clckund.widel.men Open in urlscan Pro
2606:4700:3031::ac43:b732 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://clckund.widel.men/
Submission: On October 13 via manual (October 13th 2021, 11:27:09 am UTC) from FI — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 14 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3031::ac43:b732, located in United States and belongs to CLOUDFLARENET, US. The main domain is clckund.widel.men.

This is the only time clckund.widel.men was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3031::ac43:b732	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	63.32.159.255 63.32.159.255	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.35.253.43 13.35.253.43	16509 (AMAZON-02) (AMAZON-02)
1 2	209.197.3.16 209.197.3.16	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2a1::3757	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.48.145.41 52.48.145.41	16509 (AMAZON-02) (AMAZON-02)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
2 2	3.123.163.175 3.123.163.175	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:659... 2600:1f18:6593:f601:8729:44f1:1075:68b9	14618 (AMAZON-AES) (AMAZON-AES)
44	11

25 2606:4700:3031::ac43:b732 (United States)

ASN13335 (CLOUDFLARENET, US)

clckund.widel.men	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 63.32.159.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-43.fra6.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.16 (United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: vip0x010.map2.ssl.hwcdn.net

cdn4.userzoom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2a1::3757 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

e3.365dm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.145.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

bskyb.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.sky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.163.175 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-163-175.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.91 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:6593:f601:8729:44f1:1075:68b9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	widel.men clckund.widel.men	400 KB
8	demdex.net 1 redirects dpm.demdex.net bskyb.demdex.net	10 KB
2	adsrvr.org 2 redirects match.adsrvr.org	935 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net	1 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	userzoom.com 1 redirects cdn4.userzoom.com	2 KB
2	privacy-mgmt.com cdn.privacy-mgmt.com	5 KB
2	adobedtm.com assets.adobedtm.com	14 KB
2	unpkg.com unpkg.com	32 KB
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	quantserve.com 1 redirects pixel.quantserve.com	495 B
1	sky.com smetrics.sky.com	506 B
1	365dm.com e3.365dm.com	294 KB
44	14

	Domain	Requested by
25	clckund.widel.men	clckund.widel.men
7	dpm.demdex.net	1 redirects clckund.widel.men
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	2 redirects
2	pm.w55c.net	2 redirects
2	cdn4.userzoom.com	1 redirects clckund.widel.men
2	cdn.privacy-mgmt.com	clckund.widel.men
2	assets.adobedtm.com	clckund.widel.men
2	unpkg.com	clckund.widel.men
1	dmp.v.fwmrm.net	clckund.widel.men
1	pixel.quantserve.com	1 redirects
1	smetrics.sky.com	clckund.widel.men
1	bskyb.demdex.net	clckund.widel.men
1	e3.365dm.com	clckund.widel.men
44	15

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.privacy-mgmt.com R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
manager.userzoom.com DigiCert SHA2 Extended Validation Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
e0.365dm.com DigiCert SHA2 Secure Server CA	`2021-07-13` - `2022-05-23`	10 months	crt.sh
smetrics.sky.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-23` - `2022-09-23`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://clckund.widel.men/
Frame ID: F8B471720C3C0BF95F9DAB02B345460E
Requests: 10 HTTP requests in this frame

Frame: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Frame ID: B0A6DA661BC9E48FD5D810CA461FDEE9
Requests: 29 HTTP requests in this frame

Frame: https://bskyb.demdex.net/dest5.html?d_nsid=0
Frame ID: 824695C6C887207FC69C384CF150C229
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cryptocurrency group asks hackers to return stolen $600m | Science & Tech News | Sky News

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

39 %
HTTPS

40 %
IPv6

14
Domains

15
Subdomains

11
IPs

5
Countries

756 kB
Transfer

1816 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0ABA4673527831C00A490D45%40AdobeOrg&d_nsid=0&ts=1634124425635 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0ABA4673527831C00A490D45%40AdobeOrg&d_nsid=0&ts=1634124425635

Request Chain 32

http://cdn4.userzoom.com/files/js/QzExNjdUMiAg.js?t=uz_til&cuid=B586ADA60ECEE411B0190022196C2B88 HTTP 301
https://cdn4.userzoom.com/files/js/QzExNjdUMiAg.js?t=uz_til&cuid=B586ADA60ECEE411B0190022196C2B88

Request Chain 40

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=0GHLt2B31MACpA5

Request Chain 41

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4248914136537129993

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzM2OTIxOTQ3NDkyOTMwMzk4NzIwNjk0NDU0NjY0NzY1ODYzMjg= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzM2OTIxOTQ3NDkyOTMwMzk4NzIwNjk0NDU0NjY0NzY1ODYzMjg=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFaYT4ieIdQO_xe9zKbmbe8&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 43

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3698b851-f138-4771-b491-ff9da8c1685f

Request Chain 44

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aGPDYD1gzTdzZMxhOGDYY2kxwjVzZZRjaGszlrHI

44 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
clckund.widel.men/ 11 KB
5 KB 353ms
347ms Document
text/html 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7f574ac8603d02b38404f0ec53b505e571d8e7b1af86821a8c632407617eed

Request headers

Host: clckund.widel.men
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 13 Oct 2021 11:27:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IlhyTjVXSVZvODdVZTNOQitYY0VjSFE9PSIsInZhbHVlIjoiWFZ2YWVvSEMrTitwWTdvcnRPcE1NK0FKVmtMbGp1TERMVUpiV1oxbFFIWW5OSVlWeDJjUXNIbmRSVDJqSko5QjFOUkF2YUxvdXlUN2o2SldhUEZjSDZkSjk3K3R3WVo4QmlzWDFvcG9reTAxRDJqYXM5QXpjSkZTUHBHYXdNbUYiLCJtYWMiOiIwN2Y3MWZiNWE3MDdjYTQ5ZTVmOWE5NDRiYTRkYzBmZjZiMDRkM2JlN2RmZDFiOTE0MmQzM2U2NWJiOTFlZmQ3In0%3D; expires=Wed, 13-Oct-2021 13:27:01 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IkdjOXpvZE5lWGpCTVdzUERtRjNtd1E9PSIsInZhbHVlIjoiU1gyZU1sNUZiK2RwQkNJYk1VcmkzNnJYbHg3b1l4aHFFSFUxVnE4N3hQUjVSSGUyS2VNemMrcFVUbjgxa2tISm1Da2VydjhDQUFaL2hNUkxHVGtMSk1NU0VaNW1VZnNMUDd4c29jaVVRVFJjYzZxNjdBbEdqbWs1TmRUQ1JGa1kiLCJtYWMiOiIzZTg3MDFmMmM1NmZlYTA0ZjkzYzRkNTU3MzBiZDc1NDMzZGQ0NzkyYmE0Njc2OTJiMWQ0ODQzNjdmOTAxMmQ0In0%3D; expires=Wed, 13-Oct-2021 13:27:01 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FvgUWs847tui5aAjMdH7ZhhWMSMPVbUimSYwftnJg%2F2AfNUvpmiIEYbsTDcNPk1C7f7JqLVg5GtSRi4JzdPSmUZFoxVgXm40Y1vZrchfBruRpA29UU7rLXd3WQ3eG%2Bbpp8SxiEu5yUtCHcklY5zWw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 69d8375e1fad0e06-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK main.css
clckund.widel.men/_assets_/av/4/ 749 B
1 KB 81ms
81ms Stylesheet
text/css 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/av/4/main.css?b8dcc3f9249612f9ffa6a418acabe862
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30aeb561626cbdcb72014ff93b6e6a4b0aab35b5a4301c91944580b244ea6058

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://clckund.widel.men/
Cookie: XSRF-TOKEN=eyJpdiI6IlhyTjVXSVZvODdVZTNOQitYY0VjSFE9PSIsInZhbHVlIjoiWFZ2YWVvSEMrTitwWTdvcnRPcE1NK0FKVmtMbGp1TERMVUpiV1oxbFFIWW5OSVlWeDJjUXNIbmRSVDJqSko5QjFOUkF2YUxvdXlUN2o2SldhUEZjSDZkSjk3K3R3WVo4QmlzWDFvcG9reTAxRDJqYXM5QXpjSkZTUHBHYXdNbUYiLCJtYWMiOiIwN2Y3MWZiNWE3MDdjYTQ5ZTVmOWE5NDRiYTRkYzBmZjZiMDRkM2JlN2RmZDFiOTE0MmQzM2U2NWJiOTFlZmQ3In0%3D; laravel_session=eyJpdiI6IkdjOXpvZE5lWGpCTVdzUERtRjNtd1E9PSIsInZhbHVlIjoiU1gyZU1sNUZiK2RwQkNJYk1VcmkzNnJYbHg3b1l4aHFFSFUxVnE4N3hQUjVSSGUyS2VNemMrcFVUbjgxa2tISm1Da2VydjhDQUFaL2hNUkxHVGtMSk1NU0VaNW1VZnNMUDd4c29jaVVRVFJjYzZxNjdBbEdqbWs1TmRUQ1JGa1kiLCJtYWMiOiIzZTg3MDFmMmM1NmZlYTA0ZjkzYzRkNTU3MzBiZDc1NDMzZGQ0NzkyYmE0Njc2OTJiMWQ0ODQzNjdmOTAxMmQ0In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:01 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 355
last-modified: Sat, 18 Sep 2021 16:55:40 GMT
Server: cloudflare
etag: "2ed-5cc47eaf19b00-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlhGBf65W4YPdNbncnJRltfJGJ6dOzAkQP5JecbQbLQegiu0ZgJyy1V0Rte7ZDjNOzy%2BbrQy%2Bdag9sziXPbpWi0%2BaxDMMefCZPR8YZlfPDhsv7OztFEf4KxnI0HTpgz9thG4uc7i%2F8gQrU%2BbMt%2BGTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d837605ace0e06-MXP

GET
H2 200 bootstrap.min.css
unpkg.com/bootstrap@5.1.1/dist/css/ 159 KB
25 KB 4141ms
4100ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/bootstrap@5.1.1/dist/css/bootstrap.min.css

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0071cd7ccef32768966b353e2ff09d13e07ab31148944e5545803232c2341e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 11:27:05 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
content-encoding: br
vary: Accept-Encoding
fly-request-id: 01FHWPFP413298J4GN4PKFSGHT
server: cloudflare
etag: W/"27bcc-BZIWlzlsFSRVBPxM7BbsU0yOz/8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 69d837609f2259ef-MXP

GET
H/1.1 200
OK luxon.min.js Show response
clckund.widel.men/_assets_/vendor/ 68 KB
21 KB 118ms
111ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/vendor/luxon.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c0b0d6f1f5d0ac240b6a0bb4718c36900b29558abe29724c8ef87e9d3d31675

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/
Cookie: XSRF-TOKEN=eyJpdiI6IlhyTjVXSVZvODdVZTNOQitYY0VjSFE9PSIsInZhbHVlIjoiWFZ2YWVvSEMrTitwWTdvcnRPcE1NK0FKVmtMbGp1TERMVUpiV1oxbFFIWW5OSVlWeDJjUXNIbmRSVDJqSko5QjFOUkF2YUxvdXlUN2o2SldhUEZjSDZkSjk3K3R3WVo4QmlzWDFvcG9reTAxRDJqYXM5QXpjSkZTUHBHYXdNbUYiLCJtYWMiOiIwN2Y3MWZiNWE3MDdjYTQ5ZTVmOWE5NDRiYTRkYzBmZjZiMDRkM2JlN2RmZDFiOTE0MmQzM2U2NWJiOTFlZmQ3In0%3D; laravel_session=eyJpdiI6IkdjOXpvZE5lWGpCTVdzUERtRjNtd1E9PSIsInZhbHVlIjoiU1gyZU1sNUZiK2RwQkNJYk1VcmkzNnJYbHg3b1l4aHFFSFUxVnE4N3hQUjVSSGUyS2VNemMrcFVUbjgxa2tISm1Da2VydjhDQUFaL2hNUkxHVGtMSk1NU0VaNW1VZnNMUDd4c29jaVVRVFJjYzZxNjdBbEdqbWs1TmRUQ1JGa1kiLCJtYWMiOiIzZTg3MDFmMmM1NmZlYTA0ZjkzYzRkNTU3MzBiZDc1NDMzZGQ0NzkyYmE0Njc2OTJiMWQ0ODQzNjdmOTAxMmQ0In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:01 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 20877
last-modified: Sun, 19 Sep 2021 11:36:26 GMT
Server: cloudflare
etag: "11026-5cc57931e2280-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65WrIBlMTjqJz1oRToCCnWeP2nvFGORNCwVPxyZadZhi6MYBzpUaTj%2FkpxvfCpxqd%2B3xLNF4obohFfy1I4krgjrbZbHXu4t89eDfEkJnDX1jZ7G%2F3MlTU4LCGl%2F5TeBU6WRdBXCBLdf8VFtOh11j1w%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d837607dfb59bf-MXP

GET
H/1.1 200
OK js-cookie.js Show response
clckund.widel.men/_assets_/vendor/ 2 KB
2 KB 94ms
87ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/vendor/js-cookie.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24d0807da6b55f18ea0122256c979f26b6f5500a046eea7df23ad829247dc1e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/
Cookie: XSRF-TOKEN=eyJpdiI6IlhyTjVXSVZvODdVZTNOQitYY0VjSFE9PSIsInZhbHVlIjoiWFZ2YWVvSEMrTitwWTdvcnRPcE1NK0FKVmtMbGp1TERMVUpiV1oxbFFIWW5OSVlWeDJjUXNIbmRSVDJqSko5QjFOUkF2YUxvdXlUN2o2SldhUEZjSDZkSjk3K3R3WVo4QmlzWDFvcG9reTAxRDJqYXM5QXpjSkZTUHBHYXdNbUYiLCJtYWMiOiIwN2Y3MWZiNWE3MDdjYTQ5ZTVmOWE5NDRiYTRkYzBmZjZiMDRkM2JlN2RmZDFiOTE0MmQzM2U2NWJiOTFlZmQ3In0%3D; laravel_session=eyJpdiI6IkdjOXpvZE5lWGpCTVdzUERtRjNtd1E9PSIsInZhbHVlIjoiU1gyZU1sNUZiK2RwQkNJYk1VcmkzNnJYbHg3b1l4aHFFSFUxVnE4N3hQUjVSSGUyS2VNemMrcFVUbjgxa2tISm1Da2VydjhDQUFaL2hNUkxHVGtMSk1NU0VaNW1VZnNMUDd4c29jaVVRVFJjYzZxNjdBbEdqbWs1TmRUQ1JGa1kiLCJtYWMiOiIzZTg3MDFmMmM1NmZlYTA0ZjkzYzRkNTU3MzBiZDc1NDMzZGQ0NzkyYmE0Njc2OTJiMWQ0ODQzNjdmOTAxMmQ0In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:01 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 774
last-modified: Sat, 18 Sep 2021 15:21:14 GMT
Server: cloudflare
etag: "619-5cc4699394e80-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhXdss50kAoYoyLykrtWUA1a3fd7%2BzIUkSks2Q%2BjrGZPtGRce6NzORV0QUPW3Xk1eNO2JlB0h%2FwrAjqMmdVNKTMZvp5Gc1dVfxpnIHYlkLBNobpC40v0pbznq10PyEpzcZR7s9iN8JThUpnF%2F9YzlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d837607bdd59b9-MXP

GET
H/1.1 200
OK jquery.min.js Show response
clckund.widel.men/_assets_/vendor/ 87 KB
31 KB 34ms
27ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/vendor/jquery.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/
Cookie: XSRF-TOKEN=eyJpdiI6IlhyTjVXSVZvODdVZTNOQitYY0VjSFE9PSIsInZhbHVlIjoiWFZ2YWVvSEMrTitwWTdvcnRPcE1NK0FKVmtMbGp1TERMVUpiV1oxbFFIWW5OSVlWeDJjUXNIbmRSVDJqSko5QjFOUkF2YUxvdXlUN2o2SldhUEZjSDZkSjk3K3R3WVo4QmlzWDFvcG9reTAxRDJqYXM5QXpjSkZTUHBHYXdNbUYiLCJtYWMiOiIwN2Y3MWZiNWE3MDdjYTQ5ZTVmOWE5NDRiYTRkYzBmZjZiMDRkM2JlN2RmZDFiOTE0MmQzM2U2NWJiOTFlZmQ3In0%3D; laravel_session=eyJpdiI6IkdjOXpvZE5lWGpCTVdzUERtRjNtd1E9PSIsInZhbHVlIjoiU1gyZU1sNUZiK2RwQkNJYk1VcmkzNnJYbHg3b1l4aHFFSFUxVnE4N3hQUjVSSGUyS2VNemMrcFVUbjgxa2tISm1Da2VydjhDQUFaL2hNUkxHVGtMSk1NU0VaNW1VZnNMUDd4c29jaVVRVFJjYzZxNjdBbEdqbWs1TmRUQ1JGa1kiLCJtYWMiOiIzZTg3MDFmMmM1NmZlYTA0ZjkzYzRkNTU3MzBiZDc1NDMzZGQ0NzkyYmE0Njc2OTJiMWQ0ODQzNjdmOTAxMmQ0In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:01 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 682
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 30902
last-modified: Sat, 18 Sep 2021 11:56:20 GMT
Server: cloudflare
etag: "15d9d-5cc43bc71c100-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dth1XKEjNDEYzItyFB7vUz6o6cimmPWwduUWjx3LO%2Fkz23XTdjVVCb6KGMLgW7RjM5lEVjrLMZSZuGWJe6IvL0yCJ6Dx%2BrsunR%2B4bQrMINo21VyTkPxbtFI3TQs5%2Fs9uIr974KFbMJ2mbJNlHNsorw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d837605fe94aaa-FRA

GET
H/1.1 200
OK iframeResizer.min.js Show response
clckund.widel.men/_assets_/vendor/ 14 KB
6 KB 109ms
102ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/vendor/iframeResizer.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 475a8acf1f1441cb3c8e8181e6ab908b991096c9f01ab0f5e5e71174dd032cc4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/
Cookie: XSRF-TOKEN=eyJpdiI6IlhyTjVXSVZvODdVZTNOQitYY0VjSFE9PSIsInZhbHVlIjoiWFZ2YWVvSEMrTitwWTdvcnRPcE1NK0FKVmtMbGp1TERMVUpiV1oxbFFIWW5OSVlWeDJjUXNIbmRSVDJqSko5QjFOUkF2YUxvdXlUN2o2SldhUEZjSDZkSjk3K3R3WVo4QmlzWDFvcG9reTAxRDJqYXM5QXpjSkZTUHBHYXdNbUYiLCJtYWMiOiIwN2Y3MWZiNWE3MDdjYTQ5ZTVmOWE5NDRiYTRkYzBmZjZiMDRkM2JlN2RmZDFiOTE0MmQzM2U2NWJiOTFlZmQ3In0%3D; laravel_session=eyJpdiI6IkdjOXpvZE5lWGpCTVdzUERtRjNtd1E9PSIsInZhbHVlIjoiU1gyZU1sNUZiK2RwQkNJYk1VcmkzNnJYbHg3b1l4aHFFSFUxVnE4N3hQUjVSSGUyS2VNemMrcFVUbjgxa2tISm1Da2VydjhDQUFaL2hNUkxHVGtMSk1NU0VaNW1VZnNMUDd4c29jaVVRVFJjYzZxNjdBbEdqbWs1TmRUQ1JGa1kiLCJtYWMiOiIzZTg3MDFmMmM1NmZlYTA0ZjkzYzRkNTU3MzBiZDc1NDMzZGQ0NzkyYmE0Njc2OTJiMWQ0ODQzNjdmOTAxMmQ0In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:01 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 5612
last-modified: Sat, 18 Sep 2021 11:57:36 GMT
Server: cloudflare
etag: "3723-5cc43c0f96c00-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIkN3eplCrvWwJMHYU4NpMB96bd%2BphRa9dxLiRYvxT8bqfhpaRccqBIUxizH2myfeyVn5LGSWimBlX8ZrfVr6njPg4XUmUsqnjsjSGKN4pOgYXWK58wuQfU%2Ffwd7bGhlX%2Bpkq7%2BHmg7jhtRzGsjSUA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d837607cad0f66-MXP

GET
H/1.1 200
OK parent.js Show response
clckund.widel.men/_assets_/av/ 1 KB
1 KB 103ms
96ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/av/parent.js?hash=6f8b8892d97c59552ad62dca6b4fc110
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a44060cbd57d5298c029564157ebff106a3bf5bee300ec47978a408a9840184

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/
Cookie: XSRF-TOKEN=eyJpdiI6IlhyTjVXSVZvODdVZTNOQitYY0VjSFE9PSIsInZhbHVlIjoiWFZ2YWVvSEMrTitwWTdvcnRPcE1NK0FKVmtMbGp1TERMVUpiV1oxbFFIWW5OSVlWeDJjUXNIbmRSVDJqSko5QjFOUkF2YUxvdXlUN2o2SldhUEZjSDZkSjk3K3R3WVo4QmlzWDFvcG9reTAxRDJqYXM5QXpjSkZTUHBHYXdNbUYiLCJtYWMiOiIwN2Y3MWZiNWE3MDdjYTQ5ZTVmOWE5NDRiYTRkYzBmZjZiMDRkM2JlN2RmZDFiOTE0MmQzM2U2NWJiOTFlZmQ3In0%3D; laravel_session=eyJpdiI6IkdjOXpvZE5lWGpCTVdzUERtRjNtd1E9PSIsInZhbHVlIjoiU1gyZU1sNUZiK2RwQkNJYk1VcmkzNnJYbHg3b1l4aHFFSFUxVnE4N3hQUjVSSGUyS2VNemMrcFVUbjgxa2tISm1Da2VydjhDQUFaL2hNUkxHVGtMSk1NU0VaNW1VZnNMUDd4c29jaVVRVFJjYzZxNjdBbEdqbWs1TmRUQ1JGa1kiLCJtYWMiOiIzZTg3MDFmMmM1NmZlYTA0ZjkzYzRkNTU3MzBiZDc1NDMzZGQ0NzkyYmE0Njc2OTJiMWQ0ODQzNjdmOTAxMmQ0In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:01 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 548
last-modified: Sat, 18 Sep 2021 12:43:24 GMT
Server: cloudflare
etag: "4c0-5cc4464c49300-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6N9zYjFk9i2cLTfwdpq5H1Fmdd7vO0Or2gc2apS8Ulzcbp6kuCcvHTERyhfmFIGPnAK71uf316AYM6lE%2Bj67VPGqqNwCRu0YgqJwCb%2B%2Fo7pmxSI1sCjxs8AyUEyXr3m344zKpy9sKuRWnOl%2BENWbsg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d837607cf6374f-MXP

GET
H/1.1 200
OK main.js Show response
clckund.widel.men/_assets_/av/4/ 640 B
1 KB 56ms
14ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/av/4/main.js?hash=cb6251d9f9defd8c42430cc77c9083cf
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d82acc32d3045c22cfef1268aa0f31c7ef3834e1003af6057270b857ad4726cb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/
Cookie: XSRF-TOKEN=eyJpdiI6IlhyTjVXSVZvODdVZTNOQitYY0VjSFE9PSIsInZhbHVlIjoiWFZ2YWVvSEMrTitwWTdvcnRPcE1NK0FKVmtMbGp1TERMVUpiV1oxbFFIWW5OSVlWeDJjUXNIbmRSVDJqSko5QjFOUkF2YUxvdXlUN2o2SldhUEZjSDZkSjk3K3R3WVo4QmlzWDFvcG9reTAxRDJqYXM5QXpjSkZTUHBHYXdNbUYiLCJtYWMiOiIwN2Y3MWZiNWE3MDdjYTQ5ZTVmOWE5NDRiYTRkYzBmZjZiMDRkM2JlN2RmZDFiOTE0MmQzM2U2NWJiOTFlZmQ3In0%3D; laravel_session=eyJpdiI6IkdjOXpvZE5lWGpCTVdzUERtRjNtd1E9PSIsInZhbHVlIjoiU1gyZU1sNUZiK2RwQkNJYk1VcmkzNnJYbHg3b1l4aHFFSFUxVnE4N3hQUjVSSGUyS2VNemMrcFVUbjgxa2tISm1Da2VydjhDQUFaL2hNUkxHVGtMSk1NU0VaNW1VZnNMUDd4c29jaVVRVFJjYzZxNjdBbEdqbWs1TmRUQ1JGa1kiLCJtYWMiOiIzZTg3MDFmMmM1NmZlYTA0ZjkzYzRkNTU3MzBiZDc1NDMzZGQ0NzkyYmE0Njc2OTJiMWQ0ODQzNjdmOTAxMmQ0In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:01 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 682
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 383
last-modified: Sun, 19 Sep 2021 12:03:02 GMT
Server: cloudflare
etag: "280-5cc57f23f2980-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHptSQzC%2B4gJ2WIiaCslb7dMnePiWHGIEUeoN5huEpBUZ9EKPQ5EdpXCZgvRBopCan3n%2FXb%2BZdiHmcYmBNv5wG1qTypcXQlWF%2Bf0CmcWUgSR3sqUcO7fSrK2InCzmayKPUQV9hoU2o%2FhzkplyWUS2g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d8376098314aaa-FRA

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 037116b0806082ffb89623e6914ea2826c70ed064875404a03c8b39b5b1e3162

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK _iframe_ Show response
clckund.widel.men/ Frame B0A6 92 KB
25 KB 98ms
97ms Document
text/html 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_assets_/vendor/jquery.min.js
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 374e261691de8f50b15aafeb9eb102f2fb252affd98259eafc581cca94ac851b

Request headers

Host: clckund.widel.men
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://clckund.widel.men/
Accept-Encoding: gzip, deflate
Cookie: XSRF-TOKEN=eyJpdiI6IlhyTjVXSVZvODdVZTNOQitYY0VjSFE9PSIsInZhbHVlIjoiWFZ2YWVvSEMrTitwWTdvcnRPcE1NK0FKVmtMbGp1TERMVUpiV1oxbFFIWW5OSVlWeDJjUXNIbmRSVDJqSko5QjFOUkF2YUxvdXlUN2o2SldhUEZjSDZkSjk3K3R3WVo4QmlzWDFvcG9reTAxRDJqYXM5QXpjSkZTUHBHYXdNbUYiLCJtYWMiOiIwN2Y3MWZiNWE3MDdjYTQ5ZTVmOWE5NDRiYTRkYzBmZjZiMDRkM2JlN2RmZDFiOTE0MmQzM2U2NWJiOTFlZmQ3In0%3D; laravel_session=eyJpdiI6IkdjOXpvZE5lWGpCTVdzUERtRjNtd1E9PSIsInZhbHVlIjoiU1gyZU1sNUZiK2RwQkNJYk1VcmkzNnJYbHg3b1l4aHFFSFUxVnE4N3hQUjVSSGUyS2VNemMrcFVUbjgxa2tISm1Da2VydjhDQUFaL2hNUkxHVGtMSk1NU0VaNW1VZnNMUDd4c29jaVVRVFJjYzZxNjdBbEdqbWs1TmRUQ1JGa1kiLCJtYWMiOiIzZTg3MDFmMmM1NmZlYTA0ZjkzYzRkNTU3MzBiZDc1NDMzZGQ0NzkyYmE0Njc2OTJiMWQ0ODQzNjdmOTAxMmQ0In0%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: no-cache, private
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IlRPNHBoblY0Q0hPcEtZbVYreG9KU0E9PSIsInZhbHVlIjoiWXIva2Jaa09yUy9IcnFzbXJZcFo2SWt5Z3BkdTM4MlRydmxrZzl2b1d1L1lObFBNaUNlM2orRWxJSDBFdUxWUFU2clY5MkhhY09oQ1ZkdHNwWmduT1ZyalI3bnUxbTVOVGdVbHRILytHQ2s2Y2x6VlRDU2Q2Z2VTTC8yQ0hkOVAiLCJtYWMiOiJlNDFhYTMxNmI0MzU3MWUxNWVjYWZlNzhiNmE1YmU5YjBlMmYzNzU5Y2JkY2U3NDNiMTExZjU3YmI5NmY3ZjcwIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6Im5hVXNjaS94OUNuSmxtYUtUZ1FCMGc9PSIsInZhbHVlIjoiaUlnZFNmbkVRWjVrYTZkRGtwaEVjclFvanNhRGNPVDFiR1Q0UDgwOTNvelNZSXRIMmprdng5WnVNTmVEZ2FmTzgwQmJMZ2VFSFZSRHFFVVBwU2FFT1o4eEJuZ2ZHRS9pRys5eEJYbkxINTRubjN6V0pyQ1UxNXhKT3NwMDRKUEgiLCJtYWMiOiJmNDhmZDRjZDgzNzRlOGNkNGQ2MjJmMDk0OTc0OWM0MDA1M2JiMTczZGZjNzkyMmRjMjQwOTRjNWY5MzAwNDNjIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhehCtJJSKXU6tagM9GWMgrBCeI68Y%2BYDzeWEHnCfpBRVmIuF9mrjSS9MSLfd%2BK%2F%2BOEjelkOi0E9sxTRopARiX1bpQjje%2FZGFxBcm1S3igoZE0WCwHFGL8R8HjqY35GvO81YNcX6t0dvoQHSOxg5PA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 69d8377a6d5959bf-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK _cdn_
clckund.widel.men/ Frame B0A6 339 KB
54 KB 114ms
114ms Stylesheet
text/css 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=css/min/site-article-1e3b8b5ea47d2fd445de1d7a30778bea.css
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa46be8c4e0e413dfb85925cbfcc2010fa4f5909fcd54cd3f88b42fa3fb7b110

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6IlRPNHBoblY0Q0hPcEtZbVYreG9KU0E9PSIsInZhbHVlIjoiWXIva2Jaa09yUy9IcnFzbXJZcFo2SWt5Z3BkdTM4MlRydmxrZzl2b1d1L1lObFBNaUNlM2orRWxJSDBFdUxWUFU2clY5MkhhY09oQ1ZkdHNwWmduT1ZyalI3bnUxbTVOVGdVbHRILytHQ2s2Y2x6VlRDU2Q2Z2VTTC8yQ0hkOVAiLCJtYWMiOiJlNDFhYTMxNmI0MzU3MWUxNWVjYWZlNzhiNmE1YmU5YjBlMmYzNzU5Y2JkY2U3NDNiMTExZjU3YmI5NmY3ZjcwIn0%3D; laravel_session=eyJpdiI6Im5hVXNjaS94OUNuSmxtYUtUZ1FCMGc9PSIsInZhbHVlIjoiaUlnZFNmbkVRWjVrYTZkRGtwaEVjclFvanNhRGNPVDFiR1Q0UDgwOTNvelNZSXRIMmprdng5WnVNTmVEZ2FmTzgwQmJMZ2VFSFZSRHFFVVBwU2FFT1o4eEJuZ2ZHRS9pRys5eEJYbkxINTRubjN6V0pyQ1UxNXhKT3NwMDRKUEgiLCJtYWMiOiJmNDhmZDRjZDgzNzRlOGNkNGQ2MjJmMDk0OTc0OWM0MDA1M2JiMTczZGZjNzkyMmRjMjQwOTRjNWY5MzAwNDNjIn0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkBQk5Ijj2OiuPsNU5qhdaxt0JJLCzJ%2BvWc208phpKxMyrHoay4OGLybrS5A14iLULmriBtvEDU4WSVvnPuyMNDUyfJVHhgbwkNktsWVkWxB8nz4hrWjaqfFpzQ071Tj0beAmHfJu3JsbK7dCkxAsg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Connection: keep-alive
CF-RAY: 69d8377b1a930f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 54057

GET
H/1.1 200
OK _cdn_ Show response
clckund.widel.men/ Frame B0A6 147 KB
45 KB 96ms
96ms Script
application/x-javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_cdn_?host=assets.adobedtm.com&hash=6d959d45528e9d7c4909fafca469d76e&path=launch-ENdec3197734dd4b629a9283183faf094b.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d8a0bb99079a8e4b89fcbea792a49fa1323c9703b2929f40224557f53c2256f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6IlRPNHBoblY0Q0hPcEtZbVYreG9KU0E9PSIsInZhbHVlIjoiWXIva2Jaa09yUy9IcnFzbXJZcFo2SWt5Z3BkdTM4MlRydmxrZzl2b1d1L1lObFBNaUNlM2orRWxJSDBFdUxWUFU2clY5MkhhY09oQ1ZkdHNwWmduT1ZyalI3bnUxbTVOVGdVbHRILytHQ2s2Y2x6VlRDU2Q2Z2VTTC8yQ0hkOVAiLCJtYWMiOiJlNDFhYTMxNmI0MzU3MWUxNWVjYWZlNzhiNmE1YmU5YjBlMmYzNzU5Y2JkY2U3NDNiMTExZjU3YmI5NmY3ZjcwIn0%3D; laravel_session=eyJpdiI6Im5hVXNjaS94OUNuSmxtYUtUZ1FCMGc9PSIsInZhbHVlIjoiaUlnZFNmbkVRWjVrYTZkRGtwaEVjclFvanNhRGNPVDFiR1Q0UDgwOTNvelNZSXRIMmprdng5WnVNTmVEZ2FmTzgwQmJMZ2VFSFZSRHFFVVBwU2FFT1o4eEJuZ2ZHRS9pRys5eEJYbkxINTRubjN6V0pyQ1UxNXhKT3NwMDRKUEgiLCJtYWMiOiJmNDhmZDRjZDgzNzRlOGNkNGQ2MjJmMDk0OTc0OWM0MDA1M2JiMTczZGZjNzkyMmRjMjQwOTRjNWY5MzAwNDNjIn0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0AjTg5ROcuErf9WNo3EMgJjmQdOYmoledOrf611CUFUtCz%2BLIn080GyXT1Y3og2mmglu%2BX2%2BpxSWbvFO0V4khFhX09jqIHWkr9JXq6fv7wRraVmMQ3CK4LCnC0N0jN%2Fsl3i9LGLaGee336Nw0Zpvg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
set-cookie: XSRF-TOKEN=eyJpdiI6IjU5eTNCclRUQ3BwdENrdXdMdlV0d3c9PSIsInZhbHVlIjoiVmZlcFJNQWVsV0lZTEZ1Y3VDSXgyZUhVWmc5aGFueGs3OGViSzIyTFl2S0JRMEw3M0x0TVhGN29KR1N0QjVBSkFtWnBPdjdWTitkUExzTTFBTVB1UjJENUpNclk4bmZXZUFCd1RnaUJQaHc3em1XMkNsbm03WHdHZ2NtbW9FakoiLCJtYWMiOiI3MDVlZjM1ZTVlNTgzZjU3ZTUzZGIxMTk4NTE5NWM4Njk5M2M3ZGI3YmQ0YzI4ZTBiZTIwNDgzYTMyOGU5YWNmIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6InRuU0xBa1V2cGV0Q1IwWW05TXpJdFE9PSIsInZhbHVlIjoiRVVsWTJOUGloandRWVB2c2xzS1RBcnJ3bFE5SHJZdmlPQkRDWldPQlRZby9IMW80ZWI4RlVydFZsMjdOS1FiVDByTFlFcWY5aTlpYnZlcTU1bGZTNk9Zdm9JV0M2RjExSXBXZ3hNVmkwb25tOVNhZ3BqdHcweStSRVRPcExic00iLCJtYWMiOiJiZjIxYzdmMDBiNWIwMjJjMGZhZTdhNjRhYjBmZDAwZGI3MTkwNjVlZjFiMTZjM2M0ZDgwZTc4MzMxYzlmOWM3In0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Connection: keep-alive
CF-RAY: 69d8377b1844374f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 44791

GET
H/1.1 200
OK _cdn_ Show response
clckund.widel.men/ Frame B0A6 152 KB
45 KB 105ms
105ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_cdn_?host=gdpr-tcfv2.sp-prod.net&hash=6d959d45528e9d7c4909fafca469d76e&path=wrapperMessagingWithoutDetection.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79ea6bea9dbe5d24763b0570ce68e4b0463f505d561315b0fb5aa4697c0e7ab9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6IlRPNHBoblY0Q0hPcEtZbVYreG9KU0E9PSIsInZhbHVlIjoiWXIva2Jaa09yUy9IcnFzbXJZcFo2SWt5Z3BkdTM4MlRydmxrZzl2b1d1L1lObFBNaUNlM2orRWxJSDBFdUxWUFU2clY5MkhhY09oQ1ZkdHNwWmduT1ZyalI3bnUxbTVOVGdVbHRILytHQ2s2Y2x6VlRDU2Q2Z2VTTC8yQ0hkOVAiLCJtYWMiOiJlNDFhYTMxNmI0MzU3MWUxNWVjYWZlNzhiNmE1YmU5YjBlMmYzNzU5Y2JkY2U3NDNiMTExZjU3YmI5NmY3ZjcwIn0%3D; laravel_session=eyJpdiI6Im5hVXNjaS94OUNuSmxtYUtUZ1FCMGc9PSIsInZhbHVlIjoiaUlnZFNmbkVRWjVrYTZkRGtwaEVjclFvanNhRGNPVDFiR1Q0UDgwOTNvelNZSXRIMmprdng5WnVNTmVEZ2FmTzgwQmJMZ2VFSFZSRHFFVVBwU2FFT1o4eEJuZ2ZHRS9pRys5eEJYbkxINTRubjN6V0pyQ1UxNXhKT3NwMDRKUEgiLCJtYWMiOiJmNDhmZDRjZDgzNzRlOGNkNGQ2MjJmMDk0OTc0OWM0MDA1M2JiMTczZGZjNzkyMmRjMjQwOTRjNWY5MzAwNDNjIn0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dhFrWRqJg%2Bdy3fM8mtgoN%2Bkay1G3NrSMSbZcBHVniQU7HehS5qLOctxKuCcdx%2BKrU664ap3K3CuOX8leonwFqhked9gl21bN5fIq153vgTi48uVVEMavb%2B%2BBKCfmJ7jkrBHyr6mOE6cWZqgfF8cuJg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
set-cookie: XSRF-TOKEN=eyJpdiI6Ik1VWVRrRllWeUNqNlFTRHBNa0g5cGc9PSIsInZhbHVlIjoieUg4VVZBZnoxOUxIQW1Ddk1VUmhBUks0WmUyMzlpZlZmaWYzQ0JBOStoUmVtZDZXTW11QlNyTEgwOVIxVytST013V21uSU85WWl3S1pDaHFrdCs4NFVMUCtXNFVZeDJndnQxMjdneDYrdng4REdKdFNDUE5sRDZRblZsb1VJWHQiLCJtYWMiOiI4MjlkZjY1OTg2ZDUwOTU5ZjlhMTg5YWJlZTI4OTVmNjViMGM2YTliYTNiOTVjYjNmZmQ5ZmExZmYwNzMwZTE4In0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6Imk0NzFtMlRtUGE4ZUpaQ1BpbTdaVkE9PSIsInZhbHVlIjoiM2FCK2xEcGg1OUVCeTQyMzFsRTNaL3FTRkVOenVKazl5SVlrY2Z0TGtReFVseHYraHdNSmx1OUFxN3Z3dWJMOTZ0WG1lWDNXSWNJYmwvU1U2S1RqbDU0d0hRSXhtMjhRMmE0MXJTUmswWGh5b2YwM2RIUFVhZUxvV1loakFpL3giLCJtYWMiOiJlMTc3NmU2NzViOTM2NDA1YjU4YTQzOGM2MDBlMjg0MGE5YTIxYTJjMjdkYjM1YTc2NTdhMGRmOTE4NTE1ZWU4In0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Connection: keep-alive
CF-RAY: 69d8377b1dcb59b9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 44489

GET
H2 200 font-awesome.min.css
unpkg.com/font-awesome@4.7.0/css/ Frame B0A6 30 KB
7 KB 35ms
34ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/font-awesome@4.7.0/css/font-awesome.min.css

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 11:27:05 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4813498
fly-request-id: 01FDD7ZGBQ3SCST5N970FE2NGC
content-encoding: br
vary: Accept-Encoding
last-modified: Mon, 24 Oct 2016 21:33:21 GMT
server: cloudflare
etag: W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 69d8377b1dac59ef-MXP

GET materialdesignicons.min.css
unpkg.com/mdi@2.2.43/css/ Frame B0A6 0
0

GET line-awesome.min.css
unpkg.com/line-awesome@1.3.0/dist/line-awesome/css/ Frame B0A6 0
0

GET
H/1.1 200
OK _cdn_
clckund.widel.men/ Frame B0A6 8 KB
5 KB 161ms
103ms Image
image/svg+xml 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=resources/sky-news-logo.svg?v=1?bypass-service-worker
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9803a7d38f570c85b8dee4bf755a6ad4527551115b39d95f83227c0db7955178

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWYOdcOXc5YzTIE4AVo7khVwTVp5w0WiujKKliIkphuL8Iv68vMJoRogPH6lnnxpUmn3wviTbqrQmXruZoZFjuzRbrVcYgiu2FW5fTJPiEh%2BbIeZZpHmz4mdJ%2BYRiUVs01Mc7cguOoqjG81W19gO2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
set-cookie: XSRF-TOKEN=eyJpdiI6IjFPRUZubFlwdk1sMlNvdzZqNHo4bHc9PSIsInZhbHVlIjoia295eVVIb2x3U0JTRW1WNVhlUk9KS1lKYTNVRmhLZkVOLzdyUjNhaG1SbExra0ROMm11SitmVjFNNUVJKzlMSmpNTTNVbHBYK0xnN2sxZVRtdVh4M0Z6V2swZ1FhaWJCT20xU09pRk5VK2V4Q2ZTTW03U0JHZW84bXU0NHh2ODAiLCJtYWMiOiI0NWFhNDQ4MzA2ZWE0MDMyNDkxMDAwNDgzZmNiZGJmZGQ1MDVmNTA5MTdiNDUyN2UwN2ZkNzg0YThjN2RkMjFhIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IktOK0U2VG9XT3ZYdXhQVUlJanNhbHc9PSIsInZhbHVlIjoiaHZYMFpqaWxiSTI5Vml5U1gyeG1QZG8yTGN5ZjVmQ05hU0VDamRTQ282c0tDYWU4dVhzOFpnU1k5cDdQbVYrdWZ0UWdvZEpkNFMyMEJEcHdUTTI5NGtPNnRQVHVLNTZFdVVVbkRzYzVOQzRCS2h5SEtXNTBHa3ExYytDbHczdXMiLCJtYWMiOiI5MWJiNGQxMTM2YTk4ZjdkZWM3MzI0ZmJiZDk0NDY3NGQ0Yjk1MTc0YzQ3OGY1ZWNlOGJlYmNkOWE4OTA1OWI1In0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 69d8377cfd790e06-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK email-decode.min.js Show response
clckund.widel.men/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame B0A6 1 KB
1 KB 25ms
25ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://clckund.widel.men/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

HTTP/1.1

Server

2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 05 Oct 2021 10:51:03 GMT
Server: cloudflare
ETag: W/"615c2e17-4d7"
X-Frame-Options: DENY
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBv1sYivFVFJqeUwO8%2BvewlbrVNyab0jbg5jShU9mm7%2FBpTqBfg4RzcUml5Oo%2FQqB9eT2IU5OnFmpHig8vp2nQtjjeoWbbxHKv6yin2l9Y0W82axXdyqqGUjFRNqzVTGtVQZC9N7QNOnTWo4od4BIw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=172800 public
CF-RAY: 69d8377c6c7e0f66-MXP
Expires: Fri, 15 Oct 2021 11:27:05 GMT

GET
H/1.1 200
OK _cdn_ Show response
clckund.widel.men/ Frame B0A6 96 KB
30 KB 57ms
56ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_cdn_?host=platform.twitter.com&hash=6d959d45528e9d7c4909fafca469d76e&path=widgets.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0; consentUUID=bca0687c-9b06-4b0e-92c1-e26f311ab505; XSRF-TOKEN=eyJpdiI6InErVEQyRjA0RU1WeTM5dmR6eXpFdWc9PSIsInZhbHVlIjoiU2JxSjJNWHZJZGFtZ3p4ZnVoNDBvVy9Mcm85bDZiWHJ4a3JJWVlHWDZXWXNpVU5DSk9hcHlZbEc3RVJjc0d1L2hNbGdQamtCT0s2REZkd21wQXhuN0dCTmt1Z1h5dlM2Zm9mdkpHTHZPUUZ5ek84eGx0Tm9nOVE1eDF5R1g2MzUiLCJtYWMiOiI4MWFjZjczMjVlN2MyMDA4OTAwNDk4MzIxNjExYTQwZDU1YWY0YzEwOTA3MWJhYjk5MjQ5NDJhZDA1YzcxNzkxIn0%3D; laravel_session=eyJpdiI6ImgrZmZMNnlMdTFwa2hJcmRxNFBPL3c9PSIsInZhbHVlIjoiSVMvd01iUzhoUzYvc2NydUY5SS9UdnpmbWFuVkJuUHkrSzdQdHRtalY4U255SExYdFZ2c2xoTW1wbDFzMHdJRkdjNXk0Ym5zNzN0dENmVDFzeml6Q28rVlJJdDU5a2d3S2JjalR2UDlHdkEyQ0ZwSVR6cndIckZ2RXNUVHNPZWciLCJtYWMiOiJiZDU1NWU2ZDY2MDBkOGYyMGJiODNjM2ZjOWY5MDkwOTQxN2RjMGQ4ZWI3Y2E2MTQ4YWU2MGRlYTg2MjEwMjY4In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr1jUBMVRm5ecAeZG2MdiVCjFpGUGoSa9BRx62B3tEWHS3oBODW4oyeqwOIhq1TbEkAnqb4QrHnknZZKt8OPfI7Scq7J86OJQTrSuIBBJMUYYGGxbgnWZMvfsx9huY7AgzDRMY%2FHTZAu6s%2BfQYgpgA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
set-cookie: XSRF-TOKEN=eyJpdiI6Ik5TUG4rU0dBVUFGTTFMTDlpblA4YVE9PSIsInZhbHVlIjoiVHc4ZnZxbkRaall4L0JXZnJqTUFENHZFNWNqc0djTitFUFJQbWJzN2U0MXEyU3RpbFFYRjE5YWRFa3RJVU9FSWJmUGEvQ1Rqdy85azRZWndJQ083a1hoNVgxdHRERGR3dmFzWGV0eFU1NGNvZWpWbEJPekt1R0dWdGg0K0t5SysiLCJtYWMiOiIyN2Q0ZDA2ZGM3NjZiMWVjOTZmZDI1YWYxMjdlNWM5NGJjOTFhMDdkZDY5MWFjYjYxNDU5YTA3OTg5YmYwNTY5In0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6ImlsUVk3WnIyNEg3ZlBSb1oydGpsRVE9PSIsInZhbHVlIjoiaDVpbEs4ZzdhdEM0dnlYdWZMQjZEdXFhbWxqMzl1ak95aHdUbExHQ3dwWTdkUURRa3lJOXp4VktvUFBVc2Y0SUJuRDZtTXEwQ1ZkbjdyQWNSa2JhRElQNG01bEVMdENuQjh3WWxzY2NrVmtPdFZobUlBYnRnT3AwR2hhbkc5cUoiLCJtYWMiOiIxNWI0MjdmOTNkMzI4YWQ3MjZmMDZlNGRlYzI3MDFmZDAyYmUzZTlmZmYzZjY2NzQ0YTBjMDZiMzI4ZmNhYzllIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Connection: keep-alive
CF-RAY: 69d8377ceb0c4aaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 28826

GET
H/1.1 200
OK _cdn_
clckund.widel.men/ Frame B0A6 7 KB
8 KB 90ms
90ms Image
image/png 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=resources/sky-spectrum-logo.png
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 163996482296347d7e8925104dec2963ba1b318e4e131f8ededdf916e8a27380

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0; consentUUID=bca0687c-9b06-4b0e-92c1-e26f311ab505; XSRF-TOKEN=eyJpdiI6InErVEQyRjA0RU1WeTM5dmR6eXpFdWc9PSIsInZhbHVlIjoiU2JxSjJNWHZJZGFtZ3p4ZnVoNDBvVy9Mcm85bDZiWHJ4a3JJWVlHWDZXWXNpVU5DSk9hcHlZbEc3RVJjc0d1L2hNbGdQamtCT0s2REZkd21wQXhuN0dCTmt1Z1h5dlM2Zm9mdkpHTHZPUUZ5ek84eGx0Tm9nOVE1eDF5R1g2MzUiLCJtYWMiOiI4MWFjZjczMjVlN2MyMDA4OTAwNDk4MzIxNjExYTQwZDU1YWY0YzEwOTA3MWJhYjk5MjQ5NDJhZDA1YzcxNzkxIn0%3D; laravel_session=eyJpdiI6ImgrZmZMNnlMdTFwa2hJcmRxNFBPL3c9PSIsInZhbHVlIjoiSVMvd01iUzhoUzYvc2NydUY5SS9UdnpmbWFuVkJuUHkrSzdQdHRtalY4U255SExYdFZ2c2xoTW1wbDFzMHdJRkdjNXk0Ym5zNzN0dENmVDFzeml6Q28rVlJJdDU5a2d3S2JjalR2UDlHdkEyQ0ZwSVR6cndIckZ2RXNUVHNPZWciLCJtYWMiOiJiZDU1NWU2ZDY2MDBkOGYyMGJiODNjM2ZjOWY5MDkwOTQxN2RjMGQ4ZWI3Y2E2MTQ4YWU2MGRlYTg2MjEwMjY4In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcxqm%2Fy57%2BpzGc3N%2F6WEu4qp%2B33%2FOn9PGiqnzGLi5pn4cIrBp0AECln%2BzQcLyMB8UrnjLJuZGSAOeVs0zmcCO6pL%2FL9mApH%2B9VtTtv5OFYRiFNAFCNgmoSCcwV%2Fm0eihzWOrkp1hImq9jIuYMmjaMA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
set-cookie: XSRF-TOKEN=eyJpdiI6ImlqUkVBYVlseHlHMDRLbTlkemRvbUE9PSIsInZhbHVlIjoiVEpBK2kvWG9xOUR0Y1lpNlVYRm1jVjI0Q2dYMDhMc1phWW92blRUS0o2c2dBZXZ3bE1IUkhDK240aENOL0ZuS0JxaHhCS2F6QWdMUmw4dTdqUnZoWHdJQWxiU0llOWlIWjZVQ0ZkZ3J1bGNTMzVjcHhsc0d2OGJnM01IZmlJVDYiLCJtYWMiOiI4MGQ1OGVjOWYxZTAzNjBhNTUzZGZlYWQyZDU1NGI3ZjE5ZDBlN2NmNGQ3MDJkZGE4MjBjOGZhOWJhNWY4NzIzIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IllSdUhWNFkvUFBrMjBnbndGaVVvZEE9PSIsInZhbHVlIjoiazJKOUk4MHBMOU5mRXBGQWdIQytCMmRROHFOZjJmUXFYbTJIcXpIN2p3eGVSZVlPbmJGUEMza21QaStxQ3p0MXkrQlJKdXlWaGN3bDdxZFJFZndOaC9BRmZVU2pVMVZGd05EY1FmdHNPaHFTZ2N5V0o2TW9ZSno1cjQxdmxtL3ciLCJtYWMiOiJiN2RlY2E5Y2RlMWIzOTZiYWFhZTQxMmI5MzQ0YTBjMDZiZTlkYzQ5ZWUzYTE1MzliYjk5NGU4OGU5NmE0NzEzIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Connection: keep-alive
CF-RAY: 69d8377d0b45374f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 6866

GET
H/1.1 200
OK _cdn_ Show response
clckund.widel.men/ Frame B0A6 17 KB
8 KB 121ms
120ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=js/vendor/require.2.3.2.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 563bac9ba2a1d94effb5bea3061f8c39fc6769fd935ac4e9877e1b30a842d507

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRgvaS%2FoK13qT%2B5tKlZmYj4vLSSUJnxyyfcF0iC%2Fpmu9yRIZVt%2BPNOLXdSn1dd1q1ZnCaxQ3TrHO2WEWcUAhtXrp70S0t8L8hsw1PdBsMBGKJsvPKak1LhLx1eagZ7ba5cQuDg7f%2BWVBqWCYnID5vg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
set-cookie: XSRF-TOKEN=eyJpdiI6IlM3N0sreElZUzZ5UmdTTG9QR1NFc0E9PSIsInZhbHVlIjoiRzQycER6alQvQTcyRmxNSTZtTUpWankrN05wVVBCcGtJcmY5QXZ5TDdiRXJrcGZRU1ZGMUZHNXFheHkzS0crbVRoWUpVVktsZUZaNFlPMGZWb3hIUmNmS0o2ZFFSclVYZXFpV3ZWTnZSOTBnZ2kwYnFZdmwzc1RWK0tYdHBCRnEiLCJtYWMiOiI5N2I3Y2NiMmI4NTljY2Q3Njg2NjIyNmE1YjY3ZjQ4MWY3M2RiZmVjOTAzOGNmN2JlMjBmM2E0MTdmZjE5Y2FkIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6InN6djlCRnBKN1ZBYUtZN0svTGg2SHc9PSIsInZhbHVlIjoiS09OU0JhaEpsczY5N0J0RWRjTUlBaWtId3JrN1hHMjJ2eTJoR1Y1ZEFseW1MTVF4VmRQWVorYWtuRWhJOEl5NzBuRW02TUVhaUZsR2VYaVNXSVhENGVKbnIvamd1alg4Z2lMWjhGQnJ0RHhhdkdiMmdibUgwRXE1aDJkVGNidlgiLCJtYWMiOiIwNDI3YTRlYTkzNzkwMmU1MTdkZTNlODg2MTc1YTdhODEyODllNmVhODVjYzY4MmFiYjgyMDBjMmQyMzBjYjBkIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Connection: keep-alive
CF-RAY: 69d8377c788b59b9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 6567

GET
H/1.1 200
OK _cdn_ Show response
clckund.widel.men/ Frame B0A6 24 KB
10 KB 125ms
124ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_cdn_?host=analytics.global.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=sky-tags/news/prod/sky-tags-without-adobe.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e16b672371b927a89b2ce8afa249daf604e5b0c9d1bb851d161d88d992f3a4f7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0; consentUUID=bca0687c-9b06-4b0e-92c1-e26f311ab505; XSRF-TOKEN=eyJpdiI6InErVEQyRjA0RU1WeTM5dmR6eXpFdWc9PSIsInZhbHVlIjoiU2JxSjJNWHZJZGFtZ3p4ZnVoNDBvVy9Mcm85bDZiWHJ4a3JJWVlHWDZXWXNpVU5DSk9hcHlZbEc3RVJjc0d1L2hNbGdQamtCT0s2REZkd21wQXhuN0dCTmt1Z1h5dlM2Zm9mdkpHTHZPUUZ5ek84eGx0Tm9nOVE1eDF5R1g2MzUiLCJtYWMiOiI4MWFjZjczMjVlN2MyMDA4OTAwNDk4MzIxNjExYTQwZDU1YWY0YzEwOTA3MWJhYjk5MjQ5NDJhZDA1YzcxNzkxIn0%3D; laravel_session=eyJpdiI6ImgrZmZMNnlMdTFwa2hJcmRxNFBPL3c9PSIsInZhbHVlIjoiSVMvd01iUzhoUzYvc2NydUY5SS9UdnpmbWFuVkJuUHkrSzdQdHRtalY4U255SExYdFZ2c2xoTW1wbDFzMHdJRkdjNXk0Ym5zNzN0dENmVDFzeml6Q28rVlJJdDU5a2d3S2JjalR2UDlHdkEyQ0ZwSVR6cndIckZ2RXNUVHNPZWciLCJtYWMiOiJiZDU1NWU2ZDY2MDBkOGYyMGJiODNjM2ZjOWY5MDkwOTQxN2RjMGQ4ZWI3Y2E2MTQ4YWU2MGRlYTg2MjEwMjY4In0%3D
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYMiym2QxvIulbeeDp%2BiIq%2F4%2Bw5MslVUeC%2FOvEhDM49cR90Z4uOS79%2BKrPggqWhKRyS%2FnMDXqSDp5ApLr4v2ewEvluu5Q0UdHFNMVWiEZZFEvdgEqf5EDyV06ehkuR4U51AsIyqpEP3Bu0rN4go3sg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
set-cookie: XSRF-TOKEN=eyJpdiI6Iis4cXMyTUErK0tiWUZZTC9PcDA0MlE9PSIsInZhbHVlIjoiQ1ByNDdkWG5iVU1YZWxVcXpmVWhJT2N6Rnljd3ZwL1V0YUx5MXBxWk5mYklsSEZTcys4TmpVdkNDOHpHSU51YnFoR2VnRkUvNlA2cG9TWmI2TnhLZkFocnBOUUtsSTUvMGN6cTNtNk42VENJbTNYdlEyeFp6c01RTUh4VmRDTi8iLCJtYWMiOiJkY2Q4MDQ3M2ZlNTVlM2NkYWNiNGM5ZTUxYmE3YTljODdlMmE2ZjMxNjljNTdhZGE5OTJhYTZkOTM4NjZhNmNlIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IlZGdXRncnZFVzRjQktLQi83TjVtekE9PSIsInZhbHVlIjoiUzFEL1lJODVWUm5iTGdDSmFSWk5ZcWR0U3FyTkQrUWtyUWpUUlo2TmNGeUo2cFFjeEgzTEJ3alliWjJocnRmM0MzUXltdXlNVU9Gc3RQWGNzS2NReHBPY0xlY1NSSDdaMC9ETCtLS1ZTa2MvU1pkcjVDQTIrNVNJQm85Q0tINmkiLCJtYWMiOiI3YjIwY2VlODcyM2Q0ZTk5YmJkOWNlZmMxZmNhYWQ1ZDEyZTFiYjhiZTZlNGMxMGE5YjRmODZmZmViZmNjMmVhIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Connection: keep-alive
CF-RAY: 69d8377d1d890f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 8718

GET
H/1.1 200
OK jquery.min.js Show response
clckund.widel.men/_assets_/vendor/ Frame B0A6 87 KB
31 KB 94ms
93ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/vendor/jquery.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 30902
last-modified: Sat, 18 Sep 2021 11:56:20 GMT
Server: cloudflare
etag: "15d9d-5cc43bc71c100-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hK4O3EsUkn%2BbhY7FOFTlwCkoNc3vZp%2BS1vwQuVrbeW7gKm%2Beuar0FkO53%2BbhR6SxN93Y5fJSr2PAkFVsSPy%2FthhogoKaoUlYIYFYKDP86tElf7c%2B%2BsGUqJCcA246BBuR%2BpjHMtpTH0ERr4mBFDzhfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d8377c7a56374f-MXP

GET
H/1.1 200
OK js-cookie.js Show response
clckund.widel.men/_assets_/vendor/ Frame B0A6 2 KB
2 KB 24ms
23ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/vendor/js-cookie.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24d0807da6b55f18ea0122256c979f26b6f5500a046eea7df23ad829247dc1e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 4
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 774
last-modified: Sat, 18 Sep 2021 15:21:14 GMT
Server: cloudflare
etag: "619-5cc4699394e80-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5famR1177uQAgd1UGsFWvQfjHYNKjW%2BFoNE7wG2mgQIyctVVeARJunSRjHXGsgBV1mNI2CPwTcK7YY8S3bXYMT0JuBsQ3DNIqIEtianJz%2BmyhyqBV%2Bd%2FZVc2cGhtjUg4tFyiD0KrfCC7SO14ye%2Bwg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d8377c7a5e59bf-MXP

GET
H/1.1 200
OK iframeResizer.contentWindow.min.js Show response
clckund.widel.men/_assets_/vendor/ Frame B0A6 13 KB
6 KB 83ms
81ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/vendor/iframeResizer.contentWindow.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 308a96ec06e45f08fc5bb3b8ca1451e142ea80a7bf85370a59b814df87e2ea39

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 5087
last-modified: Sat, 18 Sep 2021 12:06:16 GMT
Server: cloudflare
etag: "3530-5cc43dff7fe00-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aS0tMDVqXgmIbOQV6Zf87jjGrn1rTbVmwLQCWBVm5jAMK3Zi02v7ICJOa7EU0sCSECDPW%2Fc7rOYo%2BClvp8GVj6NEnr4aCzu25y7qH1MsbjwfsDJ5oMjD5Y8hPrdvCXjJVzuJVo9DWJoVQy%2B6TZMxhw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d8377c6cb80e06-MXP

GET
H/1.1 200
OK children.js Show response
clckund.widel.men/_assets_/av/ Frame B0A6 2 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/av/children.js?1634109007
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 020e9d1cf296d9e0a5c123cc6fc6e4b4b71f6b8be5a8da3d96bd0cfe0f0aeecf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 672
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 762
last-modified: Sat, 14 Aug 2021 17:23:02 GMT
Server: cloudflare
etag: "6c2-5c988385e6980-gzip"
vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WyfZFjh51xfQ3Y7MIPd3%2FU5qZHbF40UR%2BfNitcv7%2BpN0WCp7koYK4q2t03JTrWylnHgqJeXukU6eOw30bwu2IfbGfbGQHJ%2BX8RIcwLrg4I16XK1O72xIkfPm9usCSeod0JrP%2BgBYD%2BiVlx4DQp%2Fqw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
CF-RAY: 69d8377c6a4f4aaa-FRA

GET
H/1.1 200
OK children.js Show response
clckund.widel.men/_assets_/av/4/ Frame B0A6 0
803 B 85ms
85ms Script
application/javascript 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_assets_/av/4/children.js?1634109007
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
CF-Cache-Status: MISS
last-modified: Sat, 18 Sep 2021 16:13:52 GMT
Server: cloudflare
etag: "0-5cc4755749000"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5ZmkohkG6wrZj8%2Bd0a0jrZh3mNPWtRbQFJyC3rGSIJTYHkpcu29xuDvB60KKdi8VSkDE4Rw38vs8IaVoG0ax2zX5zZVeT7IgeJaotLIyvx%2BZVTOPJgmYVl1FEIC5Q6USe4mr55j2WJzMJd85iPa9A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 69d8377c9cb60f66-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 0

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/ Frame B0A6
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0ABA4673527831C00A490D45%40AdobeOrg&d_nsid=0&ts=1634124425635
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0ABA4673527831C00A490D45%40AdobeOrg&d_nsid=0&ts=1634124425635

1 KB
1 KB

33ms
33ms

XHR
application/json

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0ABA4673527831C00A490D45%40AdobeOrg&d_nsid=0&ts=1634124425635

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

b805203a7c9c5d72f9de48e9e0142fe72840a3f424280f6b0ce5aabb78ee6fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v018-0807da26f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 6X+73W5YTfc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://clckund.widel.men
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 653
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v018-0434fb018.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: http://clckund.widel.men
X-TID: QXIxZculRe0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=0ABA4673527831C00A490D45%40AdobeOrg&d_nsid=0&ts=1634124425635
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame B0A6 33 KB
12 KB 49ms
10ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_cdn_?host=assets.adobedtm.com&hash=6d959d45528e9d7c4909fafca469d76e&path=launch-ENdec3197734dd4b629a9283183faf094b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://clckund.widel.men
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Wed, 13 Oct 2021 12:27:05 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ Frame B0A6 3 KB
2 KB 53ms
14ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_cdn_?host=assets.adobedtm.com&hash=6d959d45528e9d7c4909fafca469d76e&path=launch-ENdec3197734dd4b629a9283183faf094b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://clckund.widel.men
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Wed, 13 Oct 2021 12:27:05 GMT

OPTIONS
H2 200 native-message
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame 0
0 29ms
10ms Preflight
text/plain 13.35.253.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/native-message?requestUUID=c4d3dbc8-f52b-42f5-bf16-0a6257b7d43c&hasCsp=true&env=prod&consentLanguage=browserDefault&body=%7B%22propertyId%22%3A2371%2C%22accountId%22%3A630%2C%22requestUUID%22%3A%22c4d3dbc8-f52b-42f5-bf16-0a6257b7d43c%22%2C%22propertyHref%22%3A%22http%3A%2F%2Fclckund.widel.men%2F_iframe_%3Fpath%3D%26hash%3D6d959d45528e9d7c4909fafca469d76e%22%2C%22euconsent%22%3Anull%2C%22meta%22%3A%22%7B%5C%22mmsCookies%5C%22%3A%5B%5D%2C%5C%22resolved%5C%22%3Anull%7D%22%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcdn.privacy-mgmt.com%22%2C%22targetingParams%22%3Anull%2C%22campaignEnv%22%3A%22prod%22%2C%22pubData%22%3A%7B%7D%7D

Protocol

Server

13.35.253.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-43.fra6.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://clckund.widel.men
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain; charset=utf-8
content-length: 2
date: Wed, 13 Oct 2021 11:27:05 GMT
x-powered-by: Express
access-control-allow-origin: http://clckund.widel.men
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: YrwqTT8ICCZnPmclk1JVDCrRFoSHOgfKl20l-2CKFCAOsRtHlX6S0Q==

GET
H2 200 native-message Show response
cdn.privacy-mgmt.com/wrapper/tcfv2/v1/gdpr/ Frame B0A6 58 KB
5 KB 17ms
17ms XHR
application/json 13.35.253.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_cdn_?host=gdpr-tcfv2.sp-prod.net&hash=6d959d45528e9d7c4909fafca469d76e&path=wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.253.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-253-43.fra6.r.cloudfront.net

Software

/ Express

Resource Hash

343138a13c575a7ab6330e5c28ccb3694164a32487404b852ffa2fd42e40ad3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: http://clckund.widel.men/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Oct 2021 11:27:05 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://clckund.widel.men
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: sfRnwi54eaH3_BNEIBd5rdliGsJE8QgNTaT4KsgZcSp0wlm9EiIaVQ==
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)

GET
H/1.1

200
OK

QzExNjdUMiAg.js Show response
cdn4.userzoom.com/files/js/ Frame B0A6
Redirect Chain

http://cdn4.userzoom.com/files/js/QzExNjdUMiAg.js?t=uz_til&cuid=B586ADA60ECEE411B0190022196C2B88
https://cdn4.userzoom.com/files/js/QzExNjdUMiAg.js?t=uz_til&cuid=B586ADA60ECEE411B0190022196C2B88

2 KB
1 KB

104ms
21ms

Script
application/x-javascript

209.197.3.16
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn4.userzoom.com/files/js/QzExNjdUMiAg.js?t=uz_til&cuid=B586ADA60ECEE411B0190022196C2B88

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.197.3.16 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

vip0x010.map2.ssl.hwcdn.net

Software

Resource Hash

a7d89f8774aeefda4e6f94a0f550797460cb834e8e94e9f6f5a96ab4abfb4a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Oct 2021 07:22:35 GMT
ETag: "1633418555"
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-HW: 1634124425.dop238.lo4.t,1634124425.cds088.lo4.shn,1634124425.dop238.lo4.t,1634124425.cds002.lo4.c
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: public, max-age=10
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 924

Redirect headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-HW: 1634124425.dop002.lo4.t,1634124425.cds002.lo4.c
Location: https://cdn4.userzoom.com/files/js/QzExNjdUMiAg.js?t=uz_til&cuid=B586ADA60ECEE411B0190022196C2B88
Cache-Control: max-age=0
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK _cdn_
clckund.widel.men/ Frame B0A6 27 KB
29 KB 68ms
56ms Font
application/font-woff 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=resources/fonts/sky-medium.woff
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=css/min/site-article-1e3b8b5ea47d2fd445de1d7a30778bea.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Request headers

Pragma: no-cache
Origin: http://clckund.widel.men
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=css/min/site-article-1e3b8b5ea47d2fd445de1d7a30778bea.css
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=css/min/site-article-1e3b8b5ea47d2fd445de1d7a30778bea.css
Origin: http://clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9xxENRITgbn%2FBYqJcsu%2FCoF%2FM87%2FWiRs0LrR70RMn1YqF0gx4jwadsZgVQ0nZgIgYKszQMF2h2JhO2SU%2BkHbSecRkdcVstYFAqEaTDjHZWpJMLFHVwwjoDs45F69%2Bvk%2BuKrPnu9YvrZzmflWyLykA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
set-cookie: XSRF-TOKEN=eyJpdiI6InErVEQyRjA0RU1WeTM5dmR6eXpFdWc9PSIsInZhbHVlIjoiU2JxSjJNWHZJZGFtZ3p4ZnVoNDBvVy9Mcm85bDZiWHJ4a3JJWVlHWDZXWXNpVU5DSk9hcHlZbEc3RVJjc0d1L2hNbGdQamtCT0s2REZkd21wQXhuN0dCTmt1Z1h5dlM2Zm9mdkpHTHZPUUZ5ek84eGx0Tm9nOVE1eDF5R1g2MzUiLCJtYWMiOiI4MWFjZjczMjVlN2MyMDA4OTAwNDk4MzIxNjExYTQwZDU1YWY0YzEwOTA3MWJhYjk5MjQ5NDJhZDA1YzcxNzkxIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6ImgrZmZMNnlMdTFwa2hJcmRxNFBPL3c9PSIsInZhbHVlIjoiSVMvd01iUzhoUzYvc2NydUY5SS9UdnpmbWFuVkJuUHkrSzdQdHRtalY4U255SExYdFZ2c2xoTW1wbDFzMHdJRkdjNXk0Ym5zNzN0dENmVDFzeml6Q28rVlJJdDU5a2d3S2JjalR2UDlHdkEyQ0ZwSVR6cndIckZ2RXNUVHNPZWciLCJtYWMiOiJiZDU1NWU2ZDY2MDBkOGYyMGJiODNjM2ZjOWY5MDkwOTQxN2RjMGQ4ZWI3Y2E2MTQ4YWU2MGRlYTg2MjEwMjY4In0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 69d8377c8a834aaa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK _cdn_
clckund.widel.men/ Frame B0A6 28 KB
29 KB 114ms
98ms Font
application/font-woff 2606:4700:3031::ac43:b732
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=resources/fonts/sky-regular.woff
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=css/min/site-article-1e3b8b5ea47d2fd445de1d7a30778bea.css
Protocol: HTTP/1.1
Server: 2606:4700:3031::ac43:b732 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77a61ea173d14f725f5d8da5372415ab818ff61a7b5263eaae90fef520263444

Request headers

Pragma: no-cache
Origin: http://clckund.widel.men
Accept-Encoding: gzip, deflate
Host: clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=css/min/site-article-1e3b8b5ea47d2fd445de1d7a30778bea.css
Cookie: XSRF-TOKEN=eyJpdiI6InBjRFNCN1M5RDZaS0VmaE1zbWE1WFE9PSIsInZhbHVlIjoiU3BHcS9MR2E2RVpXN2VvSjlhd0VrTjFJakthZlFHWEltZk9EVmt0Z1J4U1pHWCtxamtPcEhieDhQMm8ydGk0TDJKZjlLQlNaYzRVZDJWUEJQVE1uMGw5Vmt0dmdvTVJORGJQS3g3YnQ5b28zbVdUUHVYaWphWjZMYzgxZ2lleE0iLCJtYWMiOiJmOTdjNzZkZWY1Y2QwOTU1NzU5NTIzOTEyMmJmNDIxN2UxNjFhOTFiZjliNjY4YjM3MmM5YjI4MDNiZGIzZWZjIn0%3D; laravel_session=eyJpdiI6Im85ZzBhZU8xYkl0Ri9CNFpkWGpzdWc9PSIsInZhbHVlIjoiczhkaVl6L2l1OFhYTEljVU4rcGhnckNSMXMrK1VFRkNCaVByMTNScExBNVgrY2plTWJuR2s1VVpvVWdzNVJhK3d0QnJlTDBXUm9kOVVtdnIraXBCQ0I4VHFJYjJZMlFTWWY5RHZ5dEdCQ3NzUmU5b3pVMmttNlZMN3VlY1FCTksiLCJtYWMiOiJkZTlkYWVhNjQ5NmFkNDNhMTU1ZjhiMzg1MmFlMDYyMGE3MDJiMjdmYWNjMmRjNDFkODQ3NjEwOGU0ZmY0NGY0In0%3D; AMCV_0ABA4673527831C00A490D45%40AdobeOrg=-1124106680%7CMCIDTS%7C18914%7CvVersion%7C5.2.0
Connection: keep-alive
Referer: http://clckund.widel.men/_cdn_?host=news.sky.com&hash=6d959d45528e9d7c4909fafca469d76e&path=css/min/site-article-1e3b8b5ea47d2fd445de1d7a30778bea.css
Origin: http://clckund.widel.men
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 13 Oct 2021 11:27:05 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7vfdgNdJDrCa6AvBfnc8JpGZSP3CQsTpnDv9ezIRay7SxZh1F3hc27QPSKYiqWD62nMDNvIlgXi31xmey6aVqTl%2FCWWUeg2N%2FJguUBR1TN3DbmBRVieDC4CgmQVhOTvERsp2zMX95TcMJuL1eNVnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
set-cookie: XSRF-TOKEN=eyJpdiI6IklnTzJiQ1VEUjhLYzFON2hZbXRMcEE9PSIsInZhbHVlIjoidlpQejAydytZYkFZVUNBV2ZGcHNBQ0RBdnpwaUNxc2MyN1hwWkF3WEg4QWVkWTNka2RYVm90VmZPWHNDMFV4VUo5YmU2WHZDVDZBWWYvMmxqWEJEQzNxSU1wVmNSaTN2ZlQxTmpTUjIxdms0YmVrZ3FaNnRTelpBNC9FaTV2MDciLCJtYWMiOiJhYzFkMDAwZDAzMWNiMDVkODZkZmJkMDZmNDE2ZGFhYzFhNjE4Mzc0N2YzYmRkNjhmNDY1OWQ1ODdmZTBiMmI1In0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6ImZRNXBzTnR5WnZzeWI2WUpHY2dqOUE9PSIsInZhbHVlIjoiejkwL0VYdjZTREhLcHhGUmVtTkZLcHZPc041ZUtkWjk3NHFSNjdsVmdXUnZDWGwxZ2c2emsxWWVDR0pVZHVUZC9vZVdiK1VoSWRjUUZOVDN4dUpJREtBelBxclZ4eEFzMVZPSk1TaDJxMnJKYlQzS1M0UnBjbUtKbGlEUzFYUXYiLCJtYWMiOiJlYzY2YmNhYTMzODUxYWUzNWI3NTZlMDk0MmNmMjMwNDI0MzMwOTgxZWFkNDVkMzkzZTZkZjY5MmEzNTJkYjZlIn0%3D; expires=Wed, 13-Oct-2021 13:27:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
cache-control: max-age=43200, private
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 69d8377c9a9459bf-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame B0A6 711 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4e7ec31e783821816da1df50e72ecb4418b56793d9dd8b2a52221e31cbf0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B0A6 434 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3f5cc0c89cc79ec51aee6181c3b97b34db1b68ae0010e852fd62c7f9d7242df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 skynews-crypto-cryptocurrency_5475278.jpg
e3.365dm.com/21/08/1600x900/ Frame B0A6 293 KB
294 KB 139ms
28ms Image
image/jpeg 2a02:26f0:6c00:2a1::3757
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://e3.365dm.com/21/08/1600x900/skynews-crypto-cryptocurrency_5475278.jpg?20210811121952

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2a1::3757 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

none /

Resource Hash

017b5e055e1c407298389a7c09a3e976738a2b862f27e4bd8c0756db4a6c7b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=297991, s-maxage=15552000
server: none
content-type: image/jpeg
date: Wed, 13 Oct 2021 11:27:05 GMT
content-length: 299813
expires: Sat, 16 Oct 2021 22:13:36 GMT

GET
H/1.1 200
OK dest5.html Show response
bskyb.demdex.net/ Frame 8246 7 KB
3 KB 141ms
36ms Document
text/html 52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bskyb.demdex.net/dest5.html?d_nsid=0

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_cdn_?host=assets.adobedtm.com&hash=6d959d45528e9d7c4909fafca469d76e&path=launch-ENdec3197734dd4b629a9283183faf094b.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: bskyb.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://clckund.widel.men/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=33692194749293039872069445466476586328
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://clckund.widel.men/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 13 Oct 2021 11:27:05 GMT
DCS: dcs-prod-irl1-1-v018-0da4f8ae3.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 4 Oct 2021 13:53:51 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: oozBMK+QS1k=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
smetrics.sky.com/ Frame B0A6 48 B
506 B 72ms
17ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.sky.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=0ABA4673527831C00A490D45%40AdobeOrg&mid=33620629786644703132076591099573826498&ts=1634124425803

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_cdn_?host=assets.adobedtm.com&hash=6d959d45528e9d7c4909fafca469d76e&path=launch-ENdec3197734dd4b629a9283183faf094b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

2150149fa501d019c32b67f73fda83b5042b93e81bbdfdfab1115a83d0e9ea7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://clckund.widel.men/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Oct 2021 11:27:05 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-b4c7fdd79-z6sdg
vary: Origin
x-c: main-1540.I13d07b.M0-522
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://clckund.widel.men
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=0GHLt2B31MACpA5
dpm.demdex.net/ Frame 8246
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=0GHLt2B31MACpA5

42 B
945 B

33ms
33ms

Image
image/gif

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=0GHLt2B31MACpA5

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bskyb.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-03a515461.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: S5GdldFGT4k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 11:27:05 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0fde9184b57476aa9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=0GHLt2B31MACpA5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=4248914136537129993
dpm.demdex.net/ Frame 8246
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4248914136537129993

42 B
945 B

34ms
33ms

Image
image/gif

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=4248914136537129993

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bskyb.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v018-072cb8bc6.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: X/62eMOeTn0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 11:27:06 GMT
X-Proxy-Origin: 194.36.108.21; 194.36.108.21; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3487f9c9-72f0-449c-a1fc-f55f18e2ec38
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=4248914136537129993
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEFaYT4ieIdQO_xe9zKbmbe8&google_cver=1
dpm.demdex.net/ Frame 8246
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzM2OTIxOTQ3NDkyOTMwMzk4NzIwNjk0NDU0NjY0NzY1ODYzMjg=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzM2OTIxOTQ3NDkyOTMwMzk4NzIwNjk0NDU0NjY0NzY1ODYzMjg=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFaYT4ieIdQO_xe9zKbmbe8&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

32ms
32ms

Image
image/gif

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFaYT4ieIdQO_xe9zKbmbe8&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bskyb.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-0efdf6442.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sdkbUNwCQGw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 11:27:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFaYT4ieIdQO_xe9zKbmbe8&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=3698b851-f138-4771-b491-ff9da8c1685f
dpm.demdex.net/ Frame 8246
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3698b851-f138-4771-b491-ff9da8c1685f

42 B
945 B

32ms
31ms

Image
image/gif

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=3698b851-f138-4771-b491-ff9da8c1685f

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bskyb.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-058e9a459.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hFQDZdotT9U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 11:27:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=3698b851-f138-4771-b491-ff9da8c1685f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=aGPDYD1gzTdzZMxhOGDYY2kxwjVzZZRjaGszlrHI
dpm.demdex.net/ Frame 8246
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aGPDYD1gzTdzZMxhOGDYY2kxwjVzZZRjaGszlrHI

42 B
945 B

41ms
35ms

Image
image/gif

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aGPDYD1gzTdzZMxhOGDYY2kxwjVzZZRjaGszlrHI

Requested by

Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bskyb.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-0b90d5c4a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VnXhyoSNRLg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 13 Oct 2021 11:27:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=aGPDYD1gzTdzZMxhOGDYY2kxwjVzZZRjaGszlrHI
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame 8246 0
411 B 434ms
98ms Image
text/html 2600:1f18:6593:f601:8729:44f1:1075:68b9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by: Host: clckund.widel.men
URL: http://clckund.widel.men/_iframe_?path=&hash=6d959d45528e9d7c4909fafca469d76e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:6593:f601:8729:44f1:1075:68b9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bskyb.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Oct 2021 11:27:06 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: unpkg.com
URL: https://unpkg.com/mdi@2.2.43/css/materialdesignicons.min.css

Domain: unpkg.com
URL: https://unpkg.com/line-awesome@1.3.0/dist/line-awesome/css/line-awesome.min.css

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
clckund.widel.men/	1970-01-20 06:41:00	Name: consentUUID Value: bca0687c-9b06-4b0e-92c1-e26f311ab505
.demdex.net/	1970-01-20 02:14:36	Name: demdex Value: 33692194749293039872069445466476586328
.widel.men/	1969-12-31 23:59:59	Name: AMCVS_0ABA4673527831C00A490D45%40AdobeOrg Value: 1
.widel.men/	1970-01-20 15:26:36	Name: AMCV_0ABA4673527831C00A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18914%7CMCMID%7C33620629786644703132076591099573826498%7CMCAAMLH-1634729225%7C6%7CMCAAMB-1634729225%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1634131625s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
clckund.widel.men/	1970-01-19 21:55:31	Name: XSRF-TOKEN Value: eyJpdiI6Iis4cXMyTUErK0tiWUZZTC9PcDA0MlE9PSIsInZhbHVlIjoiQ1ByNDdkWG5iVU1YZWxVcXpmVWhJT2N6Rnljd3ZwL1V0YUx5MXBxWk5mYklsSEZTcys4TmpVdkNDOHpHSU51YnFoR2VnRkUvNlA2cG9TWmI2TnhLZkFocnBOUUtsSTUvMGN6cTNtNk42VENJbTNYdlEyeFp6c01RTUh4VmRDTi8iLCJtYWMiOiJkY2Q4MDQ3M2ZlNTVlM2NkYWNiNGM5ZTUxYmE3YTljODdlMmE2ZjMxNjljNTdhZGE5OTJhYTZkOTM4NjZhNmNlIn0%3D
clckund.widel.men/	1970-01-19 21:55:31	Name: laravel_session Value: eyJpdiI6IlZGdXRncnZFVzRjQktLQi83TjVtekE9PSIsInZhbHVlIjoiUzFEL1lJODVWUm5iTGdDSmFSWk5ZcWR0U3FyTkQrUWtyUWpUUlo2TmNGeUo2cFFjeEgzTEJ3alliWjJocnRmM0MzUXltdXlNVU9Gc3RQWGNzS2NReHBPY0xlY1NSSDdaMC9ETCtLS1ZTa2MvU1pkcjVDQTIrNVNJQm85Q0tINmkiLCJtYWMiOiI3YjIwY2VlODcyM2Q0ZTk5YmJkOWNlZmMxZmNhYWQ1ZDEyZTFiYjhiZTZlNGMxMGE5YjRmODZmZmViZmNjMmVhIn0%3D
.w55c.net/	1970-01-20 07:25:38	Name: wfivefivec Value: 0GHLt2B31MACpA5
.w55c.net/	1970-01-19 22:38:36	Name: matchdmx Value: 5
.dpm.demdex.net/	1970-01-20 02:14:36	Name: dpm Value: 33692194749293039872069445466476586328
.adnxs.com/	1970-01-20 00:05:00	Name: uuid2 Value: 4248914136537129993
.doubleclick.net/	1970-01-20 07:17:00	Name: IDE Value: AHWqTUlexZy3I5YiDEqvMzW5ouTa1fRL9HBMmcLBva6Ki0p15rai2yuapx4eqs5J3JM
.adsrvr.org/	1970-01-20 06:41:00	Name: TDID Value: 3698b851-f138-4771-b491-ff9da8c1685f
.adsrvr.org/	1970-01-20 06:41:00	Name: TDCPM Value: CAESEgoDYWFtEgsIzJqpuM2RhzoQBRgFIAEoAjILCJzdn-XjkYc6EAU4AQ..
.quantserve.com/	1970-01-20 00:05:00	Name: d Value: EPIBDAG8JLmvYA
.quantserve.com/	1970-01-20 07:25:38	Name: mc Value: 6166c28a-697f2-57c7c-7a569
.demdex.net/	1970-01-20 02:14:36	Name: dextp Value: 359-1-1634124425963\|358-1-1634124426064\|771-1-1634124426166\|903-1-1634124426267\|1175-1-1634124426368\|796-1-1634124426469
.fwmrm.net/	1970-01-20 02:14:36	Name: _uid Value: "e55e7_7018510967265628478"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bskyb.demdex.net
cdn.privacy-mgmt.com
cdn4.userzoom.com
clckund.widel.men
cm.g.doubleclick.net
dmp.v.fwmrm.net
dpm.demdex.net
e3.365dm.com
ib.adnxs.com
match.adsrvr.org
pixel.quantserve.com
pm.w55c.net
smetrics.sky.com
unpkg.com
unpkg.com
13.35.253.43
142.250.186.162
15.188.95.229
185.33.221.91
209.197.3.16
2600:1f18:6593:f601:8729:44f1:1075:68b9
2606:4700:3031::ac43:b732
2606:4700::6810:7caf
2620:116:800d:21:51e4:db4b:4436:b305
2a02:26f0:6c00:299::1e80
2a02:26f0:6c00:2a1::3757
3.123.163.175
52.48.145.41
63.32.159.255
76.223.111.131
017b5e055e1c407298389a7c09a3e976738a2b862f27e4bd8c0756db4a6c7b96
020e9d1cf296d9e0a5c123cc6fc6e4b4b71f6b8be5a8da3d96bd0cfe0f0aeecf
037116b0806082ffb89623e6914ea2826c70ed064875404a03c8b39b5b1e3162
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0d8a0bb99079a8e4b89fcbea792a49fa1323c9703b2929f40224557f53c2256f
163996482296347d7e8925104dec2963ba1b318e4e131f8ededdf916e8a27380
2150149fa501d019c32b67f73fda83b5042b93e81bbdfdfab1115a83d0e9ea7c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a44060cbd57d5298c029564157ebff106a3bf5bee300ec47978a408a9840184
308a96ec06e45f08fc5bb3b8ca1451e142ea80a7bf85370a59b814df87e2ea39
30aeb561626cbdcb72014ff93b6e6a4b0aab35b5a4301c91944580b244ea6058
343138a13c575a7ab6330e5c28ccb3694164a32487404b852ffa2fd42e40ad3d
374e261691de8f50b15aafeb9eb102f2fb252affd98259eafc581cca94ac851b
3f7f574ac8603d02b38404f0ec53b505e571d8e7b1af86821a8c632407617eed
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
475a8acf1f1441cb3c8e8181e6ab908b991096c9f01ab0f5e5e71174dd032cc4
563bac9ba2a1d94effb5bea3061f8c39fc6769fd935ac4e9877e1b30a842d507
77a61ea173d14f725f5d8da5372415ab818ff61a7b5263eaae90fef520263444
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ea6bea9dbe5d24763b0570ce68e4b0463f505d561315b0fb5aa4697c0e7ab9
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8c0b0d6f1f5d0ac240b6a0bb4718c36900b29558abe29724c8ef87e9d3d31675
9803a7d38f570c85b8dee4bf755a6ad4527551115b39d95f83227c0db7955178
a4e7ec31e783821816da1df50e72ecb4418b56793d9dd8b2a52221e31cbf0d4f
a7d89f8774aeefda4e6f94a0f550797460cb834e8e94e9f6f5a96ab4abfb4a99
aa46be8c4e0e413dfb85925cbfcc2010fa4f5909fcd54cd3f88b42fa3fb7b110
b0071cd7ccef32768966b353e2ff09d13e07ab31148944e5545803232c2341e9
b24d0807da6b55f18ea0122256c979f26b6f5500a046eea7df23ad829247dc1e
b805203a7c9c5d72f9de48e9e0142fe72840a3f424280f6b0ce5aabb78ee6fa6
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d82acc32d3045c22cfef1268aa0f31c7ef3834e1003af6057270b857ad4726cb
e16b672371b927a89b2ce8afa249daf604e5b0c9d1bb851d161d88d992f3a4f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f5cc0c89cc79ec51aee6181c3b97b34db1b68ae0010e852fd62c7f9d7242df
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

clckund.widel.men Open in urlscan Pro 2606:4700:3031::ac43:b732 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

39 %HTTPS

40 %IPv6

14 Domains

15 Subdomains

11 IPs

5 Countries

756 kBTransfer

1816 kBSize

17 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

clckund.widel.men Open in urlscan Pro
2606:4700:3031::ac43:b732 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

39 %
HTTPS

40 %
IPv6

14
Domains

15
Subdomains

11
IPs

5
Countries

756 kB
Transfer

1816 kB
Size

17
Cookies

44 HTTP transactions
3 data transactions