weraoz.iover4u.net Open in urlscan Pro
54.228.153.41  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://v.ht/dVMN3 Page URL
2. https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	dVMN3 Show response v.ht/	3 KB 2 KB	415ms 107ms	Document text/html	69.61.26.122 GLOBALCOMPASS
General Check archive.org Show headers Download Go to Full URL https://v.ht/dVMN3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 69.61.26.122 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US), Reverse DNS Software Hotcores.com / Resource Hash 2f51f3064fb9cdfe65b598844d6b2f345a6f79375bfaaa28f8d2d5a34c6a72f8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; Request headers Host v.ht Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server Hotcores.com Date Wed, 20 Oct 2021 16:08:37 GMT Content-Type text/html; Charset=UTF-8;charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Cache-Control no-cache, must-revalidate, max-age=0 Pragma no-cache X-Robots-Tag noindex, nofollow I-AM Beta Strict-Transport-Security max-age=31536000; includeSubdomains; Content-Encoding gzip
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	80 KB 27 KB	50ms 15ms	Script text/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: v.ht URL: https://v.ht/dVMN3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software sffe / Resource Hash 2fd8271f3d5c91bf7297bedbb190a2ade01b3e8048d3e68bb3af0f30e80f605e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:37 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1019 / 316 of 1000 / last-modified: 1634728014" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 27198 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 20 Oct 2021 16:08:37 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	91 KB 36 KB	39ms 18ms	Script application/javascript	142.250.185.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-31510493-3 Requested by Host: v.ht URL: https://v.ht/dVMN3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f8.1e100.net Software Google Tag Manager / Resource Hash fe417c167e495e60e73492bccf85e13956a5d4d0bc8ef9449e926f420122a83e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:37 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36772 x-xss-protection 0 last-modified Wed, 20 Oct 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 20 Oct 2021 16:08:37 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	152ms 13ms	Script text/javascript	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software Golfe2 / Resource Hash fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 19 Oct 2021 16:47:48 GMT server Golfe2 age 4900 date Wed, 20 Oct 2021 14:46:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19887 expires Wed, 20 Oct 2021 16:46:57 GMT
GET H2	200	pubads_impl_2021101301.js Show response securepubads.g.doubleclick.net/gpt/	361 KB 122 KB	143ms 15ms	Script text/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software sffe / Resource Hash 266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 124656 x-xss-protection 0 last-modified Mon, 18 Oct 2021 20:34:40 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 20 Oct 2021 16:08:37 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	23 B 646 B	143ms 16ms	XHR application/json	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v.ht Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash dfe15bfae0625b08260e81acf8b8a6d710a2ebc6baf7f7c54880d3861e941397 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 20 Oct 2021 16:08:37 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 39 x-xss-protection 0 expires Wed, 20 Oct 2021 16:08:37 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 198 B	21ms 20ms	XHR text/plain	142.250.185.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j94&a=879568752&t=pageview&_s=1&dl=https%3A%2F%2Fv.ht%2FdVMN3&ul=en-us&de=UTF-8&dt=dVMN3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=42471484&gjid=1006026010&cid=715052122.1634746118&tid=UA-31510493-3&_gid=652903345.1634746118&_r=1&gtm=2ouai0&z=440883339 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f14.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://v.ht/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 20 Oct 2021 16:08:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://v.ht cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	72ms 26ms	Script application/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=v.ht Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 20 Oct 2021 16:08:37 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	433 B 256 B	66ms 52ms	XHR text/plain	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1252250875761277&correlator=395373767715615&output=ldjh&impl=fif&eid=31063083%2C31063198%2C31063231&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211020&iu_parts=5837603%2CVht_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1634746117&dt=1634746117865&dlt=1634746117578&idt=268&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=495576698&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fv.ht%2FdVMN3&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x63&msz=0x0&ga_vid=715052122.1634746118&ga_sid=1634746118&ga_hid=879568752&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash 86606f534ea5f9b6fb009769bf38d0c1d4d28f573e8b1e902e8cc57c9037ddaf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:37 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 226 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://v.ht cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response e63c5a60e0d2ebb6778e6dd2bd7f0a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4EB6	6 KB 4 KB	50ms 14ms	Document text/html	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e63c5a60e0d2ebb6778e6dd2bd7f0a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority e63c5a60e0d2ebb6778e6dd2bd7f0a76.safeframe.googlesyndication.com :scheme https :path /safeframe/1-0-38/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://v.ht/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Wed, 20 Oct 2021 16:08:37 GMT expires Thu, 20 Oct 2022 16:08:37 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 0	64ms 41ms	Fetch image/gif	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=v.ht&host=v.ht&success=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Wed, 20 Oct 2021 16:08:37 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Primary Request da57dc555e50572d Show response weraoz.iover4u.net/c/	16 KB 5 KB	113ms 41ms	Document text/html	54.228.153.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Requested by Host: v.ht URL: https://v.ht/dVMN3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.228.153.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-153-41.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash c6537b0bb433a2a82c91393d5bec844b856940e103ff43d2bf32856f2dbd2c49 Request headers :method GET :authority weraoz.iover4u.net :scheme https :path /c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://v.ht/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ Response headers server nginx date Wed, 20 Oct 2021 16:08:38 GMT content-type text/html; charset=utf-8 set-cookie unique_49415=unique_49415; Path=/; Expires=Sun, 19 Dec 2021 16:08:38 GMT; Secure; SameSite=None unique_id=61703df50002f90a; Path=/; Expires=Sun, 19 Dec 2021 16:08:38 GMT; Secure; SameSite=None unique_id2=61703df50005a97d; Path=/; Expires=Tue, 18 Jan 2022 16:08:38 GMT; Secure; SameSite=None ref_token=143341; Path=/; Expires=Fri, 19 Nov 2021 16:08:38 GMT; Secure; SameSite=None impression=; Path=/; Expires=Wed, 20 Oct 2021 16:08:38 GMT; Secure; SameSite=None 61703df50005a97d_sl=[188579]; Path=/; Expires=Wed, 03 Nov 2021 16:08:38 GMT; Secure; SameSite=None content-encoding gzip
GET H2	200	sodar pagead2.googlesyndication.com/getconfig/	11 KB 9 KB	40ms 19ms	XHR application/json	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101301&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers timing-allow-origin * date Wed, 20 Oct 2021 16:08:37 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 8532 x-xss-protection 0
GET H2	200	sodar2.js tpc.googlesyndication.com/sodar/	17 KB 7 KB	42ms 22ms	Script text/javascript	142.250.185.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063231 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://v.ht/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Wed, 20 Oct 2021 16:08:38 GMT
GET		runner.html tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7CC8	0 0
GET		aframe www.google.com/recaptcha/api2/ Frame BDB3	0 0
GET H/1.1	200 OK	css.css cdn-bimi.akamaized.net/landings/188579/1612535270/css/	8 KB 2 KB	34ms 7ms	Stylesheet text/css	2.16.186.80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/188579/1612535270/css/css.css?1612535271 Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-80.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 51c2dc2424a8cf47e74b9df891119c4d1e01463b4c2434638e5f314d1a64920d Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 20 Oct 2021 16:08:38 GMT Content-Encoding gzip Last-Modified Fri, 05 Feb 2021 14:27:53 GMT Server AmazonS3 x-amz-request-id B8WS7JQPV1K6DK5E ETag "30fb72b30f538efbe19160439ff4fd34" Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 1982 x-amz-id-2 5jpISF5hydYYf/wzoAW8Cy4teOUmF1xfb/pC8VTxcXWUPUPtse+oH+qTlfBEEg/Ue6dpJTk3JsE=
GET H/1.1	200 OK	jquery-2.2.4.min.js Show response cdn-bimi.akamaized.net/landings/188579/1612535270/js/	84 KB 30 KB	39ms 13ms	Script text/javascript	2.16.186.80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/188579/1612535270/js/jquery-2.2.4.min.js?1612535271 Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-80.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 20 Oct 2021 16:08:38 GMT Content-Encoding gzip Last-Modified Fri, 05 Feb 2021 14:27:53 GMT Server AmazonS3 x-amz-request-id JPBPYBA3JAMQRWMC ETag "2f6b11a7e914718e0290410e85366fe9" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 29855 x-amz-id-2 xtBHN07Apt9GNO7K0oRBpU6xcvhshBjwWoqU6SJ7X8l4pjHMERYs4xUrxJmm1AFUzOGWtm4A76s=
GET H/1.1	200 OK	translate.js Show response cdn-bimi.akamaized.net/landings/188579/1612535270/js/	47 KB 17 KB	47ms 20ms	Script text/javascript	2.16.186.80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-bimi.akamaized.net/landings/188579/1612535270/js/translate.js?1612535271 Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-80.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash ba785899f21fa690ef480e108921ebe06efc3ae7d1cbff8b3f4849dd9fb094b0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 20 Oct 2021 16:08:38 GMT Content-Encoding gzip Last-Modified Fri, 05 Feb 2021 14:27:53 GMT Server AmazonS3 x-amz-request-id ND6RNX41VS9M9A8Y ETag "637b970eb3da7972f6d558bbda47e43b" Vary Accept-Encoding Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 16633 x-amz-id-2 wcOxzf+/TnG8UzwIH1pccNCyufV1rnEk27UoqLhohdFI5u7zqduNHC0pbItp/YgGmZYGKA+7YnE=
GET H3-Q050	200	m1.jpg cdn-bimi.akamaized.net/landings/188579/1612535270/images/	49 KB 49 KB	28ms 12ms	Image image/jpeg	2.16.186.80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/188579/1612535270/images/m1.jpg Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-80.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash ff421106287d50adb0a3eae0ebde99ed23df1729e6bf63c33abf232e1f605a5a Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT last-modified Fri, 05 Feb 2021 14:27:52 GMT server AmazonS3 x-amz-request-id AXQAX02P4W52WEDV etag "52d0fc78a5699b1020e33ebb8d2a2681" content-type image/jpeg accept-ranges bytes alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 49743 x-amz-id-2 Vf+SL4il4dJbqtMOvaNOOR+PbAoEO4JYRQKmhesfXgBxj61oejQg//7ewaIlaFztASnNrp4gUt0= quic-version Q050
GET H3-Q050	200	m2.jpg cdn-bimi.akamaized.net/landings/188579/1612535270/images/	59 KB 59 KB	7ms 7ms	Image image/jpeg	2.16.186.80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/188579/1612535270/images/m2.jpg Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-80.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 69ba0e465d08427f6d4d27ba4614d2ca6c43e9b04475426700195f1a27487577 Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT last-modified Fri, 05 Feb 2021 14:27:52 GMT server AmazonS3 x-amz-request-id W9KNPXM58N4DZNZX etag "a82a26f595d158682268d0969c796a89" content-type image/jpeg accept-ranges bytes alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 60737 x-amz-id-2 jnUTUYoOMRigm1GvqDp5+6TRnNCA2y2h8MFkFGAT1BD/1RAU8XIsNPe+cWbnS2TABWwoyoLofjk= quic-version Q050
GET H3-Q050	200	m3.jpg cdn-bimi.akamaized.net/landings/188579/1612535270/images/	65 KB 65 KB	7ms 7ms	Image image/jpeg	2.16.186.80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/188579/1612535270/images/m3.jpg Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-80.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash f8b80e146c78ef0c4d7f5b4cc52d50fd91d0d938c2c23ebfe27f67ba2e9d50f4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT last-modified Fri, 05 Feb 2021 14:27:53 GMT server AmazonS3 x-amz-request-id W9KRADP0YSCYYJ1P etag "284ef1acd6e4b97a1300b484e8bbb351" content-type image/jpeg accept-ranges bytes alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 66564 x-amz-id-2 3pc/Dkh4Kcc36MehWYT40EXSavFjji7QBUDWGOgl1UXcqV3nPhFVCKkK1S8Y5YEUyK6GvhexvEI= quic-version Q050
GET H3-Q050	200	m4.jpg cdn-bimi.akamaized.net/landings/188579/1612535270/images/	65 KB 65 KB	11ms 9ms	Image image/jpeg	2.16.186.80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/188579/1612535270/images/m4.jpg Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-80.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 6177ac5d7ba7ea01833304d4bb1ca45d177a7365308af3b85d158a047d0ec7e3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT last-modified Fri, 05 Feb 2021 14:27:53 GMT server AmazonS3 x-amz-request-id MFF0HXK06E2BEXAN etag "c79d5e186c2e37a07a2110f28207af39" content-type image/jpeg accept-ranges bytes alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 66740 x-amz-id-2 Y8McJtreiWUdKaQfj66Mpr/UduBb8bopN4BqfgRDExEh5BMJdfGwgqYrEQsCbu77+5IpDAoEwz8= quic-version Q050
GET H3-Q050	200	m5.jpg cdn-bimi.akamaized.net/landings/188579/1612535270/images/	86 KB 86 KB	11ms 9ms	Image image/jpeg	2.16.186.80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/188579/1612535270/images/m5.jpg Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-80.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 0be6e29ee0258c4be07c7f6682ab2497f1f7261c62539b34b419fd0beb951cdc Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT last-modified Fri, 05 Feb 2021 14:27:53 GMT server AmazonS3 x-amz-request-id MFF4VZ6VTPN8ZDYZ etag "4bd0e0cf6f5f88bbe2cc0208374de87f" content-type image/jpeg accept-ranges bytes alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 88182 x-amz-id-2 y2tLNhLdyW+VwjPJZf12etghqsIDVLxVIPb6ELUjmCNyrvdeRZEEjliGYbXlSZkxjPTirPN/zP0= quic-version Q050
GET H3-Q050	200	m6.jpg cdn-bimi.akamaized.net/landings/188579/1612535270/images/	68 KB 68 KB	11ms 9ms	Image image/jpeg	2.16.186.80 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-bimi.akamaized.net/landings/188579/1612535270/images/m6.jpg Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-80.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash fd8cfef314a6286c65f6859d8a30f9ace29998a29c5002df3de66e9b3becb45e Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT last-modified Fri, 05 Feb 2021 14:27:53 GMT server AmazonS3 x-amz-request-id MFF7W9ZK2WVZ9NXT etag "faff29be89942a70690077f34b492a76" content-type image/jpeg accept-ranges bytes alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 69133 x-amz-id-2 h5xu3V1X6ybCCiyd/IfL3VFV+YVcUXgiu2O5BPFk1v5aZh1k58SHplMF3BeEMiCIi1GpltO8ppY= quic-version Q050
GET H2	200	css fonts.googleapis.com/	13 KB 2 KB	37ms 16ms	Stylesheet text/css	172.217.23.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat|Open+Sans:300,400,700,800&display=swap&subset=cyrillic,greek,vietnamese Requested by Host: cdn-bimi.akamaized.net URL: https://cdn-bimi.akamaized.net/landings/188579/1612535270/css/css.css?1612535271 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f10.1e100.net Software ESF / Resource Hash a5978c9c81cd80dc3951c212547fd70e8852f94707a074fce122a67965e806dc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://cdn-bimi.akamaized.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 20 Oct 2021 16:08:38 GMT server ESF date Wed, 20 Oct 2021 16:08:38 GMT x-frame-options SAMEORIGIN report-to {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU" expires Wed, 20 Oct 2021 16:08:38 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/	79 KB 32 KB	55ms 30ms	Script application/javascript	142.250.185.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f8.1e100.net Software Google Tag Manager / Resource Hash 01a914e1cb4017c201ef5915551797ae95a569d7245cfbd6c84a04b16645ef65 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32257 x-xss-protection 0 last-modified Wed, 20 Oct 2021 15:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 20 Oct 2021 16:08:38 GMT
GET H2	200	subscriber.js Show response weraoz.iover4u.net/js/pushjs/1.0.0/	9 KB 3 KB	36ms 36ms	Script application/javascript	54.228.153.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://weraoz.iover4u.net/js/pushjs/1.0.0/subscriber.js Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.228.153.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-153-41.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 2687886ca805aee509c40e57448d1a2245f36a590213b3d0d3ebc27df6e5c964 Request headers :path /js/pushjs/1.0.0/subscriber.js pragma no-cache cookie unique_49415=unique_49415; unique_id=61703df50002f90a; unique_id2=61703df50005a97d; ref_token=143341; 61703df50005a97d_sl=[188579] accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority weraoz.iover4u.net referer https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT content-encoding gzip expires Wed, 27 Oct 2021 16:08:38 GMT server nginx cache-control max-age=604800 content-type application/javascript
GET H2	200	firebase-app.js Show response www.gstatic.com/firebasejs/5.0.2/	25 KB 9 KB	29ms 8ms	Script text/javascript	142.250.185.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/5.0.2/firebase-app.js Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/js/pushjs/1.0.0/subscriber.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f3.1e100.net Software sffe / Resource Hash 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 14 Oct 2021 07:24:45 GMT content-encoding gzip x-content-type-options nosniff age 549833 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8604 x-xss-protection 0 last-modified Thu, 10 May 2018 20:35:51 GMT server sffe vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="firebase-js" expires Fri, 14 Oct 2022 07:24:45 GMT
GET H2	200	firebase-messaging.js Show response www.gstatic.com/firebasejs/5.0.2/	35 KB 10 KB	28ms 7ms	Script text/javascript	142.250.185.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/js/pushjs/1.0.0/subscriber.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f3.1e100.net Software sffe / Resource Hash 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 06:00:35 GMT content-encoding gzip x-content-type-options nosniff age 209283 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10017 x-xss-protection 0 last-modified Thu, 10 May 2018 20:35:52 GMT server sffe vary Accept-Encoding report-to {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="firebase-js" expires Tue, 18 Oct 2022 06:00:35 GMT
GET H2	200	utils.js Show response weraoz.iover4u.net/js/pushjs/1.0.0/	7 KB 3 KB	32ms 32ms	Script application/javascript	54.228.153.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://weraoz.iover4u.net/js/pushjs/1.0.0/utils.js Requested by Host: weraoz.iover4u.net URL: https://weraoz.iover4u.net/js/pushjs/1.0.0/subscriber.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.228.153.41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-153-41.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Request headers :path /js/pushjs/1.0.0/utils.js pragma no-cache cookie unique_49415=unique_49415; unique_id=61703df50002f90a; unique_id2=61703df50005a97d; ref_token=143341; 61703df50005a97d_sl=[188579] accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority weraoz.iover4u.net referer https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 20 Oct 2021 16:08:38 GMT content-encoding gzip expires Wed, 27 Oct 2021 16:08:38 GMT server nginx cache-control max-age=604800 content-type application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Domain

www.google.com

URL

https://www.google.com/recaptcha/api2/aframe

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| imibb number| chromeVersion object| _push function| sclk function| imosbn function| rtbCall object| _rup function| $ function| jQuery object| langs object| dataLayer boolean| exit object| _pcq boolean| showDebug string| partyId string| uiServerUrl string| apiServerUrl string| swScope string| customWorkerJS object| pushConfig object| messaging object| indexedDBConfig object| indexedDBFCMConfig object| pushLoopDomains object| messageBody function| logger function| loadScriptAsync object| scriptLoaded function| defaultIfEmpty function| notBlank object| google_tag_manager number| th_bridge_jump_step object| firebase object| core object| __core-js_shared__ function| resolveCid function| parseURL function| getSubdomain function| setCookie function| getCookie function| replaceUrl function| generateUUID function| getUrlParams function| getBrowserInfo function| getLanguage function| getResolution function| getDeviceType function| getSystemInfo function| sendConversion function| isWrongBrowser function| closePopup

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.v.ht/	1970-01-20 15:36:58	Name: _ga Value: GA1.2.715052122.1634746118
			.v.ht/	1970-01-19 22:07:12	Name: _gid Value: GA1.2.652903345.1634746118
			.v.ht/	1970-01-19 22:05:46	Name: _gat_gtag_UA_31510493_3 Value: 1
			.doubleclick.net/	1970-01-19 22:05:47	Name: test_cookie Value: CheckForPermission
			.v.ht/	1970-01-20 07:27:22	Name: __gads Value: ID=f8eb79a2dce6c0d7-221da4a4fbca00d4:T=1634746117:S=ALNI_MaY0qDMSXPfw3bny3n4A7MycBMlLg
			weraoz.iover4u.net/	1970-01-19 23:32:10	Name: unique_49415 Value: unique_49415
			weraoz.iover4u.net/	1970-01-19 23:32:10	Name: unique_id Value: 61703df50002f90a
			weraoz.iover4u.net/	1970-01-20 00:15:22	Name: unique_id2 Value: 61703df50005a97d
			weraoz.iover4u.net/	1970-01-19 22:48:58	Name: ref_token Value: 143341
			weraoz.iover4u.net/	1970-01-19 22:25:55	Name: 61703df50005a97d_sl Value: [188579]

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://weraoz.iover4u.net/c/da57dc555e50572d?s1=143341&s2=1331779&j1=1&j3=1(Line 212) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cdn-bimi.akamaized.net
e63c5a60e0d2ebb6778e6dd2bd7f0a76.safeframe.googlesyndication.com
fonts.googleapis.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
v.ht
weraoz.iover4u.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
tpc.googlesyndication.com
www.google.com
142.250.184.193
142.250.184.194
142.250.184.226
142.250.185.193
142.250.185.227
142.250.185.232
142.250.185.238
142.250.185.98
172.217.16.130
172.217.23.106
2.16.186.80
54.228.153.41
69.61.26.122
01a914e1cb4017c201ef5915551797ae95a569d7245cfbd6c84a04b16645ef65
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0be6e29ee0258c4be07c7f6682ab2497f1f7261c62539b34b419fd0beb951cdc
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
266978a0c185ca652129a3cb432e9c95aa61662873aaf8466ee7fc1636bb2c9f
2687886ca805aee509c40e57448d1a2245f36a590213b3d0d3ebc27df6e5c964
2f51f3064fb9cdfe65b598844d6b2f345a6f79375bfaaa28f8d2d5a34c6a72f8
2fd8271f3d5c91bf7297bedbb190a2ade01b3e8048d3e68bb3af0f30e80f605e
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
51c2dc2424a8cf47e74b9df891119c4d1e01463b4c2434638e5f314d1a64920d
6177ac5d7ba7ea01833304d4bb1ca45d177a7365308af3b85d158a047d0ec7e3
69ba0e465d08427f6d4d27ba4614d2ca6c43e9b04475426700195f1a27487577
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
86606f534ea5f9b6fb009769bf38d0c1d4d28f573e8b1e902e8cc57c9037ddaf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5978c9c81cd80dc3951c212547fd70e8852f94707a074fce122a67965e806dc
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ba785899f21fa690ef480e108921ebe06efc3ae7d1cbff8b3f4849dd9fb094b0
c6537b0bb433a2a82c91393d5bec844b856940e103ff43d2bf32856f2dbd2c49
dfe15bfae0625b08260e81acf8b8a6d710a2ebc6baf7f7c54880d3861e941397
f8b80e146c78ef0c4d7f5b4cc52d50fd91d0d938c2c23ebfe27f67ba2e9d50f4
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fd8cfef314a6286c65f6859d8a30f9ace29998a29c5002df3de66e9b3becb45e
fe417c167e495e60e73492bccf85e13956a5d4d0bc8ef9449e926f420122a83e
ff421106287d50adb0a3eae0ebde99ed23df1729e6bf63c33abf232e1f605a5a