19:59:31 GMT
server: nginx
etag: W/"653973a3-4057"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 post-5.css
paulownias.ch/wp-content/uploads/elementor/css/ 1 KB
885 B 190ms
188ms Stylesheet
text/css 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-content/uploads/elementor/css/post-5.css?ver=1698263981

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

2102a0b74217eba7d3d467ade74353c6561a607f984ef38c9ee09f4cf7a1f4df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 57999
x-cache: HIT
content-length: 362
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Oct 2023 19:59:41 GMT
server: nginx
etag: W/"653973ad-453"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 global.css
paulownias.ch/wp-content/uploads/elementor/css/ 15 KB
2 KB 189ms
188ms Stylesheet
text/css 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-content/uploads/elementor/css/global.css?ver=1698263982

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

2e73887e0624379c8a18b26965c407aeda99b9d814e5db9f9936a41f511645bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 57999
x-cache: HIT
content-length: 1378
x-xss-protection: 1; mode=block
last-modified: Wed, 25 Oct 2023 19:59:42 GMT
server: nginx
etag: W/"653973ae-3ccb"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 48 KB
2 KB 417ms
37ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.3.2

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

4d8c5099f6aed32fbdf9ea4a4c34f2d9bf9e39fd2eab5f62f36f1dfdb3780c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Oct 2023 15:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 13:30:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Oct 2023 15:06:56 GMT

GET
H2 200 view.min.js Show response
paulownias.ch/wp-includes/blocks/navigation/ 1 KB
945 B 188ms
186ms Script
application/javascript 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-includes/blocks/navigation/view.min.js?ver=886680af40b7521d60fc

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

ab818ea203ab8d42199843b83b588ccfd1709d0f2d0f9c6134705a7b214d3ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 57999
x-cache: HIT
content-length: 408
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Aug 2023 19:59:46 GMT
server: nginx
etag: W/"64d29eb2-470"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 view-modal.min.js Show response
paulownias.ch/wp-includes/blocks/navigation/ 8 KB
3 KB 186ms
185ms Script
application/javascript 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-includes/blocks/navigation/view-modal.min.js?ver=b478fa3cd1475dec97d3

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

54fa98ef8a13985472ddcb006b93f2f1283037b914a75de41daf3aad7a429f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 57999
x-cache: HIT
content-length: 2755
x-xss-protection: 1; mode=block
last-modified: Tue, 08 Aug 2023 19:59:46 GMT
server: nginx
etag: W/"64d29eb2-1e86"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1 Show response
ophoacit.com/ 42 KB
16 KB 184ms
86ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/1?z=6471294
Requested by: Host: paulownias.ch
URL: https://paulownias.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: fc92db0145c60d6f363fded167a600f72232137eb621b3d6cdef0aabf316a20a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: d85c19fe58395450fea399c95cf5267c
pragma: no-cache
date: Mon, 30 Oct 2023 15:06:56 GMT
content-encoding: gzip
x-sc: KXnzJb0IHvGsRnQEjWP6FSfSIYZcDE-81keo5fyQBngr86CuCUOxT7_wlKZNS3g-9CgVdakdytm8xQr2b7vvrM8npOg=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 35-16.jpg
paulownias.ch/wp-content/uploads/2023/10/ 1 MB
1 MB 342ms
341ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/35-16.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

b31531d0ab54bba26660c9bab5b2cf9653521f35d53f355c1fb1e7e48323b832

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 08:08:04 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 25131
x-cache: HIT
content-length: 1492301
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Oct 2023 20:54:51 GMT
server: nginx
etag: "653ec69b-16c54d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 31-10.jpg
paulownias.ch/wp-content/uploads/2023/10/ 451 KB
452 KB 342ms
341ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/31-10.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

5a549f335037b00a0e8753671f4382ba81558c15c9454a4f2dc34082362a02e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 10:28:11 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 16724
x-cache: HIT
content-length: 461803
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Oct 2023 20:45:09 GMT
server: nginx
etag: "653ec455-70beb"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 27-9.jpg
paulownias.ch/wp-content/uploads/2023/10/ 1 MB
1 MB 340ms
340ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/27-9.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

577ea790fa2c6c2fcf462c09942912358125503c99c9ad1a394a0de2539f2f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 13:59:38 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 4037
x-cache: HIT
content-length: 1462883
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Oct 2023 20:39:01 GMT
server: nginx
etag: "653ec2e5-165263"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads.js Show response
paulownias.ch/wp-content/plugins/quick-adsense-reloaded/assets/js/ 562 B
831 B 435ms
425ms Script
application/javascript 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.78

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

7278214b0f01bfd6c59032cb72f2ddf23530e597ee18bc2653505118bce7516f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 58000
x-cache: HIT
content-length: 294
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Oct 2023 19:59:31 GMT
server: nginx
etag: W/"6525ad23-232"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 039dbd2d-e68f-4935-bf87-3b58880ece64
https://paulownias.ch/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://paulownias.ch/039dbd2d-e68f-4935-bf87-3b58880ece64
Requested by: Host: paulownias.ch
URL: https://paulownias.ch/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 tag.min.js Show response
inklinkor.com/ 79 KB
28 KB 484ms
55ms Script
text/javascript 172.67.211.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://inklinkor.com/tag.min.js
Requested by: Host: paulownias.ch
URL: https://paulownias.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.211.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cc86e2557d9500456d230530757b5b333957497426d58f24f5af7d88d9ed066

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1816
alt-svc: h3=":443"; ma=86400
x-trace-id: fb472d3bf5ede9792d1a424a632d985c
pragma: no-cache
last-modified: Fri, 27 Oct 2023 10:30:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=go2JhXDIBZAfxT4fmQJY8%2FfmIEtTAIZyvZzDRRG3OvtW1YTtp%2B9j6XQ4yPHIQS4YoFiPvtGLuvJ93ebHv%2B4rRsZeFVgTR1BsGB245IF2A9vp1u%2BsjHHdWyPZoChqqWpO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 81e490a74aa30d61-MXP
expires: Tue, 31 Oct 2023 14:36:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 455ms
29ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paulownias.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 298804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 04:06:52 GMT

GET
H2 200 25-16.jpg
paulownias.ch/wp-content/uploads/2023/10/ 485 KB
486 KB 549ms
547ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/25-16.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

a86a57cece681ae8d500e0d02e7c234e3f456da3aeade365c7b8662e64542b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 0
x-cache: MISS
content-length: 496712
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Oct 2023 20:25:59 GMT
server: nginx
etag: "653ebfd7-79448"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 24-14.jpg
paulownias.ch/wp-content/uploads/2023/10/ 1 MB
1 MB 547ms
545ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/24-14.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

d778043be78159be281c056ca20909de3aed4795de33c0b12c597879f82c9a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 0
x-cache: MISS
content-length: 1271621
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Oct 2023 20:22:41 GMT
server: nginx
etag: "653ebf11-136745"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 23-17.jpg
paulownias.ch/wp-content/uploads/2023/10/ 830 KB
831 KB 548ms
546ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/23-17.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

5b99064eb58ef09eafe77c020a558b8c0090ba08ce9dd27c9f484977ea1bbe0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 0
x-cache: MISS
content-length: 850154
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Oct 2023 20:18:49 GMT
server: nginx
etag: "653ebe29-cf8ea"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 22-15.jpg
paulownias.ch/wp-content/uploads/2023/10/ 810 KB
811 KB 520ms
519ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/22-15.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

44a1047425ee265d67ced7482b554f2a8f0a8fbea439131081b65c4d7dba18e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 14:52:01 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 894
x-cache: HIT
content-length: 829497
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Oct 2023 20:16:10 GMT
server: nginx
etag: "653ebd8a-ca839"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 14-18.jpg
paulownias.ch/wp-content/uploads/2023/10/ 914 KB
915 KB 549ms
548ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/14-18.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

4c3f2334b4372c588aba67a3ff6430a52e6503a46d273e178da08ef3e7f1eef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 0
x-cache: MISS
content-length: 936323
x-xss-protection: 1; mode=block
last-modified: Sun, 29 Oct 2023 20:03:29 GMT
server: nginx
etag: "653eba91-e4983"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 14-17.jpg
paulownias.ch/wp-content/uploads/2023/10/ 822 KB
823 KB 549ms
548ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/14-17.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

f3776a0fd9182963860eab03bacffe7674aa6a7710aa31dea63aab9feca311a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 0
x-cache: MISS
content-length: 842233
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Oct 2023 07:02:08 GMT
server: nginx
etag: "653cb1f0-cd9f9"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 13-20.jpg
paulownias.ch/wp-content/uploads/2023/10/ 1005 KB
1006 KB 548ms
547ms Image
image/jpeg 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paulownias.ch/wp-content/uploads/2023/10/13-20.jpg

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

c98960b8d2655b451f8a840bf41272e4617817602b5560253de35fd3e265e748

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-cacheable: YES
age: 0
x-cache: MISS
content-length: 1029197
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Oct 2023 07:00:02 GMT
server: nginx
etag: "653cb172-fb44d"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1a35f96fe99c6fb6ce26f56167ed6e04 Show response
ophoacit.com/27/ 403 KB
128 KB 43ms
43ms Script
application/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04

Requested by

Host: ophoacit.com
URL: https://ophoacit.com/1?z=6471294

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

105cdd8ee1488423586ad4e289970eafc093376355ecc88bfc3eaed4ea3f2432

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: ebcea67c8b99fe3ccecae7552551a84b
date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
last-modified: Thu, 19 Oct 2023 07:17:48 GMT
server: nginx
content-encoding: gzip
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: max-age:290304000, public
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Thu, 18 Nov 2083 07:17:48 GMT

GET
H2 200 apu.php Show response
groorsoa.net/ 82 KB
32 KB 160ms
66ms Script
application/javascript 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://groorsoa.net/apu.php?zoneid=6508833

Requested by

Host: ophoacit.com
URL: https://ophoacit.com/1?z=6471294

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

67557e25265d807ff1f7a325d8f390263ebe8e55c8c5995b18c4c36c20b1fe07

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: 4234735e811fd1f93ffdec6d03c2046d
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
542 B 195ms
81ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

30a4337142db8e7b2717844ef4172ce2dd9c2fc7f736bf7b0039f02376bf1e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paulownias.ch
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 wp-emoji-release.min.js Show response
paulownias.ch/wp-includes/js/ 18 KB
5 KB 3779ms
3778ms Script
application/javascript 63.250.43.129
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://paulownias.ch/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: paulownias.ch
URL: https://paulownias.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.250.43.129 , United States, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

ingress-earth.ewp.live

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 23:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
x-cacheable: YES
age: 58000
x-cache: HIT
content-length: 5035
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Jun 2023 17:34:52 GMT
server: nginx
etag: W/"6491e33c-4904"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
groorsoa.net/5/6485949/ 3 KB
2 KB 119ms
118ms XHR
application/json 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://groorsoa.net/5/6485949/?oo=1&js_build=iclick-v1.615.0
Requested by: Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 575ada98533428e4d14369ff2bcdce2235fe4a24efbe2e754df67428699d8827

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
content-encoding: gzip
x-trace-id: 61f6fc5a9c224c75c906b5398d2aa8f3
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paulownias.ch
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
ophoacit.com/ Frame 0
0 395ms
246ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/9?z=6471294&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaulownias.ch%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=7f04c6a3cd8142fb8fc7e33aad1208e6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paulownias.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paulownias.ch
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Mon, 30 Oct 2023 15:06:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

POST
H2 200 9 Show response
ophoacit.com/ 7 KB
3 KB 144ms
144ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/9?z=6471294&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaulownias.ch%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=7f04c6a3cd8142fb8fc7e33aad1208e6
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 08bda383bdae3459079ff95453354c9948e3cd8f6f7a766ec80a405fa5dbb818

Request headers

Referer: https://paulownias.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 5266cfb0b63c804d8dc309eb848171bb
pragma: no-cache
date: Mon, 30 Oct 2023 15:06:57 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://paulownias.ch
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
groorsoa.net/ 2 KB
3 KB 261ms
261ms Fetch
application/json 139.45.197.245
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://groorsoa.net/?rb=mfdmg60p6r1sWOfjtFFn16iw5TLF6-2DJt_pE-_y89gv4cqhBhmSPaiiVxthhTPpc8Ke3EeR8FvZJxHi6fBE04BKSV8xSHIm68edHpJCJDBuetbvNJ--z1KAIBve-awfrbDekfhXMDPCwvoUrt3o2E4hIgerwiQLCQrDf7I6grGm_4U4jzdchC3C-zeHeePtb5Kw-OhGEJ5TPNf-JuJqjGxY15sjrucZ7R2Jzjg2XTf0yMcNcV3Ua2yJrfvE-PXgKdO4BEV2IxdZ4muyar-BDfMRah8%3D&request_ab2=0&zoneid=6508833&js_build=iclick-v1.615.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fpaulownias.ch%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.615.0&bs=1c5cd478-5f7a-4df7-9b79-05a043fdb01b&userId=7f04c6a3cd8142fb8fc7e33aad1208e6&m=link

Requested by

Host: groorsoa.net
URL: https://groorsoa.net/apu.php?zoneid=6508833

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

afaf750bffeab8e932fc73970b21952e91b46b10bf61dc3bea98e461b692d895

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:06:56 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: d195a797ba578194cdcfedfd20ca98dc
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://paulownias.ch
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 1 Show response
cameesse.net/ 42 KB
16 KB 564ms
263ms Script
text/javascript 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/1?z=6511515
Requested by: Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4140dab93e696d3704a83484ba3a43b2c5438ba872ff77d1767ad4d9745e573a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 064428a14aa46ce0297a740fb4a66ff1
pragma: no-cache
date: Mon, 30 Oct 2023 15:06:57 GMT
content-encoding: gzip
x-sc: ACKrOzjikxDdwMY_lOoLaa2i8X9Qdy1eT0N7Xjf1EA4BznR_hTrI7PWi-f5QVguiH0Q_uPE2vQREQ9ppwK0cSzL9UNE=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 11 Show response
ophoacit.com/ 0
593 B 101ms
100ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/11?rnd=1142221744&z=6471294&b=18859516&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=1FUJDRTsYlm6XejqcUvfi9Z0ZZG-VCfZzIdfkwLfGeeQ2dnBdKq7H3grdmG7hrm_M3ZpfGlvus9n8kafZOjEtGJ4uiY_WeNhedUr6MgYyyM6tfj3u_Sf4a1dUGQtYlFog9ZqOn1IQTsS2UAqXqx3kQAo5iUGqXqa9N3hdRqGxj0lf1ElohLMGuPDOkZmvH7lBlUIC1-GHzX7WtFpkYJncHcVBO_s2AA2NuvgTPi8NPDywcGeUjc4onnzxc7fWObeNNumec5GoekVXGJq-30jJZVadUE0Yts8JUWizuF1cd8LOs7gnfYYg5WRBPr64UYZhh4_p2UX-Ds8f6NV7gFlwXGG9g5wkboyPVjUP1JS-gUqxyabhruwmx8pjV10ghn5T0sk4a1TgyO2C6bie4VKWZH8uQ5DH-kXsH2zo0-I-QzJ_ucqlIerAWaPSzAvBji_ydbtF6myUnuY1CYH&ruid=49f9b701-aa38-48e8-b03d-bf2c94061e2f&subid=742873729463230464&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaulownias.ch%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ot=544
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 4310873c6cf23bf30446ae9d37f026cc
pragma: no-cache
date: Mon, 30 Oct 2023 15:06:57 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://paulownias.ch
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

go Show response
linksprf.com/v2/ Frame A199
Redirect Chain

https://ophoacit.com/121?rnd=3595903123&z=6471294&b=18859516&c=7368931&var=&varid=0&d=https%3A%2F%2Ftrack.rinoleg.com%2Fb868dcf8-188e-40e6-ae91-07b1cc04a1ec%3Fzoneid%3D6471294%26subzone_id%3D%7Bsub...
https://track.rinoleg.com/b868dcf8-188e-40e6-ae91-07b1cc04a1ec?zoneid=6471294&subzone_id=0&browser=chrome&os=windows&device={device}&region={region}&isp={isp}&useragent={useragent}&language={langua...
https://dikeledi.com/dikel/?dikel=https://linksprf.com/v1/redirect?type=linkId&id=d61ed0bab3fe45249727c3ac3ca0dd1f&api_key=bb7bf1b5c6193581171557a6b1c15f13&site_id=c2dc378b17bd410d94db624bbd45101d&...
https://linksprf.com/v1/redirect?type=linkId&id=d61ed0bab3fe45249727c3ac3ca0dd1f&api_key=bb7bf1b5c6193581171557a6b1c15f13&site_id=c2dc378b17bd410d94db624bbd45101d&dch=feed&ad_t=advertiser&offerid=f...
https://linksprf.com/v2/go?t=4t2p5%3A1%2F6.3d1e2lec5m5pcc4i0k1peo8o8d1304483%26vldtbds4h3.2dporxm.%3DwtFp%2532%25AF%252twhw0eapan%26o2c7%26%3DuIIo%3Ds0402020%3D4I9mbrd%3Feccl7%2F6%2F4oa.8lcc8abtb%2...

1 KB
823 B

218ms
218ms

Document
text/html

172.67.75.246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linksprf.com/v2/go?t=4t2p5%3A1%2F6.3d1e2lec5m5pcc4i0k1peo8o8d1304483%26vldtbds4h3.2dporxm.%3DwtFp%2532%25AF%252twhw0eapan%26o2c7%26%3DuIIo%3Ds0402020%3D4I9mbrd%3Feccl7%2F6%2F4oa.8lcc8abtb%2Ffsbt6h&e=1&ai=fb2f26ba443040d49ff88168743f7336&sct=0&ct=1698678419262&cu=bed1e0c47c6545ae82c183b6b1f5b264&ykuid=6769c1078c914ec6998f62376db1b882&sc=1&cs=60047b67b988fb7d6724c9fa89e62310
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db6928568ff6f46c8d6647ded9e33e77fe5e690fa7aa6cb3e976d2a79e38fe82

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 81e490b938e059e3-MXP
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 30 Oct 2023 15:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dxNXNxkMXFtiJtuXn%2FHZEfRQ%2F1hNOf5eCDgWKtqCgi%2BPcRvc%2Fn%2BfOhFnz9BUQJl0TUfVuGyKOIZCFcYOnfg6HkykBDsAmabrr%2FLo45IAyFzxysd7vfvgRbykjYrJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 81e490b80f5659e3-MXP
content-length: 0
date: Mon, 30 Oct 2023 15:06:59 GMT
location: /v2/go?t=4t2p5%3A1%2F6.3d1e2lec5m5pcc4i0k1peo8o8d1304483%26vldtbds4h3.2dporxm.%3DwtFp%2532%25AF%252twhw0eapan%26o2c7%26%3DuIIo%3Ds0402020%3D4I9mbrd%3Feccl7%2F6%2F4oa.8lcc8abtb%2Ffsbt6h&e=1&ai=fb2f26ba443040d49ff88168743f7336&sct=0&ct=1698678419262&cu=bed1e0c47c6545ae82c183b6b1f5b264&ykuid=6769c1078c914ec6998f62376db1b882&sc=1&cs=60047b67b988fb7d6724c9fa89e62310
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO PSA OUR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEKwIiK5CJAZm6DJpsKQIVNhUxOTWK5TVXSIiOrXQIl3d8peZkgyx8%2FNuZRv3iXcFPOHheGnEIPqeVrSvSHDYAd9iWcEg3kWY%2BlMnhUXGTYJj52b2euW34w%2BFb2JNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 11 Show response
ophoacit.com/ 0
731 B 187ms
187ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ophoacit.com/11?rnd=1142221744&z=6471294&b=18859516&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=1FUJDRTsYlm6XejqcUvfi9Z0ZZG-VCfZzIdfkwLfGeeQ2dnBdKq7H3grdmG7hrm_M3ZpfGlvus9n8kafZOjEtGJ4uiY_WeNhedUr6MgYyyM6tfj3u_Sf4a1dUGQtYlFog9ZqOn1IQTsS2UAqXqx3kQAo5iUGqXqa9N3hdRqGxj0lf1ElohLMGuPDOkZmvH7lBlUIC1-GHzX7WtFpkYJncHcVBO_s2AA2NuvgTPi8NPDywcGeUjc4onnzxc7fWObeNNumec5GoekVXGJq-30jJZVadUE0Yts8JUWizuF1cd8LOs7gnfYYg5WRBPr64UYZhh4_p2UX-Ds8f6NV7gFlwXGG9g5wkboyPVjUP1JS-gUqxyabhruwmx8pjV10ghn5T0sk4a1TgyO2C6bie4VKWZH8uQ5DH-kXsH2zo0-I-QzJ_ucqlIerAWaPSzAvBji_ydbtF6myUnuY1CYH&ruid=49f9b701-aa38-48e8-b03d-bf2c94061e2f&subid=742873729463230464&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaulownias.ch%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: b6bcf4223eaff358b901eaf812737acf
pragma: no-cache
date: Mon, 30 Oct 2023 15:06:57 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://paulownias.ch
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 9
cameesse.net/ Frame 0
0 343ms
129ms Preflight 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/9?z=6511515&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaulownias.ch%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=7f04c6a3cd8142fb8fc7e33aad1208e6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paulownias.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paulownias.ch
cache-control: no-store, no-cache, must-revalidate, max-age=0
date: Mon, 30 Oct 2023 15:06:57 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
server: nginx

POST
H2 200 9 Show response
cameesse.net/ 7 KB
3 KB 110ms
109ms XHR
application/json 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/9?z=6511515&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaulownias.ch%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&oaid=7f04c6a3cd8142fb8fc7e33aad1208e6
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 892154cf147a91eae8ac6a4977871eac2ff561b61bb49c479b70ca5fb75124d7

Request headers

Referer: https://paulownias.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 0707b80ff21541da7279ac143081f647
pragma: no-cache
date: Mon, 30 Oct 2023 15:06:57 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://paulownias.ch
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 11 Show response
cameesse.net/ 0
593 B 57ms
57ms XHR
image/jpeg 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/11?rnd=259417135&z=6511515&b=18859516&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=uu9kYW0fqfnRWfMtsQzJPKVQ2Pjwk6bImrbG991ve7eXWzsD_8lX5ZhUo1RwtkMRlcQGz4ssdN10dCnoiprsVNV6S__pZ7gSIydKW1K_PR95dbt0z54IZPocPWDZ5_UmC8CKcnBm_lP7OwFJ8SGkYxjMw08yGi0jvU1ufWV13VhznfWxKQ7NKfU2d4X22OTV28B3hKsXRu7w3eLw7wKwVed_L7tUTcOKENTW37K4QhqfEGb5uSHELR5M1sOcCoPJixPrzek7sRkX41Bjbwl2b9zz8BpYD6lWXhHwCMA7ralQxjBBHAFm5JKbv-s4xk0drcYPCxWXsGsdXpWIBJf-KIdHdSwS0ygWNfplBzepxrSMyPVaV4cGwDpHz6t8H_JkyInSxNIFdfJg4rAP_oESM-3t6o3-tdYzjZnLH5LLrkN6nLdGIIMOaHIv3hMW54GaH3JaA_ytb1jAWJWO&ruid=14287c9a-0966-4eac-8b52-15d54ef7bd0b&subid=742873732105641984&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fpaulownias.ch%2F&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&sah=1200&drf=&hil=1&ist=0&ot=455
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: d9820437bf5f71f8c7d4671fb1f018f9
pragma: no-cache
date: Mon, 30 Oct 2023 15:06:57 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: https://paulownias.ch
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

go Show response
linksprf.com/v2/ Frame A37A
Redirect Chain

https://cameesse.net/121?rnd=3838403723&z=6511515&b=18859516&c=7368931&var=&varid=0&d=https%3A%2F%2Ftrack.rinoleg.com%2Fb868dcf8-188e-40e6-ae91-07b1cc04a1ec%3Fzoneid%3D6511515%26subzone_id%3D%7Bsub...
https://track.rinoleg.com/b868dcf8-188e-40e6-ae91-07b1cc04a1ec?zoneid=6511515&subzone_id=0&browser=chrome&os=windows&device={device}&region={region}&isp={isp}&useragent={useragent}&language={langua...
https://dikeledi.com/dikel/?dikel=https://linksprf.com/v1/redirect?type=linkId&id=837ab3f3787842a8b60d31a77722a66a&api_key=bb7bf1b5c6193581171557a6b1c15f13&site_id=c2dc378b17bd410d94db624bbd45101d&...
https://linksprf.com/v1/redirect?type=linkId&id=837ab3f3787842a8b60d31a77722a66a&api_key=bb7bf1b5c6193581171557a6b1c15f13&site_id=c2dc378b17bd410d94db624bbd45101d&dch=feed&ad_t=advertiser&offerid=e...
https://linksprf.com/v2/go?t=ht.pr%3Ab%2Flww.ww2nF.%25o3%2Fpwtl%3Dc%26.oh.%3Fpit%3Do8h3a%26edo1%3D3f6r%26%26l1c1r4fbl4v6fds9i0n4ibs1c8m3cdick5ed25v4334f0112898e962f9ee9f269e8982110f4334v5rdw5%26coi...

2 KB
859 B

215ms
215ms

Document
text/html

172.67.75.246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://linksprf.com/v2/go?t=ht.pr%3Ab%2Flww.ww2nF.%25o3%2Fpwtl%3Dc%26.oh.%3Fpit%3Do8h3a%26edo1%3D3f6r%26%26l1c1r4fbl4v6fds9i0n4ibs1c8m3cdick5ed25v4334f0112898e962f9ee9f269e8982110f4334v5rdw5%26coi.kpet3ochda3e8o1%3Dbf4r0c9ld%266141b4d5b02dbc4idk1ed47lbv7fcs2i%3Dnfirscclm%26a6c1%3D5070a0b0e499e34db031130bd43e994e0b0a0705%3D1f6r-c2lc%267ob.7pdt1odh4abe2ob%3Dde5k0idcp6e414l%3Dvif5s6i2ndimspcpmkpihcta%25mAc21%25iFaww.we%2Fasatch&e=1&ai=e16da65f490b4a46b3675e559b69a9f3&sct=0&ct=1698678419377&cu=39d2091e3fb64ee992e1bfa374551d65&ykuid=7459cfdfb07442e6a07f558423e5e507&sc=1&cs=26c3b2286da772e7de52c1268354bde6
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43e0918541897c8bb28d4d336a318db65b6ef6d56ce8d43be3e60c9031405321

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 81e490ba29f559e3-MXP
content-encoding: br
content-type: text/html;charset=UTF-8
date: Mon, 30 Oct 2023 15:06:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imgKJQUEBfixifk1qVtzYDtuv3DmGrFHxnSTMLnDRcwTOze6ZP6HFpIqydYNMMxKia%2FWxbEjTf8XRFDj264xwYOq6shVDQd9wa8%2F8LYRl7GBUuvQYzOzu81SEd3IjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 81e490b80f5759e3-MXP
content-length: 0
date: Mon, 30 Oct 2023 15:06:59 GMT
location: /v2/go?t=ht.pr%3Ab%2Flww.ww2nF.%25o3%2Fpwtl%3Dc%26.oh.%3Fpit%3Do8h3a%26edo1%3D3f6r%26%26l1c1r4fbl4v6fds9i0n4ibs1c8m3cdick5ed25v4334f0112898e962f9ee9f269e8982110f4334v5rdw5%26coi.kpet3ochda3e8o1%3Dbf4r0c9ld%266141b4d5b02dbc4idk1ed47lbv7fcs2i%3Dnfirscclm%26a6c1%3D5070a0b0e499e34db031130bd43e994e0b0a0705%3D1f6r-c2lc%267ob.7pdt1odh4abe2ob%3Dde5k0idcp6e414l%3Dvif5s6i2ndimspcpmkpihcta%25mAc21%25iFaww.we%2Fasatch&e=1&ai=e16da65f490b4a46b3675e559b69a9f3&sct=0&ct=1698678419377&cu=39d2091e3fb64ee992e1bfa374551d65&ykuid=7459cfdfb07442e6a07f558423e5e507&sc=1&cs=26c3b2286da772e7de52c1268354bde6
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="CAO PSA OUR"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sunZRFaySpPUJjg%2BnnGgTHi2aRaJEbVzaZSljGyEFCGWCBZW%2FA4DdYcaUSvK1BvWTx3vmKjoSDXe2g0cT4EjZE9eA9IPShoMj6glKjmyFobXmHL1IIEsQJB3LX8xBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 204 15 Show response
cameesse.net/ 0
580 B 59ms
59ms XHR
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/15?rnd=1615459332&z=6511515&var=&varid=0&rb=uu9kYW0fqfnRWfMtsQzJPKVQ2Pjwk6bImrbG991ve7eXWzsD_8lX5ZhUo1RwtkMRlcQGz4ssdN10dCnoiprsVNV6S__pZ7gSIydKW1K_PR95dbt0z54IZPocPWDZ5_UmC8CKcnBm_lP7OwFJ8SGkYxjMw08yGi0jvU1ufWV13VhznfWxKQ7NKfU2d4X22OTV28B3hKsXRu7w3eLw7wKwVed_L7tUTcOKENTW37K4QhqfEGb5uSHELR5M1sOcCoPJixPrzek7sRkX41Bjbwl2b9zz8BpYD6lWXhHwCMA7ralQxjBBHAFm5JKbv-s4xk0drcYPCxWXsGsdXpWIBJf-KIdHdSwS0ygWNfplBzepxrSMyPVaV4cGwDpHz6t8H_JkyInSxNIFdfJg4rAP_oESM-3t6o3-tdYzjZnLH5LLrkN6nLdGIIMOaHIv3hMW54GaH3JaA_ytb1jAWJWO&ruid=14287c9a-0966-4eac-8b52-15d54ef7bd0b&subid=742873732105641984&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A2.342%2C%22location%22%3A%22https%3A%2F%2Fpaulownias.ch%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A3%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: f86714b263f0a731632b6e5188503b56
pragma: no-cache
date: Mon, 30 Oct 2023 15:06:58 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paulownias.ch
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

forward Show response
t.adcell.com/ Frame A199
Redirect Chain

https://t.adcell.com/p/click?promoId=324284&slotId=47322&param0=http%3A%2F%2Fwww.expondo.ch&subId=v030400014898bed1e0c47c6545ae82c183b6b1f5b264
https://t.adcell.com/forward?promoId=324284&slotId=47322&param0=http%3A%2F%2Fwww.expondo.ch&subId=v030400014898bed1e0c47c6545ae82c183b6b1f5b264&referer=https%3A%2F%2Flinksprf.com%2F

12 KB
4 KB

125ms
124ms

Document
text/html

185.5.82.77
SOPRADO-ANY

General

Check archive.org

Show headers Download Go to

Full URL

https://t.adcell.com/forward?promoId=324284&slotId=47322&param0=http%3A%2F%2Fwww.expondo.ch&subId=v030400014898bed1e0c47c6545ae82c183b6b1f5b264&referer=https%3A%2F%2Flinksprf.com%2F

Requested by

Host: linksprf.com
URL: https://linksprf.com/v2/go?t=4t2p5%3A1%2F6.3d1e2lec5m5pcc4i0k1peo8o8d1304483%26vldtbds4h3.2dporxm.%3DwtFp%2532%25AF%252twhw0eapan%26o2c7%26%3DuIIo%3Ds0402020%3D4I9mbrd%3Feccl7%2F6%2F4oa.8lcc8abtb%2Ffsbt6h&e=1&ai=fb2f26ba443040d49ff88168743f7336&sct=0&ct=1698678419262&cu=bed1e0c47c6545ae82c183b6b1f5b264&ykuid=6769c1078c914ec6998f62376db1b882&sc=1&cs=60047b67b988fb7d6724c9fa89e62310

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.5.82.77 , Germany, ASN20546 (SOPRADO-ANY, DE),

Reverse DNS

xb905524d.host.myracloud.com

Software

myracloud /

Resource Hash

1a3caf9818ec1dc9ee4db258fef9011ef23068a3b04626024857ebb383a6d63f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://linksprf.com/v2/go?t=4t2p5%3A1%2F6.3d1e2lec5m5pcc4i0k1peo8o8d1304483%26vldtbds4h3.2dporxm.%3DwtFp%2532%25AF%252twhw0eapan%26o2c7%26%3DuIIo%3Ds0402020%3D4I9mbrd%3Feccl7%2F6%2F4oa.8lcc8abtb%2Ffsbt6h&e=1&ai=fb2f26ba443040d49ff88168743f7336&sct=0&ct=1698678419262&cu=bed1e0c47c6545ae82c183b6b1f5b264&ykuid=6769c1078c914ec6998f62376db1b882&sc=1&cs=60047b67b988fb7d6724c9fa89e62310
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-length: 3825
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 15:07:00 GMT
etag: "myra-48ac0e4e"
expires: Mon, 30 Oct 2023 15:07:00 GMT
server: myracloud
strict-transport-security: max-age=15768000
vary: accept-encoding

Redirect headers

cache-control: max-age=0
content-length: 0
content-type: text/html
date: Mon, 30 Oct 2023 15:07:00 GMT
expires: Mon, 30 Oct 2023 15:07:00 GMT
location: https://t.adcell.com/forward?promoId=324284&slotId=47322&param0=http%3A%2F%2Fwww.expondo.ch&subId=v030400014898bed1e0c47c6545ae82c183b6b1f5b264&referer=https%3A%2F%2Flinksprf.com%2F
server: myracloud
strict-transport-security: max-age=15768000

GET
H2

200

/
www.lebara.ch/de/ Frame A37A
Redirect Chain

https://www.awin1.com/awclick.php?mid=28635&id=143466&clickref=lovefashiontips.com&clickref2=v03040001489839d2091e3fb64ee992e1bfa374551d65&clickref3=c2dc378b17bd410d94db624bbd45101d&clickref4=lovef...
https://www.lebara.ch/?sv1=affiliate&sv_campaign_id=143466&awc=28635_1698678420_38a95a33654e9efbea96731acc68412b
https://www.lebara.ch/de/?sv1=affiliate&sv_campaign_id=143466&awc=28635_1698678420_38a95a33654e9efbea96731acc68412b

0
0

939ms
938ms

Document
text/html

18.239.18.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lebara.ch/de/?sv1=affiliate&sv_campaign_id=143466&awc=28635_1698678420_38a95a33654e9efbea96731acc68412b

Requested by

Host: linksprf.com
URL: https://linksprf.com/v2/go?t=ht.pr%3Ab%2Flww.ww2nF.%25o3%2Fpwtl%3Dc%26.oh.%3Fpit%3Do8h3a%26edo1%3D3f6r%26%26l1c1r4fbl4v6fds9i0n4ibs1c8m3cdick5ed25v4334f0112898e962f9ee9f269e8982110f4334v5rdw5%26coi.kpet3ochda3e8o1%3Dbf4r0c9ld%266141b4d5b02dbc4idk1ed47lbv7fcs2i%3Dnfirscclm%26a6c1%3D5070a0b0e499e34db031130bd43e994e0b0a0705%3D1f6r-c2lc%267ob.7pdt1odh4abe2ob%3Dde5k0idcp6e414l%3Dvif5s6i2ndimspcpmkpihcta%25mAc21%25iFaww.we%2Fasatch&e=1&ai=e16da65f490b4a46b3675e559b69a9f3&sct=0&ct=1698678419377&cu=39d2091e3fb64ee992e1bfa374551d65&ykuid=7459cfdfb07442e6a07f558423e5e507&sc=1&cs=26c3b2286da772e7de52c1268354bde6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.18.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-18-118.ams58.r.cloudfront.net

Software

CloudFront / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://linksprf.com/v2/go?t=ht.pr%3Ab%2Flww.ww2nF.%25o3%2Fpwtl%3Dc%26.oh.%3Fpit%3Do8h3a%26edo1%3D3f6r%26%26l1c1r4fbl4v6fds9i0n4ibs1c8m3cdick5ed25v4334f0112898e962f9ee9f269e8982110f4334v5rdw5%26coi.kpet3ochda3e8o1%3Dbf4r0c9ld%266141b4d5b02dbc4idk1ed47lbv7fcs2i%3Dnfirscclm%26a6c1%3D5070a0b0e499e34db031130bd43e994e0b0a0705%3D1f6r-c2lc%267ob.7pdt1odh4abe2ob%3Dde5k0idcp6e414l%3Dvif5s6i2ndimspcpmkpihcta%25mAc21%25iFaww.we%2Fasatch&e=1&ai=e16da65f490b4a46b3675e559b69a9f3&sct=0&ct=1698678419377&cu=39d2091e3fb64ee992e1bfa374551d65&ykuid=7459cfdfb07442e6a07f558423e5e507&sc=1&cs=26c3b2286da772e7de52c1268354bde6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

apigw-requestid: Nnv3RhdiliAEPYg=
cloudfront-functions: CloudFrontSpaViewerResponseFunction
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 30 Oct 2023 15:07:01 GMT
etag: W/"a9d70-+2tHw3TL/eZtXOOQ7aCw2eSusuw"
server: CloudFront
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
x-amz-cf-id: 25noXvQ78jQczYsqMbWyXYCHKR3joy74DNdRq-boUizqSggAhTWEuw==
x-amz-cf-pop: AMS58-P6
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN
x-origin-uri: /de/
x-powered-by: Express

Redirect headers

cloudfront-functions: by-content-vs-by-commit-v1
content-length: 0
date: Mon, 30 Oct 2023 15:07:00 GMT
location: https://www.lebara.ch/de/?sv1=affiliate&sv_campaign_id=143466&awc=28635_1698678420_38a95a33654e9efbea96731acc68412b
server: CloudFront
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
x-amz-cf-id: xyQqD8NW59Rn_ECIL52-IT2kkfyPNw7RsbW8d8954_R37fBX1EhKbg==
x-amz-cf-pop: AMS58-P6
x-cache: FunctionGeneratedResponse from cloudfront

GET click
t.adcell.com/p/ Frame A199 0
0

GET
H2 204 15 Show response
cameesse.net/ 0
579 B 71ms
70ms XHR
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/15?rnd=1615459332&z=6511515&var=&varid=0&rb=uu9kYW0fqfnRWfMtsQzJPKVQ2Pjwk6bImrbG991ve7eXWzsD_8lX5ZhUo1RwtkMRlcQGz4ssdN10dCnoiprsVNV6S__pZ7gSIydKW1K_PR95dbt0z54IZPocPWDZ5_UmC8CKcnBm_lP7OwFJ8SGkYxjMw08yGi0jvU1ufWV13VhznfWxKQ7NKfU2d4X22OTV28B3hKsXRu7w3eLw7wKwVed_L7tUTcOKENTW37K4QhqfEGb5uSHELR5M1sOcCoPJixPrzek7sRkX41Bjbwl2b9zz8BpYD6lWXhHwCMA7ralQxjBBHAFm5JKbv-s4xk0drcYPCxWXsGsdXpWIBJf-KIdHdSwS0ygWNfplBzepxrSMyPVaV4cGwDpHz6t8H_JkyInSxNIFdfJg4rAP_oESM-3t6o3-tdYzjZnLH5LLrkN6nLdGIIMOaHIv3hMW54GaH3JaA_ytb1jAWJWO&ruid=14287c9a-0966-4eac-8b52-15d54ef7bd0b&subid=742873732105641984&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A4.343%2C%22location%22%3A%22https%3A%2F%2Fpaulownias.ch%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A3%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 14dc0706a40d32e9f2cdc9f296958dcd
pragma: no-cache
date: Mon, 30 Oct 2023 15:07:00 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paulownias.ch
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 15 Show response
cameesse.net/ 0
580 B 35ms
35ms XHR
text/plain 139.45.197.242
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cameesse.net/15?rnd=1615459332&z=6511515&var=&varid=0&rb=uu9kYW0fqfnRWfMtsQzJPKVQ2Pjwk6bImrbG991ve7eXWzsD_8lX5ZhUo1RwtkMRlcQGz4ssdN10dCnoiprsVNV6S__pZ7gSIydKW1K_PR95dbt0z54IZPocPWDZ5_UmC8CKcnBm_lP7OwFJ8SGkYxjMw08yGi0jvU1ufWV13VhznfWxKQ7NKfU2d4X22OTV28B3hKsXRu7w3eLw7wKwVed_L7tUTcOKENTW37K4QhqfEGb5uSHELR5M1sOcCoPJixPrzek7sRkX41Bjbwl2b9zz8BpYD6lWXhHwCMA7ralQxjBBHAFm5JKbv-s4xk0drcYPCxWXsGsdXpWIBJf-KIdHdSwS0ygWNfplBzepxrSMyPVaV4cGwDpHz6t8H_JkyInSxNIFdfJg4rAP_oESM-3t6o3-tdYzjZnLH5LLrkN6nLdGIIMOaHIv3hMW54GaH3JaA_ytb1jAWJWO&ruid=14287c9a-0966-4eac-8b52-15d54ef7bd0b&subid=742873732105641984&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A8.345%2C%22location%22%3A%22https%3A%2F%2Fpaulownias.ch%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A3%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
Requested by: Host: ophoacit.com
URL: https://ophoacit.com/27/1a35f96fe99c6fb6ce26f56167ed6e04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://paulownias.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-trace-id: 779ad29abd14e35de632a62790390c37
pragma: no-cache
date: Mon, 30 Oct 2023 15:07:04 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://paulownias.ch
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: t.adcell.com
URL: https://t.adcell.com/p/click?promoId=324284&slotId=47322&param0=http%3A%2F%2Fwww.expondo.ch&subId=v030400014898bed1e0c47c6545ae82c183b6b1f5b264&referer=https%3A%2F%2Flinksprf.com%2F&fp=51611db92410e655599e39f8f89cccfa

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paulownias.ch/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
ophoacit.com/	1970-01-21 00:36:54	Name: scm Value: 1
ophoacit.com/	1970-01-21 00:36:54	Name: oaidts Value: 1698678416
groorsoa.net/	1970-01-21 00:36:54	Name: oaidts Value: 1698678416
my.rtmark.net/	1970-01-21 00:36:54	Name: ID Value: 7f04c6a3cd8142fb8fc7e33aad1208e6
paulownias.ch/	1970-01-20 15:51:18	Name: prefetchAd_6508833 Value: true
groorsoa.net/	1970-01-21 00:36:54	Name: OAID Value: 7f04c6a3cd8142fb8fc7e33aad1208e6
groorsoa.net/	1970-01-20 16:01:23	Name: syncedCookie Value: true
ophoacit.com/	1970-01-21 00:36:54	Name: OAID Value: 7f04c6a3cd8142fb8fc7e33aad1208e6
cameesse.net/	1970-01-21 00:36:54	Name: scm Value: 1
cameesse.net/	1970-01-21 00:36:54	Name: oaidts Value: 1698678417
ophoacit.com/	1970-01-21 00:36:54	Name: oaidvc Value: 1
ophoacit.com/	1970-01-20 15:51:22	Name: CNT Value: 1_v1__MUfAQEAAADMTAAA
cameesse.net/	1970-01-21 00:36:54	Name: OAID Value: 7f04c6a3cd8142fb8fc7e33aad1208e6
.track.rinoleg.com/	1970-01-20 15:52:44	Name: b868dcf8-188e-40e6-ae91-07b1cc04a1ec-v4 Value: aIUY5hc_x5t9L1MO9-LOXHi3H1iRwvU7bCYEe26ce6Q
.track.rinoleg.com/	1970-01-21 00:36:54	Name: cc-v4 Value: %2B3s2nSV97I9d6vgA6mTOeoM8rFqhPt2oFrzLTDq0zM8tR9HQ1odiCaXcTFUkbQn2510OFJkT%2BTbdaFlbIZmbVal%2Br2cWmZul98vOFpIHByzEAUVysJMYk0Gx5y5rk2mskE%2FA%2BHINaJvTDr3Kq4bj6w%3D%3D
.awin1.com/	1970-01-20 16:34:30	Name: aw28635 Value: 143466\|0\|0\|1698678420\|v03040001489839d2091e3fb64ee992e1bfa374551d65-c2dc378b17bd410d94db624bbd45101d\|aw\|0
.awin1.com/	1970-01-21 00:36:54	Name: bId Value: HLEX_653fc694050ae9.37348652
t.adcell.com/	1970-01-20 16:34:30	Name: ADCELLpid11179 Value: 324284-47322-v030400014898bed1e0c47c6545ae82c183b6b1f5b264%23%23%23%23https%3A%2F%2Flinksprf.com%2F%40%40%40%401698678420

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://t.adcell.com/forward?promoId=324284&slotId=47322&param0=http%3A%2F%2Fwww.expondo.ch&subId=v030400014898bed1e0c47c6545ae82c183b6b1f5b264&referer=https%3A%2F%2Flinksprf.com%2F(Line 312) Message: Mixed Content: The page at 'https://paulownias.ch/' was loaded over HTTPS, but requested an insecure frame 'http://www.expondo.ch/?bid=324284-47322-v030400014898bed1e0c47c6545ae82c183b6b1f5b264&adcref=linksprf.com%2F'. This request has been blocked; the content must be served over HTTPS.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.lebara.ch/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cameesse.net
dikeledi.com
fonts.googleapis.com
fonts.gstatic.com
groorsoa.net
inklinkor.com
linksprf.com
my.rtmark.net
ophoacit.com
paulownias.ch
t.adcell.com
track.rinoleg.com
www.awin1.com
www.lebara.ch
t.adcell.com
104.21.61.39
139.45.195.8
139.45.197.242
139.45.197.245
142.250.185.138
142.250.185.67
172.67.211.29
172.67.75.246
18.239.18.118
185.5.82.77
23.212.218.19
3.69.182.131
63.250.43.128
63.250.43.129
08bda383bdae3459079ff95453354c9948e3cd8f6f7a766ec80a405fa5dbb818
0a5b11fb2b805c87ab9e5425e8c6f70b353c99cc11cb9ef8023f05d1d765c019
0cc86e2557d9500456d230530757b5b333957497426d58f24f5af7d88d9ed066
105cdd8ee1488423586ad4e289970eafc093376355ecc88bfc3eaed4ea3f2432
1a3caf9818ec1dc9ee4db258fef9011ef23068a3b04626024857ebb383a6d63f
2102a0b74217eba7d3d467ade74353c6561a607f984ef38c9ee09f4cf7a1f4df
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
2e73887e0624379c8a18b26965c407aeda99b9d814e5db9f9936a41f511645bf
30a4337142db8e7b2717844ef4172ce2dd9c2fc7f736bf7b0039f02376bf1e59
4140dab93e696d3704a83484ba3a43b2c5438ba872ff77d1767ad4d9745e573a
43e0918541897c8bb28d4d336a318db65b6ef6d56ce8d43be3e60c9031405321
44a1047425ee265d67ced7482b554f2a8f0a8fbea439131081b65c4d7dba18e9
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4c3f2334b4372c588aba67a3ff6430a52e6503a46d273e178da08ef3e7f1eef2
4d8c5099f6aed32fbdf9ea4a4c34f2d9bf9e39fd2eab5f62f36f1dfdb3780c46
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
54fa98ef8a13985472ddcb006b93f2f1283037b914a75de41daf3aad7a429f7d
575ada98533428e4d14369ff2bcdce2235fe4a24efbe2e754df67428699d8827
577ea790fa2c6c2fcf462c09942912358125503c99c9ad1a394a0de2539f2f88
5a549f335037b00a0e8753671f4382ba81558c15c9454a4f2dc34082362a02e1
5b99064eb58ef09eafe77c020a558b8c0090ba08ce9dd27c9f484977ea1bbe0f
67557e25265d807ff1f7a325d8f390263ebe8e55c8c5995b18c4c36c20b1fe07
7278214b0f01bfd6c59032cb72f2ddf23530e597ee18bc2653505118bce7516f
892154cf147a91eae8ac6a4977871eac2ff561b61bb49c479b70ca5fb75124d7
8bc38a3ba348b745e3267b8354828f3fd3a91ba2b479331567344e33bb574580
941b1493157dfb7316bcb3c7357a94e9ba173607d80559408620f4ab4c39c88d
a86a57cece681ae8d500e0d02e7c234e3f456da3aeade365c7b8662e64542b60
ab818ea203ab8d42199843b83b588ccfd1709d0f2d0f9c6134705a7b214d3ad6
afaf750bffeab8e932fc73970b21952e91b46b10bf61dc3bea98e461b692d895
b31531d0ab54bba26660c9bab5b2cf9653521f35d53f355c1fb1e7e48323b832
bce03924db334ec1c0000b5eb4a77edca62584ddc8c0dc0e3509066e7cc8ee5d
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c98960b8d2655b451f8a840bf41272e4617817602b5560253de35fd3e265e748
d778043be78159be281c056ca20909de3aed4795de33c0b12c597879f82c9a03
db6928568ff6f46c8d6647ded9e33e77fe5e690fa7aa6cb3e976d2a79e38fe82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3776a0fd9182963860eab03bacffe7674aa6a7710aa31dea63aab9feca311a6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc41cf700da307089b747db3af586885ea4e439b74b49bd5429d3a17f5682f82
fc92db0145c60d6f363fded167a600f72232137eb621b3d6cdef0aabf316a20a

paulownias.ch Open in urlscan Pro 63.250.43.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

94 %HTTPS

0 %IPv6

14 Domains

14 Subdomains

11 IPs

4 Countries

9771 kBTransfer

10479 kBSize

19 Cookies

1 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paulownias.ch Open in urlscan Pro
63.250.43.129 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

94 %
HTTPS

0 %
IPv6

14
Domains

14
Subdomains

11
IPs

4
Countries

9771 kB
Transfer

10479 kB
Size

19
Cookies

49 HTTP transactions
0 data transactions