urlscan.io logo urlscan.io
SecurityTrails logo

2lix.ibrp.checknicepage.com Open in urlscan Pro
176.9.80.29  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ibrp.checknicepage.com/
Effective URL: https://2lix.ibrp.checknicepage.com/?r=1
Submission: On January 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 176.9.80.29, located in Frankfurt am Main, Germany and belongs to HETZNER-AS, DE. The main domain is 2lix.ibrp.checknicepage.com.
TLS certificate: Issued by R3 on December 14th 2023. Valid for: 3 months.
This is the only time 2lix.ibrp.checknicepage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 176.9.80.29 24940 (HETZNER-AS)
2 45.133.44.25 39572 (ADVANCEDH...)
1 2 2a01:4f8:c0:3... 24940 (HETZNER-AS)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 78.46.40.103 24940 (HETZNER-AS)
1 8.241.121.121 3356 (LEVEL3)
1 168.119.25.66 24940 (HETZNER-AS)
1 45.133.44.52 39572 (ADVANCEDH...)
1 138.201.237.88 24940 (HETZNER-AS)
30 9
22    176.9.80.29 (Frankfurt am Main, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.80.9.176.clients.your-server.de
ibrp.checknicepage.com
2lix.ibrp.checknicepage.com
2    45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.tubecorp.com
2    2a01:4f8:c0:33d8::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
rtbbnr.com
1    2606:4700:e6::ac40:c21a (United States)

ASN13335 (CLOUDFLARENET, US)
preroll.hostave3.net
1    78.46.40.103 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.103.40.46.78.clients.your-server.de
pxl.tsyndicate.com
1    8.241.121.121 (United States)

ASN3356 (LEVEL3, US)
lcdn.tsyndicate.com
1    168.119.25.66 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.25.119.168.clients.your-server.de
metricswpsh.com
1    45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpshsdk.com
1    138.201.237.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.237.201.138.clients.your-server.de
notification.tubecup.net
Apex Domain
Subdomains		 Transfer
22 checknicepage.com
ibrp.checknicepage.com
2lix.ibrp.checknicepage.com
207 KB
2 tsyndicate.com
pxl.tsyndicate.com — Cisco Umbrella Rank: 6428
lcdn.tsyndicate.com — Cisco Umbrella Rank: 6570
42 KB
2 rtbbnr.com
rtbbnr.com — Cisco Umbrella Rank: 435736
4 KB
2 tubecorp.com
cdn.tubecorp.com — Cisco Umbrella Rank: 155431
20 KB
1 tubecup.net
notification.tubecup.net — Cisco Umbrella Rank: 7771
201 B
1 wpshsdk.com
js.wpshsdk.com — Cisco Umbrella Rank: 8844
238 B
1 metricswpsh.com
metricswpsh.com — Cisco Umbrella Rank: 17616
1 hostave3.net
preroll.hostave3.net — Cisco Umbrella Rank: 40181
595 B
30 8
Domain Requested by
11 2lix.ibrp.checknicepage.com ibrp.checknicepage.com
2lix.ibrp.checknicepage.com
11 ibrp.checknicepage.com 1 redirects ibrp.checknicepage.com
2 rtbbnr.com 1 redirects cdn.tubecorp.com
2 cdn.tubecorp.com 2lix.ibrp.checknicepage.com
cdn.tubecorp.com
1 notification.tubecup.net
1 js.wpshsdk.com 2lix.ibrp.checknicepage.com
1 metricswpsh.com 2lix.ibrp.checknicepage.com
1 lcdn.tsyndicate.com rtbbnr.com
1 pxl.tsyndicate.com rtbbnr.com
1 preroll.hostave3.net rtbbnr.com
30 10

This site contains no links.

Subject Issuer Validity Valid
checknicepage.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
cdn.tubecorp.com
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
rtbbnr.com
R3		 2023-12-28 -
2024-03-27		 3 months crt.sh
tsyndicate.com
R3		 2023-12-12 -
2024-03-11		 3 months crt.sh
lcdn.tsyndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-08 -
2024-04-07		 a year crt.sh
notification.tubecup.net
R3		 2024-01-03 -
2024-04-02		 3 months crt.sh
js.wpshsdk.com
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://2lix.ibrp.checknicepage.com/?r=1
Frame ID: 623132CB4A4FC76C4D7AE7A921C6459A
Requests: 24 HTTP requests in this frame

Frame: https://cdn.tubecorp.com/i/b.html?spot=2&pid=10340&width=300&height=250&spaceid=1696
Frame ID: 98AFBF86E5F200C0FE596CC471939A77
Requests: 2 HTTP requests in this frame

Frame: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjIsImlkIjoxNjk2LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoyLCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTY5Niwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODE5LCJ6b25lIjoidGNfcGFiXzMwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IiIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjIiLCJ1dG0zIjoiMTAzNDAiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjIiLCJwYWdlIjoiaHR0cHM6Ly8ybGl4LmlicnAuY2hlY2tuaWNlcGFnZS5jb20vIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjcwODI0NjIxOGNmMmUxNmUzNzY4ZDNiNmEwNGU2MjkzIn0sImV4dCI6eyJkdCI6MTcwNDczMzAzNTM4Nn19
Frame ID: 29858C0BD72AADCCC7B4BC1EA8C31465
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Play

Page URL History Show full URLs

  1. http://ibrp.checknicepage.com/ HTTP 301
    https://ibrp.checknicepage.com/ Page URL
  2. https://2lix.ibrp.checknicepage.com/?r=1 Page URL

Page Statistics

30
Requests

60 %
HTTPS

22 %
IPv6

8
Domains

10
Subdomains

9
IPs

2
Countries

273 kB
Transfer

581 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ibrp.checknicepage.com/ HTTP 301
    https://ibrp.checknicepage.com/ Page URL
  2. https://2lix.ibrp.checknicepage.com/?r=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ibrp.checknicepage.com/ HTTP 301
  • https://ibrp.checknicepage.com/
Request Chain 23
  • https://rtbbnr.com/banner/in/show/?mid=2131165150533619018&pid=0&site=2&sc=DE&usage_type=DCH&subid=0&sid=0&cid=10461&price=0&is_cpm=1&cpm=0.017&ecpm=0.014937900304794362&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=2lix.ibrp.checknicepage.com&hostname=auc-banner-hz-10&site_id=0&spot_id=0&utm_source=tcban_i&utm_medium=2&utm_campaign=10340&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=6&pop_winurl=&ip=2a01:4a0:2b::3&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=a2&iabcat=IAB24&min_cpm=0.00011380448157458785&placement_type_id=269&skin_test=&verify_hash=&score=1&ml=&tag_ab=&v2=0&ttl=&space_id=1696&banner_width=300&banner_height=250&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fpreroll.hostave3.net%2Fnotifications%2Fzeropixel.png&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=&stratagem=&ssp=3758&refresh=0&priority=0&bb=0.0001&label_ids=&site_id64=0&container=ClickadillaTuple&original_bid_usd=0.017&comeback=&topics=&o_d=&ectr=1 HTTP 302
  • https://preroll.hostave3.net/notifications/zeropixel.png

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ibrp.checknicepage.com/
Redirect Chain
  • http://ibrp.checknicepage.com/
  • https://ibrp.checknicepage.com/
182 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 08 Jan 2024 16:57:14 GMT
server
nginx/1.24.0
x-powered-by
PHP/7.4.33

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Mon, 08 Jan 2024 16:57:14 GMT
Location
https://ibrp.checknicepage.com/
Server
nginx/1.24.0
video.css
ibrp.checknicepage.com/assets/styles/ 		8 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibrp.checknicepage.com/assets/styles/video.css
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-2116"
content-type
text/css
captcha.css
ibrp.checknicepage.com/assets/styles/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibrp.checknicepage.com/assets/styles/captcha.css
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-2435"
content-type
text/css
icon1.png
ibrp.checknicepage.com/assets/images/play-2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibrp.checknicepage.com/assets/images/play-2/icon1.png
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-1c54"
content-type
image/png
icon2.png
ibrp.checknicepage.com/assets/images/play-2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibrp.checknicepage.com/assets/images/play-2/icon2.png
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-11e0"
content-type
image/png
icon3.png
ibrp.checknicepage.com/assets/images/play-2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibrp.checknicepage.com/assets/images/play-2/icon3.png
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-1ea7"
content-type
image/png
icon4.png
ibrp.checknicepage.com/assets/images/play-2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibrp.checknicepage.com/assets/images/play-2/icon4.png
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-1b78"
content-type
image/png
icon5.png
ibrp.checknicepage.com/assets/images/play-2/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibrp.checknicepage.com/assets/images/play-2/icon5.png
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-cc0"
content-type
image/png
icon7.png
ibrp.checknicepage.com/assets/images/play-2/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibrp.checknicepage.com/assets/images/play-2/icon7.png
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-cd3"
content-type
image/png
icon8.png
ibrp.checknicepage.com/assets/images/play-2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibrp.checknicepage.com/assets/images/play-2/icon8.png
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-fe0"
content-type
image/png
Primary Request /
2lix.ibrp.checknicepage.com/ 		182 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2lix.ibrp.checknicepage.com/?r=1
Requested by
Host: ibrp.checknicepage.com
URL: https://ibrp.checknicepage.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 / PHP/7.4.33
Resource Hash
88d75992acd621bc9ebbf16fdd9451c6966a43d8a04e79a9c6a6bff363fa6c60

Request headers

Referer
https://ibrp.checknicepage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 08 Jan 2024 16:57:14 GMT
server
nginx/1.24.0
x-powered-by
PHP/7.4.33
video.css
2lix.ibrp.checknicepage.com/assets/styles/ 		8 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2lix.ibrp.checknicepage.com/assets/styles/video.css
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
0d87185f233c4650cc42a40ca5acf1ef37efcb5f08b75b3925d8648aa2ce934d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-2116"
content-type
text/css
captcha.css
2lix.ibrp.checknicepage.com/assets/styles/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2lix.ibrp.checknicepage.com/assets/styles/captcha.css
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
0d3052df53fb528269653ab6900571ada40df7dd80af28505da6d1d05dfc0fdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-2435"
content-type
text/css
icon1.png
2lix.ibrp.checknicepage.com/assets/images/play-2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2lix.ibrp.checknicepage.com/assets/images/play-2/icon1.png
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-1c54"
content-type
image/png
icon2.png
2lix.ibrp.checknicepage.com/assets/images/play-2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2lix.ibrp.checknicepage.com/assets/images/play-2/icon2.png
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-11e0"
content-type
image/png
icon3.png
2lix.ibrp.checknicepage.com/assets/images/play-2/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2lix.ibrp.checknicepage.com/assets/images/play-2/icon3.png
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-1ea7"
content-type
image/png
icon4.png
2lix.ibrp.checknicepage.com/assets/images/play-2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2lix.ibrp.checknicepage.com/assets/images/play-2/icon4.png
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-1b78"
content-type
image/png
icon5.png
2lix.ibrp.checknicepage.com/assets/images/play-2/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2lix.ibrp.checknicepage.com/assets/images/play-2/icon5.png
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-cc0"
content-type
image/png
icon7.png
2lix.ibrp.checknicepage.com/assets/images/play-2/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2lix.ibrp.checknicepage.com/assets/images/play-2/icon7.png
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-cd3"
content-type
image/png
icon8.png
2lix.ibrp.checknicepage.com/assets/images/play-2/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2lix.ibrp.checknicepage.com/assets/images/play-2/icon8.png
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-fe0"
content-type
image/png
b.html
cdn.tubecorp.com/i/ Frame 98AF 		223 B
462 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.tubecorp.com/i/b.html?spot=2&pid=10340&width=300&height=250&spaceid=1696
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
dee7baef733b9e0de6f65fc1b7016aa5564b90a7f1c99a67d15335bacf32d69b

Request headers

Referer
https://2lix.ibrp.checknicepage.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 08 Jan 2024 16:57:15 GMT
etag
W/"df-5d132d021cf80"
expires
Mon, 08 Jan 2024 17:57:15 GMT
last-modified
Sat, 20 Nov 2021 06:50:54 GMT
server
nginx/1.20.1
x-proxy-cache
HIT
x-request-id
32ae108470c7379d83cdca899a526742
tcbanner.js
cdn.tubecorp.com/b/ Frame 98AF 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tubecorp.com/b/tcbanner.js?v=21
Requested by
Host: cdn.tubecorp.com
URL: https://cdn.tubecorp.com/i/b.html?spot=2&pid=10340&width=300&height=250&spaceid=1696
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
3eb693b3d6b913111d8676b4a077fce9d517b9ab46305fb6db20995e248f7517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.tubecorp.com/i/b.html?spot=2&pid=10340&width=300&height=250&spaceid=1696
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 08 Jan 2024 17:57:15 GMT
date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Sat, 20 Nov 2021 06:50:35 GMT
server
nginx/1.20.1
etag
W/"61989abb-c604"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-request-id
92ef080ba56db11cc7dd876c94522e7f
x-proxy-cache
HIT
captcha.css
2lix.ibrp.checknicepage.com/assets/styles/ 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2lix.ibrp.checknicepage.com/assets/styles/captcha.css
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
176.9.80.29 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.80.9.176.clients.your-server.de
Software
nginx/1.24.0 /
Resource Hash
0d3052df53fb528269653ab6900571ada40df7dd80af28505da6d1d05dfc0fdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/?r=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Nov 2023 14:45:11 GMT
server
nginx/1.24.0
etag
W/"65689ff7-2435"
content-type
text/css
/
rtbbnr.com/get/ Frame 2985 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjIsImlkIjoxNjk2LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoyLCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTY5Niwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODE5LCJ6b25lIjoidGNfcGFiXzMwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IiIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjIiLCJ1dG0zIjoiMTAzNDAiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjIiLCJwYWdlIjoiaHR0cHM6Ly8ybGl4LmlicnAuY2hlY2tuaWNlcGFnZS5jb20vIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjcwODI0NjIxOGNmMmUxNmUzNzY4ZDNiNmEwNGU2MjkzIn0sImV4dCI6eyJkdCI6MTcwNDczMzAzNTM4Nn19
Requested by
Host: cdn.tubecorp.com
URL: https://cdn.tubecorp.com/b/tcbanner.js?v=21
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:c0:33d8::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
814e80b849e0bb3df4e6b9b3b3300b39c1efec278e40618a4ff0ae16386c5953

Request headers

Referer
https://cdn.tubecorp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
3247
content-type
text/html
date
Mon, 08 Jan 2024 16:57:15 GMT
pragma
no-cache
server
nginx/1.18.0
vary
Origin
zeropixel.png
preroll.hostave3.net/notifications/ Frame 2985
Redirect Chain
  • https://rtbbnr.com/banner/in/show/?mid=2131165150533619018&pid=0&site=2&sc=DE&usage_type=DCH&subid=0&sid=0&cid=10461&price=0&is_cpm=1&cpm=0.017&ecpm=0.014937900304794362&crid=&crtid=d41d8cd98f00b20...
  • https://preroll.hostave3.net/notifications/zeropixel.png
42 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preroll.hostave3.net/notifications/zeropixel.png
Requested by
Host: rtbbnr.com
URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjIsImlkIjoxNjk2LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoyLCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTY5Niwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODE5LCJ6b25lIjoidGNfcGFiXzMwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IiIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjIiLCJ1dG0zIjoiMTAzNDAiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjIiLCJwYWdlIjoiaHR0cHM6Ly8ybGl4LmlicnAuY2hlY2tuaWNlcGFnZS5jb20vIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjcwODI0NjIxOGNmMmUxNmUzNzY4ZDNiNmEwNGU2MjkzIn0sImV4dCI6eyJkdCI6MTcwNDczMzAzNTM4Nn19
Protocol
H2
Server
2606:4700:e6::ac40:c21a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtbbnr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:16 GMT
strict-transport-security
max-age=0
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5140130
alt-svc
h3=":443"; ma=86400
content-length
42
last-modified
Tue, 11 Sep 2018 08:40:52 GMT
server
cloudflare
etag
"5b977f94-2a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZThSpeOxj0fdzCTQJVwwPHQ1w%2F%2F%2FDI%2BmHDSrAPnTNX7bF%2FeL9%2FCeJm42QaMEEWjmPEYLrtyrPcphCsY3YcSRBI8yiZbHGxfoQRKTpmxLAUpH5d6RNCgbNnUcge1o%2FbpaVdSCDpcWUYYd%2BiVFrjWswZ4VtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8425fa84dc52b960-AMS
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

pragma
no-cache
date
Mon, 08 Jan 2024 16:57:15 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
location
https://preroll.hostave3.net/notifications/zeropixel.png
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
p.gif
pxl.tsyndicate.com/api/v1/p/ Frame 2985 		35 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.tsyndicate.com/api/v1/p/p.gif?p=APeIQFMmDJkycuaI0HGDhYgwY-gsjOGQzpmFImjgwDHDRpgZMlrAwJFjTAsaMsaEaWEwBo0WMWTcsGFmjAwYZWzcyCHC4Rwxacgo1LFFBAwRXRyOcTO0RgwYDsPUGYNRRowZMWLYcFoDRo0ZHWPkgBEDR08RQMlgTEOnTJsvMc4atLOwRg4cMR3CqSOm7owaMqLCgTPx6l-fcCTqoDEDRw0bMRqKKIOHzpc5iTEa1PPGTRm4NnLYODumDWEdNmDQyDEzKhkzEx2KceNmYcebGmk4bOPm4mIaIwOLgMPbd2QYMGw4rCOHjW3HMWvoFlFHBkY0dOjAmaPjxYszadq0KYPmzRw6Lt7IOfPCDhw3L37UofN2zhvmY8r0oDOHSx3kMtgw31vjkZFGHW30IEYYtCHkH4AC0veFSqaFkcYZbvSQ2mozPQhDgAN-wZlnQfVAxRR1DMZGHlmBVYMLY7zxFmOOQXaDhyBKOAYbaYyxRg8tINFEEDicMQQOTVBxBhVWPEGGHlqksQQOaDBBQxZC5HEEFmuoIUQUc6wxBRo36GGFGzKoYYYdYoyBwxdY5FHGEDKR0QYbS8BhRhp20PFEHmfEgQQOSrhRBxVUyEEHFTYIisUbR8xwRgs2ZOFEC1jUMQUdbLCBaR5jCDGHHWy8McYcPwkBwxdnVJEEEVJUkcZZZMhYFY94uJCGGHLAASNBPrrRYxlwhHFGGTDaqlQYim2BVVLDyUGVDjKUIVINssGmAwwuIEeWS0oR9wUc0i7ELVmSyeHeRNhONgZx5nYrXB11zKqDCDcER4MNVuEwhhnValXGDDPhQMYMYnikWk4y5DDDWWmcJoIMYZC1WMXUiqGDDg8vFwZGTbyhRxqdhvHCizCAgMIVabhR6x1zgOAEFSA81e0OILDshg004IwHzymAEISKZVxRhhhLsHUywS50pPISSFDRBBMsgMDjGmWAcEQZPr4R9BBoyCFjGS_EdK4LqeWQgwsx5QDCFGGYEYYcaSx9Q9OjKTWtCEQUcZZ6E-7d91lsCO63QwfZ8YUcZTinQww13MAVDsBBJcJ6tenAGkUiJP4FrwvhgHgZirfxhlrU4jUdGWLHJoJ5C01H7ht45BE74nlkToccdZThEOPaDpTddt29IAOuuvLq6xjAriFsfsUem2wbL5w1h7oYiU0Hs-q1UIewdLTQmAtkjHHD39fTRS1jWH1lAw7Kdb73QV-Uf35FbUyULw03gAXDYSKgj3Uet7_-zeB_NeAI5wyyuDJg5gvM0p9qDIhAh5AOgmxACH8W4qwaQCsMYlBM58ogtzqwQSJ6KZy5lOIbGPRBAQEB&r=1&s=051786746d0e2a3b6c02dffc1d514d511ddbee5f374a8e1d4a0c4c5ba3868fb71704733035&w=t
Requested by
Host: rtbbnr.com
URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjIsImlkIjoxNjk2LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoyLCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTY5Niwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODE5LCJ6b25lIjoidGNfcGFiXzMwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IiIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjIiLCJ1dG0zIjoiMTAzNDAiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjIiLCJwYWdlIjoiaHR0cHM6Ly8ybGl4LmlicnAuY2hlY2tuaWNlcGFnZS5jb20vIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjcwODI0NjIxOGNmMmUxNmUzNzY4ZDNiNmEwNGU2MjkzIn0sImV4dCI6eyJkdCI6MTcwNDczMzAzNTM4Nn19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.40.103 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.103.40.46.78.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtbbnr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:16 GMT
server
nginx
x-robots-tag
noindex, nofollow
content-length
35
content-type
text/plain; charset=utf-8
d5042944458416027a1c5b06e25c3535d5c033.png
lcdn.tsyndicate.com/images/e/c/ Frame 2985 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lcdn.tsyndicate.com/images/e/c/d5042944458416027a1c5b06e25c3535d5c033.png
Requested by
Host: rtbbnr.com
URL: https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InNwb3QiOjIsImlkIjoxNjk2LCJsYWJlbHMiOiIiLCJzaXRlX2lkIjoyLCJ0eXBlIjoiYmFubmVyIiwic3BhY2VpZCI6MTY5Niwic3BvdF9pZCI6MCwiaWR6b25lIjozODMwODE5LCJ6b25lIjoidGNfcGFiXzMwMHgyNTAiLCJhZF90YWdzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IiIsInV0bTEiOiJ0Y2Jhbl9pIiwidXRtMiI6IjIiLCJ1dG0zIjoiMTAzNDAiLCJ1dG00IjoiIn0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH19XSwic2l0ZSI6eyJpZCI6IjIiLCJwYWdlIjoiaHR0cHM6Ly8ybGl4LmlicnAuY2hlY2tuaWNlcGFnZS5jb20vIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6IjcwODI0NjIxOGNmMmUxNmUzNzY4ZDNiNmEwNGU2MjkzIn0sImV4dCI6eyJkdCI6MTcwNDczMzAzNTM4Nn19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.241.121.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
935e5657eaeda8de32faa4fe655aead37814989f4605ce726a7458094157d736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtbbnr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 16:57:16 GMT
content-encoding
gzip
last-modified
Wed, 08 Feb 2023 05:53:31 GMT
server
nginx
age
5071745
etag
W/"63e338db-a4eb"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
42252
track
metricswpsh.com/in/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://metricswpsh.com/in/track?data=eyJ0YWdfaWQiOjB9
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.66 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 16:57:16 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
wp-banners.js
js.wpshsdk.com/npc/sdk/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpshsdk.com/npc/sdk/wp-banners.js
Requested by
Host: 2lix.ibrp.checknicepage.com
URL: https://2lix.ibrp.checknicepage.com/?r=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Mon, 08 Jan 2024 17:02:16 GMT
date
Mon, 08 Jan 2024 16:57:16 GMT
last-modified
Sat, 15 Jul 2023 12:01:31 GMT
server
nginx/1.18.0
etag
"64b28a9b-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
subscription-offers
notification.tubecup.net/in/ 		0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2F2lix.ibrp.checknicepage.com%2F%3Fr%3D1&tcid=0&spot_id=&site=landing&source_id=0&template_name=video&utm_source=null&utm_medium=null&utm_campaign=null&utm_content=null&spotId=&adFormat=push&clickId=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.237.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88.237.201.138.clients.your-server.de
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2lix.ibrp.checknicepage.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Jan 2024 16:57:16 GMT
server
nginx/1.20.2
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| lang string| SxE2 string| spotID string| templateName function| init function| AdManagerPushFormat function| _onAlreadySubscribed

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2lix.ibrp.checknicepage.com
cdn.tubecorp.com
ibrp.checknicepage.com
js.wpshsdk.com
lcdn.tsyndicate.com
metricswpsh.com
notification.tubecup.net
preroll.hostave3.net
pxl.tsyndicate.com
rtbbnr.com
138.201.237.88
168.119.25.66
176.9.80.29
2606:4700:e6::ac40:c21a
2a01:4f8:c0:33d8::1
45.133.44.25
45.133.44.52
78.46.40.103
8.241.121.121
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
0d3052df53fb528269653ab6900571ada40df7dd80af28505da6d1d05dfc0fdc
0d87185f233c4650cc42a40ca5acf1ef37efcb5f08b75b3925d8648aa2ce934d
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
3eb693b3d6b913111d8676b4a077fce9d517b9ab46305fb6db20995e248f7517
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
814e80b849e0bb3df4e6b9b3b3300b39c1efec278e40618a4ff0ae16386c5953
88d75992acd621bc9ebbf16fdd9451c6966a43d8a04e79a9c6a6bff363fa6c60
935e5657eaeda8de32faa4fe655aead37814989f4605ce726a7458094157d736
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
dee7baef733b9e0de6f65fc1b7016aa5564b90a7f1c99a67d15335bacf32d69b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629