urlscan.io logo urlscan.io
SecurityTrails logo

youlayla.freedynamicdns.net Open in urlscan Pro
154.41.240.133  Public Scan

Go To Rescan Add Verdict Report
URL: https://youlayla.freedynamicdns.net/
Submission: On April 05 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 19 domains to perform 39 HTTP transactions. The main IP is 154.41.240.133, located in La Courneuve, France and belongs to AS-HOSTINGER, CY. The main domain is youlayla.freedynamicdns.net.
TLS certificate: Issued by R3 on April 5th 2024. Valid for: 3 months.
This is the only time youlayla.freedynamicdns.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 154.41.240.133 47583 (AS-HOSTINGER)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.66.42.243 13335 (CLOUDFLAR...)
1 107.170.230.203 14061 (DIGITALOC...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2a04:4e42:600... 54113 (FASTLY)
3 45.133.44.53 39572 (ADVANCEDH...)
5 45.133.44.52 39572 (ADVANCEDH...)
1 172.67.174.51 13335 (CLOUDFLAR...)
2 2a01:4f8:1060... 24940 (HETZNER-AS)
2 157.90.84.242 24940 (HETZNER-AS)
11 157.90.85.57 24940 (HETZNER-AS)
3 2a02:128:7:48... 50245 (SERVEREL-AS)
39 15
3    154.41.240.133 (La Courneuve, France)

ASN47583 (AS-HOSTINGER, CY)
youlayla.freedynamicdns.net
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    172.66.42.243 (United States)

ASN13335 (CLOUDFLARENET, US)
static1.freebitco.in
1    107.170.230.203 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cointiply.com
1    2606:4700:20::681a:d1a (United States)

ASN13335 (CLOUDFLARENET, US)
www.coinpayu.com
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
1667fff40a.3b1ac6ca25.com
5    45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.capndr.com
9742f9bb9f.91c8522b7b.com
js.canstrm.com
js.cabnnr.com
1    172.67.174.51 (United States)

ASN13335 (CLOUDFLARENET, US)
storage.multstorage.com
2    2a01:4f8:1060:13eb::2 (Germany)

ASN24940 (HETZNER-AS, DE)
ntvpforever.com
2    157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de
fp.metricswpsh.com
11    157.90.85.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.57.85.90.157.clients.your-server.de
bid.onclckbn.com
3    2a02:128:7:4860::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)
btds.zog.link
Apex Domain
Subdomains		 Transfer
11 onclckbn.com
bid.onclckbn.com — Cisco Umbrella Rank: 147525
3 zog.link
btds.zog.link — Cisco Umbrella Rank: 76065
481 B
3 3b1ac6ca25.com
1667fff40a.3b1ac6ca25.com
90 KB
3 freedynamicdns.net
youlayla.freedynamicdns.net
14 KB
2 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 42697
445 B
2 canstrm.com
js.canstrm.com — Cisco Umbrella Rank: 151560
58 KB
2 ntvpforever.com
ntvpforever.com — Cisco Umbrella Rank: 33405
238 B
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2959
40 KB
1 cabnnr.com
js.cabnnr.com — Cisco Umbrella Rank: 65889
18 KB
1 91c8522b7b.com
9742f9bb9f.91c8522b7b.com
207 B
1 multstorage.com
storage.multstorage.com — Cisco Umbrella Rank: 36215
1 capndr.com
js.capndr.com — Cisco Umbrella Rank: 45502
238 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 332
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 759
24 KB
1 coinpayu.com
www.coinpayu.com — Cisco Umbrella Rank: 485645
215 KB
1 cointiply.com
cointiply.com — Cisco Umbrella Rank: 495431
276 KB
1 freebitco.in
static1.freebitco.in — Cisco Umbrella Rank: 249120
43 KB
0 framgia.vn Failed
recruit.framgia.vn Failed
0 adbtc.top Failed
adbtc.top Failed
39 19
Domain Requested by
11 bid.onclckbn.com js.cabnnr.com
3 btds.zog.link js.cabnnr.com
3 1667fff40a.3b1ac6ca25.com youlayla.freedynamicdns.net
1667fff40a.3b1ac6ca25.com
3 youlayla.freedynamicdns.net youlayla.freedynamicdns.net
2 fp.metricswpsh.com 1667fff40a.3b1ac6ca25.com
2 js.canstrm.com 1667fff40a.3b1ac6ca25.com
js.canstrm.com
2 ntvpforever.com 1667fff40a.3b1ac6ca25.com
2 stackpath.bootstrapcdn.com youlayla.freedynamicdns.net
1 js.cabnnr.com 1667fff40a.3b1ac6ca25.com
1 9742f9bb9f.91c8522b7b.com 1667fff40a.3b1ac6ca25.com
1 storage.multstorage.com 1667fff40a.3b1ac6ca25.com
1 js.capndr.com 1667fff40a.3b1ac6ca25.com
1 cdn.jsdelivr.net youlayla.freedynamicdns.net
1 code.jquery.com youlayla.freedynamicdns.net
1 www.coinpayu.com youlayla.freedynamicdns.net
1 cointiply.com youlayla.freedynamicdns.net
1 static1.freebitco.in youlayla.freedynamicdns.net
0 recruit.framgia.vn Failed youlayla.freedynamicdns.net
0 adbtc.top Failed youlayla.freedynamicdns.net
39 19
Subject Issuer Validity Valid
youlayla.freedynamicdns.net
R3		 2024-04-05 -
2024-07-04		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
freebitco.in
Cloudflare Inc ECC CA-3		 2023-06-05 -
2024-06-04		 a year crt.sh
cointiply.com
R3		 2024-01-26 -
2024-04-25		 3 months crt.sh
coinpayu.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
1667fff40a.3b1ac6ca25.com
R3		 2024-04-02 -
2024-07-01		 3 months crt.sh
js.capndr.com
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
multstorage.com
GTS CA 1P5		 2024-03-17 -
2024-06-15		 3 months crt.sh
notification.tubecup.net
R3		 2024-02-09 -
2024-05-09		 3 months crt.sh
9742f9bb9f.91c8522b7b.com
R3		 2024-04-02 -
2024-07-01		 3 months crt.sh
js.canstrm.com
R3		 2024-03-19 -
2024-06-17		 3 months crt.sh
js.cabnnr.com
R3		 2024-02-19 -
2024-05-19		 3 months crt.sh
rtbbnr.com
R3		 2024-03-01 -
2024-05-30		 3 months crt.sh
btds.zog.link
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://youlayla.freedynamicdns.net/
Frame ID: E35005358551051F2E11AD20E6CD592E
Requests: 25 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 970DC1AF8B49FA6BD153590EB8F4F385
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5OCwic3BhY2VpZCI6MTQ5OCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjEyMDU2NDM2NzMiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0MzQ5MTIsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjI3MSwic3RyYXRhZ2VtIjoiIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MCwidjIiOjAsInJjaGFuZ2UiOmZhbHNlfSwiYmFubmVyIjp7InciOjcyOCwiaCI6OTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MTIiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDd9fQ==
Frame ID: D7DA5B656CAA323DB2589D52AA3138EB
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTk0Nywic3BhY2VpZCI6MTk0NywidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjEyNDk2NjAzNTkiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0MzQ5NTAsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjMwMSwic3RyYXRhZ2VtIjoiIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MCwidjIiOjAsInJjaGFuZ2UiOmZhbHNlfSwiYmFubmVyIjp7InciOjMwMCwiaCI6NjAwfSwibWV0cmljcyI6eyJ0b3BpY3MiOltdfX1dLCJzaXRlIjp7ImlkIjoiNDM0OTUwIiwiY2F0IjpbIklBQjEyIl0sInBhZ2UiOiJodHRwczovL3lvdWxheWxhLmZyZWVkeW5hbWljZG5zLm5ldC8iLCJjdGlkIjoxfSwiZGV2aWNlIjp7InciOjgwMCwiaCI6NjAwfSwidXNlciI6eyJpZCI6IjMzYzJkNThmY2VlMTk4NWEyN2VlOWU3NGI5YmNlMGU5IiwiZnAiOm51bGwsImZwX3N0ciI6IiIsInVhX2RhdGEiOnsiYXJjaGl0ZWN0dXJlIjoieDg2IiwiYml0bmVzcyI6IjY0IiwiYnJhbmRzIjpbeyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTIzIn0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjgifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzIn1dLCJmdWxsVmVyc2lvbkxpc3QiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSJ9LHsiYnJhbmQiOiJOb3Q6QS1CcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ1YUZ1bGxWZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUiLCJ3b3c2NCI6ZmFsc2V9fSwiZXh0Ijp7ImR0IjoxNzEyMzMwNDk4ODUzfX0=
Frame ID: 47299868519C8ECDF4ABBA1C7518DB77
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjQ1MDA2MDY4NyIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjQzNDk1MiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MjcwLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoxMDB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5NTIiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NTV9fQ==
Frame ID: 355ECAA20490C04869A5996E6D340370
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MjQ3NCwic3BhY2VpZCI6MjQ3NCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6Ijg5ODU2Nzk2OSIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjQzNDk1NCwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MzAxLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MTYwLCJoIjo2MDB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5NTQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NTd9fQ==
Frame ID: CEDE2F1809C4B852E020ECA48122CD7E
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTAyMCwic3BhY2VpZCI6MTAyMCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6Ijg5MTc0MjcxNSIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjQzNDk1OCwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MzAzLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6OTAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5NTgiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NTl9fQ==
Frame ID: 1AE5D53B15F00C6AF575904BA0865B7A
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5OSwic3BhY2VpZCI6MTQ5OSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE1MTIzNjE2ODgiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0MzUzNzAsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6IiIsImd5ciI6MCwiYWNjZWwiOjAsInNzcCI6Mzc1OCwiYnR5cGUiOjAsInYyIjowLCJyY2hhbmdlIjpmYWxzZX0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH0sIm1ldHJpY3MiOnsidG9waWNzIjpbXX19XSwic2l0ZSI6eyJpZCI6IjQzNTM3MCIsImNhdCI6WyJJQUIxMiJdLCJwYWdlIjoiaHR0cHM6Ly95b3VsYXlsYS5mcmVlZHluYW1pY2Rucy5uZXQvIiwiY3RpZCI6MX0sImRldmljZSI6eyJ3Ijo4MDAsImgiOjYwMH0sInVzZXIiOnsiaWQiOiIzM2MyZDU4ZmNlZTE5ODVhMjdlZTllNzRiOWJjZTBlOSIsImZwIjpudWxsLCJmcF9zdHIiOiIiLCJ1YV9kYXRhIjp7ImFyY2hpdGVjdHVyZSI6Ing4NiIsImJpdG5lc3MiOiI2NCIsImJyYW5kcyI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMyJ9LHsiYnJhbmQiOiJOb3Q6QS1CcmFuZCIsInZlcnNpb24iOiI4In0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyMyJ9XSwiZnVsbFZlcnNpb25MaXN0IjpbeyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOC4wLjAuMCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSJ9XSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IldpbjMyIiwicGxhdGZvcm1WZXJzaW9uIjoiMTAuMC4wIiwidWFGdWxsVmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1Iiwid293NjQiOmZhbHNlfX0sImV4dCI6eyJkdCI6MTcxMjMzMDQ5ODg2Mn19
Frame ID: 3359707E8C2596D46FDCD84205BC30EC
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDV9fQ==
Frame ID: 09E08EA26723B6C7F3C2C5F342F59ECC
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDZ9fQ==
Frame ID: F6852D9C5F671BFED883C2ADF37B4B9E
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDZ9fQ==
Frame ID: 3DA1EA8A74EE398100E90AE7EF8C8E4F
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDd9fQ==
Frame ID: 76A4DE086DAED82927F3E1BE46B911DF
Requests: 1 HTTP requests in this frame

Frame: https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDd9fQ==
Frame ID: C1C3ECE462C542378754850143E965EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Best Sites To Make Money Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

95 %
HTTPS

43 %
IPv6

19
Domains

19
Subdomains

15
IPs

4
Countries

788 kB
Transfer

1359 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
youlayla.freedynamicdns.net/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youlayla.freedynamicdns.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.41.240.133 La Courneuve, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
76ce8d0422f33d40f02846513c08e51fbf2f8fc4121ec726ea9455a5eb5ddf55
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
5052
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 05 Apr 2024 15:21:37 GMT
etag
"3efd-660fdd5f-fdf8e5e26cdb420f;br"
last-modified
Fri, 05 Apr 2024 11:15:43 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: youlayla.freedynamicdns.net
URL: https://youlayla.freedynamicdns.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:21:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625
age
3263852
cdn-cachedat
05/01/2023 15:45:39
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"816af0eddd3b4822c2756227c7e7b7ee"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7807002cf67b9838ef3687283af974d0
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
86fa876c5ea0db15-MIA
cdn-requestpullsuccess
True
728x90-3.png
static1.freebitco.in/banners/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.freebitco.in/banners/728x90-3.png
Requested by
Host: youlayla.freedynamicdns.net
URL: https://youlayla.freedynamicdns.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.42.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ab5eb8e9350691a15053498f7cc3e0da4a76f6b2a0b90d6bf42301035dd8c27

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:21:37 GMT
cf-cache-status
HIT
age
859415
cf-polished
origFmt=png, origSize=60358
content-disposition
inline; filename="728x90-3.webp"
alt-svc
h3=":443"; ma=86400
content-length
43640
cf-bgj
imgq:100,h2pri
last-modified
Sun, 24 Mar 2024 12:24:04 GMT
server
cloudflare
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
86fa876c29db25b5-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner_728x90.png
adbtc.top/promo/ 		0
0
2_728x90.gif
cointiply.com/img/promo/banners/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cointiply.com/img/promo/banners/2_728x90.gif
Requested by
Host: youlayla.freedynamicdns.net
URL: https://youlayla.freedynamicdns.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.170.230.203 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.0 /
Resource Hash
605bb7febb44e7e934642f5e4492459e1c2a255df0023b87af61c750ce79b272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:21:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 09 Aug 2021 17:28:24 GMT
server
nginx/1.15.0
etag
"611165b8-44f96"
content-type
image/gif
accept-ranges
bytes
content-length
282518
x-xss-protection
1; mode=block
728X90.gif
www.coinpayu.com/static/earners_banner/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.coinpayu.com/static/earners_banner/728X90.gif
Requested by
Host: youlayla.freedynamicdns.net
URL: https://youlayla.freedynamicdns.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee21b0013051ac3f505574a1819640e764caeedae2b3fe0596e1ec09398a3a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:21:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63804
cf-polished
status=not_needed
content-length
219872
cf-bgj
imgq:100,h2pri
last-modified
Thu, 18 Jan 2024 12:14:51 GMT
server
cloudflare
etag
"65a9163b-35ae0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gMatf2ALS6GCyAyVog0B1YC0HkoH14cfYjONbt3h7h4%2FSlJwCFupDQIve5ht0i3IKu4bzHGf7EC%2BwfIt7PZ6rKXAEV3IjhC7gHebLNxbS0HK4AdCm98kPQo6GFmVD0qr2Gpz3OJu%2BVgFnMJXjrE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
86fa876c8e6367b1-MIA
expires
Wed, 24 Apr 2024 19:53:09 GMT
Clixsense.png
youlayla.freedynamicdns.net/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://youlayla.freedynamicdns.net/img/Clixsense.png
Requested by
Host: youlayla.freedynamicdns.net
URL: https://youlayla.freedynamicdns.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.41.240.133 La Courneuve, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3f60fff114ba535d415f3253d70a99474c544731032935073f60dd25a4abdb09
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:21:38 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 05 Apr 2024 11:15:43 GMT
server
LiteSpeed
etag
"1bd5-660fdd5f-5281900e01682037;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
7125
expires
Fri, 12 Apr 2024 15:21:38 GMT
jquery-3.5.1.slim.min.js
code.jquery.com/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by
Host: youlayla.freedynamicdns.net
URL: https://youlayla.freedynamicdns.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:21:38 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4248994
x-cache
HIT, HIT
content-length
24606
x-served-by
cache-lga21954-LGA, cache-mia-kmia1760073-MIA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1712330498.004721,VS0,VE0
etag
W/"28feccc0-11abc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
7, 68161
popper.min.js
cdn.jsdelivr.net/npm/@popperjs/core@2.5.3/dist/umd/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@popperjs/core@2.5.3/dist/umd/popper.min.js
Requested by
Host: youlayla.freedynamicdns.net
URL: https://youlayla.freedynamicdns.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1f842dee9541a79e3b6ddba5f44b6f3d4fe6f9743d1104ec607ef315ee56f46c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 05 Apr 2024 15:21:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
898137
x-jsd-version
2.5.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6643
x-served-by
cache-fra-eddf8230036-FRA, cache-mia-kmia1760046-MIA
x-jsd-version-type
version
etag
W/"47a8-uX366IodP+dM4WfD1sPLbOkzDRo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Requested by
Host: youlayla.freedynamicdns.net
URL: https://youlayla.freedynamicdns.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:21:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
876
age
3274422
cdn-cachedat
10/31/2023 18:52:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"02d223393e00c273efdcb1ade8f4f8b1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
40411c649927d50429d8c4a834403364
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
86fa876c5ea1db15-MIA
cdn-requestpullsuccess
True
banner.jpg
recruit.framgia.vn/wp-content/themes/framgia-vn/css/images/bg/ 		0
0
17ead786a9af579c5d0dbdd977cb383b.js
1667fff40a.3b1ac6ca25.com/ 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Requested by
Host: youlayla.freedynamicdns.net
URL: https://youlayla.freedynamicdns.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0a0556ff8d9e101e5ad81b6e6627c2f4f8f3e8a870d29fa3940ed806475dbb52

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
Origin
https://youlayla.freedynamicdns.net
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Apr 2024 15:26:38 GMT
date
Fri, 05 Apr 2024 15:21:38 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 11:37:12 GMT
server
nginx/1.18.0
etag
W/"660e90e8-1a447"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
123079
1667fff40a.3b1ac6ca25.com/edd4e6f1c44bdece755bef22bcbd1fc1/ 		9 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://1667fff40a.3b1ac6ca25.com/edd4e6f1c44bdece755bef22bcbd1fc1/123079?version_name=c
Requested by
Host: 1667fff40a.3b1ac6ca25.com
URL: https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
989803bad7ee23728fd2e3b0fb3061381cd50963bb5d294416a46ac3d88547f4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 05 Apr 2024 15:21:38 GMT
cache-control
max-age=300
x-proxy-cache
HIT
server
nginx/1.18.0
content-type
application/json
expires
Fri, 05 Apr 2024 15:26:38 GMT
advertising.js
js.capndr.com/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.capndr.com/advertising.js
Requested by
Host: 1667fff40a.3b1ac6ca25.com
URL: https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Apr 2024 15:26:38 GMT
date
Fri, 05 Apr 2024 15:21:38 GMT
last-modified
Fri, 14 Jul 2023 08:23:25 GMT
server
nginx/1.18.0
etag
"64b105fd-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
count.html
storage.multstorage.com/log/ Frame 970D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.multstorage.com/log/count.html
Requested by
Host: 1667fff40a.3b1ac6ca25.com
URL: https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.174.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86fa8770dcd8a4f2-MIA
content-encoding
br
content-type
text/html
date
Fri, 05 Apr 2024 15:21:38 GMT
last-modified
Mon, 18 Sep 2023 14:39:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cco4AXNS5asCVPHqJd%2BoLrC%2BopkvL96h1SbGEwZjQOVBraVAhQREmpb1EY0KNp0YLRG3ksJLlTVpRYAT9zr0qRmZpbCGcc%2BMZ27R94SNUF191S68hz9ekT866L9kJ0HoA0oScTOh%2BYtPmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-request-id
ea8f1d9b355f739c7c69e22e2bd602b2
keywords
ntvpforever.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ntvpforever.com/keywords
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://youlayla.freedynamicdns.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
date
Fri, 05 Apr 2024 15:21:39 GMT
pragma
no-cache
server
nginx/1.20.1
vary
Origin
keywords
ntvpforever.com/ 		15 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ntvpforever.com/keywords
Requested by
Host: 1667fff40a.3b1ac6ca25.com
URL: https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 15:21:39 GMT
server
nginx/1.20.1
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
15
track
9742f9bb9f.91c8522b7b.com/in/ 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://9742f9bb9f.91c8522b7b.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNjQxMTIyOTg2NTE5MjU0MjAwMCIsInRpbWV6b25lIjotMTAsInZlciI6IjMuMTE2LjAiLCJ0YWdfaWQiOjEyMzA3OSwic2NyZWVuX3Jlc29sdXRpb24iOiI4MDB4NjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJQYWNpZmljL0hvbm9sdWx1IiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjEsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lIn0=
Requested by
Host: 1667fff40a.3b1ac6ca25.com
URL: https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 15:21:39 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type
content-length
0
b2857044ea00297d4a8ab6c6ba3a63c4.js
1667fff40a.3b1ac6ca25.com/ 		165 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1667fff40a.3b1ac6ca25.com/b2857044ea00297d4a8ab6c6ba3a63c4.js
Requested by
Host: 1667fff40a.3b1ac6ca25.com
URL: https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ce212e0fc3634a234fd8390f92f81d588e6ad273e970a4512599b2eb177569c2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Apr 2024 15:26:38 GMT
date
Fri, 05 Apr 2024 15:21:38 GMT
content-encoding
gzip
last-modified
Wed, 03 Apr 2024 07:58:05 GMT
server
nginx/1.18.0
etag
W/"660d0c0d-2927c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
build.js
js.canstrm.com/in-stream-ad-admanager/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.canstrm.com/in-stream-ad-admanager/build.js
Requested by
Host: 1667fff40a.3b1ac6ca25.com
URL: https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
25ec95fc666f288beb8837d864ad35618228c973f6fbda70458e21fd578e293b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Apr 2024 15:26:38 GMT
date
Fri, 05 Apr 2024 15:21:38 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 09:55:27 GMT
server
nginx/1.18.0
etag
W/"660e790f-4741"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
build.m.js
js.cabnnr.com/banner-admanager/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cabnnr.com/banner-admanager/build.m.js
Requested by
Host: 1667fff40a.3b1ac6ca25.com
URL: https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d63a7116c80404c0cc2fa1615624ce6fa55ba4ac67fb6efef81753adf189bacb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Apr 2024 15:26:38 GMT
date
Fri, 05 Apr 2024 15:21:38 GMT
content-encoding
gzip
last-modified
Mon, 01 Apr 2024 10:17:06 GMT
server
nginx/1.18.0
etag
W/"660a89a2-dc41"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
fp
fp.metricswpsh.com/ 		58 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=123079
Requested by
Host: 1667fff40a.3b1ac6ca25.com
URL: https://1667fff40a.3b1ac6ca25.com/17ead786a9af579c5d0dbdd977cb383b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
643d257f27bb2efcf50d298db6531de04caf380c7952798ddd4e1ddf0bb9a0e3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Fri, 05 Apr 2024 15:21:39 GMT
Server
nginx/1.20.1
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://youlayla.freedynamicdns.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=123079
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.242.84.90.157.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://youlayla.freedynamicdns.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://youlayla.freedynamicdns.net
Connection
keep-alive
Date
Fri, 05 Apr 2024 15:21:39 GMT
Server
nginx/1.20.1
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
clickadilla-vast.min.js
js.canstrm.com/pb/downloads/latest/ 		146 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
Requested by
Host: js.canstrm.com
URL: https://js.canstrm.com/in-stream-ad-admanager/build.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
43bb19f3125702b2c70f4b19f7bf27ee5e4efffd551cae5e42725ee2a0e61a7a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Fri, 05 Apr 2024 15:26:38 GMT
date
Fri, 05 Apr 2024 15:21:38 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 09:55:27 GMT
server
nginx/1.18.0
etag
W/"660e790f-248d7"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300
x-proxy-cache
HIT
/
bid.onclckbn.com/get/ Frame D7DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5OCwic3BhY2VpZCI6MTQ5OCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjEyMDU2NDM2NzMiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0MzQ5MTIsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjI3MSwic3RyYXRhZ2VtIjoiIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MCwidjIiOjAsInJjaGFuZ2UiOmZhbHNlfSwiYmFubmVyIjp7InciOjcyOCwiaCI6OTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MTIiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDd9fQ==
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1351
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame 4729 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTk0Nywic3BhY2VpZCI6MTk0NywidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjEyNDk2NjAzNTkiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0MzQ5NTAsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjMwMSwic3RyYXRhZ2VtIjoiIiwiZ3lyIjowLCJhY2NlbCI6MCwic3NwIjozNzU4LCJidHlwZSI6MCwidjIiOjAsInJjaGFuZ2UiOmZhbHNlfSwiYmFubmVyIjp7InciOjMwMCwiaCI6NjAwfSwibWV0cmljcyI6eyJ0b3BpY3MiOltdfX1dLCJzaXRlIjp7ImlkIjoiNDM0OTUwIiwiY2F0IjpbIklBQjEyIl0sInBhZ2UiOiJodHRwczovL3lvdWxheWxhLmZyZWVkeW5hbWljZG5zLm5ldC8iLCJjdGlkIjoxfSwiZGV2aWNlIjp7InciOjgwMCwiaCI6NjAwfSwidXNlciI6eyJpZCI6IjMzYzJkNThmY2VlMTk4NWEyN2VlOWU3NGI5YmNlMGU5IiwiZnAiOm51bGwsImZwX3N0ciI6IiIsInVhX2RhdGEiOnsiYXJjaGl0ZWN0dXJlIjoieDg2IiwiYml0bmVzcyI6IjY0IiwiYnJhbmRzIjpbeyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTIzIn0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjgifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzIn1dLCJmdWxsVmVyc2lvbkxpc3QiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSJ9LHsiYnJhbmQiOiJOb3Q6QS1CcmFuZCIsInZlcnNpb24iOiI4LjAuMC4wIn0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In1dLCJtb2JpbGUiOmZhbHNlLCJtb2RlbCI6IiIsInBsYXRmb3JtIjoiV2luMzIiLCJwbGF0Zm9ybVZlcnNpb24iOiIxMC4wLjAiLCJ1YUZ1bGxWZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUiLCJ3b3c2NCI6ZmFsc2V9fSwiZXh0Ijp7ImR0IjoxNzEyMzMwNDk4ODUzfX0=
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1352
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame 355E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjQ1MDA2MDY4NyIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjQzNDk1MiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MjcwLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoxMDB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5NTIiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NTV9fQ==
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1365
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame CEDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MjQ3NCwic3BhY2VpZCI6MjQ3NCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6Ijg5ODU2Nzk2OSIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjQzNDk1NCwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MzAxLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MTYwLCJoIjo2MDB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5NTQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NTd9fQ==
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1353
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame 1AE5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTAyMCwic3BhY2VpZCI6MTAyMCwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6Ijg5MTc0MjcxNSIsInJlZnJlc2giOjEsInV0bTEiOiIiLCJ1dG0yIjoiIiwidXRtNCI6IiIsInNwb3RfaWQiOjQzNDk1OCwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MzAzLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6OTAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5NTgiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NTl9fQ==
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1367
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame 3359 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTQ5OSwic3BhY2VpZCI6MTQ5OSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IkJlc3QlMkNTaXRlcyUyQ1RvJTJDTWFrZSUyQ01vbmV5JTJDT25saW5lLCIsImxhYmVscyI6IjQsNSw2LDcsOCw5LDQ2LDQ3LDU0LDU1LDYxLDEwOSIsImFsbG93ZWRfbGFiZWxzIjoiIiwidGl0bGUiOiIiLCJzdWJpZCI6IjE1MTIzNjE2ODgiLCJyZWZyZXNoIjoxLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjo0MzUzNzAsIm11bHRpcGxlIjpmYWxzZSwiaXNfaWZyYW1lIjpmYWxzZSwicmVmZG9tYWluIjoiIiwicGwiOjAsInN0cmF0YWdlbSI6IiIsImd5ciI6MCwiYWNjZWwiOjAsInNzcCI6Mzc1OCwiYnR5cGUiOjAsInYyIjowLCJyY2hhbmdlIjpmYWxzZX0sImJhbm5lciI6eyJ3IjozMDAsImgiOjI1MH0sIm1ldHJpY3MiOnsidG9waWNzIjpbXX19XSwic2l0ZSI6eyJpZCI6IjQzNTM3MCIsImNhdCI6WyJJQUIxMiJdLCJwYWdlIjoiaHR0cHM6Ly95b3VsYXlsYS5mcmVlZHluYW1pY2Rucy5uZXQvIiwiY3RpZCI6MX0sImRldmljZSI6eyJ3Ijo4MDAsImgiOjYwMH0sInVzZXIiOnsiaWQiOiIzM2MyZDU4ZmNlZTE5ODVhMjdlZTllNzRiOWJjZTBlOSIsImZwIjpudWxsLCJmcF9zdHIiOiIiLCJ1YV9kYXRhIjp7ImFyY2hpdGVjdHVyZSI6Ing4NiIsImJpdG5lc3MiOiI2NCIsImJyYW5kcyI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMyJ9LHsiYnJhbmQiOiJOb3Q6QS1CcmFuZCIsInZlcnNpb24iOiI4In0seyJicmFuZCI6IkNocm9taXVtIiwidmVyc2lvbiI6IjEyMyJ9XSwiZnVsbFZlcnNpb25MaXN0IjpbeyJicmFuZCI6Ikdvb2dsZSBDaHJvbWUiLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOC4wLjAuMCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSJ9XSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IldpbjMyIiwicGxhdGZvcm1WZXJzaW9uIjoiMTAuMC4wIiwidWFGdWxsVmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1Iiwid293NjQiOmZhbHNlfX0sImV4dCI6eyJkdCI6MTcxMjMzMDQ5ODg2Mn19
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1354
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame 09E0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDV9fQ==
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1364
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame F685 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDZ9fQ==
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1364
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame 3DA1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDZ9fQ==
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1364
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame 76A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDd9fQ==
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1364
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
/
bid.onclckbn.com/get/ Frame C1C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.onclckbn.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTUwMCwic3BhY2VpZCI6MTUwMCwidHlwZSI6ImZ1bGxfd2lkdGgiLCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiJCZXN0JTJDU2l0ZXMlMkNUbyUyQ01ha2UlMkNNb25leSUyQ09ubGluZSwiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDksNCw1LDYsNyw4LDksNDYsNDcsNTQsNTUsNjEsMTA5IiwiYWxsb3dlZF9sYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMTAyODAzMjQ1IiwicmVmcmVzaCI6MSwidXRtMSI6IiIsInV0bTIiOiIiLCJ1dG00IjoiIiwic3BvdF9pZCI6NDM0OTA0LCJtdWx0aXBsZSI6ZmFsc2UsImlzX2lmcmFtZSI6ZmFsc2UsInJlZmRvbWFpbiI6IiIsInBsIjowLCJzdHJhdGFnZW0iOiIiLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM3NTgsImJ0eXBlIjowLCJ2MiI6MCwicmNoYW5nZSI6ZmFsc2V9LCJiYW5uZXIiOnsidyI6MzAwLCJoIjoyNTB9LCJtZXRyaWNzIjp7InRvcGljcyI6W119fV0sInNpdGUiOnsiaWQiOiI0MzQ5MDQiLCJjYXQiOlsiSUFCMTIiXSwicGFnZSI6Imh0dHBzOi8veW91bGF5bGEuZnJlZWR5bmFtaWNkbnMubmV0LyIsImN0aWQiOjF9LCJkZXZpY2UiOnsidyI6ODAwLCJoIjo2MDB9LCJ1c2VyIjp7ImlkIjoiMzNjMmQ1OGZjZWUxOTg1YTI3ZWU5ZTc0YjliY2UwZTkiLCJmcCI6bnVsbCwiZnBfc3RyIjoiIiwidWFfZGF0YSI6eyJhcmNoaXRlY3R1cmUiOiJ4ODYiLCJiaXRuZXNzIjoiNjQiLCJicmFuZHMiOlt7ImJyYW5kIjoiR29vZ2xlIENocm9tZSIsInZlcnNpb24iOiIxMjMifSx7ImJyYW5kIjoiTm90OkEtQnJhbmQiLCJ2ZXJzaW9uIjoiOCJ9LHsiYnJhbmQiOiJDaHJvbWl1bSIsInZlcnNpb24iOiIxMjMifV0sImZ1bGxWZXJzaW9uTGlzdCI6W3siYnJhbmQiOiJHb29nbGUgQ2hyb21lIiwidmVyc2lvbiI6IjEyMy4wLjYzMTIuMTA1In0seyJicmFuZCI6Ik5vdDpBLUJyYW5kIiwidmVyc2lvbiI6IjguMC4wLjAifSx7ImJyYW5kIjoiQ2hyb21pdW0iLCJ2ZXJzaW9uIjoiMTIzLjAuNjMxMi4xMDUifV0sIm1vYmlsZSI6ZmFsc2UsIm1vZGVsIjoiIiwicGxhdGZvcm0iOiJXaW4zMiIsInBsYXRmb3JtVmVyc2lvbiI6IjEwLjAuMCIsInVhRnVsbFZlcnNpb24iOiIxMjMuMC42MzEyLjEwNSIsIndvdzY0IjpmYWxzZX19LCJleHQiOnsiZHQiOjE3MTIzMzA0OTg4NDd9fQ==
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.85.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.57.85.90.157.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://youlayla.freedynamicdns.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
content-encoding
br
content-length
1366
content-type
text/html
date
Fri, 05 Apr 2024 15:21:40 GMT
pragma
no-cache
server
nginx/1.16.0
vary
Origin
va
btds.zog.link/in/ 		2 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btds.zog.link/in/va
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4860::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 05 Apr 2024 15:21:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
content-type
application/json
va
btds.zog.link/in/ 		2 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btds.zog.link/in/va
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4860::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 05 Apr 2024 15:21:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
content-type
application/json
va
btds.zog.link/in/ 		2 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btds.zog.link/in/va
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4860::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Fri, 05 Apr 2024 15:21:39 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
content-type
application/json
favicon.png
youlayla.freedynamicdns.net/ 		931 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://youlayla.freedynamicdns.net/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.41.240.133 La Courneuve, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7b7462d99ebeaadbac939534bfbf303a7c0592705c9525663a05484746a1d141
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://youlayla.freedynamicdns.net/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 15:21:41 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 05 Apr 2024 11:15:43 GMT
server
LiteSpeed
etag
"3a3-660fdd5f-f65504d199a3cd9d;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
931
expires
Fri, 12 Apr 2024 15:21:41 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adbtc.top
URL
https://adbtc.top/promo/banner_728x90.png
Domain
recruit.framgia.vn
URL
https://recruit.framgia.vn/wp-content/themes/framgia-vn/css/images/bg/banner.jpg

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 function| R function| X function| $ function| jQuery object| Popper object| bootstrap boolean| vtlai_remove_fads function| vtlai_check_adswidth object| __adFormats object| __formatsGetters object| _admSptsInVw object| AdManager object| a3klsam function| __in-stream-ad-init function| __banner-init object| activesInpages function| __fp-init function| CdVastPlayer function| createCdVastPlayer function| initCdOverlay

2 Cookies

Domain/Path Name / Value
fp.metricswpsh.com/ Name: id
Value: 6486926456854682606
btds.zog.link/ Name: 912.0
Value: 1

11 Console Messages

Source Level URL
Text
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://youlayla.freedynamicdns.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1667fff40a.3b1ac6ca25.com
9742f9bb9f.91c8522b7b.com
adbtc.top
bid.onclckbn.com
btds.zog.link
cdn.jsdelivr.net
code.jquery.com
cointiply.com
fp.metricswpsh.com
js.cabnnr.com
js.canstrm.com
js.capndr.com
ntvpforever.com
recruit.framgia.vn
stackpath.bootstrapcdn.com
static1.freebitco.in
storage.multstorage.com
www.coinpayu.com
youlayla.freedynamicdns.net
adbtc.top
recruit.framgia.vn
107.170.230.203
154.41.240.133
157.90.84.242
157.90.85.57
172.66.42.243
172.67.174.51
2606:4700:20::681a:d1a
2606:4700::6812:bcf
2a01:4f8:1060:13eb::2
2a02:128:7:4860::2
2a04:4e42:600::485
2a04:4e42:600::649
45.133.44.52
45.133.44.53
080040b4937f3f423f32cd7f19b2a79ba1e1e213f1d9f4f4db4f609d4ad778d8
0a0556ff8d9e101e5ad81b6e6627c2f4f8f3e8a870d29fa3940ed806475dbb52
1f842dee9541a79e3b6ddba5f44b6f3d4fe6f9743d1104ec607ef315ee56f46c
25ec95fc666f288beb8837d864ad35618228c973f6fbda70458e21fd578e293b
3f60fff114ba535d415f3253d70a99474c544731032935073f60dd25a4abdb09
43bb19f3125702b2c70f4b19f7bf27ee5e4efffd551cae5e42725ee2a0e61a7a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5ab5eb8e9350691a15053498f7cc3e0da4a76f6b2a0b90d6bf42301035dd8c27
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
605bb7febb44e7e934642f5e4492459e1c2a255df0023b87af61c750ce79b272
643d257f27bb2efcf50d298db6531de04caf380c7952798ddd4e1ddf0bb9a0e3
76ce8d0422f33d40f02846513c08e51fbf2f8fc4121ec726ea9455a5eb5ddf55
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7b7462d99ebeaadbac939534bfbf303a7c0592705c9525663a05484746a1d141
989803bad7ee23728fd2e3b0fb3061381cd50963bb5d294416a46ac3d88547f4
9ee21b0013051ac3f505574a1819640e764caeedae2b3fe0596e1ec09398a3a2
ce212e0fc3634a234fd8390f92f81d588e6ad273e970a4512599b2eb177569c2
d63a7116c80404c0cc2fa1615624ce6fa55ba4ac67fb6efef81753adf189bacb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db