befr.mynewtoolpackage.com Open in urlscan Pro
94.130.207.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/2ryn9pnz
Effective URL:
https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&
Submission: On September 14 via api (September 14th 2022, 9:49:01 am UTC) from BE — Scanned from DE

Summary HTTP 37 Redirects Links 56 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 13 domains to perform 37 HTTP transactions. The main IP is 94.130.207.40, located in Germany and belongs to HETZNER-AS, DE. The main domain is befr.mynewtoolpackage.com.
TLS certificate: Issued by R3 on July 24th 2022. Valid for: 3 months.

This is the only time befr.mynewtoolpackage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:8a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	62.210.207.241 62.210.207.241	12876 (Online SAS) (Online SAS)
1	23.229.68.10 23.229.68.10	55286 (SERVER-MANIA) (SERVER-MANIA)
1 1	34.250.4.239 34.250.4.239	16509 (AMAZON-02) (AMAZON-02)
1 4	94.130.207.40 94.130.207.40	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700:20:... 2606:4700:20::ac43:47b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	159.69.45.25 159.69.45.25	24940 (HETZNER-AS) (HETZNER-AS)
4	2606:4700:20:... 2606:4700:20::681a:f1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	14

1 2606:4700:10::6814:8a41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.210.207.241 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: sd-50980.dedibox.fr

jphstyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.229.68.10 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
PTR: dns1.startnow.icu

mooltay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.4.239 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-4-239.eu-west-1.compute.amazonaws.com

tracking.trkkadsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 94.130.207.40 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: s1.golead7.eu

campaign.golead7.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
befr.mynewtoolpackage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::ac43:47b8 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.45.25 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.25.45.69.159.clients.your-server.de

belgiumpelema.mycleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:f1f (United States)

ASN13335 (CLOUDFLARENET, US)

api.cleverpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cleverpush.com static.cleverpush.com — Cisco Umbrella Rank: 11636 api.cleverpush.com — Cisco Umbrella Rank: 12583	133 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	411 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1202 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3281	114 KB
3	google.com www.google.com — Cisco Umbrella Rank: 19	23 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 480 fonts.googleapis.com — Cisco Umbrella Rank: 120	35 KB
3	mynewtoolpackage.com befr.mynewtoolpackage.com	421 KB
1	mycleverpush.com belgiumpelema.mycleverpush.com	26 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 355	1 KB
1	golead7.eu 1 redirects campaign.golead7.eu	801 B
1	trkkadsm.com 1 redirects tracking.trkkadsm.com	2 KB
1	mooltay.com mooltay.com — Cisco Umbrella Rank: 623402	453 B
1	jphstyle.com 1 redirects jphstyle.com	291 B
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 25277	363 B
37	13

	Domain	Requested by
10	static.cleverpush.com	befr.mynewtoolpackage.com static.cleverpush.com belgiumpelema.mycleverpush.com
4	api.cleverpush.com	static.cleverpush.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	www.google.com	befr.mynewtoolpackage.com www.gstatic.com www.google.com
3	befr.mynewtoolpackage.com	mooltay.com befr.mynewtoolpackage.com
2	fonts.googleapis.com	befr.mynewtoolpackage.com
2	stackpath.bootstrapcdn.com	befr.mynewtoolpackage.com stackpath.bootstrapcdn.com
2	maxcdn.bootstrapcdn.com	befr.mynewtoolpackage.com
1	belgiumpelema.mycleverpush.com	static.cleverpush.com
1	cdnjs.cloudflare.com	befr.mynewtoolpackage.com
1	ajax.googleapis.com	befr.mynewtoolpackage.com
1	campaign.golead7.eu	1 redirects
1	tracking.trkkadsm.com	1 redirects
1	mooltay.com
1	jphstyle.com	1 redirects
1	tinyurl.com	1 redirects
37	17

This site contains links to these domains. Also see Links.

Domain
tracking.trkkadsm.com
www.super-fute.com
www.bluemediaads.com
www.outspot.be
comopolis.be
www.croisieuroperivercruises.com
cyrana.com
www.dekbed-discounter.nl
www.vavabid.be
www.insure4you.be
www.koopjedeal.nl
www.balsamik.fr
www.mycollections.com
corporate.orange.be
www.orangebuddies.com
www.testament.be
thewave.digital
www.traveldeal.nl
www.seniorenvoordeelkaart.be
www.welcome-media.net
www.woonq.nl
mailcommerce.de
weedoit.digital
affilyads.com
www.chauffage-aterno.com
besparenkan.be
www.aanbieders.be
eneco.be
www.essent.be
eurotelec.eu
www.hubside.com
hubside.store
www.lampiris.be
www.mega.be
www.mc.be
www.yourprivacy.be
www.pg.com
www.proximus.be
www.salesbroker.eu
sfam.eu
www.voo.be
www.munthuis.be
www.lamonnaiebelge.be
pharmaxx.be
puzzelbrein.nl
mondial.tv
www.privacyshield.gov
policies.google.com
support.google.com
tools.google.com
www.sovendus.com
cleverpush.com

Subject Issuer	Validity	Valid
www.mooltay.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-18` - `2023-08-18`	a year	crt.sh
befr.mynewtoolpackage.com R3	`2022-07-24` - `2022-10-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.mycleverpush.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-06` - `2023-06-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&
Frame ID: 04C4507696EC3E1EC007BDAB7743E5BC
Requests: 26 HTTP requests in this frame

Frame: https://belgiumpelema.mycleverpush.com/iframe?origin=https%3A%2F%2Fbefr.mynewtoolpackage.com
Frame ID: 684167802E7393257853E5823EA65A58
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzVyIeAAAAAH4gFaMjcbJbR2fojXoYP6Sc1bMW&co=aHR0cHM6Ly9iZWZyLm15bmV3dG9vbHBhY2thZ2UuY29tOjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=5nit9qvdcnwp
Frame ID: 0F5082392AC914815BC30DB4B60F06D8
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Félicitations!

Page URL History Show full URLs

https://tinyurl.com/2ryn9pnz HTTP 301
http://jphstyle.com/2403192JQ5667366QW0vq0aL2clr151205gv HTTP 302
https://mooltay.com/1008e76ce070f529000/3b-2403192-5667366-151205-0-/06850 Page URL
https://tracking.trkkadsm.com/aff_c?offer_id=1372&aff_id=1079&aff_sub2=1252427097&aff_sub=473263 HTTP 302
https://campaign.golead7.eu/befr,mynewtoolpackage,com_576.html?idPartner=13&idCampaignAd=0&subId=1079-47... HTTP 302
https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=& Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

37
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

17
Subdomains

14
IPs

4
Countries

1165 kB
Transfer

2320 kB
Size

10
Cookies

56 Outgoing links

These are links going to different origins than the main page.

URL: https://tracking.trkkadsm.com/aff_c?&offer_id=1373&aff_id=1079&aff_sub=473263&aff_sub5=&aff_sub4=&aff_sub3=&aff_unique1=1
Title: Verder gaan in het Nederlands

Search URL Search Domain Scan URL

URL: https://www.super-fute.com/conditions-generales-dutilisation/
Title: https://www.super-fute.com/conditions-generales-dutilisation/

Search URL Search Domain Scan URL

URL: http://www.bluemediaads.com/gtc.html
Title: http://www.bluemediaads.com/gtc.html

Search URL Search Domain Scan URL

URL: https://www.outspot.be/nl/privacybeleid
Title: Privacy Beleid

Search URL Search Domain Scan URL

URL: https://comopolis.be/politique-de-confidentialite-et-cookies/?lang=fr
Title: https://comopolis.be/politique-de-confidentialite-et-cookies/?lang=fr

Search URL Search Domain Scan URL

URL: https://www.croisieuroperivercruises.com/information/privacy-policy
Title: https://www.croisieuroperivercruises.com/information/privacy-policy

Search URL Search Domain Scan URL

URL: https://cyrana.com/fr-fr/mentions-legales
Title: https://cyrana.com/fr-fr/mentions-legales

Search URL Search Domain Scan URL

URL: https://www.dekbed-discounter.nl/service/privacy-policy/
Title: https://www.dekbed-discounter.nl/service/privacy-policy/

Search URL Search Domain Scan URL

URL: https://www.dekbed-discounter.nl/service/privacy-policy
Title: https://www.dekbed-discounter.nl/service/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.vavabid.be/confidentialite.html
Title: https://www.vavabid.be/confidentialite.html

Search URL Search Domain Scan URL

URL: https://www.insure4you.be/contactformulier/
Title: https://www.insure4you.be/contactformulier/

Search URL Search Domain Scan URL

URL: https://www.koopjedeal.nl/privacy
Title: https://www.koopjedeal.nl/privacy

Search URL Search Domain Scan URL

URL: https://www.balsamik.fr/la-protection-de-la-vie-privee
Title: https://www.balsamik.fr/la-protection-de-la-vie-privee

Search URL Search Domain Scan URL

URL: https://www.mycollections.com/includes/privacypolicybe.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://corporate.orange.be/nl/privacy-policy
Title: https://corporate.orange.be/nl/privacy-policy

Search URL Search Domain Scan URL

URL: https://www.orangebuddies.com/privacy/
Title: https://www.orangebuddies.com/privacy/

Search URL Search Domain Scan URL

URL: https://www.testament.be/nl/privacy
Title: https://www.testament.be/nl/privacy

Search URL Search Domain Scan URL

URL: https://thewave.digital/fr/conditions-generales/
Title: https://thewave.digital/fr/conditions-generales/

Search URL Search Domain Scan URL

URL: https://www.traveldeal.nl/privacy.html
Title: https://www.traveldeal.nl/privacy.html

Search URL Search Domain Scan URL

URL: https://www.seniorenvoordeelkaart.be/privacy-statement
Title: https://www.seniorenvoordeelkaart.be/privacy-statement

Search URL Search Domain Scan URL

URL: https://www.welcome-media.net/politique-de-confidentialite.html
Title: https://www.welcome-media.net/politique-de-confidentialite.html

Search URL Search Domain Scan URL

URL: https://www.woonq.nl/service/privacy/
Title: https://www.woonq.nl/service/privacy/

Search URL Search Domain Scan URL

URL: https://mailcommerce.de/de/privacy.html
Title: https://mailcommerce.de/de/privacy.html

Search URL Search Domain Scan URL

URL: https://weedoit.digital/politique-de-confidentialite/
Title: https://weedoit.digital/politique-de-confidentialite/

Search URL Search Domain Scan URL

URL: https://affilyads.com/privacypolicy/
Title: https://affilyads.com/privacypolicy/

Search URL Search Domain Scan URL

URL: https://www.chauffage-aterno.com/mentions-legales.htm
Title: https://www.chauffage-aterno.com/mentions-legales.htm

Search URL Search Domain Scan URL

URL: https://besparenkan.be/privacybeleid
Title: https://besparenkan.be/privacybeleid

Search URL Search Domain Scan URL

URL: https://www.aanbieders.be/privacyverklaring/
Title: https://www.aanbieders.be/privacyverklaring/

Search URL Search Domain Scan URL

URL: https://eneco.be/fr/d%C3%A9claration-de-confidentialit%C3%A9
Title: https://eneco.be/fr/d%C3%A9claration-de-confidentialit%C3%A9

Search URL Search Domain Scan URL

URL: https://www.essent.be/nl/prive/privacyverklaring
Title: https://www.essent.be/nl/prive/privacyverklaring

Search URL Search Domain Scan URL

URL: https://www.essent.be/fr/particuliers/declaration-de-confidentialite
Title: https://www.essent.be/fr/particuliers/declaration-de-confidentialite

Search URL Search Domain Scan URL

URL: https://eurotelec.eu/declaration-de-confidentialite/
Title: https://eurotelec.eu/declaration-de-confidentialite/

Search URL Search Domain Scan URL

URL: https://www.hubside.com/fr_FR/mentions-legales
Title: https://www.hubside.com/fr_FR/mentions-legales

Search URL Search Domain Scan URL

URL: https://hubside.store/pages/mentions-legales-et-donnees-personnelles
Title: https://hubside.store/pages/mentions-legales-et-donnees-personnelles

Search URL Search Domain Scan URL

URL: https://www.lampiris.be/fr/politique-de-vie-privee
Title: https://www.lampiris.be/fr/politique-de-vie-privee

Search URL Search Domain Scan URL

URL: https://www.mega.be/nl/privacybeleid
Title: https://www.mega.be/nl/privacybeleid

Search URL Search Domain Scan URL

URL: https://www.mc.be/disclaimer
Title: https://www.mc.be/disclaimer

Search URL Search Domain Scan URL

URL: https://www.yourprivacy.be/fr/octaplus
Title: https://www.yourprivacy.be/fr/octaplus

Search URL Search Domain Scan URL

URL: https://www.pg.com/privacy/french/privacy_statement.shtml
Title: https://www.pg.com/privacy/french/privacy_statement.shtml

Search URL Search Domain Scan URL

URL: https://www.proximus.be/nl/id_cr_warnland/particulieren/r-orphans/wettelijke-informatie.html#/privacy
Title: https://www.proximus.be/nl/id_cr_warnland/particulieren/r-orphans/wettelijke-informatie.html#/privacy

Search URL Search Domain Scan URL

URL: https://www.salesbroker.eu/nl/privacy-policy/
Title: https://www.salesbroker.eu/nl/privacy-policy/

Search URL Search Domain Scan URL

URL: https://sfam.eu/fr-be/mentions-legales
Title: https://sfam.eu/fr-be/mentions-legales

Search URL Search Domain Scan URL

URL: https://www.voo.be/fr/vie-privee
Title: https://www.voo.be/fr/vie-privee

Search URL Search Domain Scan URL

URL: https://www.munthuis.be/het-belgische-munthuis/uw-privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.lamonnaiebelge.be/general-shno/retur
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://pharmaxx.be/privacy-beleid/
Title: Privacy Beleid

Search URL Search Domain Scan URL

URL: https://puzzelbrein.nl/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://mondial.tv/politique-de-confidentialite/
Title: https://mondial.tv/politique-de-confidentialite/

Search URL Search Domain Scan URL

URL: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
Title: (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active)

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=fr
Title: https://policies.google.com/privacy?hl=fr

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/partner-sites?hl=fr
Title: https://policies.google.com/technologies/partner-sites?hl=fr

Search URL Search Domain Scan URL

URL: https://support.google.com/analytics/answer/6004245?hl=fr
Title: https://support.google.com/analytics/answer/6004245?hl=fr

Search URL Search Domain Scan URL

URL: http://tools.google.com/dlpage/gaoptout?hl=fr
Title: https://tools.google.com/dlpage/gaoptout?hl=fr

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=nl
Title: https://policies.google.com/privacy?hl=fr

Search URL Search Domain Scan URL

URL: https://www.sovendus.com/fr/declaration_sur_la_protection_des_donnees/
Title: https://www.sovendus.com/fr/declaration_sur_la_protection_des_donnees/

Search URL Search Domain Scan URL

URL: https://cleverpush.com/
Title: Powered by CleverPush

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/2ryn9pnz HTTP 301
http://jphstyle.com/2403192JQ5667366QW0vq0aL2clr151205gv HTTP 302
https://mooltay.com/1008e76ce070f529000/3b-2403192-5667366-151205-0-/06850 Page URL
https://tracking.trkkadsm.com/aff_c?offer_id=1372&aff_id=1079&aff_sub2=1252427097&aff_sub=473263 HTTP 302
https://campaign.golead7.eu/befr,mynewtoolpackage,com_576.html?idPartner=13&idCampaignAd=0&subId=1079-473263&subIdentifier=1020b2711d5e3e9b8345af5bc49135&aps=___&lsw= HTTP 302
https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://tinyurl.com/2ryn9pnz HTTP 301
http://jphstyle.com/2403192JQ5667366QW0vq0aL2clr151205gv HTTP 302
https://mooltay.com/1008e76ce070f529000/3b-2403192-5667366-151205-0-/06850

37 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

06850
mooltay.com/1008e76ce070f529000/3b-2403192-5667366-151205-0-/
Redirect Chain

https://tinyurl.com/2ryn9pnz
http://jphstyle.com/2403192JQ5667366QW0vq0aL2clr151205gv
https://mooltay.com/1008e76ce070f529000/3b-2403192-5667366-151205-0-/06850

159 B
453 B

905ms
259ms

Document
text/html

23.229.68.10
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL: https://mooltay.com/1008e76ce070f529000/3b-2403192-5667366-151205-0-/06850
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.229.68.10 Buffalo, United States, ASN55286 (SERVER-MANIA, CA),
Reverse DNS: dns1.startnow.icu
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 159
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Sep 2022 09:48:55 GMT
Server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Sep 2022 09:48:54 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.6 (CentOS)
location: https://mooltay.com/1008e76ce070f529000/3b-2403192-5667366-151205-0-/06850

GET
H/1.1

200
OK

Primary Request campaign_651.html Show response
befr.mynewtoolpackage.com/
Redirect Chain

https://tracking.trkkadsm.com/aff_c?offer_id=1372&aff_id=1079&aff_sub2=1252427097&aff_sub=473263
https://campaign.golead7.eu/befr,mynewtoolpackage,com_576.html?idPartner=13&idCampaignAd=0&subId=1079-473263&subIdentifier=1020b2711d5e3e9b8345af5bc49135&aps=___&lsw=
https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&

132 KB
30 KB

305ms
265ms

Document
text/html

94.130.207.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&
Requested by: Host: mooltay.com
URL: https://mooltay.com/1008e76ce070f529000/3b-2403192-5667366-151205-0-/06850
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.207.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead7.eu
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: aa081c6dfb75d0cc751562e07de7a4d1714c1130ade3a8e0b1017db3fc1a4d94

Request headers

Referer: https://mooltay.com/1008e76ce070f529000/3b-2403192-5667366-151205-0-/06850
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 30158
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Sep 2022 09:48:56 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 1
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Sep 2022 09:48:56 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&
Pragma: no-cache
Server: Apache/2.4.29 (Ubuntu)

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 50ms
21ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617, 617
age: 20045203
cdn-cachedat: 2021-06-08 14:35:16
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a25b3b26237dd55b5f417f26a9965dbb
cf-ray: 74a835b51cf591e4-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 133ms
37ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:22:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5202
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:22:14 GMT

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.0/ 1 KB
1 KB 59ms
21ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.0/jquery.cookie.min.js

Requested by

Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 549317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 579
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-4f3"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOeLxuOFvkwgBv%2BOtA6cnd5mLbdRK3KZ7i%2Bt9yZC8OZYXFVpi3oTyfeIVgcJGd0CBp7BkbHEx641uH3qiNtl4ElX0iZvpH%2FjXTIJCv17AnM2KUSqXFyGHP7zAqSN%2BX5jo6msqet1PHLaaS5i7ZpceUxr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74a835b52b319280-FRA
expires: Mon, 04 Sep 2023 09:48:56 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 52ms
23ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 755
age: 7365313
cdn-cachedat: 12/13/2021 20:18:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cf-ray: 74a835b52cf891e4-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 51ms
17ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://befr.mynewtoolpackage.com/
Origin: https://befr.mynewtoolpackage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 69342
cdn-cachedat: 08/20/2022 02:30:56
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"269550530cc127b6aa5a35925a7de6ce"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 35a62ec727db024e0014b220e585919a
cf-ray: 74a835b52801696f-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 393 B
385 B 142ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patua+One&display=swap

Requested by

Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 09:48:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 09:48:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 09:48:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 138ms
45ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,500,700

Requested by

Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41191d77d044691c96c90990bfe4693775ab4a3aad4ada259c3605d1970052d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 09:29:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 14 Sep 2022 09:48:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Sep 2022 09:48:56 GMT

GET
H2 200 aph3JJNHrhdCzBnfv.js Show response
static.cleverpush.com/channel/loader/ 191 KB
49 KB 100ms
29ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/channel/loader/aph3JJNHrhdCzBnfv.js
Requested by: Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deeb0ad917cfe66a5959adfa54502453e63e37a406ae72cbb539ec453b07ec4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12717
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 22VG14PGR9KQX9S2
x-amz-id-2: M0KtRSb2lXgbH2CkQf9m5FxcO2DLbmw9L6oYgg55xBkjXvXZ+YL74DizwZAi+msM93rVd2Bj94c=
last-modified: Tue, 13 Sep 2022 00:36:25 GMT
server: cloudflare
etag: W/"dbc22c4bc3b6871fe3d3721c69451bba"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsqXZqvI5PTLwLIRj8YWPY2mIfjYEDGgo8RGjO0OEXsEHF%2BeCOuHDWKWozXaztWqMOnSNFqGGRG9zMENEu2Xr9L%2Bbrq31Ny4aX3O3YnMMCD207%2F5yZnRfTW7ANQc9oeNR0CfHEk5TARls6DwVUEYJ5W1xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 74a835b64b76906c-FRA

GET
H/1.1 200
OK banner,fr,metabo.jpg
befr.mynewtoolpackage.com/media/adresseManager/microSiteImg/651/ 389 KB
389 KB 20ms
12ms Image
image/jpeg 94.130.207.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://befr.mynewtoolpackage.com/media/adresseManager/microSiteImg/651/banner,fr,metabo.jpg
Requested by: Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.207.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead7.eu
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bda1beca2cd7e0c53a8487c43b068c6b85b4c84e57e86a8f52f635138614594b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 09:48:56 GMT
Last-Modified: Mon, 24 Jan 2022 16:12:38 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "6139a-5d6563cc13352"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 398234

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
997 B 152ms
54ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfzVyIeAAAAAH4gFaMjcbJbR2fojXoYP6Sc1bMW

Requested by

Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0e987dcaa8d3ad44ef7e8f9f876f8d6a3172728a9221ec77bdf3fcc87a3614e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Wed, 14 Sep 2022 09:48:56 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c72010e02c94dcfe5626eddefc488ecb17590ae2c9e7034f878de6b38ec32f92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 19ms
12ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://befr.mynewtoolpackage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752
age: 69341
cdn-proxyver: 1.02
cdn-cachedat: 08/17/2022 18:20:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: "af7ae505a9eed503f8b8e6982036873e"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5a6766031b9fc7c0dd883f162c424983
accept-ranges: bytes
cf-ray: 74a835b659ee696f-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK select.arrow.png
befr.mynewtoolpackage.com/custom/ 1 KB
1 KB 17ms
17ms Image
image/png 94.130.207.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://befr.mynewtoolpackage.com/custom/select.arrow.png
Requested by: Host: befr.mynewtoolpackage.com
URL: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.207.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: s1.golead7.eu
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/campaign_651.html?coyoteAffiliTokenId=6520345&aps=___&lsw=&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Wed, 14 Sep 2022 09:48:56 GMT
Last-Modified: Wed, 13 Jan 2021 16:07:43 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "44e-5b8ca56d111c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1102

GET
DATA 200
OK truncated
/ 461 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43eff2fa677d7e70224f32aa77822514f3586274cdc80711f53b0568b58398a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 128ms
37ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://befr.mynewtoolpackage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 140302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 18:50:34 GMT

GET
H3 200 5.ccc404e72915bddeea61.js Show response
static.cleverpush.com/sdk/chunk/ 34 KB
9 KB 42ms
24ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.ccc404e72915bddeea61.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/aph3JJNHrhdCzBnfv.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20fce72a47c22fc6d83ba3e1c37be6008069c76ceac6f32af81e339a633ff418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18010
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZN9EJTF9C1M15S6M
x-amz-id-2: Y00G98Wor7Hfpafc1BPmmTfwvINgoWI086NBYGpCWDI685n2P2Bhnk8tyS+9G76h0iIUGGna6Pc=
last-modified: Thu, 08 Sep 2022 16:48:27 GMT
server: cloudflare
etag: W/"4bf105c2c4678b8c3d35377e842bd1f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEH%2BvhOIyEkUikE%2FR6EnmO7kHdSxTAgwlmyCqP8yOzx1G0PISU%2BWX1%2FvfDxJ1yCYRm4q4IQOJsn1%2Bod8bhDyVy6UoLP%2FzNLdn1wSK3Xav7UtHIay9%2FTkK1nSMatkzZ4LBePheF04yNfR%2Fr%2BKR8beOq9J3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 74a835b77f529201-FRA

GET
H3 200 251.90ad76a663f3b3850ba0.js Show response
static.cleverpush.com/sdk/chunk/ 6 KB
3 KB 40ms
23ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.90ad76a663f3b3850ba0.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/aph3JJNHrhdCzBnfv.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5998c4e35c3c10a968ea65a2e658f3efd907290f782178d10195699423e0c903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18011
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HX3QMD2QJ79DFEBY
x-amz-id-2: 1PwVj5rVkKAOF+tr1fosX2aD3uIEUQ5PoS9h8d7KMhg4PcDZJs81OgMwq8zSCsI49dKIw1TtHPw=
last-modified: Thu, 08 Sep 2022 16:48:27 GMT
server: cloudflare
etag: W/"6a7967b77385a26f48658efa53820786"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5H19tqqI0P3EnRx6WOCPSmuSes0ivZVax5rLYNv%2FUdLRPnDCHvfTMePIi9dq%2FCVKX8rYetFhF%2FzE21pxR3tXcY6wdlN9rEqjTr7aanynFRwrR1Je4iwFVs3f6E1JPM%2BByJT%2Bw8gZQs2RLZuUBgoZ8678Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 74a835b77f509201-FRA

GET
H3 200 115.475ce07745998d1eb321.js Show response
static.cleverpush.com/sdk/chunk/ 13 KB
4 KB 53ms
37ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/115.475ce07745998d1eb321.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/aph3JJNHrhdCzBnfv.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 074ed2c543c571d6f83a3507206a1db49094d40c64a6eedac0a0ed07b106cb1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17255
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: WFY8BG2MSRE6WVJT
x-amz-id-2: 2N0hqcw/i/WQfOTQmCzB3oMaPBBCewHdXYC5xJ4Y673skFrilDSzWKhu9yta0UgbVYx17hxuXOM=
last-modified: Thu, 08 Sep 2022 16:48:26 GMT
server: cloudflare
etag: W/"0af7942a1e18952fe3b1d8e9ff55bb59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7gftXCGfQhFIljgOtl8z%2FfBDIv4T8AlrlFs2lMGKlF%2Bkn1wO4QV5nC7DoMwz9VI%2BfasfTCpvXjWjR2w9w7Nlo2IajW%2BiCNkDUSihOJ8CvcUPT%2BWSajS0Kv2ffN%2FKQ8KudM1Ryrxj4%2Bxj1f0s%2FID3cgjIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 74a835b77f519201-FRA

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ 390 KB
156 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfzVyIeAAAAAH4gFaMjcbJbR2fojXoYP6Sc1bMW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://befr.mynewtoolpackage.com/
Origin: https://befr.mynewtoolpackage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158665
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 09:03:05 GMT

GET
H2 200 iframe Show response
belgiumpelema.mycleverpush.com/ Frame 6841 69 KB
26 KB 99ms
44ms Document
text/html 159.69.45.25
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://belgiumpelema.mycleverpush.com/iframe?origin=https%3A%2F%2Fbefr.mynewtoolpackage.com

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/sdk/chunk/251.90ad76a663f3b3850ba0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.45.25 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.25.45.69.159.clients.your-server.de

Software

Resource Hash

0989843ef4e84f706a856da27d72dd03035fb23c4cf6a4e0c80e7ee97aca6f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://befr.mynewtoolpackage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept
cache-control: public, max-age=1800
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 14 Sep 2022 09:48:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-backend-server: cleverpush-worker-1
x-cache-status: MISS
x-robots-tag: noindex

GET
H3 200 5.ccc404e72915bddeea61.js Show response
static.cleverpush.com/sdk/chunk/ Frame 6841 34 KB
9 KB 22ms
22ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/5.ccc404e72915bddeea61.js
Requested by: Host: belgiumpelema.mycleverpush.com
URL: https://belgiumpelema.mycleverpush.com/iframe?origin=https%3A%2F%2Fbefr.mynewtoolpackage.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20fce72a47c22fc6d83ba3e1c37be6008069c76ceac6f32af81e339a633ff418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belgiumpelema.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18011
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZN9EJTF9C1M15S6M
x-amz-id-2: Y00G98Wor7Hfpafc1BPmmTfwvINgoWI086NBYGpCWDI685n2P2Bhnk8tyS+9G76h0iIUGGna6Pc=
last-modified: Thu, 08 Sep 2022 16:48:27 GMT
server: cloudflare
etag: W/"4bf105c2c4678b8c3d35377e842bd1f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHCTskiHivnXs72ntb%2FkDkFZafytpYVyNhvBtB7w5eo3xmk%2BXH5Rh69RSd4e2fr4i6oXffYFAAptdsbzqnMjWDIddRZ2VnkNdvvmtJIIO1nNXbWULwvYeC5QEcfO7liBBxpE7nqVmLRto%2F5zwgO7VPJk0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 74a835b888a99201-FRA

GET
H3 200 251.90ad76a663f3b3850ba0.js Show response
static.cleverpush.com/sdk/chunk/ Frame 6841 6 KB
3 KB 27ms
26ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/251.90ad76a663f3b3850ba0.js
Requested by: Host: belgiumpelema.mycleverpush.com
URL: https://belgiumpelema.mycleverpush.com/iframe?origin=https%3A%2F%2Fbefr.mynewtoolpackage.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5998c4e35c3c10a968ea65a2e658f3efd907290f782178d10195699423e0c903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belgiumpelema.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18012
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HX3QMD2QJ79DFEBY
x-amz-id-2: 1PwVj5rVkKAOF+tr1fosX2aD3uIEUQ5PoS9h8d7KMhg4PcDZJs81OgMwq8zSCsI49dKIw1TtHPw=
last-modified: Thu, 08 Sep 2022 16:48:27 GMT
server: cloudflare
etag: W/"6a7967b77385a26f48658efa53820786"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNvGhBwmHP2DIsMovj5h%2Fubr9a%2FnnLoxvRjyV6ybIOJta4TOSM%2B6ViORLIIf%2F3okfhPFsmlttPWNGYMzTW8KH9%2BiPdo4J3YNGgkWcawV3dYLxeCcUnSi0TZWzpmrrOMqrzr9w%2BQvrE7iufmwlcFDbctdNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 74a835b888aa9201-FRA

GET
H3 200 818.eb9c2f673c0740fe15b1.js Show response
static.cleverpush.com/sdk/chunk/ Frame 6841 7 KB
3 KB 31ms
30ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/818.eb9c2f673c0740fe15b1.js
Requested by: Host: belgiumpelema.mycleverpush.com
URL: https://belgiumpelema.mycleverpush.com/iframe?origin=https%3A%2F%2Fbefr.mynewtoolpackage.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b20d3ab2d5f4e45ca38fec4f63aa5af36974abef278c23faeeff4761f48d3607

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://belgiumpelema.mycleverpush.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18011
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZN9FGH90MN0MVRFB
x-amz-id-2: eQOvLSXe0G5otFHNWGZLfoHcw1Jb9kVac+wGqFNkxjD2OAz7Pl2i3GPYzBzoRh9vcGGMYHfh7w8=
last-modified: Thu, 08 Sep 2022 16:48:27 GMT
server: cloudflare
etag: W/"68c2bb7d514ce21564a0606a85608cf4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Paeh0E8H5SE7J84G%2BNXMtl1kFOIPneHHGm8NI5oniKs4hU6XRg0hLRJ6Q6uXs9j8fw5Mn9JKbVDPW6Jgui6bosXXEPC0n1D7atRFD8QK2bYJLT6k5DmUQLPDnK9fo1WRJ%2Fl5%2Ft8wQKXcHEZFPx2U5xIu3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 74a835b888ab9201-FRA

GET
H3 200 970.c926cda5e787910cfe3b.js Show response
static.cleverpush.com/sdk/chunk/ 46 KB
10 KB 21ms
21ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/970.c926cda5e787910cfe3b.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/aph3JJNHrhdCzBnfv.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e353f80c6c1683488a985f76447f8d11998aeaa4d83f63f272019242c8e23731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18011
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=7NKIpjhXKtw2rVa5eC3c2f.ywwLL6DzhY2byIxhCppA-1663148937-0-AV7mdQhUNqdk9FtXR5wRbYds3eyVI2wTxVdfuRznsClhdW-RggHukUrNIDZnoHMZHG9OJtCskIF-qruWKGyLQVmwtjjjcY1D2Gfrvzq6wsaC; report-to cf-csp-endpoint
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: ZN9F2V34072KQZBE
x-amz-id-2: UYykGRDjumLkdYaSXS3b2jwJ1qJT6EbJ0Mqt3wGHY3wZ57uMYd9weaDvU93geJdNYza84xLShgw=
last-modified: Thu, 08 Sep 2022 16:48:27 GMT
server: cloudflare
etag: W/"6f952d98070f96203ea202f47796924c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIh2RSG9RL7Q7lcovtwF3l6OAP%2FBQE9v3iBNlMJH3XjwlWXMfPrsWemSdJmHL7tvTmS%2FrlG74Fs6qMUjvM8shQJCEYQuZRmQKuM%2BVgqyQ61BE8UfUETO4%2F67JkEJFgwi9gXj763JeRMw4gLoOzT96Mm9VA%3D%3D"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=7NKIpjhXKtw2rVa5eC3c2f.ywwLL6DzhY2byIxhCppA-1663148937-0-AV7mdQhUNqdk9FtXR5wRbYds3eyVI2wTxVdfuRznsClhdW-RggHukUrNIDZnoHMZHG9OJtCskIF-qruWKGyLQVmwtjjjcY1D2Gfrvzq6wsaC"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 74a835b8b8f49201-FRA

GET
H3 200 720.ec40f591108ece8b9ab2.js Show response
static.cleverpush.com/sdk/chunk/ 46 KB
11 KB 26ms
26ms Script
application/javascript 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cleverpush.com/sdk/chunk/720.ec40f591108ece8b9ab2.js
Requested by: Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/aph3JJNHrhdCzBnfv.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a696965bb2fec8fecbeece23b6db9bfe277b5e5da5cb02d8bfe5fbbf68d325

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18012
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: HX3GKK59P5N1W3M1
x-amz-id-2: gHlIHFLX2SMbRxLdAup2Zz5kN8cYkCKDbQfOZURtGx4poKDJMKs87HJXg2nbzZYfLRzUQ/b5EQQ=
last-modified: Thu, 08 Sep 2022 16:48:27 GMT
server: cloudflare
etag: W/"a82a6ca4a692ac97b7f071d854fb04ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxfnVIr9%2FQoc9kJClnn5N9o9TqinGkVRqpljM3uI5ZUF2RQxkLWWFq1soDtTcxhRFknBL4kI2zSM4s%2FM%2FRnfbj8OS91iLum34RcrOAEhlqpRKomUrk5kG8ITpBTsMWFJD9%2BdLKudUw9PfubwwyAVvNBTOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public,max-age=43200
cf-ray: 74a835b8b8f59201-FRA

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0F50 42 KB
22 KB 139ms
63ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzVyIeAAAAAH4gFaMjcbJbR2fojXoYP6Sc1bMW&co=aHR0cHM6Ly9iZWZyLm15bmV3dG9vbHBhY2thZ2UuY29tOjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=5nit9qvdcnwp

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6932ab246ee19ffd42ac5f0a1ecfa7c35031525ffe461baa731944c667235472

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1qLSe4v7gVuRfl20MdFshw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://befr.mynewtoolpackage.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22563
content-security-policy: script-src 'report-sample' 'nonce-1qLSe4v7gVuRfl20MdFshw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Sep 2022 09:48:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 optin-visitor Show response
api.cleverpush.com/channel/ 16 B
655 B 50ms
31ms Fetch
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/aph3JJNHrhdCzBnfv.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://befr.mynewtoolpackage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Sep 2022 09:48:57 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-15
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZhBjPFXyJQ8jddXh49OvWu88oLSM%2B5BmuCIDaYJHKwSM8CBwmfUttnWSrqpviM%2FsWVqL6G1Q9fgL9Ujuh7r97f2DZPU0TZE%2BK8szDHj3ydSRWQnRtlR13PlzlIBsu%2Fy0UEM9aZBVJ%2BwW7Y8qyt8PA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-ray: 74a835b9de419158-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

OPTIONS
H2 200 optin-visitor
api.cleverpush.com/channel/ Frame 0
0 79ms
49ms Preflight
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/optin-visitor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://befr.mynewtoolpackage.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74a835b96a80bb47-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Wed, 14 Sep 2022 09:48:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SXko098iDDvH2wnoZsx3o04EjzHuSpVp9vKkv7AW%2Bv%2Fuv2WJTvlxk6I0nmrbqb6cyVRp%2F09zsj8oGiMOqg5Hi9UMTNiOSFBGqbmxAViIteWTzAmMfUwfFTjfUp0NfSLAKmiLlm1WDMoReeqe5rA2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 0F50 52 KB
24 KB 113ms
37ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzVyIeAAAAAH4gFaMjcbJbR2fojXoYP6Sc1bMW&co=aHR0cHM6Ly9iZWZyLm15bmV3dG9vbHBhY2thZ2UuY29tOjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=5nit9qvdcnwp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 04:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 04:35:55 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/ Frame 0F50 390 KB
155 KB 130ms
55ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158665
x-xss-protection: 0
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 09:48:05 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0F50 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Thu, 08 Sep 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 482928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 15 Sep 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0F50 15 KB
15 KB 121ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 81052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 13 Sep 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0F50 15 KB
15 KB 119ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 53349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 13 Sep 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0F50 102 B
134 B 45ms
44ms Other
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=g8G8cw32bNQPGUVoDvt680GA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ee23a368d4d73e542e0eb7edc3ae2f5fddc59b439cc0fb7a4cf6ff90cbc5fbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfzVyIeAAAAAH4gFaMjcbJbR2fojXoYP6Sc1bMW&co=aHR0cHM6Ly9iZWZyLm15bmV3dG9vbHBhY2thZ2UuY29tOjQ0Mw..&hl=de&v=g8G8cw32bNQPGUVoDvt680GA&size=invisible&cb=5nit9qvdcnwp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 14 Sep 2022 09:48:57 GMT

POST
H3 200 confirm-alert Show response
api.cleverpush.com/channel/ 16 B
618 B 28ms
28ms Fetch
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Requested by

Host: static.cleverpush.com
URL: https://static.cleverpush.com/channel/loader/aph3JJNHrhdCzBnfv.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json
Referer: https://befr.mynewtoolpackage.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Sep 2022 09:48:58 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
x-backend-server: cleverpush-worker-15
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUtyJDimdNberD%2Fyy8otJM%2BFLAhoEyZcmNK5YKKCKz7vFdb%2FzlqfagkInd8EBPt77tRRt0tCKgGqq3BNWBaz8DF0s%2FQUzl9HsqwSkql%2Bx1XWxXXxWJOmSWZYw9xCrWrwpu3vMvk039Gs9cuTVCnYqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-ray: 74a835bfa8549158-FRA
access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language

GET
H3 200 zBgF9w7eNr8ziuuZr.png
static.cleverpush.com/notification/icon/ 30 KB
30 KB 26ms
25ms Image
image/png 2606:4700:20::ac43:47b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cleverpush.com/notification/icon/zBgF9w7eNr8ziuuZr.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8993311f2aa39f5927121fd50ba0f9760949762ec54455451be000f0c21f22f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://befr.mynewtoolpackage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:48:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6196
cf-ray: 74a835bf79ee9201-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30249
x-amz-id-2: xc29g5giHWof8V8wSahPQv0epUBlr49oHe5xRd9rPxaPOOiU+lWWodMYODws2WMZY1Nr2+P3Vk8=
last-modified: Tue, 21 Sep 2021 14:43:03 GMT
server: cloudflare
etag: "b887b19cc7e31cdb27b16d9bba043ec5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jbwTCftqcIlvl7NKMA9hpm9zkJrPyNXs7Lijn%2BpRLKDGKPbgoxiwa4Tqsdpqq6YjIemzRcmmb2R9OM155PqFnhz5TPVPWzIcSYYSF1Ba7MdL4FTISVeI44NviejW%2F65lI3HIJRrSh0uIMDsHYIa8ynD1w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: DCC5J1983SCCCDC6
accept-ranges: bytes
content-type: image/png

OPTIONS
H3 200 confirm-alert
api.cleverpush.com/channel/ Frame 0
0 31ms
31ms Preflight
application/json 2606:4700:20::681a:f1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cleverpush.com/channel/confirm-alert

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://befr.mynewtoolpackage.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, accept, accept-language
access-control-allow-methods: OPTIONS, GET, POST, PATCH, PUT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 74a835bf7fe99158-FRA
content-length: 0
content-type: application/json; charset=utf-8
date: Wed, 14 Sep 2022 09:48:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ObNblOXKuqw3FZ8aDXHH%2Bs1FGWnBSY2DO11DuXL37GKogpjCn3asEN2YAb8yu1p7MsF8TousghJRj%2BxBnXoZ%2B77m5LidyUK%2BPQE%2BSNg%2FIMiaE5RhKgwl8yT%2F%2Bf9Teciem%2FUbWtAm%2FVPdk%2BDRemj3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mooltay.com/	1970-01-20 05:59:12	Name: uid21018 Value: 1252427097-20220914044855-df4052067b46ff16559f158ad8f07da0-
tracking.trkkadsm.com/	1970-01-20 06:42:20	Name: enc_aff_session_1372 Value: ENC038a2693c7e02122ef605466141541c7b9abaf277c90e411936970374870cfdca61a0662e0f165548941b3b02d29f333496fe682ccfc9924bc07b7f84b262bb8a870ceab023b04356295876f7ac7e4abbf11b36ff740a4227de42774f57835d814d5dc49a894a4fa0b5865b33dc6d1bf97871cdde65d59a67645d925bde84b7664eae9186ba576f03d6fba6ff546260c7141409d03af8af23cbc5d9d2bd0c4332f076b8d30
tracking.trkkadsm.com/	1970-01-20 15:35:08	Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTAyIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
campaign.golead7.eu/	1969-12-31 23:59:59	Name: PHPSESSID Value: cg8vumm5au7jv8f6abojejbkd7
.golead7.eu/	1970-01-20 06:42:20	Name: coyoteTrackingCookie_576 Value: 6520345
.golead7.eu/	1970-01-20 06:42:20	Name: coyoteSimpleTrackingCookie Value: 6520345
befr.mynewtoolpackage.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: on7u4lddfredfbjl6mr37hcicj
befr.mynewtoolpackage.com/	1970-01-20 05:59:23	Name: coyoteAffiliTokenId651 Value: 6520345
befr.mynewtoolpackage.com/	1970-01-20 06:13:32	Name: minutes Value: 1
befr.mynewtoolpackage.com/	1970-01-20 06:13:32	Name: seconds Value: 57

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.cleverpush.com
befr.mynewtoolpackage.com
belgiumpelema.mycleverpush.com
campaign.golead7.eu
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
jphstyle.com
maxcdn.bootstrapcdn.com
mooltay.com
stackpath.bootstrapcdn.com
static.cleverpush.com
tinyurl.com
tracking.trkkadsm.com
www.google.com
www.gstatic.com
159.69.45.25
23.229.68.10
2606:4700:10::6814:8a41
2606:4700:20::681a:f1f
2606:4700:20::ac43:47b8
2606:4700::6811:190e
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
34.250.4.239
62.210.207.241
94.130.207.40
02a696965bb2fec8fecbeece23b6db9bfe277b5e5da5cb02d8bfe5fbbf68d325
074ed2c543c571d6f83a3507206a1db49094d40c64a6eedac0a0ed07b106cb1c
077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300
0989843ef4e84f706a856da27d72dd03035fb23c4cf6a4e0c80e7ee97aca6f9b
0e987dcaa8d3ad44ef7e8f9f876f8d6a3172728a9221ec77bdf3fcc87a3614e1
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20fce72a47c22fc6d83ba3e1c37be6008069c76ceac6f32af81e339a633ff418
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41191d77d044691c96c90990bfe4693775ab4a3aad4ada259c3605d1970052d2
43eff2fa677d7e70224f32aa77822514f3586274cdc80711f53b0568b58398a5
49c206f904248006e1a6204cf40a9d1976911ee88e4eb4406e9d8783eef4d99c
4c1dbb67cd9021604a4b6e9b0685afa71ce51d3c50ca4b059c8af8a53491043f
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5998c4e35c3c10a968ea65a2e658f3efd907290f782178d10195699423e0c903
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ee23a368d4d73e542e0eb7edc3ae2f5fddc59b439cc0fb7a4cf6ff90cbc5fbd
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6932ab246ee19ffd42ac5f0a1ecfa7c35031525ffe461baa731944c667235472
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8993311f2aa39f5927121fd50ba0f9760949762ec54455451be000f0c21f22f0
a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3
aa081c6dfb75d0cc751562e07de7a4d1714c1130ade3a8e0b1017db3fc1a4d94
b20d3ab2d5f4e45ca38fec4f63aa5af36974abef278c23faeeff4761f48d3607
bda1beca2cd7e0c53a8487c43b068c6b85b4c84e57e86a8f52f635138614594b
c72010e02c94dcfe5626eddefc488ecb17590ae2c9e7034f878de6b38ec32f92
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
deeb0ad917cfe66a5959adfa54502453e63e37a406ae72cbb539ec453b07ec4e
e353f80c6c1683488a985f76447f8d11998aeaa4d83f63f272019242c8e23731
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

befr.mynewtoolpackage.com Open in urlscan Pro 94.130.207.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

69 %IPv6

13 Domains

17 Subdomains

14 IPs

4 Countries

1165 kBTransfer

2320 kBSize

10 Cookies

56 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

befr.mynewtoolpackage.com Open in urlscan Pro
94.130.207.40 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

69 %
IPv6

13
Domains

17
Subdomains

14
IPs

4
Countries

1165 kB
Transfer

2320 kB
Size

10
Cookies

37 HTTP transactions
2 data transactions