urlscan.io logo urlscan.io
SecurityTrails logo

www.rohrkopf.de Open in urlscan Pro
85.13.161.133  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.rohrkopf.de/
Effective URL: https://www.rohrkopf.de/
Submission: On September 21 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 5 countries across 67 domains to perform 244 HTTP transactions. The main IP is 85.13.161.133, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.rohrkopf.de.
TLS certificate: Issued by R3 on August 2nd 2022. Valid for: 3 months.
This is the only time www.rohrkopf.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 85.13.161.133 34788 (NMM-AS D)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a01:4f9:4b:1... 24940 (HETZNER-AS)
8 195.201.169.184 24940 (HETZNER-AS)
4 6 2a01:4f8:10b:... 24940 (HETZNER-AS)
4 2a01:4f8:212:... 24940 (HETZNER-AS)
6 94.130.9.175 24940 (HETZNER-AS)
14 91.194.84.77 24961 (MYLOC-AS ...)
19 213.239.205.245 24940 (HETZNER-AS)
2 162.19.154.224 16276 (OVH)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
5 3.11.238.206 16509 (AMAZON-02)
2 18.66.147.41 16509 (AMAZON-02)
3 18.66.147.59 16509 (AMAZON-02)
4 178.63.98.119 24940 (HETZNER-AS)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 8 104.20.45.59 13335 (CLOUDFLAR...)
1 172.67.72.239 13335 (CLOUDFLAR...)
3 17 195.90.212.124 42730 (EVANZOAS)
1 2a03:4000:68:... 197540 (NETCUP-AS...)
1 52.216.178.45 16509 (AMAZON-02)
8 18.134.23.117 16509 (AMAZON-02)
1 89.163.223.180 24961 (MYLOC-AS ...)
2 109.237.132.11 45012 (CLOUDPIT)
1 213.239.218.117 24940 (HETZNER-AS)
1 151.101.112.193 54113 (FASTLY)
2 170.249.194.154 ()
2 2606:4700:303... ()
1 1 35.187.21.229 ()
1 2a04:4e42:400... ()
1 104.111.239.217 ()
19 85.13.152.124 ()
1 52.222.214.64 ()
1 1 2400:52e0:1e0... ()
1 2 2a04:4e42:400... ()
3 2606:4700:20:... ()
1 94.130.146.221 ()
3 80.190.117.158 ()
4 2606:4700:20:... ()
1 88.198.5.241 ()
1 2606:4700:303... ()
1 2606:4700:303... ()
1 2a00:1450:400... ()
6 185.180.12.68 ()
1 138.199.37.226 ()
1 172.67.6.49 ()
244 46
12    85.13.161.133 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd52118.kasserver.com
www.rohrkopf.de
3    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a01:4f9:4b:1406::2 (Germany)

ASN24940 (HETZNER-AS, DE)
www.fastcounter.de
8    195.201.169.184 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.184.169.201.195.clients.your-server.de
zuppelzockt.com
deli.misaglam.com
spaceeditors.com
6    2a01:4f8:10b:ddc::2 (Germany)

ASN24940 (HETZNER-AS, DE)
cee3f0doi1a2.de
c.blyatflix.de
thisis.aninter.net
d08q4os3homh.de
4    2a01:4f8:212:29e0::2 (Germany)

ASN24940 (HETZNER-AS, DE)
tool.hubu.link
6    94.130.9.175 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h109.hubuhost.com
ref.cdnplus.de
g.cash-ads.com
14    91.194.84.77 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cpanel.vms1-scripte.de
werbe-start.de
19    213.239.205.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.239.205.245.clients.your-server.de
ad.a-ads.com
static.a-ads.com
2    162.19.154.224 (France)

ASN16276 (OVH, FR)
PTR: de-c114.cdnplus.de
de-c114.cdnplus.de
24    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
5    3.11.238.206 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
track.webgains.com
2    18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net
analytics.webgains.io
3    18.66.147.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-59.fra60.r.cloudfront.net
cdn.track.production.webgains.team
4    178.63.98.119 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: srv.ms-i-service.net
www.ad-mix.de
www.ads4you.biz
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    104.20.45.59 (None, )

ASN13335 (CLOUDFLARENET, US)
bk.adcocktail.com
pop.adcocktail.com
tl.adcocktail.com
tt.adcocktail.com
www.adcocktail.com
1    172.67.72.239 (United States)

ASN13335 (CLOUDFLARENET, US)
rollercoin.com
17    195.90.212.124 (Germany)

ASN42730 (EVANZOAS, DE)
PTR: v99150.1blu.de
sekundensparer.de
www.sekundensparer.de
libertad-ads.de
1    2a03:4000:68:ed8:1461:73ff:fedd:73ce (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
www.wirb-oder-stirb.eu
1    52.216.178.45 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
8    18.134.23.117 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
api.webgains.io
1    89.163.223.180 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: vps2050907.fastwebserver.de
www.netzwerk-ad.de
2    109.237.132.11 (Germany)

ASN45012 (CLOUDPIT, DE)
PTR: alfa3212.alfahosting-server.de
artemtyse.de
1    213.239.218.117 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: server.paid4marketing.de
www.euro-ads.de
1    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
2    170.249.194.154 (None, )

ASN- ()
my-banner-ads.com
2    2606:4700:3030::6815:544 (None, )

ASN- ()
autofaucet.org
1    35.187.21.229 (None, )

ASN- ()
qwedvm.r.palmenmann.de
1    2a04:4e42:400::393 (None, )

ASN- ()
res.cloudinary.com
1    104.111.239.217 (None, )

ASN- ()
www.awin1.com
19    85.13.152.124 (None, )

ASN- ()
w-w-diamonds-club.com
1    52.222.214.64 (None, )

ASN- ()
arc.io
1    2400:52e0:1e00::601:1 (None, )

ASN- ()
cdn.materialdesignicons.com
2    2a04:4e42:400::485 (None, )

ASN- ()
cdn.jsdelivr.net
3    2606:4700:20::681a:993 (None, )

ASN- ()
leadsleap.com
w.leadsleap.com
1    94.130.146.221 (None, )

ASN- ()
banner.ebesucher.de
3    80.190.117.158 (None, )

ASN- ()
www.adcity.eu
4    2606:4700:20::681a:6ba (None, )

ASN- ()
www.amcharts.com
1    88.198.5.241 (None, )

ASN- ()
gold-surfer-faucet.de
1    2606:4700:3033::6815:2848 (None, )

ASN- ()
dualmine.com
1    2606:4700:3033::6815:581a (None, )

ASN- ()
webminepool.com
1    2a00:1450:4001:82b::2008 (None, )

ASN- ()
www.googletagmanager.com
6    185.180.12.68 (None, )

ASN- ()
static.arc.io
1    138.199.37.226 (None, )

ASN- ()
core.arc.io
1    172.67.6.49 (None, )

ASN- ()
static1.freebitco.in
Apex Domain
Subdomains		 Transfer
24 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2111
as.ad4m.at — Cisco Umbrella Rank: 27692
assets.ad4m.at — Cisco Umbrella Rank: 34810
2 MB
19 w-w-diamonds-club.com
w-w-diamonds-club.com
117 KB
19 a-ads.com
ad.a-ads.com — Cisco Umbrella Rank: 38459
static.a-ads.com — Cisco Umbrella Rank: 52686
3 MB
14 werbe-start.de
werbe-start.de
251 KB
12 sekundensparer.de
sekundensparer.de
www.sekundensparer.de
69 KB
12 rohrkopf.de
www.rohrkopf.de
305 KB
10 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 23027
api.webgains.io — Cisco Umbrella Rank: 59421
171 KB
9 fastcounter.de
www.fastcounter.de — Cisco Umbrella Rank: 402218
5 KB
8 arc.io
arc.io
static.arc.io
core.arc.io
159 KB
8 adcocktail.com
bk.adcocktail.com
pop.adcocktail.com
tl.adcocktail.com
tt.adcocktail.com
www.adcocktail.com
3 KB
6 cdnplus.de
ref.cdnplus.de — Cisco Umbrella Rank: 390735
de-c114.cdnplus.de — Cisco Umbrella Rank: 479397
78 KB
5 libertad-ads.de
libertad-ads.de
9 KB
5 webgains.com
track.webgains.com — Cisco Umbrella Rank: 48798
157 KB
4 amcharts.com
www.amcharts.com
290 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
12 KB
4 hubu.link
tool.hubu.link — Cisco Umbrella Rank: 782532
50 KB
3 adcity.eu
www.adcity.eu
1 KB
3 leadsleap.com
leadsleap.com
w.leadsleap.com
189 KB
3 spaceeditors.com
spaceeditors.com — Cisco Umbrella Rank: 633355
2 KB
3 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 69591
99 KB
3 zuppelzockt.com
zuppelzockt.com — Cisco Umbrella Rank: 704404
2 KB
3 googleapis.com
ajax.googleapis.com Failed
fonts.googleapis.com — Cisco Umbrella Rank: 40
2 KB
2 jsdelivr.net
cdn.jsdelivr.net
34 KB
2 cash-ads.com
g.cash-ads.com
2 KB
2 autofaucet.org
autofaucet.org
5 KB
2 my-banner-ads.com
my-banner-ads.com
2 KB
2 artemtyse.de
artemtyse.de
52 KB
2 ads4you.biz
www.ads4you.biz
456 B
2 ad-mix.de
www.ad-mix.de
932 B
2 misaglam.com
deli.misaglam.com — Cisco Umbrella Rank: 753892
887 B
2 aninter.net
thisis.aninter.net — Cisco Umbrella Rank: 474317
341 B
2 blyatflix.de
c.blyatflix.de — Cisco Umbrella Rank: 407481
363 B
1 freebitco.in
static1.freebitco.in
26 KB
1 googletagmanager.com
www.googletagmanager.com
74 KB
1 webminepool.com
webminepool.com
62 KB
1 dualmine.com
dualmine.com
1 gold-surfer-faucet.de
gold-surfer-faucet.de
39 KB
1 ebesucher.de
banner.ebesucher.de
25 KB
1 materialdesignicons.com
cdn.materialdesignicons.com
990 B
1 awin1.com
www.awin1.com
702 B
1 cloudinary.com
res.cloudinary.com
555 B
1 palmenmann.de
qwedvm.r.palmenmann.de
463 B
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5839
566 KB
1 euro-ads.de
www.euro-ads.de
1 netzwerk-ad.de
www.netzwerk-ad.de
1 KB
1 amazonaws.com
s3.amazonaws.com
5 KB
1 wirb-oder-stirb.eu
www.wirb-oder-stirb.eu
84 KB
1 rollercoin.com
rollercoin.com — Cisco Umbrella Rank: 284775
317 KB
1 d08q4os3homh.de
d08q4os3homh.de — Cisco Umbrella Rank: 855251
773 B
1 cee3f0doi1a2.de
cee3f0doi1a2.de — Cisco Umbrella Rank: 812103
773 B
1 gstatic.com
fonts.gstatic.com
13 KB
0 crypto-fire.website Failed
crypto-fire.website Failed
0 gigapromo.de Failed
www.gigapromo.de Failed
0 sentry-cdn.com Failed
browser.sentry-cdn.com Failed
0 werbe-ads.de Failed
www.werbe-ads.de Failed
0 imgbox.com Failed
images2.imgbox.com Failed
0 faucetcrypto.com Failed
faucetcrypto.com Failed
0 cryptowin.io Failed
cryptowin.io Failed
0 dutchycorp.space Failed
dutchycorp.space Failed
0 globadino.com Failed
globadino.com Failed
0 123-stargate.eu Failed
123-stargate.eu Failed
0 getleads4free.com Failed
getleads4free.com Failed
0 flag-counter.work Failed
flag-counter.work Failed
0 mega-ad.de Failed
www.mega-ad.de Failed
0 ads4allweb.de Failed
www.ads4allweb.de Failed
0 werbeflut.net Failed
www.werbeflut.net Failed
0 rohrex.de Failed
www.rohrex.de Failed
244 67
Domain Requested by
19 w-w-diamonds-club.com www.netzwerk-ad.de
w-w-diamonds-club.com
14 werbe-start.de cee3f0doi1a2.de
werbe-start.de
libertad-ads.de
12 assets.ad4m.at as.ad4m.at
12 www.rohrkopf.de 1 redirects www.rohrkopf.de
10 ad.a-ads.com cee3f0doi1a2.de
d08q4os3homh.de
www.netzwerk-ad.de
w-w-diamonds-club.com
9 www.sekundensparer.de d08q4os3homh.de
www.sekundensparer.de
www.netzwerk-ad.de
9 static.a-ads.com ad.a-ads.com
9 www.fastcounter.de www.rohrkopf.de
www.fastcounter.de
werbe-start.de
8 api.webgains.io analytics.webgains.io
8 ad4m.at deli.misaglam.com
ad4m.at
6 static.arc.io arc.io
core.arc.io
static.arc.io
5 libertad-ads.de www.sekundensparer.de
libertad-ads.de
5 track.webgains.com as.ad4m.at
4 www.amcharts.com w-w-diamonds-club.com
4 cdnjs.cloudflare.com werbe-start.de
w-w-diamonds-club.com
4 as.ad4m.at ad4m.at
as.ad4m.at
4 ref.cdnplus.de cee3f0doi1a2.de
ref.cdnplus.de
d08q4os3homh.de
4 tool.hubu.link www.rohrkopf.de
tool.hubu.link
3 www.adcity.eu w-w-diamonds-club.com
3 sekundensparer.de 3 redirects
3 spaceeditors.com www.fastcounter.de
spaceeditors.com
3 bk.adcocktail.com 1 redirects werbe-start.de
w-w-diamonds-club.com
3 cdn.track.production.webgains.team as.ad4m.at
3 zuppelzockt.com www.fastcounter.de
zuppelzockt.com
3 fonts.googleapis.com www.rohrkopf.de
www.sekundensparer.de
w-w-diamonds-club.com
2 tl.adcocktail.com w-w-diamonds-club.com
2 leadsleap.com w-w-diamonds-club.com
2 cdn.jsdelivr.net 1 redirects w-w-diamonds-club.com
2 g.cash-ads.com w-w-diamonds-club.com
2 autofaucet.org www.netzwerk-ad.de
autofaucet.org
2 my-banner-ads.com www.netzwerk-ad.de
my-banner-ads.com
2 artemtyse.de www.sekundensparer.de
2 www.ads4you.biz werbe-start.de
2 www.ad-mix.de werbe-start.de
2 analytics.webgains.io track.webgains.com
2 deli.misaglam.com zuppelzockt.com
spaceeditors.com
2 de-c114.cdnplus.de www.fastcounter.de
2 thisis.aninter.net 2 redirects
2 c.blyatflix.de 2 redirects
1 static1.freebitco.in my-banner-ads.com
1 www.adcocktail.com w-w-diamonds-club.com
1 tt.adcocktail.com 1 redirects
1 core.arc.io arc.io
1 www.googletagmanager.com autofaucet.org
1 webminepool.com autofaucet.org
1 dualmine.com w-w-diamonds-club.com
1 w.leadsleap.com w-w-diamonds-club.com
1 gold-surfer-faucet.de w-w-diamonds-club.com
1 banner.ebesucher.de w-w-diamonds-club.com
1 cdn.materialdesignicons.com 1 redirects
1 pop.adcocktail.com w-w-diamonds-club.com
1 arc.io w-w-diamonds-club.com
1 www.awin1.com as.ad4m.at
1 res.cloudinary.com as.ad4m.at
1 qwedvm.r.palmenmann.de 1 redirects
1 i.imgur.com www.netzwerk-ad.de
1 www.euro-ads.de www.netzwerk-ad.de
1 www.netzwerk-ad.de www.sekundensparer.de
1 s3.amazonaws.com www.sekundensparer.de
1 www.wirb-oder-stirb.eu werbe-start.de
1 rollercoin.com werbe-start.de
1 d08q4os3homh.de www.fastcounter.de
1 cee3f0doi1a2.de www.fastcounter.de
1 fonts.gstatic.com fonts.googleapis.com
0 crypto-fire.website Failed werbe-start.de
0 www.gigapromo.de Failed w-w-diamonds-club.com
0 browser.sentry-cdn.com Failed arc.io
0 www.werbe-ads.de Failed w-w-diamonds-club.com
0 images2.imgbox.com Failed w-w-diamonds-club.com
0 faucetcrypto.com Failed w-w-diamonds-club.com
0 cryptowin.io Failed w-w-diamonds-club.com
0 dutchycorp.space Failed w-w-diamonds-club.com
0 globadino.com Failed w-w-diamonds-club.com
0 123-stargate.eu Failed w-w-diamonds-club.com
0 getleads4free.com Failed w-w-diamonds-club.com
0 flag-counter.work Failed w-w-diamonds-club.com
0 www.mega-ad.de Failed w-w-diamonds-club.com
0 www.ads4allweb.de Failed www.netzwerk-ad.de
w-w-diamonds-club.com
0 www.werbeflut.net Failed werbe-start.de
w-w-diamonds-club.com
0 www.rohrex.de Failed www.rohrkopf.de
0 ajax.googleapis.com Failed www.rohrkopf.de
244 81

This site contains links to these domains. Also see Links.

Domain
www.rohrex.de
Subject Issuer Validity Valid
rohrkopf.de
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
www.fastcounter.de
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
zuppelzockt.com
R3		 2022-09-13 -
2022-12-12		 3 months crt.sh
cee3f0doi1a2.de
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
tool.hubu.link
R3		 2022-09-19 -
2022-12-18		 3 months crt.sh
ref.cdnplus.de
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
werbe-start.de
R3		 2022-07-31 -
2022-10-29		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2021-12-08 -
2023-01-08		 a year crt.sh
deli.misaglam.com
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-08-08 -
2023-09-06		 a year crt.sh
ad-mix.de
R3		 2022-09-15 -
2022-12-14		 3 months crt.sh
ads4you.biz
R3		 2022-09-15 -
2022-12-14		 3 months crt.sh
*.adcocktail.com
Thawte RSA CA 2018		 2022-03-17 -
2023-04-17		 a year crt.sh
spaceeditors.com
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
d08q4os3homh.de
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
sekundensparer.de
R3		 2022-08-08 -
2022-11-06		 3 months crt.sh
www.wirb-oder-stirb.eu
R3		 2022-09-06 -
2022-12-05		 3 months crt.sh
libertad-ads.de
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
netzwerk-ad.de
R3		 2022-07-25 -
2022-10-23		 3 months crt.sh
2meetu.de
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
euro-ads.de
R3		 2022-08-02 -
2022-10-31		 3 months crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
mail.my-banner-ads.com
R3		 2022-09-21 -
2022-12-20		 3 months crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
w-w-diamonds-club.com
R3		 2022-08-10 -
2022-11-08		 3 months crt.sh
arc.io
Amazon		 2022-03-23 -
2023-04-21		 a year crt.sh
g.cash-ads.com
R3		 2022-08-30 -
2022-11-28		 3 months crt.sh
*.ebesucher.de
Sectigo RSA Domain Validation Secure Server CA		 2022-06-13 -
2023-06-13		 a year crt.sh
adcity.eu
R3		 2022-08-06 -
2022-11-04		 3 months crt.sh
gold-surfer-faucet.de
R3		 2022-08-25 -
2022-11-23		 3 months crt.sh
dualmine.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2023-04-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
static.arc.io
R3		 2022-08-08 -
2022-11-06		 3 months crt.sh
core.arc.io
R3		 2022-08-08 -
2022-11-06		 3 months crt.sh
freebitco.in
Cloudflare Inc ECC CA-3		 2022-07-05 -
2023-07-05		 a year crt.sh

This page contains 45 frames:

Primary Page: https://www.rohrkopf.de/
Frame ID: 3AD08765FCF9B6D1CA493261235C2E63
Requests: 18 HTTP requests in this frame

Frame: https://www.fastcounter.de/b.php
Frame ID: 2837BFC80424CD26DCF4225C5619D1F3
Requests: 6 HTTP requests in this frame

Frame: https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Frame ID: 5288990D1423CA48C30FE266722608A4
Requests: 1 HTTP requests in this frame

Frame: https://ref.cdnplus.de/
Frame ID: 6BC646A9C78512686BF317235A7A2CC2
Requests: 2 HTTP requests in this frame

Frame: https://werbe-start.de/files/?content=/betteln&ref=174
Frame ID: EF3E9F94466DAD80A9AAE9DF509047C7
Requests: 13 HTTP requests in this frame

Frame: https://ad.a-ads.com/1616084?size=300x250
Frame ID: 53A3A5A8C371B0B1D550F618FE6310A0
Requests: 2 HTTP requests in this frame

Frame: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Frame ID: 7F7E122462DB2439193BF8ACCB174BE4
Requests: 1 HTTP requests in this frame

Frame: https://deli.misaglam.com/influ/6.html
Frame ID: 36F95906B39C6598F0C4CC561240BA79
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 69BB5CC17F664045FA04481D8E86EE8E
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Frame ID: 472030A13EAEAF2C9757D88BE94B9FAA
Requests: 18 HTTP requests in this frame

Frame: https://werbe-start.de/files/sk_views_li.php
Frame ID: 2579A496C416476684525788E14EB21B
Requests: 3 HTTP requests in this frame

Frame: https://werbe-start.de/files/sk_views_re.php
Frame ID: 722918901B6726EAA65C2610786D21AD
Requests: 2 HTTP requests in this frame

Frame: https://www.fastcounter.de/b.php
Frame ID: E6889F71C4B40B5B05CFF48F178378BD
Requests: 6 HTTP requests in this frame

Frame: https://spaceeditors.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Frame ID: CB05B23DAD9C869EA977A03E437285AC
Requests: 1 HTTP requests in this frame

Frame: https://ref.cdnplus.de/
Frame ID: 65307D8D69A5562CA44D14CEA31793EE
Requests: 2 HTTP requests in this frame

Frame: https://www.sekundensparer.de/?content=/betteln2&ref=81
Frame ID: DFFC4DF1C069E0805C62ABC3C249DC96
Requests: 12 HTTP requests in this frame

Frame: https://ad.a-ads.com/1616084?size=300x250
Frame ID: 2657080661B56513A9A7054DCD1C37E4
Requests: 2 HTTP requests in this frame

Frame: https://spaceeditors.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Frame ID: 631A030E886B5C062D2C98CA1E4B47AC
Requests: 1 HTTP requests in this frame

Frame: https://deli.misaglam.com/influ/6.html
Frame ID: 41D7E8E8BD60A271F6F8E87EB446AFC8
Requests: 3 HTTP requests in this frame

Frame: https://www.sekundensparer.de/view.php
Frame ID: AA7895BC010EC72A31E043F999E84C72
Requests: 2 HTTP requests in this frame

Frame: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Frame ID: 42D645AD3FFADD836C3BEE380F74CCE5
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1285CBF6CEEBB269B5767C1C1EAF3337
Requests: 1 HTTP requests in this frame

Frame: https://libertad-ads.de/kamp/ziel.php?uid=1&bid=2538&sid=4
Frame ID: EFF91CD5A63B7782AD0737F3E31E2C10
Requests: 1 HTTP requests in this frame

Frame: https://libertad-ads.de/kamp/frame_rest.php?code=dWlkPTEmYmlkPTI1Mzgmc2lkPTQmdjE9JnYyPSZyZWZlcmVyPWh0dHBzOi8vd3d3LnNla3VuZGVuc3BhcmVyLmRlLw==&uid=1&bid=2538&sid=4
Frame ID: 47CE98DC3E58D8C82D003DAA30C30606
Requests: 1 HTTP requests in this frame

Frame: https://werbe-start.de/files/?content=/betteln&ref=129
Frame ID: 6167DC368EBF64F4D738212805A114A2
Requests: 13 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Frame ID: 9206297DF6A0F34FF631E061CE48F76A
Requests: 14 HTTP requests in this frame

Frame: https://autofaucet.org/wm/frechdax/2
Frame ID: 05F93DF2DCCA37E731997B44A5F30C53
Requests: 6 HTTP requests in this frame

Frame: https://ad.a-ads.com/1551779?size=468x60
Frame ID: A32141CED9E471342339F8E8F40B3E08
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1551779?size=468x60
Frame ID: 25414FA2B917431619FD5D11A66B1D52
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1551779?size=468x60
Frame ID: 9C3870F88F8544A2BDDDD854626D158A
Requests: 2 HTTP requests in this frame

Frame: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Frame ID: 0BFBBB076AEE01E83A16EA84690CA27A
Requests: 68 HTTP requests in this frame

Frame: https://www.ads4allweb.de/api/kamp/rota.php?sid=66&uid=1053&art=traffic
Frame ID: DC98A131DAF2742215ED0C80AE384D33
Requests: 1 HTTP requests in this frame

Frame: https://www.ads4allweb.de/api/kamp/rota.php?sid=66&uid=1053&art=traffic
Frame ID: 1F03440AFA8CDB50F020A5CD99D0777E
Requests: 1 HTTP requests in this frame

Frame: https://www.sekundensparer.de/view.php
Frame ID: EE5CB91D64AC905E4C4295BD3F98AD32
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1417519?size=468x60
Frame ID: 44000D589120472196D93D8747D8692C
Requests: 2 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?11d024e
Frame ID: 4E92DDAE202A2EC96775057C5F111B07
Requests: 6 HTTP requests in this frame

Frame: https://ad.a-ads.com/1417519?size=468x60
Frame ID: 8B5588ABEA60A3A2ADC41B532E02FC91
Requests: 2 HTTP requests in this frame

Frame: https://my-banner-ads.com/view/468/fv.php?size=1&ison=1&user=678&vt=7&dref=https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3&scrw=1600&scrh=1200&timestamp=1663753509378
Frame ID: 0F52E27E62F8DDE81ABAFFF542014F29
Requests: 3 HTTP requests in this frame

Frame: https://ad.a-ads.com/1417519?size=468x60
Frame ID: D8B4CEA8C3216A0BB801DADDDAAA8E3E
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1417519?size=468x60
Frame ID: D3A09FD4E6E1BB03D012499B8383C13E
Requests: 2 HTTP requests in this frame

Frame: https://www.ads4allweb.de/api/kamp/rota.php?sid=57&uid=1045&art=traffic
Frame ID: FCF7C2031A717EA379E47F2A2F985BFB
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1422914?size=200x200
Frame ID: 13F367504B7A8B14294222CAB430F5C2
Requests: 1 HTTP requests in this frame

Frame: https://www.adcocktail.com/?spez=kein_werbemittel
Frame ID: BB1E50FA9A28B9F322C1D3F2EBBBBC4D
Requests: 1 HTTP requests in this frame

Frame: https://werbe-start.de/files/sk_views_li.php
Frame ID: D47A31212EDD1CE6A2741F9E91FC1299
Requests: 1 HTTP requests in this frame

Frame: https://werbe-start.de/files/sk_views_re.php
Frame ID: D482553DDFFB41C1D601F6BC789C66F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rohrreinigung Berlin | 24 Stunden Sanitärnotdienst

Page URL History Show full URLs

  1. http://www.rohrkopf.de/ HTTP 301
    https://www.rohrkopf.de/ Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
  • /Chart(?:\.bundle)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • amcharts.*\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

244
Requests

82 %
HTTPS

36 %
IPv6

67
Domains

81
Subdomains

46
IPs

5
Countries

8287 kB
Transfer

11788 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.rohrkopf.de/ HTTP 301
    https://www.rohrkopf.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://c.blyatflix.de/nora/?t=1663753505 HTTP 302
  • https://werbe-start.de/files/?content=/betteln&ref=174
Request Chain 25
  • https://thisis.aninter.net/ HTTP 302
  • https://de-c114.cdnplus.de/antibot.mp3
Request Chain 68
  • https://bk.adcocktail.com/bk_rota_v.php?tan=MzU0MTR8OTEzNDV8MjA2OTk1fDE2NjM3NTM1MDc= HTTP 302
  • https://rollercoin.com/static/img/public_img/gen2/w160h600.gif?v=1.0.4
Request Chain 72
  • https://c.blyatflix.de/nora/?t=1663753507 HTTP 302
  • https://sekundensparer.de/?content=/betteln2&ref=81 HTTP 301
  • https://www.sekundensparer.de/?content=/betteln2&ref=81
Request Chain 74
  • https://thisis.aninter.net/ HTTP 302
  • https://de-c114.cdnplus.de/antibot.mp3
Request Chain 86
  • https://sekundensparer.de/images/blk.gif HTTP 301
  • https://www.sekundensparer.de/images/blk.gif
Request Chain 119
  • https://qwedvm.r.palmenmann.de/ts/i5545033/tsv?amc=dis.blbn.455799.507632.CRTFfYhgSg5&smc1=oneid52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1oneid__Influencer_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_20,w_auto/v1631792517/prod_creatives/net_253/adv_90190/cr_aeab91be-76a2-4157-a67e-e69d5770c97c
Request Chain 130
  • https://sekundensparer.de/view.php HTTP 301
  • https://www.sekundensparer.de/view.php
Request Chain 142
  • https://cdn.materialdesignicons.com/4.4.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.4.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.4.95/css/materialdesignicons.min.css
Request Chain 230
  • https://tt.adcocktail.com/tt_rota.php?uid=86243&wsid=207598 HTTP 302
  • https://www.adcocktail.com/?spez=kein_werbemittel

244 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rohrkopf.de/
Redirect Chain
  • http://www.rohrkopf.de/
  • https://www.rohrkopf.de/
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
583af78cb2bd65f808dbdda120642526c7d2b5d3fd400194e7453fb6ddd72b7a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html
date
Wed, 21 Sep 2022 09:45:04 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
232
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 21 Sep 2022 09:45:04 GMT
Keep-Alive
timeout=2, max=1000
Location
https://www.rohrkopf.de/
Server
Apache
style.css
www.rohrkopf.de/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rohrkopf.de/style.css
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
c48acea38c6404ad95e7a8ff30e719a0f1fa8690b4abc4e78b5750907881f361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:04 GMT
content-encoding
br
last-modified
Mon, 28 May 2018 15:02:06 GMT
server
Apache
etag
"53d1-56d4566b2d049-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
4504
expires
Wed, 28 Sep 2022 09:45:04 GMT
rohrreinigung-soforthilfe.jpg
www.rohrkopf.de/img/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rohrkopf.de/img/rohrreinigung-soforthilfe.jpg
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
7e9e3f644c5d4f8213b24673057b95ccfbb9d6b8d531b7e1209d5ceb99e1aeed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:04 GMT
last-modified
Mon, 28 May 2018 15:02:10 GMT
server
Apache
etag
"be43-56d4566f20b90"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
48707
expires
Wed, 28 Sep 2022 09:45:04 GMT
rohr-verstopft-wir-helfen-ihnen.jpg
www.rohrkopf.de/img/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rohrkopf.de/img/rohr-verstopft-wir-helfen-ihnen.jpg
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
2fbb0f2afc9e44e37d19ae56c0a0fb9a0761595b69e875f33d1091772cb343b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:04 GMT
last-modified
Mon, 28 May 2018 15:02:10 GMT
server
Apache
etag
"1038c-56d4566f20b90"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
66444
expires
Wed, 28 Sep 2022 09:45:04 GMT
icon-1.png
www.rohrkopf.de/img/ 		642 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rohrkopf.de/img/icon-1.png
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
8dfb9f6390ffd6e38dd62ff1634c41d2fc4176677e5ff9afa4c69ea4dc4c1a76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:04 GMT
last-modified
Mon, 28 May 2018 15:02:10 GMT
server
Apache
etag
"282-56d4566ec3f35"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
642
expires
Wed, 28 Sep 2022 09:45:04 GMT
rohrreinigung-berlin-mit-qualitaet.jpg
www.rohrkopf.de/img/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rohrkopf.de/img/rohrreinigung-berlin-mit-qualitaet.jpg
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
fd91cf53f84892c294cc15e6b81c7f24c3128c10d0e70e5dd6fb556dce64ca93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:04 GMT
last-modified
Mon, 28 May 2018 15:02:11 GMT
server
Apache
etag
"1613b-56d4566f6708c"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
90427
expires
Wed, 28 Sep 2022 09:45:04 GMT
unsere-monteure-im-einsatz.jpg
www.rohrkopf.de/img/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rohrkopf.de/img/unsere-monteure-im-einsatz.jpg
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
f2af6171875d8cc4bcdc402c9307962aba92aec062443afdfd77bcf859b72239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:04 GMT
last-modified
Mon, 28 May 2018 15:02:11 GMT
server
Apache
etag
"155e7-56d4566fdd325"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
87527
expires
Wed, 28 Sep 2022 09:45:04 GMT
icon-2.png
www.rohrkopf.de/img/ 		879 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rohrkopf.de/img/icon-2.png
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
81dcfc3d71f97e83026bbd5c20e1bc4beb866349789569c4f13604e3c3c0c121

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:04 GMT
last-modified
Mon, 28 May 2018 15:02:10 GMT
server
Apache
etag
"36f-56d4566ec4ed5"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
879
expires
Wed, 28 Sep 2022 09:45:04 GMT
main.js
www.rohrkopf.de/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rohrkopf.de/js/main.js
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
a1974d6b97c684387f83b6ec14b0ba4e61acc8fab0d23696b9d62b2420fca4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:04 GMT
content-encoding
br
last-modified
Mon, 28 May 2018 15:02:14 GMT
server
Apache
etag
"dfd-56d456723c9c3-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
1242
expires
Wed, 28 Sep 2022 09:45:04 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		0
0
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 09:17:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 21 Sep 2022 09:45:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Sep 2022 09:45:05 GMT
sprite.png
www.rohrkopf.de/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rohrkopf.de/img/sprite.png
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
04359b56b32cf4ea86f5642d229778295a3166d54b22f37aca983aef79436755

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:05 GMT
last-modified
Mon, 28 May 2018 15:02:11 GMT
server
Apache
etag
"b14-56d4566f76a8b"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
2836
expires
Wed, 28 Sep 2022 09:45:05 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.rohrkopf.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 03:53:06 GMT
x-content-type-options
nosniff
age
539519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Sep 2023 03:53:06 GMT
flaticon.woff
www.rohrkopf.de/font/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rohrkopf.de/font/flaticon.woff
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.161.133 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS
dd52118.kasserver.com
Software
Apache /
Resource Hash
1f5ff409b6fef6cb00a33cd2314536ac300e7d0eac9692707d9deb5e6df44016

Request headers

Referer
https://www.rohrkopf.de/style.css
Origin
https://www.rohrkopf.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:05 GMT
last-modified
Mon, 28 May 2018 15:02:10 GMT
server
Apache
accept-ranges
bytes
etag
"490-56d4566e6a1ba"
content-length
1168
content-type
font/woff
api.php
www.rohrex.de/ 		0
0
fcount.php
www.fastcounter.de/ 		1 KB
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/fcount.php?rnd=6144643855
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
748693caf1a1e42b41d756a643b1e95b950eda0014443a9388d9d65a2167aab0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:05 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
nginx/1.18.0
content-encoding
gzip
content-type
text/html; charset=UTF-8
fcounter.php
www.fastcounter.de/ 		851 B
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/fcounter.php?test=1&rnd=64372644&s=trans&id=7&l=en-US&u=&w=1600&h=1200
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcount.php?rnd=6144643855
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f6e95d01ff8b7193fc073bd4a39439318ebbe3c73089e46f775ca29a3ced1476

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:05 GMT
server
nginx/1.18.0
content-length
851
content-type
text/javascript;charset=UTF-8
b.php
www.fastcounter.de/ Frame 2837 		372 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/b.php
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcounter.php?test=1&rnd=64372644&s=trans&id=7&l=en-US&u=&w=1600&h=1200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
47fd93e696df3f0fdca589963b1123f8d13e9dbd2f85a3af9e8ba9fa283bf40f

Request headers

Referer
https://www.rohrkopf.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:05 GMT
server
nginx/1.18.0
fastcounter-banner-blue.gif
www.fastcounter.de/CIncludes/img/ 		167 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/CIncludes/img/fastcounter-banner-blue.gif
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
49c00329105dd730de5d442cf5304a43e5fe4a0e98891775e4f4364c07d74bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rohrkopf.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:05 GMT
last-modified
Tue, 09 Sep 2014 14:37:31 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"540f10ab-a7"
content-length
167
content-type
image/gif
jquery.php
zuppelzockt.com/ Frame 2837 		756 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zuppelzockt.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
1251712f44660a51792f50bcbf799d25bfefee0fff3957aaeecbc81e95553194
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 21 Sep 2022 09:45:05 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
jw.js
cee3f0doi1a2.de/ Frame 2837 		2 KB
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cee3f0doi1a2.de/jw.js?de=E6eMu7U8GN5V2QLU
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
529f0c62dbaaab2be266ecdedef4185b2854bd569213d962ef0c13a01bf165e8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:05 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/javascript;charset=utf-8
b2.php
zuppelzockt.com/ Frame 5288 		692 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
9b4e21734188f38fcdbd418ac5180dda4fb59dd4a1b1df1538ad77970f68ba55
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:05 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
matomo.js
tool.hubu.link/ Frame 2837 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tool.hubu.link/matomo.js
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
50f4f5c78736b4b5eb13cf588426996e5dbd0391b1228e08e4b7ef35ad0d4459

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:05 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 00:09:31 GMT
server
nginx
etag
W/"62ec5fbb-107b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 21 Sep 2023 09:45:05 GMT
/
ref.cdnplus.de/ Frame 6BC6 		805 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ref.cdnplus.de/
Requested by
Host: cee3f0doi1a2.de
URL: https://cee3f0doi1a2.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
9dc009178053ae2c713bdfc6e301f08b5a3fafdc9f3b2c7dbb0d6df373ea370c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:05 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
werbe-start.de/files/ Frame EF3E
Redirect Chain
  • https://c.blyatflix.de/nora/?t=1663753505
  • https://werbe-start.de/files/?content=/betteln&ref=174
28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://werbe-start.de/files/?content=/betteln&ref=174
Requested by
Host: cee3f0doi1a2.de
URL: https://cee3f0doi1a2.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips / PHP/5.3.29
Resource Hash
793108afa4941102f9b044f335732929cb9f4d51df998ffaa33484e2e60dfbef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 21 Sep 2022 09:45:06 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.3.29

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:05 GMT
location
https://werbe-start.de/files/?content=/betteln&ref=174
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
1616084
ad.a-ads.com/ Frame 53A3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1616084?size=300x250
Requested by
Host: cee3f0doi1a2.de
URL: https://cee3f0doi1a2.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
289919299e02fc7da9ca14ffc82bd9cc1f9a51a18391015e6cbf6446f5b55297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:05 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
antibot.mp3
de-c114.cdnplus.de/ Frame 2837
Redirect Chain
  • https://thisis.aninter.net/
  • https://de-c114.cdnplus.de/antibot.mp3
163 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://de-c114.cdnplus.de/antibot.mp3
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Server
162.19.154.224 , France, ASN16276 (OVH, FR),
Reverse DNS
de-c114.cdnplus.de
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

icy-name
Hubu.FM | Radio Hunteburg
X-Clacks-Overhead
GNU Terry Pratchett
icy-br
128
icy-notice2
Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url
https://hubu.fm
Access-Control-Allow-Origin
*
icy-genre
Misc, News
icy-sr
44100
icy-pub
1
Connection
close
Accept-Ranges
none
content-type
audio/mpeg
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
Cache-Control
no-cache,no-store,must-revalidate,max-age=0

Redirect headers

location
https://de-c114.cdnplus.de/antibot.mp3
date
Wed, 21 Sep 2022 09:45:05 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
in4.php
zuppelzockt.com/ Frame 7F7E 		242 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
a2fa93e8864fbad319eacd4accb04be2e3de083db30dbb745c93c2ae271feef7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zuppelzockt.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:05 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
6.html
deli.misaglam.com/influ/ Frame 36F9 		356 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://deli.misaglam.com/influ/6.html
Requested by
Host: zuppelzockt.com
URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
a4c53f3e8b4b7c98e4ccc342a9048fbf9fb55158c71832581a02ef280f8ee9cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zuppelzockt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 21 Sep 2022 09:45:05 GMT
etag
W/"631276db-164"
last-modified
Fri, 02 Sep 2022 21:34:19 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
300x250
static.a-ads.com/a-ads-banners/393780/ Frame 53A3 		609 KB
610 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393780/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx /
Resource Hash
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:05 GMT
last-modified
Tue, 31 May 2022 13:36:40 GMT
server
nginx
x-amz-request-id
J9DZFGQG0KKE0CDT
etag
"022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
623504
accept-ranges
bytes
x-amz-version-id
jOXVc8Dekisiq0g3Btd0O0TTMs07O0J4
x-amz-id-2
7leCatDfgidPeRhROEAcKs748V9i8oM3n3LE5C1TOJeG2jN/1pt8N6boW+yc5sNyieRURXpZaIw=
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ref.cdnplus.de/ Frame 6BC6 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ref.cdnplus.de/jquery.min.js
Requested by
Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ref.cdnplus.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:05 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 14:16:34 GMT
server
nginx
etag
W/"628f8bc2-1762a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Wed, 28 Sep 2022 09:45:05 GMT
matomo.php
tool.hubu.link/ Frame 2837 		0
203 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tool.hubu.link/matomo.php?action_name=&idsite=gkGPrbPlw0OD&rec=1&r=624929&h=9&m=45&s=5&url=https%3A%2F%2Fwww.fastcounter.de%2Fb.php&urlref=https%3A%2F%2Fwww.rohrkopf.de%2F&_id=&_idn=1&send_image=0&_refts=1663753506&_ref=https%3A%2F%2Fwww.rohrkopf.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=GbH0K5&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=0&pf_srv=156&pf_tfr=1&pf_dm1=209
Requested by
Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.fastcounter.de
date
Wed, 21 Sep 2022 09:45:06 GMT
content-encoding
none
access-control-allow-credentials
true
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
wgpizbdq.js
ad4m.at/ Frame 36F9 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/wgpizbdq.js
Requested by
Host: deli.misaglam.com
URL: https://deli.misaglam.com/influ/6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deli.misaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82948
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:47 GMT
server
cloudflare
etag
W/"ac60ade5ed7352595cc3030edbc5e415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqnUQEVZnmPk572obkRCVsvPB1nFHZph1ToGznlg9RhG7YOw61pN13yFcUFcpCH3EkFS5%2FtxpgwJG%2Fy7Q2peqt74z0krCxPWxYsIl0ASyAihQC0ixmi3gnedePc%2Flbz0iVrjr3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74e1ddb50d0f9944-FRA
expires
Tue, 13 Sep 2022 11:30:11 GMT
frame.html
ad4m.at/ Frame 69BB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2295595
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74e1ddb57dd79944-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 21 Sep 2022 09:45:06 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sntDGDizZ48bjvH1omxLB%2Bu2eczG%2B1MKHfLef5ZREOIYfIa4I2whvjUJp1A%2Bh5o8UCoHb%2BdXRp%2B7mM7gg9BLVCaL0hJsJYkc09mZt6zExVJgY%2BUpSsfYIaAxEw5UZXmRoFSrGwY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame 36F9 		473 B
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cb6b6467065f86eaa5276ba9340c87e7050aed341c7b19153bd1443b48d08c

Request headers

Referer
https://deli.misaglam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74e1ddb6a8f492c9-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkBmjN3TpNpEN5yQW%2Fqxm6%2B7qd0qw4c3rxLSOL7Qg9Eva%2FaKrAlXnSblDspE6e6cU93A%2FvKo4dY8xDFtnbj34PlJ%2FoYuXadlAdHTfu3q1RJqVUfe6PxW8UlsDT%2Bgjo1PyuasT9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://deli.misaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-2p34
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://deli.misaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://deli.misaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74e1ddb6484992c9-FRA
content-length
24
content-type
text/plain
date
Wed, 21 Sep 2022 09:45:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rhAAJvBuB46X6u9OcAEVXcwtMxwCrI40kHv0A39Q0dkiFsDSPjyC7kj%2BMEWBXYtmtyzMt7cVsRT%2FvWUjCMRXYFMYtzC45e%2F8ZQlNljq39WtnGBitnfVLoZfI2cyX7IV91oJ9Lo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-2p34
rar
as.ad4m.at/ad/ Frame 4720 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eecca5113bb8736357ec0336753606c51f327ea2c82de631c7d9f23e023bbba4
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74e1ddb748639944-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 09:45:06 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 4720 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
761269
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74e1ddb7ebfe68ec-FRA
cf-bgj
minify
B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 4720 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
143791
cf-polished
origFmt=png, origSize=53992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26236
last-modified
Wed, 29 Jun 2022 14:47:26 GMT
server
cloudflare
etag
"e460905652d65e6a54a57da046f52d6c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlW3BSZBaOUQvmABYPNBqywAg5tWG4dva%2F4D0P0T4w8sHarXBomuurAnPXIvkC6RZFqvcHwbwmFzresRh8A40wwo9DZlY6vS8IZC2SwAyFokNIITrHMVpjgPfDFq5fwxTBTSzVeE7zRi9AEY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:06 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddb809809944-FRA
cf-bgj
imgq:85,h2pri
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 4720 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
890528
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55798
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6adV%2FS7zbghfRYirIfHBBgxMvWuDs5lM9KkWGPAmptdzmdYNV%2FyqiI1wGEaKEpRex%2BK%2FGue66koIRUHkAm5XSldNbtWJa18fAp6fO1SqhvQC45ekLDqLS3%2Bhz9lok53gCc70fFIq3W6C0wsv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:06 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddb809839944-FRA
cf-bgj
imgq:85,h2pri
822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
assets.ad4m.at/logo/ Frame 4720 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137590
cf-polished
origFmt=png, origSize=48887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33666
last-modified
Mon, 19 Oct 2020 12:32:26 GMT
server
cloudflare
etag
"4fe1ecb98ff38283cdb2ae157e399ba2"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CX4gRRz6v9Es1%2BLdUlwZB%2FEHhWPZTtWn1QJ8yX4NAcrgGMCIHyKR7Fe0bFOkiooMq7puD%2F0SlJDBW8eb33CrlZEvgD%2FWSDb1slkA%2FLHKk0YcRGDoEb80sJoGz5DC%2BGqjlsdgcdiJOFMMTnCW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:06 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddb809879944-FRA
cf-bgj
imgq:85,h2pri
FD66DD0F2B7A912E5689560D1F44A34036D59DC66410BC16DB56E6552166BDD14DAA80051E8662FA97C79EEC050B65ACCC739C7DC12EB7B4C7D554C9466E14C2
assets.ad4m.at/product_image/ Frame 4720 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FD66DD0F2B7A912E5689560D1F44A34036D59DC66410BC16DB56E6552166BDD14DAA80051E8662FA97C79EEC050B65ACCC739C7DC12EB7B4C7D554C9466E14C2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08132210afd18ec76c696eacc7fa033322c38ae17a6d4fe4181ea16ab41ea4a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
764514
cf-polished
qual=85, origFmt=jpeg, origSize=83090
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73928
last-modified
Wed, 27 Jul 2022 12:30:34 GMT
server
cloudflare
etag
"8ac13c1e81fb4f2dafead2a1105eca86"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zFg465O3e%2BILhNAUfhJoEFdvnLBiMf6DyaomUw8lWaIOf4NquUUwm2PoHxYZYKRHaq6S88ZIryKEcG23r6oW%2FcClfanrpU6NKIlZVubXyyLnlrUM17EowElc1jd37xr9gGldRBA4ScS1bxE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:06 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddb8097e9944-FRA
cf-bgj
imgq:85,h2pri
63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 4720 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
138743
cf-polished
origFmt=png, origSize=12956
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7692
last-modified
Tue, 29 Mar 2022 14:32:10 GMT
server
cloudflare
etag
"c6c297b07f296b60586b8613b6e9b5cd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvqfon4XComGjFVPnMzcf7UW4PQ%2FNH8ilT1nL61gtil5H2TLIvM2SjwRk6CsMmfMLL0G1jXUajGdaL4sWmNkla8qFbQE2rt%2FkKN5kR7Y8zFFktk6Qydtx6DYatLpKNxNrVnzcjOUcWU1jgBx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:06 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddb809899944-FRA
cf-bgj
imgq:85,h2pri
A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 4720 		422 KB
423 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
808270
cf-polished
origFmt=png, origSize=632572
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
432334
last-modified
Wed, 29 Dec 2021 17:30:00 GMT
server
cloudflare
etag
"ee529fd62e145fb264303add5fb5a944"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uu%2F6nZtGXOH%2FHDILgJB%2Fy6sOE5N4vHHortNdCJ3eBK7fdCs2RvzlbxQw2J4G2vlPf26M%2FUyBzQYgbudDQbZ6hJezCh4Y9xJ7wgQLYB2t%2B%2BCOKu%2FwisMSw1g9hO7uWqCZ%2B5r4%2FWVMyNBmLgO4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:06 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddb809819944-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 4720 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hy8vq37pxggn8xhane5evsn6jnw22g1xr1tvapzm7qqyhp3ty0jrf0hz6t2qdvsywgy9z0y81fxmnp875nswp6v5d7fy8xp4rttpz6kt4b80bptdqetprrs0zs7zsgfm5rq8qg6xds9c0fc7g3vg9yt1b4zzjscs7dhr4jqzyyg2s4tkxkq355gg0dnj8739jmhxtw3e6nvphcqyfrdfgf5fgxqbv5pd1p23qsz0x1qs9cff7jwz20ak6vkxaps7wrne%26a%3D&clickref=oneidP2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcponeid__Influencer_advancedad_728x90&viewref=oneidr5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtdoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
6eba0e473a3cf4cc59f3610e30b1f2ed90da7e63da650d130c03eb6b92e65c21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
last-modified
Wed, 21 Sep 2022 09:45:06 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Sep 2022 09:46:06 GMT
link.html
track.webgains.com/ Frame 4720 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4351690&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jck75d0ze7sbpdbx4pygjk3tp81ndxv0v47k0nhj2pw2xst50mpaymed6m0xdcasfxzd4pmzb4z16efy6mgvajqebp6h7fexyecjcex1557vafkqd1w8znyqds0bqm9mz6tt78hrqrgssge46r4wfkf4c572frh6sqsw2mc0wpanbjkf9vf16m1w4e19bgnmk9m4hdsfxj2d8yn1gv2bqkyzqnys8n985tbgaej6343t1qazpvynwxwc1pv175ddj0za%26a%3D&clickref=oneidBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFMoneid__Influencer_advancedad_728x90&viewref=oneidgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjheoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
b3bfd7dbf327bfd335200787c1cdc95e66b8b361105c3ee78b96eea791bdf681

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
last-modified
Wed, 21 Sep 2022 09:45:06 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Sep 2022 09:46:06 GMT
link.html
track.webgains.com/ Frame 4720 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1gwzctxphex1vt678nyv5kzaext5q3dnkm7esj4b00z3hqrqtjf9jgz9j831y3q8ngzbwy75hagv3ncfdsx9gdd7zvbjyg4jja4yb9vn4hkba7rx60dgrbx3cj2ymhqew91bgcak1r2cty77gz684eps58tkd9g70kz4p47xaa03hxw22nm77afw73f45p2pwd0zpgn60a7tt7h756h9x97e6zjybwhtt0a35x45f2qanfs1pjkdw0yzk5v73gs8bet88%26a%3D&clickref=oneidW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2oneid__Influencer_advancedad_728x90&viewref=oneid3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCdoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
80337d648ed66781a540dd16c7f627f65777bcc8ca3010df900ba93b2bba2cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:06 GMT
last-modified
Wed, 21 Sep 2022 09:45:06 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Sep 2022 09:46:06 GMT
pvClk.min.js
analytics.webgains.io/ Frame 4720 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hy8vq37pxggn8xhane5evsn6jnw22g1xr1tvapzm7qqyhp3ty0jrf0hz6t2qdvsywgy9z0y81fxmnp875nswp6v5d7fy8xp4rttpz6kt4b80bptdqetprrs0zs7zsgfm5rq8qg6xds9c0fc7g3vg9yt1b4zzjscs7dhr4jqzyyg2s4tkxkq355gg0dnj8739jmhxtw3e6nvphcqyfrdfgf5fgxqbv5pd1p23qsz0x1qs9cff7jwz20ak6vkxaps7wrne%26a%3D&clickref=oneidP2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcponeid__Influencer_advancedad_728x90&viewref=oneidr5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtdoneid__Influencer_advancedad_728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:15:37 GMT
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
23370
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
-WUCOMORIMz6v19DABKE91FH1pMdtZXLHgwrceclLofhFyf4gDHVdg==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 4720 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1663753806&Signature=OTwwV7j2On6oPFxra99VOI1zcwl5ccex-gNOAFkN7dEEtW4kehoPiLrARRW9U41mTi3w9AtuLZaWyed2ed-rJGSqU4AmJJD0Z0PwOqda1P7-W0psNBuOiXiemVrV8KLYl52qF6B6b6f3CSRZwv4ijWBGGNf1V4hMvqvAONQeXC65Yaa16lOJ3M9cShTabrHEG4tI2mzNJMQpAKaCQ-Ikl~COVDyycu9uNaSa8koE~rknDOx7~Z11-3VMXgz-mIEf4MwQPwaE-S-9K~rk5ZYqICzsVbdYJXBaEdEw78lKOrR0bObg2y8~2C-B~27jueiBkgQqznEc7U1GYM5FT5qmCQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-59.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
age
24173
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 21 Sep 2022 03:02:14 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
15054
x-amz-cf-id
VCqtg8suLp16sG1fEYc7VoLmDlsXWgopt_R_h-cnh5b8PeTnZLLnig==
1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png
cdn.track.production.webgains.team/278155/ Frame 4720 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/278155/1580727847_JJZV3RgLFGD9GCdCHmP2fyWcN2HYaIE7.png?Expires=1663753806&Signature=N8K5ArQgt~UJY5zAW3OJDndDYt59sPVflKVtXdXbg~3-mJCK-vvyXyHyjRYN2aXmYWiyhUnlvWavKR4GNcY-yZNbZZQUgzauRN2zUUeTiatHzzxqnFmqF2~kyywAkd0GrONd-YwpThzm7F3DLXZCbtFUYZGDPXJD5tFF1EijgM~dkEbvJ6H3hNzD4xAxGDtlr8pAE1I4tNVm3RrD8yMJkWQYKlg7YfSIIWeShaT-dyu3iZbJKhws7I0p48lxoO20blY0pvnI6-ApzuZElIueu-gJoMrq7fFOqEzpuqg7SSh2ZBV1CMnh4LRDJpdflPs7U9C~hwazq3VGfwyOv42XRA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-59.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:31:16 GMT
server
AmazonS3
age
25323
etag
"90a67412ed0b25c3e4ca2ad17658d5e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 21 Sep 2022 02:43:03 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
2545
x-amz-cf-id
7XjFlLxMxy_MkgToeQKOhmIcXTkbcrpQFmFsU7_kTBA-TRuhud2YOw==
jquery.js
werbe-start.de/files/js/ Frame EF3E 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://werbe-start.de/files/js/jquery.js
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:06 GMT
Last-Modified
Tue, 05 Oct 2021 10:04:52 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"169d5-5cd982929018d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
92629
wz_jsgraphics.js
werbe-start.de/files/js/ Frame EF3E 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://werbe-start.de/files/js/wz_jsgraphics.js
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
12d6860333be6aede55b9112ef24a389bd9869cef171ec2f872a077599682cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:06 GMT
Last-Modified
Tue, 05 Oct 2021 10:04:52 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"592b-5cd982928bb3d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
22827
rot.php
www.ad-mix.de/kamp/ Frame EF3E 		0
352 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ad-mix.de/kamp/rot.php?art=leaderboardview&uid=276&sid=222
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.63.98.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv.ms-i-service.net
Software
nginx / PHP/7.4.30, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';
Server
nginx
X-Powered-By
PHP/7.4.30, PleskLin
X-Cache-Status
BYPASS
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 09:45:06 GMT
Connection
keep-alive
Content-Length
0
rot.gif
werbe-start.de/images/ Frame EF3E 		147 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://werbe-start.de/images/rot.gif
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
0502be96847bd2527d92638b8b2975352244146b4693636e2020d008593da4fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Last-Modified
Tue, 05 Oct 2021 10:05:27 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"93-5cd982b363deb"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
147
gruen.gif
werbe-start.de/images/ Frame EF3E 		149 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://werbe-start.de/images/gruen.gif
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
682c3491dcf16fea22d2c78c11da4dcffeb2c3d3e8a8187828d5ff0dde5c8327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Last-Modified
Tue, 05 Oct 2021 10:05:27 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"95-5cd982b37013a"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
149
b_88x31.gif
werbe-start.de/files/images/banner/ Frame EF3E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://werbe-start.de/files/images/banner/b_88x31.gif
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
ce5eccb5f63bbbaafae648659e7434a1403745188cd6e3e07dddaf842cabae68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Last-Modified
Tue, 05 Oct 2021 10:05:05 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"bf2-5cd9829ef81be"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3058
rot.php
www.werbeflut.net/kamp/ Frame EF3E 		0
0
rot.php
www.ads4you.biz/kamp/ Frame EF3E 		0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ads4you.biz/kamp/rot.php?art=textlinkview&uid=55&sid=118
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.63.98.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv.ms-i-service.net
Software
nginx / PHP/7.4.30, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.4.30, PleskLin
Content-Length
0
X-Cache-Status
BYPASS
Content-Type
text/html; charset=UTF-8
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ Frame EF3E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
138867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1618
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-11d8"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ycqg8H%2BGWipmz3zDBJjq4BLQPeTz8sIfzpDprcmXDcutnYBE5vSQ6QTYmupUDD3di9zhIX5DI%2FXDzFIeMOcuLh8CyFok0%2FU8gc5cz06Di%2FMSgACyjjYUSl2Ekd%2FiP7%2Bt%2BaJBOppurYjOiXLN4%2F%2FWKe6h"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74e1ddbb985d90ee-FRA
expires
Mon, 11 Sep 2023 09:45:07 GMT
2022-07-25_film-und-serie-panini-banner-627x627.jpeg
cdn.track.production.webgains.team/268155/ Frame 4720 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/268155/2022-07-25_film-und-serie-panini-banner-627x627.jpeg?Expires=1663753806&Signature=VeosdGIQFDns4QwPNPH89gqD-f~KsNLYDPej9J~yBuDxV1MgNVPBMMzwAN5KXlSDKvjjXLGd2Xl4VzJOaPZXNsqslVUnnlV3d-kFwGUxJmBDbn6hCbx0u1ZpiiXVq~W~JGQbnVi5aQeH5CUKnAWMcSa8Y3a5zarSM4Zi7Zi--OHHcLS3GVKv4~Aj09turEASRoIoEWm7wtNfR2OZyU4LegamS28vImdCNwsOJoKkAKI9OGVbo-~lRN62YRK3R66jQjCEsTcarQ20N0N9LnunPbZ6l6MvpmcBctUSQT~UI9bc7bB~0i29bhAK5a0~W0eGbvaQG2DjASUFjwojItrOrQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C200040%2C177100&b=r5K3UQf9f35E4uAH7HjtqtV61gtYSJtgQDtd%2CgAKMS8frfY5MxuPHbH8t5tPXBsmSjt9pjhe%2C3rmBTpf4fXJ7zH7HrHAtEtrGV4uPSztKZwCd&f=P2PXSBfbfbd93t9HjHbtgCA8grfJSgtDbBcp%2CBdGDtgfPfx7BztxH6H3tgCKeGujSdt89jFM%2CW7ZzTrfdfZ7q8CYH5HjtDC89RQF3SwtVW6H2&c=728&d=90&e=&g=52536c8d0e2fc42c3986fe4517b934f3%2F5839506511137163595&i=71725%2C22499%2C65803&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753506368&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-59.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f95692248b493f7f1f92d7469257907b669e2bd9bc31d1cec162f64f305b4ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified
Mon, 25 Jul 2022 11:48:04 GMT
server
AmazonS3
age
18613
etag
"8ac13c1e81fb4f2dafead2a1105eca86"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
date
Wed, 21 Sep 2022 04:34:54 GMT
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-length
83090
x-amz-cf-id
zDnoTRFOxxzfbPa832IXXNWr3_5Q8TmesZNlOf4oP3c8cXKD0EoGQA==
sk_views_li.php
werbe-start.de/files/ Frame 2579 		325 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://werbe-start.de/files/sk_views_li.php
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips / PHP/5.3.29
Resource Hash
819369352ff77c2e2e670c3cd68c65a2890af5343be95b5a15822213d280e29f

Request headers

Referer
https://werbe-start.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 21 Sep 2022 09:45:07 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.3.29
fcount.php
www.fastcounter.de/ Frame EF3E 		1 KB
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/fcount.php?rnd=80225721779
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
803287ef533a6b1158d9a651d204ad107f7f0e905c64562a5c088b739ffcdce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:07 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
nginx/1.18.0
content-encoding
gzip
content-type
text/html; charset=UTF-8
sk_views_re.php
werbe-start.de/files/ Frame 7229 		629 B
912 B 		Document
General
Check archive.org
Download Go to
Full URL
https://werbe-start.de/files/sk_views_re.php
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=174
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips / PHP/5.3.29
Resource Hash
a1acd74a8faa4ae39d577896c9f50c29398556b4b582eb2aec1f174a067bbcad

Request headers

Referer
https://werbe-start.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 21 Sep 2022 09:45:07 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.3.29
fcounter.php
www.fastcounter.de/ Frame EF3E 		851 B
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/fcounter.php?test=1&rnd=32796090&s=blue&id=34110&l=en-US&u=&w=1600&h=1200
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcount.php?rnd=80225721779
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f6e95d01ff8b7193fc073bd4a39439318ebbe3c73089e46f775ca29a3ced1476

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:07 GMT
server
nginx/1.18.0
content-length
851
content-type
text/javascript;charset=UTF-8
b.php
www.fastcounter.de/ Frame E688 		373 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/b.php
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcounter.php?test=1&rnd=32796090&s=blue&id=34110&l=en-US&u=&w=1600&h=1200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f8b03db6b593f6d449810c5576af2b69283fcac76ded922e5856e69c1c63a408

Request headers

Referer
https://werbe-start.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:07 GMT
server
nginx/1.18.0
fastcounter-banner-blue.gif
www.fastcounter.de/CIncludes/img/ Frame EF3E 		167 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fastcounter.de/CIncludes/img/fastcounter-banner-blue.gif
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/fcounter.php?test=1&rnd=32796090&s=blue&id=34110&l=en-US&u=&w=1600&h=1200
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
49c00329105dd730de5d442cf5304a43e5fe4a0e98891775e4f4364c07d74bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:07 GMT
last-modified
Tue, 09 Sep 2014 14:37:31 GMT
server
nginx/1.18.0
accept-ranges
bytes
etag
"540f10ab-a7"
content-length
167
content-type
image/gif
bk_rota.php
bk.adcocktail.com/ Frame 2579 		280 B
446 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.adcocktail.com/bk_rota.php?format=160x600&uid=91345&wsid=206995
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/sk_views_li.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f055e459871f6c4e170fd0fc986c21ed0b859e49953e9c4008a3257000443db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
74e1ddbcfb7868ef-FRA
content-length
202
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery.php
spaceeditors.com/ Frame E688 		757 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spaceeditors.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
7e6b892a35834f69714545ddb68f58fc9682ab36686bb817b746c64d8b2f4c1c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000; includeSubDomains
content-encoding
gzip
server
nginx
date
Wed, 21 Sep 2022 09:45:07 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
jw.js
d08q4os3homh.de/ Frame E688 		2 KB
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d08q4os3homh.de/jw.js?de=E6eMu7U8GN5V2QLU
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
ad65814e0fab13fd4ccdf9d94553b15983db7c6014216f15232650da5667341c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:07 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/javascript;charset=utf-8
w160h600.gif
rollercoin.com/static/img/public_img/gen2/ Frame 2579
Redirect Chain
  • https://bk.adcocktail.com/bk_rota_v.php?tan=MzU0MTR8OTEzNDV8MjA2OTk1fDE2NjM3NTM1MDc=
  • https://rollercoin.com/static/img/public_img/gen2/w160h600.gif?v=1.0.4
316 KB
317 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rollercoin.com/static/img/public_img/gen2/w160h600.gif?v=1.0.4
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/sk_views_li.php
Protocol
H2
Server
172.67.72.239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b1391d42e97a5da2cf87cf7a40f0964a310c1f71950a5726acd30664b93b2114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:07 GMT
etag
W/"4f0e7-1835b736240"
cf-cache-status
DYNAMIC
last-modified
Tue, 20 Sep 2022 15:10:32 GMT
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iNVPwc8bj2sJV%2FIo2DTdveJpbfQ6RF6Q1K4oHlgNeFZBVL0pl1pazxddYqjM04wBOG65BYComEjRtX0PaCSW%2BM%2BPVyjmsBv9fzFDGrhyAzSaehi9PC0BhAC3PIAyhXtT"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74e1ddbe3d9a695b-FRA
content-length
323815

Redirect headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:07 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 21 Sep 2022 09:45:07 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rollercoin.com/static/img/public_img/gen2/w160h600.gif?v=1.0.4
note
CACHING IS DISABLED
cf-ray
74e1ddbd5c2368ef-FRA
content-length
20
expires
Wed, 11 Jan 1984 05:00:00 GMT
b2.php
spaceeditors.com/ Frame CB05 		693 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spaceeditors.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Requested by
Host: spaceeditors.com
URL: https://spaceeditors.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
409e64d11d5be6d84236508cde160537b30660818cc4d859de02d0f462e3fb5b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:07 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
matomo.js
tool.hubu.link/ Frame E688 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tool.hubu.link/matomo.js
Requested by
Host: www.rohrkopf.de
URL: https://www.rohrkopf.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
50f4f5c78736b4b5eb13cf588426996e5dbd0391b1228e08e4b7ef35ad0d4459

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:07 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 00:09:31 GMT
server
nginx
etag
W/"62ec5fbb-107b1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 21 Sep 2023 09:45:07 GMT
/
ref.cdnplus.de/ Frame 6530 		805 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ref.cdnplus.de/
Requested by
Host: d08q4os3homh.de
URL: https://d08q4os3homh.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
af5af988cfc6159df46490b6c2b6d6d73bb4d30060ddaac23fa944ff2356b080
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:07 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
www.sekundensparer.de/ Frame DFFC
Redirect Chain
  • https://c.blyatflix.de/nora/?t=1663753507
  • https://sekundensparer.de/?content=/betteln2&ref=81
  • https://www.sekundensparer.de/?content=/betteln2&ref=81
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sekundensparer.de/?content=/betteln2&ref=81
Requested by
Host: d08q4os3homh.de
URL: https://d08q4os3homh.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
47ed261a9b299f1c2593edb1eddd3eedd5303e86daf90131ef48737f223605df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
no-cache
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3252
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 09:45:07 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
351
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 21 Sep 2022 09:45:07 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.sekundensparer.de/?content=/betteln2&ref=81
Server
Apache/2.4.29 (Ubuntu)
1616084
ad.a-ads.com/ Frame 2657 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1616084?size=300x250
Requested by
Host: d08q4os3homh.de
URL: https://d08q4os3homh.de/jw.js?de=E6eMu7U8GN5V2QLU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
fcb93c7fa31557d316dfe3c1fce04b462aca92c051747c78996f6b8be1f3c63a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:07 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
antibot.mp3
de-c114.cdnplus.de/ Frame E688
Redirect Chain
  • https://thisis.aninter.net/
  • https://de-c114.cdnplus.de/antibot.mp3
136 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://de-c114.cdnplus.de/antibot.mp3
Requested by
Host: www.fastcounter.de
URL: https://www.fastcounter.de/b.php
Protocol
HTTP/1.0
Server
162.19.154.224 , France, ASN16276 (OVH, FR),
Reverse DNS
de-c114.cdnplus.de
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

icy-name
Hubu.FM | Radio Hunteburg
X-Clacks-Overhead
GNU Terry Pratchett
icy-br
128
icy-notice2
Shoutcast DNAS/posix(linux x64) v2.6.1.777<BR>
icy-url
https://hubu.fm
Access-Control-Allow-Origin
*
icy-genre
Misc, News
icy-sr
44100
icy-pub
1
Connection
close
Accept-Ranges
none
content-type
audio/mpeg
icy-notice1
<BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
Cache-Control
no-cache,no-store,must-revalidate,max-age=0

Redirect headers

location
https://de-c114.cdnplus.de/antibot.mp3
date
Wed, 21 Sep 2022 09:45:07 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
jquery.min.js
ref.cdnplus.de/ Frame 6530 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ref.cdnplus.de/jquery.min.js
Requested by
Host: ref.cdnplus.de
URL: https://ref.cdnplus.de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ref.cdnplus.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:07 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 14:16:34 GMT
server
nginx
etag
W/"628f8bc2-1762a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Wed, 28 Sep 2022 09:45:07 GMT
bannerwos120x600nr1.gif
www.wirb-oder-stirb.eu/images/de/banner/ Frame 7229 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wirb-oder-stirb.eu/images/de/banner/bannerwos120x600nr1.gif
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/sk_views_re.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:4000:68:ed8:1461:73ff:fedd:73ce , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
Apache /
Resource Hash
cb67d1eed70e35911826f04dc2d0b6cd23cc79051cb9a4d8a8b21b1ca6ff32ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
last-modified
Thu, 27 Dec 2018 12:13:29 GMT
server
Apache
accept-ranges
bytes
etag
"14e22-57dffdfd58c40"
content-length
85538
content-type
image/gif
300x250
static.a-ads.com/a-ads-banners/392300/ Frame 2657 		198 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/392300/300x250?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx /
Resource Hash
e550600b08d13c695d3b17bb6ec1037b69c831550f154ae812bb22aaef848e3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:07 GMT
last-modified
Wed, 25 May 2022 00:08:37 GMT
server
nginx
x-amz-request-id
BKGKZ06PE31GRZ8A
etag
"28dbec13d377320e2458cd66da5ad8bd"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
202497
accept-ranges
bytes
x-amz-version-id
5u9LzP93FYjJiDBN.Z1W2GHHHb4oBT8u
x-amz-id-2
fbCb3vBMLMv4HFVgndvAK9gC1ggBB2whTO3p9BiDvBNXCMH8sMDat85CwZuWMCfBvU+HiSwIRZc=
expires
Thu, 31 Dec 2037 23:55:55 GMT
in4.php
spaceeditors.com/ Frame 631A 		242 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spaceeditors.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Requested by
Host: spaceeditors.com
URL: https://spaceeditors.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
a2fa93e8864fbad319eacd4accb04be2e3de083db30dbb745c93c2ae271feef7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://spaceeditors.com/b2.php?uid=1191351678&e=0&s=0&p=0&w=468&h=60&sid=5&size=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
matomo.php
tool.hubu.link/ Frame E688 		0
203 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tool.hubu.link/matomo.php?action_name=&idsite=gkGPrbPlw0OD&rec=1&r=460597&h=9&m=45&s=7&url=https%3A%2F%2Fwww.fastcounter.de%2Fb.php&urlref=https%3A%2F%2Fwerbe-start.de%2F&_id=&_idn=1&send_image=0&_refts=1663753508&_ref=https%3A%2F%2Fwerbe-start.de%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=DmtSRg&devicePixelRatio=1&nwefftype=4g&webgl=1&pf_net=0&pf_srv=162&pf_tfr=1&pf_dm1=477
Requested by
Host: tool.hubu.link
URL: https://tool.hubu.link/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:212:29e0::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://www.fastcounter.de
date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
none
access-control-allow-credentials
true
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
main2.css
www.sekundensparer.de/css/ Frame DFFC 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sekundensparer.de/css/main2.css
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
692dca3edd84e06b6c91e743cbd1fb88bf02153d15a2bf4f5f7aab457ce07d3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/?content=/betteln2&ref=81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Aug 2022 19:56:06 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1310-5e5c034cec180-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1666
global.ajax.js
www.sekundensparer.de/ajax/ Frame DFFC 		2 KB
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sekundensparer.de/ajax/global.ajax.js
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
eb4384f109b2eb4d0fc2f3e0856515d30aef1f912d7df8385c40f9a8bb50ce4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/?content=/betteln2&ref=81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Aug 2022 19:55:32 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"7b9-5e5c032c7f500-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
672
schnee.js
www.sekundensparer.de/js/ Frame DFFC 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sekundensparer.de/js/schnee.js
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
37f66acb3cf870e548c3f4919bf55a5a623ea375cc163116d6e0111de1a71848

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/?content=/betteln2&ref=81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Aug 2022 19:58:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"dda-5e5c03c515d00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1190
css
fonts.googleapis.com/ Frame DFFC 		2 KB
481 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89dc85aa13da8847f7a4243eb8ab841b40e936ea5cc810a1b174d1507e5a7524
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 08:14:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 21 Sep 2022 09:45:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Sep 2022 09:45:08 GMT
jquery.min.js
www.sekundensparer.de/js/ Frame DFFC 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sekundensparer.de/js/jquery.min.js
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
6eec930f497d52f98e709f5ce39ba1a86002eb9e70116d7ab1fd24d699de63cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/?content=/betteln2&ref=81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Aug 2022 19:58:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"16b09-5e5c03c515d00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
32755
logochr.png
www.sekundensparer.de/images/ Frame DFFC 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sekundensparer.de/images/logochr.png
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
dd5a84a6e23457f191cac7988a70502c576153534580110a683c3aa60201be28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/?content=/betteln2&ref=81
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Last-Modified
Mon, 08 Aug 2022 19:57:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"4c4d-5e5c038bdd600"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
19533
blk.gif
www.sekundensparer.de/images/ Frame DFFC
Redirect Chain
  • https://sekundensparer.de/images/blk.gif
  • https://www.sekundensparer.de/images/blk.gif
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sekundensparer.de/images/blk.gif
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
dcc928c7b842156f5cf06ccfd21c568a1d6e351e957b2558e49ebbc5e03ac810

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Last-Modified
Mon, 08 Aug 2022 19:57:06 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1bb9-5e5c038624880"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7097

Redirect headers

Location
https://www.sekundensparer.de/images/blk.gif
Date
Wed, 21 Sep 2022 09:45:07 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
336
Content-Type
text/html; charset=iso-8859-1
rot.php
libertad-ads.de/kamp/ Frame DFFC 		3 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://libertad-ads.de/kamp/rot.php?art=layer&uid=1&sid=4
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
dbbb084ae28e85ac0ff08a832f295c7451c4b51d12809244b5902f8bbc0488bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
733
script-v2.js
s3.amazonaws.com/valao-cloud/cookie-hinweis/ Frame DFFC 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/valao-cloud/cookie-hinweis/script-v2.js
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.178.45 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b9ba2c9588f6fe8aa9a056868f9d4f806cc27297dae91ec3192c0de7cf2f334e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:09 GMT
Last-Modified
Thu, 31 Jan 2019 08:10:46 GMT
Server
AmazonS3
x-amz-request-id
QZBB81FCZM7BGQ3K
ETag
"415fbfba67f3f5cb671dce2781f21ed1"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4265
x-amz-id-2
xvzv4P1tLlDCzCGblLqZAv5arL6KE+lIHOhLo5IPyjVUxLWkkhAi38zn1w8KRCUFLCr/U3kr7IQ=
tracking-event
api.webgains.io/ Frame 4720 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 4720 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 4720 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
6.html
deli.misaglam.com/influ/ Frame 41D7 		356 B
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://deli.misaglam.com/influ/6.html
Requested by
Host: spaceeditors.com
URL: https://spaceeditors.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1&referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.201.169.184 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.184.169.201.195.clients.your-server.de
Software
nginx /
Resource Hash
a4c53f3e8b4b7c98e4ccc342a9048fbf9fb55158c71832581a02ef280f8ee9cd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://spaceeditors.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 21 Sep 2022 09:45:08 GMT
etag
W/"631276db-164"
last-modified
Fri, 02 Sep 2022 21:34:19 GMT
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
wgpizbdq.js
ad4m.at/ Frame 41D7 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/wgpizbdq.js
Requested by
Host: deli.misaglam.com
URL: https://deli.misaglam.com/influ/6.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://deli.misaglam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82950
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 27 Jul 2022 10:41:47 GMT
server
cloudflare
etag
W/"ac60ade5ed7352595cc3030edbc5e415"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqbsvDjMit2Gcn%2B4bDlRPITw5s8WgkTrYo0457BcbvgxotSWM67EBztDq90gUUWQUHLAai9XXjW4yibjwCoDxHDGq%2BrFoGWLN31Fp0imMIYUbOOkEwlggmT72uq3ULrB%2BwrnN4k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
74e1ddc1cb8668ec-FRA
expires
Tue, 13 Sep 2022 11:30:11 GMT
view.php
www.sekundensparer.de/ Frame AA78 		333 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sekundensparer.de/view.php
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
ced720dcda525f7d3c0f265458a40a28938db86e0540c4051f4d9ebed3228a26

Request headers

Referer
https://www.sekundensparer.de/?content=/betteln2&ref=81
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
no-cache
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
242
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 09:45:07 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
webbi_traffic.php
www.netzwerk-ad.de/ Frame 42D6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.163.223.180 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
vps2050907.fastwebserver.de
Software
nginx / PHP/5.6.40-38+0~20201103.42+debian9~1.gbpb211e0 PleskLin
Resource Hash
1dd6fafa719a0a22cfd6f3c49e92daa3ec0abeb80d7c1a8ab63a8bdbc596b409

Request headers

Referer
https://www.sekundensparer.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
1190
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
vary
Accept-Encoding
x-cache-status
BYPASS
x-powered-by
PHP/5.6.40-38+0~20201103.42+debian9~1.gbpb211e0 PleskLin
frame.html
ad4m.at/ Frame 1285 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2295597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
74e1ddc25c5668ec-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 21 Sep 2022 09:45:08 GMT
expires
Thu, 25 Aug 2022 20:10:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPPghpgFhi7FO8seEB41Fm9Mx7jmPN36EelXXPgwCxUA7vcKCErr0iWETUiZNpVQ21VGU55Z6U%2FZvJjM6ioCdVcmdlopC0pCY1lLy8wRkKdLnmBZFx3cMbNDPIXcT5huEPSIs4o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
logo_head.png
artemtyse.de/templates/tpl_modified_responsive/img/ Frame AA78 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://artemtyse.de/templates/tpl_modified_responsive/img/logo_head.png
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/view.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.237.132.11 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
alfa3212.alfahosting-server.de
Software
Apache /
Resource Hash
5754b0c799e5412d88c247b2c636dd434a9dc58743768a48253f24fc96790df2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Apr 2020 12:35:04 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926
Content-Type
image/png
Cache-Control
max-age=2592000, public, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
26154
Expires
Fri, 21 Oct 2022 09:45:08 GMT
rs
ad4m.at/ Frame 41D7 		471 B
855 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ca6a2c97e43b226f1d4ac7cb3537c7c0a934b61c39921ad3445902ef9517fc

Request headers

Referer
https://deli.misaglam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74e1ddc328c292c9-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuxSqx1fHxUkNnd887Rlff1SOvalvo6k4fGK3jiIe3MyVJ%2Fx8cw%2Fmn1E1RN03s2ug5KQlqyrCUMYLa7vF3LeYqCnZ1VLoV%2BMWmZclbpj0ttu5qP%2FFPSf%2F%2FApQ7h%2Fo6ZYud7tpO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://deli.misaglam.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-2p34
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://deli.misaglam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://deli.misaglam.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74e1ddc2bfee92c9-FRA
content-length
24
content-type
text/plain
date
Wed, 21 Sep 2022 09:45:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ur3zaPdVTd9yb7ZihcwSPxXXfqGn7ht6328bmp8ftCc78ztVUZhnJyzujIGexC20jkStt%2ByY%2B6KL2L4YbW38QxNkSAw9M0OVVVL87PePaI3fON5n%2B2nkRhlyxQNlWsjqr%2FD9bvY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-2p34
ziel.php
libertad-ads.de/kamp/ Frame EFF9 		906 B
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://libertad-ads.de/kamp/ziel.php?uid=1&bid=2538&sid=4
Requested by
Host: libertad-ads.de
URL: https://libertad-ads.de/kamp/rot.php?art=layer&uid=1&sid=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a1a97802947bc57b1fcaeea4d65d58e742e29508073bd831eb318a7c566d21b8

Request headers

Referer
https://www.sekundensparer.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
592
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 09:45:07 GMT
Keep-Alive
timeout=5, max=98
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
layer_gr.png
libertad-ads.de/img/ Frame DFFC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://libertad-ads.de/img/layer_gr.png
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8f6dae14e9980af2b6b19a7101c68bf7822c08a246d72c93e6ebcaf94bec7f9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:07 GMT
Last-Modified
Thu, 03 Nov 2016 07:04:30 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"b71-540602b3cdb80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2929
layer_kl.png
libertad-ads.de/img/ Frame DFFC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://libertad-ads.de/img/layer_kl.png
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/?content=/betteln2&ref=81
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d2144d105f3036f717bad666842ba695f363b781b23fc66c207d619c56e1273c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:08 GMT
Last-Modified
Thu, 03 Nov 2016 07:04:32 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"b7e-540602b5b6000"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2942
frame_rest.php
libertad-ads.de/kamp/ Frame 47CE 		233 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://libertad-ads.de/kamp/frame_rest.php?code=dWlkPTEmYmlkPTI1Mzgmc2lkPTQmdjE9JnYyPSZyZWZlcmVyPWh0dHBzOi8vd3d3LnNla3VuZGVuc3BhcmVyLmRlLw==&uid=1&bid=2538&sid=4
Requested by
Host: libertad-ads.de
URL: https://libertad-ads.de/kamp/ziel.php?uid=1&bid=2538&sid=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
1ec2b8ee8d0dad42dc5d96955699f912c8d37b7be13da16d0d1a02560aa44f41

Request headers

Referer
https://libertad-ads.de/kamp/ziel.php?uid=1&bid=2538&sid=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
206
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 09:45:08 GMT
Keep-Alive
timeout=5, max=97
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
/
werbe-start.de/files/ Frame 6167 		28 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://werbe-start.de/files/?content=/betteln&ref=129
Requested by
Host: libertad-ads.de
URL: https://libertad-ads.de/kamp/ziel.php?uid=1&bid=2538&sid=4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips / PHP/5.3.29
Resource Hash
b9d74d135cb19f70a9e714402c7ae1233ff306d2e6091b9a6b2fc9c159323e88

Request headers

Referer
https://libertad-ads.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 21 Sep 2022 09:45:08 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/5.3.29
rar
as.ad4m.at/ad/ Frame 9206 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/wgpizbdq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba6682c4a46a95b8dd5f32935d4ef7ce9bff3826e65b3fbaa9260cff6530006
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://deli.misaglam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
74e1ddc3ae4268ec-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 21 Sep 2022 09:45:08 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rot.php
www.euro-ads.de/kamp/ Frame 42D6 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.euro-ads.de/kamp/rot.php?art=bannerview&uid=10&sid=91
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.239.218.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
server.paid4marketing.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netzwerk-ad.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
4126WQs.gif
i.imgur.com/ Frame 42D6 		565 KB
566 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/4126WQs.gif
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
dcf38d0738d4d14303dfe51cc8c5cc57b887b0f5494b9caa4a6491d5f7b1ce75
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netzwerk-ad.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
x-content-type-options
nosniff
age
608519
x-cache
HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
578903
x-served-by
cache-iad-kiad7000081-IAD, cache-hhn4041-HHN
last-modified
Thu, 27 Apr 2017 03:35:23 GMT
server
cat factory 1.0
x-timer
S1663753509.560401,VS0,VE0
etag
"8839b1c01cacc1c7ee5f182820ca7c67"
strict-transport-security
max-age=300
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
15781, 4
/
my-banner-ads.com/view/468/ Frame 42D6 		1 KB
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://my-banner-ads.com/view/468/?uid=678
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.249.194.154 -, , ASN (),
Reverse DNS
Software
Apache/2 /
Resource Hash
39d11e372f8b40d3207834bd0b64276bfa0d6ee768046620f567d215685c5d68
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.netzwerk-ad.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
gzip
server
Apache/2
vary
Accept-Encoding,User-Agent
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, must-revalidate
content-length
581
x-xss-protection
1; mode=block
expires
Sat, 26 Jul 1997 05:00:00 GMT
2
autofaucet.org/wm/frechdax/ Frame 05F9 		907 B
905 B 		Document
General
Check archive.org
Download Go to
Full URL
https://autofaucet.org/wm/frechdax/2
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:544 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e96f746772a722ae7583af20a04ab8191938cea263e7b9b78f098b167f0ab1c4

Request headers

Referer
https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
74e1ddc49acd9137-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9NIv7gApDiuE%2BU25FxuoZHYil0hO1zpWdDzHHm3BQA3RkfdSlN6M0usALwxGLURfzvvdIr7arcFEjia7aR3TqpdIDy3%2B2%2F3LlcIV5u94cBdTMkSSBxApfKuDT7Bqb1JwLMUd6N%2FeVNffFytuw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
1551779
ad.a-ads.com/ Frame A321 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1551779?size=468x60
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
6779b299b94632185be334329da7a4c61007c090e42cd901f8db5d741d46741f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://www.netzwerk-ad.de/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 9206 		85 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
761271
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86781
surrogate-control
no-store
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Mon, 12 Sep 2022 14:17:16 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
74e1ddc41ed668ec-FRA
cf-bgj
minify
D79C954E206D0E4D62CE2FD6A790CCF3F307301C2B3749F53C1D942235F0DB56EC61BF133CCA8286AF0CB6184EAACC180FE6AE7DAF2C030A5FC4FB233DC1862E
assets.ad4m.at/logo/ Frame 9206 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D79C954E206D0E4D62CE2FD6A790CCF3F307301C2B3749F53C1D942235F0DB56EC61BF133CCA8286AF0CB6184EAACC180FE6AE7DAF2C030A5FC4FB233DC1862E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6077d96b9bd1b7071f971ce7fb559e3e57af37df56ac67b9c2d64b2b8796fbd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1063280
cf-polished
origFmt=png, origSize=67209
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44330
last-modified
Wed, 13 Jul 2022 10:30:32 GMT
server
cloudflare
etag
"8e0be36dfd6d499fc28a6f3e19920b0b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VaD3p0axSAduRTyS0foZaqgzGMy2GFRVajBhgyxrb3yOvcnofKc%2FBb8asJhv1zt1DdkZZCtvIc1GDaq7pqqXMVdhtcyKyeowl97NTffgfrCQ7paCnV0OD685vv4RdVPYTkYpAKypjlEBE%2Fa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:08 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddc41ed968ec-FRA
cf-bgj
imgq:85,h2pri
228AE3BC27B59997BB38FAE9B35BF19F78E1A83D3EEE4F366E97EB15815360D99C4F0AA46F2DFD8AB7A011602A783946A7F0B5421349CAC837964DFF6096C972
assets.ad4m.at/product_image/ Frame 9206 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/228AE3BC27B59997BB38FAE9B35BF19F78E1A83D3EEE4F366E97EB15815360D99C4F0AA46F2DFD8AB7A011602A783946A7F0B5421349CAC837964DFF6096C972
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50df5c94512b11c2f4c8357774f25d123c5a39c120796dcc5b1d9ec8df548e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2391796
cf-polished
origFmt=png, origSize=310324
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
205550
last-modified
Wed, 13 Jul 2022 10:46:44 GMT
server
cloudflare
etag
"ca68d721f16044ab0bd800156f6dd789"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rZD0FL8%2Bm%2FTUuas1p%2FL3U69JPFEncJQktPKpFxEco0CfFrhcHxldAoiR3xBlbFCy%2FrAvJszQGR6fc2rTMLzVAUyjm5fj%2FJctAIPcQKpu9Swddrn%2BM%2Buay6VEoK5riryyug3%2B%2F53sMNs0B2t"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:08 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddc42ee668ec-FRA
cf-bgj
imgq:85,h2pri
73C10F6454E5F5D551F3BAA0FE0B739353B13D0112A3510FB9E9AF06075004442DCCDE63E5E9752AF9F249242B386F3201B74455BEDB4FBF9B5847C61006F915
assets.ad4m.at/logo/ Frame 9206 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/73C10F6454E5F5D551F3BAA0FE0B739353B13D0112A3510FB9E9AF06075004442DCCDE63E5E9752AF9F249242B386F3201B74455BEDB4FBF9B5847C61006F915
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3771a8c647bae3bbfbc94f461174fe2f2353035faee5d2e9298ed42fb9a33fb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
561041
cf-polished
origFmt=png, origSize=40670
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14536
last-modified
Wed, 15 Dec 2021 15:39:42 GMT
server
cloudflare
etag
"d01ee8ecc4fed415ce41a85e1870fd3c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MH1Dc77Gcf9IHkx0nL%2FoFiQHgxE%2F3bD0xCFTpmVoCGlYOuS%2B7tJU4JauSHw%2FmtzwonUmGsz4viVeeo78%2B%2B792u3CAXn0Qh%2BxJFzBgLEXyb69EDxHi5CjEZa5Q1oey4QZ%2FpBOiBS55eaG3Ov%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:08 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddc42eea68ec-FRA
cf-bgj
imgq:85,h2pri
A4F2C3E5E7BBEEB9A7C281F18A7383EBDE12E02447EE5A6731133BEA67806722F88DB26CA81CA6F098AD1E3E3E3B2BC1B9C901AF6DDC73567A47C19B245F8693
assets.ad4m.at/product_image/ Frame 9206 		416 KB
416 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A4F2C3E5E7BBEEB9A7C281F18A7383EBDE12E02447EE5A6731133BEA67806722F88DB26CA81CA6F098AD1E3E3E3B2BC1B9C901AF6DDC73567A47C19B245F8693
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0d6c068afe0243f2e7a076c5001dc157b28c999a64035d64a3f037d2b3614d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
139694
cf-polished
origFmt=png, origSize=650087
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
425534
last-modified
Fri, 17 Dec 2021 11:30:39 GMT
server
cloudflare
etag
"594b38f4caa840b189fd01afde8fed56"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fgnjc%2B8hP3FkGhZ40FZtr%2BvSiHASiQyFT9JoYg6gnqpk44hMiahy4rotB75dBjrmyH1KXISBQ7SlKto%2FaFdkqlw8G0iwpea8wrzQUHOz%2BF%2BB1dC5ToIF%2FNgEPz8dK8LDF31YVA6KhSyl%2F%2BPR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:08 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddc42eec68ec-FRA
cf-bgj
imgq:85,h2pri
cr_aeab91be-76a2-4157-a67e-e69d5770c97c
res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_20,w_auto/v1631792517/prod_creatives/net_253/adv_90190/ Frame 9206
Redirect Chain
  • https://qwedvm.r.palmenmann.de/ts/i5545033/tsv?amc=dis.blbn.455799.507632.CRTFfYhgSg5&smc1=oneid52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1oneid__Influencer_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_20,w_auto/v1631792517/prod_creatives/net_253/adv_90190/cr_aeab91be-76a2-4157-a67e-e69d5770c97c
72 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_20,w_auto/v1631792517/prod_creatives/net_253/adv_90190/cr_aeab91be-76a2-4157-a67e-e69d5770c97c
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H2
Server
2a04:4e42:400::393 -, , ASN (),
Reverse DNS
Software
Cloudinary /
Resource Hash
c4b0e50bfeaddf85d983aefb4bc77d168bbb25dd397d5dbc35230a1ffb5e3758
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
x-content-type-options
nosniff
content-disposition
inline; filename="cr_aeab91be-76a2-4157-a67e-e69d5770c97c.webp"
server-timing
fastly;dur=1;start=2022-09-21T09:45:08.831Z;desc=hit,rtt;dur=37
vary
Sec-CH-DPR,Width,Sec-CH-Width
content-length
72
x-request-id
4339c52ee49745b190d7ccee6e6e2ac6
last-modified
Fri, 10 Jun 2022 09:11:55 GMT
server
Cloudinary
etag
"ede68dad5d11c00a0b117d7bc1b04fda"
strict-transport-security
max-age=604800
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:08 GMT
last-modified
Wed, 21 Sep 2022 09:45:08 GMT
location
https://res.cloudinary.com/i19s/image/upload/dpr_auto,f_auto,fl_lossy,q_20,w_auto/v1631792517/prod_creatives/net_253/adv_90190/cr_aeab91be-76a2-4157-a67e-e69d5770c97c
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, private, post-check=0, pre-check=0
content-length
0
x-xss-protection
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
assets.ad4m.at/logo/ Frame 9206 		467 KB
467 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/60FD20F1676D1F9A06186B287BEA963E2FA606953F8F76587C6A69AEED33F93312327919FFF9BFEAB8F1720429B5E57633ECC66386BA3D90DF72A2018B8A5D7A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
139675
cf-polished
origFmt=png, origSize=706198
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
477790
last-modified
Tue, 03 Nov 2020 16:12:21 GMT
server
cloudflare
etag
"7818415cbdf9567ea6f508841c4fe2a7"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OF7Y7eqTBIWfzSsDR53%2FVFQDL8SndjYBGdEGdg37If2ySKYrF%2BB6y64AwbeOwflR66Kv8yI0fxvIq2WdpTZhqe0I1JTwEnK2Fzz8mX970e4jZCQSTy9x%2Fq2gm0pou1XyQjEKFWxfImH5CD4G"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:08 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddc42eee68ec-FRA
cf-bgj
imgq:85,h2pri
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 9206 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
567673
cf-polished
qual=85, origFmt=jpeg, origSize=133780
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28740
last-modified
Tue, 18 Feb 2020 10:22:01 GMT
server
cloudflare
etag
"d061ca155f758f490340e147604dc3ee"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swSTSEFak1B5eSomMpduRw4Xog8BuQc7mDRnE%2F11Tj%2B59mVyzC%2B6m3np8K4u3fatJlvXeYEZe7TkRZOxFGbPs3tPmp3j8ip7IzHtnh5VylWQfNK9SRtHd%2FuZQWL%2FE9X77LICOdDlDzIOGwlK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 22 Sep 2022 09:45:08 GMT
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
74e1ddc42ef168ec-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 9206 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5oneid__Influencer_advancedad_728x90&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Sep 2022 09:45:08 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
468x60
static.a-ads.com/a-ads-banners/393793/ Frame A321 		428 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393793/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx /
Resource Hash
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
last-modified
Tue, 31 May 2022 13:40:38 GMT
server
nginx
x-amz-request-id
K48V59XHFCGQH6B0
etag
"9ecf8ce917854a0c481254a2d97e2ac6"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
438215
accept-ranges
bytes
x-amz-version-id
z255ENYiUlJNOhBGq31VF7sK56UjqNd9
x-amz-id-2
jtIw72xV7O9rYs+Cy7WGAPilOyXeNRbaDYC9qxlVnKFrfYk8ozHe8IFMO4jk9D7rIRKfbzhmBo8=
expires
Thu, 31 Dec 2037 23:55:55 GMT
link.html
track.webgains.com/ Frame 9206 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3459435&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jsxhb51a9j6863rd967xt0h39t2bc1cpnz2kdadnhpnf3rhp7qnhh28k4j5t9whbpg27pss9nk1bq9ssnkgh1xd7t9zw186x8k9mz85j98nxrf7qmrz8de5g29m19d8pctnfr6y5y8qm4p55f8na1f4fybpy4h40t9setjddhqj1kr13fhrgpxajk886p59wy755zqwy8gb991rjrsavqvk9zk9jre8e3b7ccw2h01dvq5yxb6r5yqdgekc1h70skysc9r%26a%3D&clickref=oneidr5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtdoneid__Influencer_advancedad_728x90&viewref=oneid4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHKoneid__Influencer_advancedad_728x90
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
8c8fc9147888c49bda2813d4482be71b23c9341eaee0ea98b16743ccce14f8d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
last-modified
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Sep 2022 09:46:08 GMT
1551779
ad.a-ads.com/ Frame 2541 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1551779?size=468x60
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
6779b299b94632185be334329da7a4c61007c090e42cd901f8db5d741d46741f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://www.netzwerk-ad.de/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
1551779
ad.a-ads.com/ Frame 9C38 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1551779?size=468x60
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
6779b299b94632185be334329da7a4c61007c090e42cd901f8db5d741d46741f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://www.netzwerk-ad.de/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
/
w-w-diamonds-club.com/ Frame 0BFB 		36 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/?content=/betteln&ref=109
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ed12ef8cf9ea2967944b53afcacb186ea50bbcc619ffc0782c2f7496f4610cb8

Request headers

Referer
https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html
date
Wed, 21 Sep 2022 09:45:08 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding,User-Agent
rota.php
www.ads4allweb.de/api/kamp/ Frame DC98 		0
0
rota.php
www.ads4allweb.de/api/kamp/ Frame 1F03 		0
0
view.php
www.sekundensparer.de/ Frame EE5C
Redirect Chain
  • https://sekundensparer.de/view.php
  • https://www.sekundensparer.de/view.php
333 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sekundensparer.de/view.php
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
195.90.212.124 , Germany, ASN42730 (EVANZOAS, DE),
Reverse DNS
v99150.1blu.de
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
ced720dcda525f7d3c0f265458a40a28938db86e0540c4051f4d9ebed3228a26

Request headers

Referer
https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-control
no-cache
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
242
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 09:45:08 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
330
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 21 Sep 2022 09:45:08 GMT
Keep-Alive
timeout=5, max=98
Location
https://www.sekundensparer.de/view.php
Server
Apache/2.4.29 (Ubuntu)
pvClk.min.js
analytics.webgains.io/ Frame 9206 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3459435&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jsxhb51a9j6863rd967xt0h39t2bc1cpnz2kdadnhpnf3rhp7qnhh28k4j5t9whbpg27pss9nk1bq9ssnkgh1xd7t9zw186x8k9mz85j98nxrf7qmrz8de5g29m19d8pctnfr6y5y8qm4p55f8na1f4fybpy4h40t9setjddhqj1kr13fhrgpxajk886p59wy755zqwy8gb991rjrsavqvk9zk9jre8e3b7ccw2h01dvq5yxb6r5yqdgekc1h70skysc9r%26a%3D&clickref=oneidr5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtdoneid__Influencer_advancedad_728x90&viewref=oneid4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHKoneid__Influencer_advancedad_728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 03:15:37 GMT
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 13:40:24 GMT
server
AmazonS3
age
23372
etag
"42f12532a1be9c2d028e26e9b82a99a2"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-pop
FRA60-P4
content-length
86537
x-amz-cf-id
XNcnY9-y49MKB_F59cg8rfkmrfee_4_d1HhDYwbHPMaXutFlNu8I3w==
link.html
track.webgains.com/ Frame 9206 		149 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneid4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHKoneid__Influencer_advancedad_728x90&wglinkid=3459435
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=198961%2C176460%2C19769&b=4gVXhEf5fAK3rcGH9HdtAtMGAQcbSZt75pHK%2C52GBSXfEfWpBPUpH7HMt3t7pKbaYSktpE5F1%2CwxeRcdfjf9bqtEHRH2tXt4PYTzS9tmrAa5&f=r5K3UQf9f351RaAH7HjtJCV6xAhYSJtgQDtd%2Cpqw5U1fgf9M5AfkH4HmtJC5zg4F9S7t8V4FE%2CgAKMS8frf8AJTPHbH8txCr9VhmSjt9pjhe&c=728&d=90&e=&g=3ed6d932d598c82b0cf2bbc4fb3d62a4%2F13576914170977670638&i=71690%2C71115%2C21630&j=21%2C52%2C16&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1663753508371&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.238.206 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-238-206.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
08da0846fcb1f65a2ead9d380eeb1285d7920fc0ce2d68cd394afe52af059ad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
last-modified
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Sep 2022 09:46:08 GMT
468x60
static.a-ads.com/a-ads-banners/393793/ Frame 2541 		428 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393793/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx /
Resource Hash
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
last-modified
Tue, 31 May 2022 13:40:38 GMT
server
nginx
x-amz-request-id
K48V59XHFCGQH6B0
etag
"9ecf8ce917854a0c481254a2d97e2ac6"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
438215
accept-ranges
bytes
x-amz-version-id
z255ENYiUlJNOhBGq31VF7sK56UjqNd9
x-amz-id-2
jtIw72xV7O9rYs+Cy7WGAPilOyXeNRbaDYC9qxlVnKFrfYk8ozHe8IFMO4jk9D7rIRKfbzhmBo8=
expires
Thu, 31 Dec 2037 23:55:55 GMT
468x60
static.a-ads.com/a-ads-banners/393793/ Frame 9C38 		428 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393793/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1551779?size=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx /
Resource Hash
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
last-modified
Tue, 31 May 2022 13:40:38 GMT
server
nginx
x-amz-request-id
K48V59XHFCGQH6B0
etag
"9ecf8ce917854a0c481254a2d97e2ac6"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
438215
accept-ranges
bytes
x-amz-version-id
z255ENYiUlJNOhBGq31VF7sK56UjqNd9
x-amz-id-2
jtIw72xV7O9rYs+Cy7WGAPilOyXeNRbaDYC9qxlVnKFrfYk8ozHe8IFMO4jk9D7rIRKfbzhmBo8=
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_head.png
artemtyse.de/templates/tpl_modified_responsive/img/ Frame EE5C 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://artemtyse.de/templates/tpl_modified_responsive/img/logo_head.png
Requested by
Host: www.sekundensparer.de
URL: https://www.sekundensparer.de/view.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.237.132.11 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS
alfa3212.alfahosting-server.de
Software
Apache /
Resource Hash
5754b0c799e5412d88c247b2c636dd434a9dc58743768a48253f24fc96790df2
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sekundensparer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Apr 2020 12:35:04 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31556926
Content-Type
image/png
Cache-Control
max-age=2592000, public, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
26154
Expires
Fri, 21 Oct 2022 09:45:08 GMT
widget.min.js
arc.io/ Frame 0BFB 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arc.io/widget.min.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.64 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1814f0411cc849545f4e03d3001bcac5bf9a5cf3384626afbe648b2fcc2eaed
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
last-modified
Fri, 16 Sep 2022 20:27:41 GMT
age
2618
etag
"6324dc3d-b76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, stale-while-revalidate=864000
date
Wed, 21 Sep 2022 09:01:31 GMT
x-amz-cf-pop
FRA56-P3
content-length
2934
via
1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-id
I2H828NYCrBReaSBvhPLY9TZUj5fssDICHwXJ7zr5_dSLpSaDfmZgg==
pp_p.php
pop.adcocktail.com/ Frame 0BFB 		929 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pop.adcocktail.com/pp_p.php?uid=86243&wsid=207598
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ed7c3edded4e284d15ee91beb26b49c93419fcf929b9fdcbb6e0cb7148577c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 21 Sep 2022 09:45:08 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
74e1ddc668bc68ef-FRA
content-length
543
expires
Wed, 11 Jan 1984 05:00:00 GMT
banner.php
g.cash-ads.com/ Frame 0BFB 		27 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner.php?uid=197&size=4
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
556f4b38d8e852036affbda57c09b726cc8961d9493cf9cfc234bad406449491
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
gzip
vary
Accept-Encoding
server
nginx
x-xss-protection
1; mode=block
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
text/html; charset=UTF-8
bootstrap.min.css
w-w-diamonds-club.com/css/ Frame 0BFB 		152 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/css/bootstrap.min.css
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
br
last-modified
Mon, 25 Jul 2022 11:55:15 GMT
server
nginx
etag
"2606e-5e49fdb6d978b-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
20776
all.min.css
w-w-diamonds-club.com/css/ Frame 0BFB 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/css/all.min.css
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
7dd70534588132b35f58be8e700190cfa8c380d4d1c67acb11de2f25815649c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
br
last-modified
Mon, 25 Jul 2022 11:55:15 GMT
server
nginx
etag
"dcc5-5e49fdb6ec06b-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
11811
css
fonts.googleapis.com/ Frame 0BFB 		11 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,500|Poppins:400,500,600,700|Roboto:400,500
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af9b2c82cd0537aa05a12f71cb1f012ef1f23c1cfd14216fe6c9198f8daefebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 09:44:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 21 Sep 2022 09:45:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Sep 2022 09:45:08 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.4.95/css/ Frame 0BFB
Redirect Chain
  • https://cdn.materialdesignicons.com/4.4.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.4.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.4.95/css/materialdesignicons.min.css
195 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.4.95/css/materialdesignicons.min.css
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H3
Server
2a04:4e42:400::485 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
39cf7f64f9b9074eda2445cb685b3bbe4b95cc03b5a4a268f042a68aea86f50a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1847235
x-jsd-version
4.4.95
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33827
etag
W/"30ca6-Rm/JxyaDxAlQuY5XEBYILuIosEc"
x-served-by
cache-fra19122-FRA
x-jsd-version-type
version
date
Wed, 21 Sep 2022 09:45:09 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
1319277
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra19163-FRA
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.4.95/css/materialdesignicons.min.css
date
Wed, 21 Sep 2022 09:45:09 GMT
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
sleek.css
w-w-diamonds-club.com/assets/css/ Frame 0BFB 		347 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/css/sleek.css
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c34827d00df5190bcb25cdf6875c39b1458716d3e9b64762bb46d5c745b4500c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
br
last-modified
Mon, 25 Jul 2022 12:02:23 GMT
server
nginx
etag
"56bf6-5e49ff4f1b52c-br"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
45152
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ Frame 0BFB 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1698280
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
948
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-f62"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfTCbtJ49ikQwynZ%2BccHHGR81PAYjWaXzUKqUAmYvsm8vNhngnWTw46V0FZhdQmZfvCAzUFmmXEH5xevZGktjLoMCQi%2FIvygSxw%2FdNDtpjTCvP49cBUTB4FXfbPeYmA6%2F%2FgxGdB4vy1FRBreUsHG0b07"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74e1ddc699e791cf-FRA
expires
Mon, 11 Sep 2023 09:45:08 GMT
simplebar.css
w-w-diamonds-club.com/assets/plugins/simplebar/ Frame 0BFB 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/simplebar/simplebar.css
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
nprogress.css
w-w-diamonds-club.com/assets/plugins/nprogress/ Frame 0BFB 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/nprogress/nprogress.css
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
jquery-3.4.1.min.js
w-w-diamonds-club.com/js/ Frame 0BFB 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/js/jquery-3.4.1.min.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
b300.250.hd.gif
leadsleap.com/images/ Frame 0BFB 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadsleap.com/images/b300.250.hd.gif
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:993 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d2759c23f70d6d6a2efc23cd66fb9223dc7596dd2d6a1a25c06b45f6333b9712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2022 13:24:35 GMT
server
cloudflare
age
11119460
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpsn0fh9vtOys946CLscxpGDR9Yoe%2BiCgRYU9ufm60wZhoH7UyDeEssbqCmT6ZPpY8TViJULRw84ZejBhKvXQGv9RHFN8XMmA07rPLksXBnv%2BmUP%2FbEjamE8dlvDEorPD0aEyi%2F8RsMG6kA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74e1ddc9ee766945-FRA
content-length
104269
expires
Mon, 15 May 2023 17:00:48 GMT
payment1.png
banner.ebesucher.de/de/ Frame 0BFB 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.ebesucher.de/de/payment1.png
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.146.221 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
6ec00cb21b964f957b1df00b63ece2d8a3432eb4e0b01fa61b21f8315e83b7ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
last-modified
Fri, 09 Sep 2022 11:31:36 GMT
server
Apache
accept-ranges
bytes
etag
"64ee-5e83ce37f3600"
content-length
25838
content-type
image/png
b728.90.hd.gif
leadsleap.com/images/ Frame 0BFB 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leadsleap.com/images/b728.90.hd.gif
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:993 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b729ec632f7ff08e6b87f771efd10f7d2a992a9590667ba017e95737fe5531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Apr 2022 13:24:37 GMT
server
cloudflare
age
13533022
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMfJP4RpCIbNwS1k0Ts1czNuKYjSX0bTvCFyMtvV2gSEdtyBYEImKcTG6n6xm6kk7QBEkqw2oqX%2BH7XhLjIskjH1fCu61J66lEfKs7f8j3hlVGu%2FmOp0EwYQ8Sr3OYoGvfsuy%2BZymQ%2FFmUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74e1ddc9fe796945-FRA
content-length
86145
minilayerview.php
www.mega-ad.de/codes/ Frame 0BFB 		0
0
rot.php
www.werbeflut.net/kamp/ Frame 0BFB 		0
0
random_textlinkview.php
www.mega-ad.de/codes/ Frame 0BFB 		0
0
random_bannerklick.php
www.mega-ad.de/codes/ Frame 0BFB 		0
0
random_bannerview.php
www.mega-ad.de/codes/ Frame 0BFB 		0
0
/
flag-counter.work/lt/ Frame 0BFB 		0
0
random_popup.php
www.adcity.eu/codes/ Frame 0BFB 		449 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adcity.eu/codes/random_popup.php?id=1318&aid=2374
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.190.117.158 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
293cd31197acb88c8705d3d37afb66049be10c76931aceee8f2a0e4ec6b13f58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:10 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
449
core.js
www.amcharts.com/lib/4/ Frame 0BFB 		1 MB
257 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.amcharts.com/lib/4/core.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ba -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d44eb41b9364038979e4d7bf567643081b48bbf58072e04be9a4e5b042e0438a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91885
cf-polished
origSize=1055167
platform
hostinger
last-modified
Mon, 19 Sep 2022 08:43:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1019bf-63282b9d-d86dbcd61b9e90dc;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jItOlCFWANdcYJ6Gf77RpThAf8iTRG9JUIE%2BaSFwzdOK6BDqL2Pj3ohbD4RJe3q7ypdJ2ApoNtJT%2BeWW9PUunUsRsqDYd6g6hw2xuQLhzpQl%2Bls%2FVAjBt984zNO352oIkP3BSvLYrV9pIK%2FqjCM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 09:45:09 GMT
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
74e1ddc81f17923b-FRA
cf-bgj
minify
charts.js
www.amcharts.com/lib/4/ Frame 0BFB 		143 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.amcharts.com/lib/4/charts.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ba -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
93f4e6e6c9200e14cd4a1fc3a119df84ae8c5e660f58ab1e772720f23b0fdd02
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91885
cf-polished
origSize=146989
platform
hostinger
last-modified
Mon, 19 Sep 2022 08:43:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"23e2d-63282b9a-9b0feb79a133cb77;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2V5QyRZDchYpC93EdPQQKSZ7whiYxy%2FDqHJp43L9kDBLQiK8fv1sOpUMIJUVYIv7QXqQcIBbVlCRRM5%2FsG10GKEVodVJIKlt%2BjBpmKKrCPeyMKtYG%2BbgIp9YA4ULiNVQXHFJ0alwz%2BAwQGGpHTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 09:45:09 GMT
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
74e1ddc81f19923b-FRA
cf-bgj
minify
de_DE.js
www.amcharts.com/lib/4/lang/ Frame 0BFB 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.amcharts.com/lib/4/lang/de_DE.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ba -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d82466d7834db75624424122a4add81c2f38f94f80c024e65978f41f44d48153
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91855
cf-polished
origSize=5872
platform
hostinger
last-modified
Mon, 19 Sep 2022 08:43:18 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"16f0-63282ba6-5574352fd5e98956;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFfmzGUJNbgBPp4jWXtBVltBbhavGB6PFaIxTNRg51rSosg6v69DRQvrNLVynxysE8BBCsWEZyOW3M47hO%2F02%2Bg0jmcZhj8iLLAh1JJIz1Q8ms2x3vD%2BjUuVpjicU0W1%2B8t7GZBRHLxMasdbBw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 09:45:09 GMT
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
74e1ddc81f1a923b-FRA
cf-bgj
minify
animated.js
www.amcharts.com/lib/4/themes/ Frame 0BFB 		2 KB
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.amcharts.com/lib/4/themes/animated.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6ba -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
77ae565eb8c054e6d7d1da8b47ee0d3dcacbced65719ad66a76d0dc71c37a589
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91885
cf-polished
origSize=2247
platform
hostinger
last-modified
Fri, 07 Feb 2020 13:29:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"8c7-5e3d6640-4811a5f5e1d7c804;gz"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpjOwjbXRk2wofNbtwkIXIhc3GCu%2BuKlgLQoLGVWzL0k%2BKHxkwFknJBvWb6fFpqJvhl4S3OrFyIQWbRnolK0kOydTZ4wGLuJBAti8U6ZSC9i9y95xRllMfJDkg0%2FG3v%2FTDUyy90cnUR10mhk8GE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
expires
Wed, 28 Sep 2022 09:45:09 GMT
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
74e1ddc84f5e923b-FRA
cf-bgj
minify
1417519
ad.a-ads.com/ Frame 4400 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1417519?size=468x60
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
8750afe8852128a5436805f0c885e854fa1f38a12dc8aeb10c0e5d5ce864d9dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w-w-diamonds-club.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://w-w-diamonds-club.com/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
rocket-loader.min.js
autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 05F9 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: autofaucet.org
URL: https://autofaucet.org/wm/frechdax/2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:544 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://autofaucet.org/wm/frechdax/2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Sep 2022 13:38:19 GMT
server
cloudflare
etag
W/"63232acb-302c"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma%2BvZFA0aMT3V4Ws%2B7ter0tBU0coNPOoibufsDrgQn1SipVCXQ%2BJig93OYF91aXMKEtLyg8OiglBJ2GfQtRbewmJQwXwsyUwKKVroJWNisTirRW%2FbybdLglTckUoyvE7bMhjSEb8W7tO3DuNQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74e1ddc6be449237-FRA
vary
Accept-Encoding
expires
Fri, 23 Sep 2022 09:45:08 GMT
bk_rota.php
bk.adcocktail.com/ Frame 0BFB 		279 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bk.adcocktail.com/bk_rota.php?format=468x60&uid=86243&wsid=207598
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
524a9a0b883d0b660e2dc98ff3c142c8ae52cc092420945fe3229af10d1d696f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
74e1ddc6993268ef-FRA
content-length
201
expires
Wed, 11 Jan 1984 05:00:00 GMT
gsf_468x60.gif
gold-surfer-faucet.de/banner/ Frame 0BFB 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gold-surfer-faucet.de/banner/gsf_468x60.gif
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.198.5.241 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
5929bd66bad765911f5cde9ab0abe3ae31b0e619736d82ed47fcc70a20523418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
last-modified
Wed, 14 Sep 2022 17:41:55 GMT
server
Apache
accept-ranges
bytes
etag
"99be-5e8a6a517a37a"
content-length
39358
content-type
image/gif
getimg.php
getleads4free.com/ Frame 0BFB 		0
0
tb_v.php
tl.adcocktail.com/ Frame 0BFB 		1 KB
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tl.adcocktail.com/tb_v.php?uid=86243&wsid=207598&format=728x90&reflink=on
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b0c11d36a96f4d31b7faaa96e51af9a0c4e58076ced1723326e6b7d6a3e53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 21 Sep 2022 09:45:09 GMT
server
cloudflare
cache-control
max-age=0, no-cache, no-store, must-revalidate
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cf-ray
74e1ddc86bba68ef-FRA
content-length
487
expires
Wed, 11 Jan 1984 05:00:00 GMT
js.js
w.leadsleap.com/ Frame 0BFB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.leadsleap.com/js.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:993 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
891ce41cbb0089bfbad1a64e8732a82ba241e974be41f7463f0b48cbd77bf483

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 06 Jun 2022 14:11:07 GMT
server
cloudflare
age
4078
cf-polished
origSize=4038
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5NmNdlr4HZtR%2FhJTu%2BBSvaygCU9gDKhSzGfZJV%2BL48sBOBFNFQrv0GExpFTwbSjYK7QXNs3Lh69nUFPeHJxsRBanSizEBtCIyWX5HcJo9cLV5mGi75LMPtxYC9xnmwYLOS9gYBtpikgl6qgSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
74e1ddc9fce79137-FRA
cf-bgj
minify
getimg.php
getleads4free.com/ Frame 0BFB 		0
0
123stargate1.gif
123-stargate.eu/img/ Frame 0BFB 		0
0
random_bannerview.php
www.adcity.eu/codes/ Frame 0BFB 		251 B
399 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adcity.eu/codes/random_bannerview.php?id=1318&aid=2374
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.190.117.158 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
c39a4d006df4edfcf3a6b0eefc514e85bc74be87fa4046d87c177795616c5f20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:10 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
251
tl_v.php
tl.adcocktail.com/ Frame 0BFB 		196 B
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tl.adcocktail.com/tl_v.php?uid=86243&wsid=207598
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd56b6b59b225fef671e317865c1d787e78b6f60d874034c82dd159dce94fb26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
note
CACHING IS DISABLED
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
74e1ddc8ec5368ef-FRA
content-length
195
expires
Wed, 11 Jan 1984 05:00:00 GMT
random_skybannerview.php
www.adcity.eu/codes/ Frame 0BFB 		175 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.adcity.eu/codes/random_skybannerview.php?id=1318&aid=2374
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.190.117.158 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
f17b7ef340f2aa32f89b977ca3faf4532a22a9d32ddc2a74e81b86c0d3d89ddb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:10 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
175
970x250.png
dualmine.com/files/promo/ Frame 0BFB 		57 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dualmine.com/files/promo/970x250.png
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2848 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
cf-cache-status
HIT
last-modified
Wed, 02 Dec 2020 00:50:42 GMT
server
cloudflare
age
5004
etag
"26812-5b570a1f97c80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vskzDBrO%2BQe%2BhOOiWxFW2uacZbMxMD58tMCEibuTdeOWgEmP1IPFII1WnFTCyfpjcy%2FI6EOfQssro8C%2BIQqpAevjbvmFg0HQPLXLUA2xHniO4bVoAGbGsjLFM3U%2FL50pX8LTHUGqw5Jon9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
74e1ddcb5919bbec-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
157714
s-728-en.gif
globadino.com/src/banners/ Frame 0BFB 		0
0
bl-728-en.gif
globadino.com/src/banners/ Frame 0BFB 		0
0
lo-728-en.gif
globadino.com/src/banners/ Frame 0BFB 		0
0
728x90.gif
dutchycorp.space/banners/Final-auto/V2/Coins/A/ Frame 0BFB 		0
0
728x90.png
cryptowin.io/banners/ Frame 0BFB 		0
0
728x90.gif
faucetcrypto.com/banners/ Frame 0BFB 		0
0
ccDxShxg_o.gif
images2.imgbox.com/52/77/ Frame 0BFB 		0
0
EpgN0RJX_o.gif
images2.imgbox.com/b4/29/ Frame 0BFB 		0
0
Claim%20Free%20Crypto-970x250%20px.gif
w-w-diamonds-club.com/images/fpbanner/ Frame 0BFB 		592 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w-w-diamonds-club.com/images/fpbanner/Claim%20Free%20Crypto-970x250%20px.gif
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
32f4c1e4c036d78d5bce0ddad05acdba6da51f8ccacf6deec8bb3fe529ec6ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
Earn%20and%20exchange-970x250%20px.gif
w-w-diamonds-club.com/images/fpbanner/eae/ Frame 0BFB 		592 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w-w-diamonds-club.com/images/fpbanner/eae/Earn%20and%20exchange-970x250%20px.gif
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
32f4c1e4c036d78d5bce0ddad05acdba6da51f8ccacf6deec8bb3fe529ec6ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
FaucetPay%20Contest%20Banner-728x90%20px.gif
w-w-diamonds-club.com/images/fpbanner/static/ Frame 0BFB 		592 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w-w-diamonds-club.com/images/fpbanner/static/FaucetPay%20Contest%20Banner-728x90%20px.gif
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
32f4c1e4c036d78d5bce0ddad05acdba6da51f8ccacf6deec8bb3fe529ec6ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
/
g.cash-ads.com/banner/ Frame 0BFB 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner/?code=j0zT3mEzUY3CQd10ptlXLyuOBBAtQtNn4neFuCUnNvI%3D
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
h109.hubuhost.com
Software
nginx /
Resource Hash
f3cc7c307c4a2ec032410bcc2af7a137609bdfe562cd1788e8ae9190ffc355eb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
gzip
server
nginx
x-frame-options
deny
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
jquery.min.js
w-w-diamonds-club.com/assets/plugins/jquery/ Frame 0BFB 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/jquery/jquery.min.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
br
last-modified
Mon, 25 Jul 2022 12:02:35 GMT
server
nginx
etag
"15282-5e49ff59d089f-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
29529
jquery.slimscroll.min.js
w-w-diamonds-club.com/assets/plugins/slimscrollbar/ Frame 0BFB 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/slimscrollbar/jquery.slimscroll.min.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
br
last-modified
Mon, 25 Jul 2022 12:02:36 GMT
server
nginx
etag
"1274-5e49ff5a9baa1-br"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1750
jekyll-search.min.js
w-w-diamonds-club.com/assets/plugins/ Frame 0BFB 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/jekyll-search.min.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
Chart.min.js
w-w-diamonds-club.com/assets/plugins/charts/ Frame 0BFB 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/charts/Chart.min.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
jquery-jvectormap-2.0.3.min.js
w-w-diamonds-club.com/assets/plugins/jvectormap/ Frame 0BFB 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/jvectormap/jquery-jvectormap-2.0.3.min.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
jquery-jvectormap-world-mill.js
w-w-diamonds-club.com/assets/plugins/jvectormap/ Frame 0BFB 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/jvectormap/jquery-jvectormap-world-mill.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
moment.min.js
w-w-diamonds-club.com/assets/plugins/daterangepicker/ Frame 0BFB 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/daterangepicker/moment.min.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
daterangepicker.js
w-w-diamonds-club.com/assets/plugins/daterangepicker/ Frame 0BFB 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/plugins/daterangepicker/daterangepicker.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
sleek.bundle.js
w-w-diamonds-club.com/assets/js/ Frame 0BFB 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://w-w-diamonds-club.com/assets/js/sleek.bundle.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
85.13.152.124 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/?content=/betteln&ref=109
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
server
nginx
content-length
592
content-type
text/html
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ Frame 0BFB 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6093151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5676
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jhh1KEcLBwMdGZ8n3OVPkWxmrzP0JAUcPHIdbmmsLrYXmVfS1fQ5qudE1phmmuvqduAIgq21IXxiUP54y%2Bd%2Bpzrbu5RgVTxq4DkCkz149k4x4J9fHTlrw67CERFOB6Fyr%2FlS%2BA9irAjkmPQ%2BXxPgDsLO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74e1ddc699e491cf-FRA
expires
Mon, 11 Sep 2023 09:45:08 GMT
468x60
static.a-ads.com/a-ads-banners/393777/ Frame 4400 		428 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393777/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1417519?size=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx /
Resource Hash
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:08 GMT
last-modified
Tue, 31 May 2022 13:36:38 GMT
server
nginx
x-amz-request-id
1JT6QC6567GJ6QF0
etag
"9ecf8ce917854a0c481254a2d97e2ac6"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
438215
accept-ranges
bytes
x-amz-version-id
uLgJt0kG8h9_6Yb2PhHXE0X7UZZ61_vh
x-amz-id-2
iPUtDAtGVdJxfG5Zodcf4sBJP8Eamlp2CerlzF4TQyes6F0+mHylp865zfkC1lsRfsuWxFWfvBE=
expires
Thu, 31 Dec 2037 23:55:55 GMT
rot.php
www.werbe-ads.de/kamp/ Frame 0BFB 		0
0
base.js
webminepool.com/lib/ Frame 05F9 		193 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webminepool.com/lib/base.js
Requested by
Host: autofaucet.org
URL: https://autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:581a -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cb74590760eb6d1e360a53a7921bf5c23b688106c4fd1ed6c534025ba852bde1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://autofaucet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2737
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 27 Mar 2021 13:19:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BW1kcNL0jLPTJFfKOsPNmhVEgHIPNmipwZj%2F2r75zp3k2acCSJlSNAgiDY%2FzzrW99xhCmQykMmNsNXzsvuXq19yUBKw20WoGJ5%2B%2BgJKYhsee8IQvl83ke7vTdchEDbe8DdmEk%2B8Cj3xYuUfCbI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
x-turbo-charged-by
LiteSpeed
cf-ray
74e1ddc81cc59bf4-FRA
expires
Wed, 21 Sep 2022 09:59:32 GMT
js
www.googletagmanager.com/gtag/ Frame 05F9 		210 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-STC3CT2301
Requested by
Host: autofaucet.org
URL: https://autofaucet.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c6aa05bfa8349b8df7c4578100fba4ecd53dc714c69be6d155832d72e71cb1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://autofaucet.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75092
x-xss-protection
0
expires
Wed, 21 Sep 2022 09:45:09 GMT
core.js
static.arc.io/widget/js/ Frame 0BFB 		310 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/core.js?11d024e
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 -, , ASN (),
Reverse DNS
Software
BunnyCDN-AT-731 /
Resource Hash
58d32cdf18a20946607fc36aca574770bfe544fcbef85071c3a8d7f7fdee6b99

Request headers

Referer
Origin
https://w-w-diamonds-club.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cdn-edgestorageid
731
x-amz-request-id
8D0GB7F9FYZK2SPB
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat
09/16/2022 20:57:05
cdn-pullzone
786569
x-amz-id-2
IAzzqs8PnVCd/sotxGb9FBFsJK6U5OE5T8XFhcepdENocuvczPpHvXvrYPQ/Xyxxoq7pR43VSZI=
server
BunnyCDN-AT-731
access-control-allow-origin
*
last-modified
Fri, 16 Sep 2022 20:28:02 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"7afb4c5c0ab3ed4ac43e6bb5fbb7776b"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control
public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid
68ef633629aec12deaa24307930b8945
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
broker.html
core.arc.io/ Frame 4E92 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://core.arc.io/broker.html?11d024e
Requested by
Host: arc.io
URL: https://arc.io/widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 -, , ASN (),
Reverse DNS
Software
BunnyCDN-DE-832 /
Resource Hash
0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://w-w-diamonds-club.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=2592000
cdn-cache
HIT
cdn-cachedat
09/16/2022 20:39:19
cdn-edgestorageid
832
cdn-proxyver
1.02
cdn-pullzone
786568
cdn-requestcountrycode
DE
cdn-requestid
b39ad8e83645136a6b7066422d54f285
cdn-requestpullcode
200
cdn-requestpullsuccess
True
cdn-status
200
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
content-encoding
br
content-type
text/html
date
Wed, 21 Sep 2022 09:45:09 GMT
etag
W/"61e89f9d-612"
expires
Sun, 16 Oct 2022 20:39:19 GMT
last-modified
Wed, 19 Jan 2022 23:32:45 GMT
server
BunnyCDN-DE-832
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
bundle.min.js
browser.sentry-cdn.com/6.2.2/ Frame 0BFB 		0
0
1417519
ad.a-ads.com/ Frame 8B55 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1417519?size=468x60
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
a37e805fcbcd731bcdacb726d8668f02f26c6c12eef9cfb2c912a1d7a04e2cf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w-w-diamonds-club.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:09 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://w-w-diamonds-club.com/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
df643552-7818-42b4-8ac7-1b4ca4d5830f
https://autofaucet.org/ Frame 05F9 		186 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://autofaucet.org/df643552-7818-42b4-8ac7-1b4ca4d5830f
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3aea6adab5c21cb1f73fc071b71d19f189e9f810f09d6d7b6236dbd871d6cd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
190927
Content-Type
text/javascript
dd1b2975-111a-4965-8cd3-343831cc8f70
https://autofaucet.org/ Frame 05F9 		186 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://autofaucet.org/dd1b2975-111a-4965-8cd3-343831cc8f70
Requested by
Host: www.netzwerk-ad.de
URL: https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3aea6adab5c21cb1f73fc071b71d19f189e9f810f09d6d7b6236dbd871d6cd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
190927
Content-Type
text/javascript
468x60
static.a-ads.com/a-ads-banners/117620/ Frame 8B55 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1417519?size=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx /
Resource Hash
d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
last-modified
Sun, 19 Apr 2020 16:08:09 GMT
server
nginx
x-amz-request-id
SJVBPJW636NBX6VV
etag
"d89cd17d5e22adfb5532615d116d84b8"
content-type
image/gif
cache-control
max-age=315360000
content-length
160195
accept-ranges
bytes
x-amz-version-id
LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4
x-amz-id-2
pqp8xgSNhkDY7cBmC7OJ5o18c5ZFVJEHlFQtU8Bv2x1uMHx1oes829asMwzSUsvd/+kxz5tsgOc=
expires
Thu, 31 Dec 2037 23:55:55 GMT
fv.php
my-banner-ads.com/view/468/ Frame 0F52 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my-banner-ads.com/view/468/fv.php?size=1&ison=1&user=678&vt=7&dref=https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3&scrw=1600&scrh=1200&timestamp=1663753509378
Requested by
Host: my-banner-ads.com
URL: https://my-banner-ads.com/view/468/?uid=678
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.249.194.154 -, , ASN (),
Reverse DNS
Software
Apache/2 /
Resource Hash
bfc33bc4e2c550afb4e2ab737bccc9f215eca9346084ee5128eebcc139b1a5e1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.netzwerk-ad.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-length
1217
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:09 GMT
expires
Fri, 21 Oct 2022 09:45:09 GMT
server
Apache/2
vary
Accept-Encoding,User-Agent
x-xss-protection
1; mode=block
jquery.js
werbe-start.de/files/js/ Frame 6167 		90 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://werbe-start.de/files/js/jquery.js
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=129
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:09 GMT
Last-Modified
Tue, 05 Oct 2021 10:04:52 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"169d5-5cd982929018d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
92629
wz_jsgraphics.js
werbe-start.de/files/js/ Frame 6167 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://werbe-start.de/files/js/wz_jsgraphics.js
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=129
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
12d6860333be6aede55b9112ef24a389bd9869cef171ec2f872a077599682cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:09 GMT
Last-Modified
Tue, 05 Oct 2021 10:04:52 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"592b-5cd982928bb3d"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
22827
rot.php
www.ad-mix.de/kamp/ Frame 6167 		194 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ad-mix.de/kamp/rot.php?art=leaderboardview&uid=276&sid=222
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=129
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.63.98.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv.ms-i-service.net
Software
nginx / PHP/7.4.30, PleskLin
Resource Hash
15195e01788c7454c277caf30bee23c2627961f104d467c330c7f5f22f968b1d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Security-Policy
upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline';
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.4.30, PleskLin
X-Cache-Status
BYPASS
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Date
Wed, 21 Sep 2022 09:45:09 GMT
Connection
keep-alive
Content-Length
179
rot.gif
werbe-start.de/images/ Frame 6167 		147 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://werbe-start.de/images/rot.gif
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=129
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
0502be96847bd2527d92638b8b2975352244146b4693636e2020d008593da4fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:09 GMT
Last-Modified
Tue, 05 Oct 2021 10:05:27 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"93-5cd982b363deb"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
147
gruen.gif
werbe-start.de/images/ Frame 6167 		149 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://werbe-start.de/images/gruen.gif
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=129
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
682c3491dcf16fea22d2c78c11da4dcffeb2c3d3e8a8187828d5ff0dde5c8327

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:09 GMT
Last-Modified
Tue, 05 Oct 2021 10:05:27 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"95-5cd982b37013a"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
149
b_88x31.gif
werbe-start.de/files/images/banner/ Frame 6167 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://werbe-start.de/files/images/banner/b_88x31.gif
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=129
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.194.84.77 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
cpanel.vms1-scripte.de
Software
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips /
Resource Hash
ce5eccb5f63bbbaafae648659e7434a1403745188cd6e3e07dddaf842cabae68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:09 GMT
Last-Modified
Tue, 05 Oct 2021 10:05:05 GMT
Server
Apache/2.4.53 (Unix) OpenSSL/1.0.2k-fips
ETag
"bf2-5cd9829ef81be"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3058
rot.php
www.werbeflut.net/kamp/ Frame 6167 		0
0
rot.php
www.ads4you.biz/kamp/ Frame 6167 		0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ads4you.biz/kamp/rot.php?art=textlinkview&uid=55&sid=118
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=129
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.63.98.119 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
srv.ms-i-service.net
Software
nginx / PHP/7.4.30, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 21 Sep 2022 09:45:09 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.4.30, PleskLin
Content-Length
0
X-Cache-Status
BYPASS
Content-Type
text/html; charset=UTF-8
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ Frame 6167 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/cookieconsent.min.js
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=129
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3689039
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1618
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-11d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAlI%2BBlKz%2FVbT92QglNZ%2BP%2FwLOe9alaCiotEYbL8aSDpNye%2FdM%2FB%2BrL2xMXJSq5uf5TJuPsw1XXvJ7wwKAVMUuQgIs6H3iQ4FmHiAhGzyqiyNDF13PEchCP6UJaXKlAhgf8pHCUzeUAQnuVt4jFRRkxh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74e1ddcb184391cf-FRA
expires
Mon, 11 Sep 2023 09:45:09 GMT
tracking-event
api.webgains.io/ Frame 9206 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.23.117 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-23-117.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 21 Sep 2022 09:45:09 GMT
server
nginx
broker.b281d075.js
static.arc.io/broker/js/ Frame 4E92 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/broker.b281d075.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?11d024e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 -, , ASN (),
Reverse DNS
Software
BunnyCDN-AT-731 /
Resource Hash
187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cdn-edgestorageid
731
x-amz-request-id
Q0VZ5JYJQAE4N7HC
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat
05/18/2022 20:53:49
cdn-pullzone
786569
x-amz-id-2
/LDQe0qDpomo3ye6gBwWLI3qZr+tADKNhQvRYRvYrUIvKDszwbhZkrxY7MAFHg2SUXmu5qY/00M=
server
BunnyCDN-AT-731
access-control-allow-origin
*
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"8c5f6da1d62d33cc4c32a8ce63be2bf6"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control
public, max-age=2592000
cdn-requestid
96f0f7b174f172845e06be8f889cfa78
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
chunk-vendors.5e1d8045.js
static.arc.io/broker/js/ Frame 4E92 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?11d024e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 -, , ASN (),
Reverse DNS
Software
BunnyCDN-AT-731 /
Resource Hash
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0

Request headers

Referer
https://core.arc.io/
Origin
https://core.arc.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cdn-edgestorageid
731
x-amz-request-id
Q0VX887CAMG6M0FN
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat
05/18/2022 20:53:49
cdn-pullzone
786569
x-amz-id-2
D0Ce1lqJyJ/3sP4MbDR7LsuLGnf24KfyTEbEwx+Rmg2BtInlq1itEiD4YU63dyrIYyzA13mFuHo=
server
BunnyCDN-AT-731
access-control-allow-origin
*
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control
public, max-age=2592000
cdn-requestid
d1351369a03b23412e203263ac903076
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 4E92 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?11d024e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 -, , ASN (),
Reverse DNS
Software
BunnyCDN-AT-731 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cdn-edgestorageid
731
x-amz-request-id
Q0VGGNTC3N1MSPB0
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat
05/18/2022 20:53:49
cdn-pullzone
786569
x-amz-id-2
lZslZCanUUy7t5I+zYrEmAmJRNoLuUJ7xikcmJgGgjZxo2YbGHCFGQBTQrCRX0yF1OMBTD1Je7s=
server
BunnyCDN-AT-731
access-control-allow-origin
*
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control
public, max-age=2592000
cdn-requestid
1daa0fd360a351848769e71f191de563
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 4E92 		0
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by
Host: core.arc.io
URL: https://core.arc.io/broker.html?11d024e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 -, , ASN (),
Reverse DNS
Software
BunnyCDN-AT-731 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://core.arc.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cdn-edgestorageid
731
x-amz-request-id
Q0VVVESQZBFX9ZGR
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat
05/18/2022 20:53:49
cdn-pullzone
786569
x-amz-id-2
jnp0tO4DvTGSXAjdqye22ZsY6UF594OUr6M5t2ODVjO8D1vt20+0HPpt5UcvG+blpJYZKFdgBrU=
server
BunnyCDN-AT-731
access-control-allow-origin
*
last-modified
Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control
public, max-age=2592000
cdn-requestid
8b683dfab8ba9ed5020e18f003443be3
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
mystats.php
www.gigapromo.de/tools/ Frame 0BFB 		0
0
1417519
ad.a-ads.com/ Frame D8B4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1417519?size=468x60
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
2d5c30abc255cc4d9fff63419cd57d600634c22635703ae0255ff8ce3b7636f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w-w-diamonds-club.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:09 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://w-w-diamonds-club.com/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
1417519
ad.a-ads.com/ Frame D3A0 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1417519?size=468x60
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
8750afe8852128a5436805f0c885e854fa1f38a12dc8aeb10c0e5d5ce864d9dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w-w-diamonds-club.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:09 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://w-w-diamonds-club.com/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
rot.php
www.werbe-ads.de/kamp/ Frame 0BFB 		0
0
rota.php
www.ads4allweb.de/api/kamp/ Frame FCF7 		0
0
1422914
ad.a-ads.com/ Frame 13F3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1422914?size=200x200
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx / Phusion Passenger(R)
Resource Hash
5f36483adc65a2d1869a21f41aba37562bd89b8c6ebdeb3792c149528ea6adf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://w-w-diamonds-club.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Wed, 21 Sep 2022 09:45:09 GMT
server
nginx
status
200 OK
vary
Accept-Encoding Accept-Encoding
x-content-type-options
nosniff
x-original-referer
https://w-w-diamonds-club.com/
x-powered-by
Phusion Passenger(R)
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-xss-protection
1; mode=block
/
www.adcocktail.com/ Frame BB1E
Redirect Chain
  • https://tt.adcocktail.com/tt_rota.php?uid=86243&wsid=207598
  • https://www.adcocktail.com/?spez=kein_werbemittel
0
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.adcocktail.com/?spez=kein_werbemittel
Requested by
Host: w-w-diamonds-club.com
URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://w-w-diamonds-club.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74e1ddcb4fcd68ef-FRA
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:09 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
note
CACHING IS DISABLED
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74e1ddcacf2268ef-FRA
content-encoding
gzip
content-length
20
content-type
text/html; charset=UTF-8
date
Wed, 21 Sep 2022 09:45:09 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://www.adcocktail.com?spez=kein_werbemittel
note
CACHING IS DISABLED
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
468x60-3.png
static1.freebitco.in/banners/ Frame 0F52 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static1.freebitco.in/banners/468x60-3.png
Requested by
Host: my-banner-ads.com
URL: https://my-banner-ads.com/view/468/fv.php?size=1&ison=1&user=678&vt=7&dref=https://www.netzwerk-ad.de/webbi_traffic.php?id=334337&count=3&scrw=1600&scrh=1200&timestamp=1663753509378
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.6.49 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://my-banner-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
136036
cf-polished
origFmt=png, origSize=38120
vary
Accept
content-type
image/webp
cache-control
max-age=315360000
last-modified
Mon, 19 Sep 2022 19:57:53 GMT
content-disposition
inline; filename="468x60-3.webp"
accept-ranges
bytes
cf-ray
74e1ddcb78139b98-FRA
content-length
26528
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 0F52 		304 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2a6514396452c789c97fe3130ee5f376e3f83fc0a96c3ef1b584a527c6bb194

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
468x60
static.a-ads.com/a-ads-banners/393745/ Frame D8B4 		428 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393745/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1417519?size=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
last-modified
Tue, 31 May 2022 13:28:27 GMT
server
nginx
x-amz-request-id
PQ7FHW3DTJRZHBTC
etag
"9ecf8ce917854a0c481254a2d97e2ac6"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
438215
accept-ranges
bytes
x-amz-version-id
OCdZGo21C0eofzydi4BulScJFjE6rXPN
x-amz-id-2
skbQ6DNnfB1rDq4lDCFhVIUhryU4YBC2xCUjwg4zkLqe3hBHOFIsTerd6qiyEDQrD6EVKUOuECU=
expires
Thu, 31 Dec 2037 23:55:55 GMT
468x60
static.a-ads.com/a-ads-banners/393777/ Frame D3A0 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.a-ads.com/a-ads-banners/393777/468x60?region=eu-central-1
Requested by
Host: ad.a-ads.com
URL: https://ad.a-ads.com/1417519?size=468x60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213.239.205.245.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.a-ads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
last-modified
Tue, 31 May 2022 13:36:38 GMT
server
nginx
x-amz-request-id
1JT6QC6567GJ6QF0
etag
"9ecf8ce917854a0c481254a2d97e2ac6"
content-type
image/gif
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
content-length
438215
accept-ranges
bytes
x-amz-version-id
uLgJt0kG8h9_6Yb2PhHXE0X7UZZ61_vh
x-amz-id-2
iPUtDAtGVdJxfG5Zodcf4sBJP8Eamlp2CerlzF4TQyes6F0+mHylp865zfkC1lsRfsuWxFWfvBE=
expires
Thu, 31 Dec 2037 23:55:55 GMT
728.gif
crypto-fire.website/ Frame 6167 		0
0
sk_views_li.php
werbe-start.de/files/ Frame D47A 		0
0
fcount.php
www.fastcounter.de/ Frame 6167 		1 KB
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fastcounter.de/fcount.php?rnd=48955785566
Requested by
Host: werbe-start.de
URL: https://werbe-start.de/files/?content=/betteln&ref=129
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
232341563dbe97946ab2c798c0223fedc673be3bff22b7ed01820a12e940b1ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://werbe-start.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Sep 2022 09:45:09 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
nginx/1.18.0
content-encoding
gzip
content-type
text/html; charset=UTF-8
sk_views_re.php
werbe-start.de/files/ Frame D482 		0
0
vendors~widget-ui.js
static.arc.io/widget/js/ Frame 0BFB 		16 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by
Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?11d024e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.180.12.68 -, , ASN (),
Reverse DNS
Software
BunnyCDN-AT-731 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://w-w-diamonds-club.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 09:45:09 GMT
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
cdn-edgestorageid
731
x-amz-request-id
Q0VPHC1N2SWSS2GG
access-control-expose-headers
Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat
05/18/2022 20:53:49
cdn-pullzone
786569
x-amz-id-2
CkEMjPK0KOSi9LzyMUU6sCxU7vJzv6l9eg0tQGkvO2tQjCUoILu8C5dRHJbcQR6h9PnNjQaUGE0=
server
BunnyCDN-AT-731
access-control-allow-origin
*
last-modified
Mon, 16 May 2022 23:42:11 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"5f5181a44cab6b9ccdc03f0d9f46e177"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
cdn-cache
HIT
cdn-uid
1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control
public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid
bd0db286a2284c73c38c15e9e567e020
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
widget.css
static.arc.io/widget/css/ Frame 0BFB 		0
0
widget-ui.js
static.arc.io/widget/js/ Frame 0BFB 		0
0
lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 4E92 		0
0
fcounter.php
www.fastcounter.de/ Frame 6167 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.googleapis.com
URL
http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Domain
www.rohrex.de
URL
http://www.rohrex.de/api.php
Domain
www.werbeflut.net
URL
https://www.werbeflut.net/kamp/rot.php?art=textlinkview&uid=952&sid=1574
Domain
www.ads4allweb.de
URL
https://www.ads4allweb.de/api/kamp/rota.php?sid=66&uid=1053&art=traffic
Domain
www.ads4allweb.de
URL
https://www.ads4allweb.de/api/kamp/rota.php?sid=66&uid=1053&art=traffic
Domain
www.mega-ad.de
URL
https://www.mega-ad.de/codes/minilayerview.php?id=2349&bid=12393&aid=3839
Domain
www.werbeflut.net
URL
https://www.werbeflut.net/kamp/rot.php?art=leaderboardview&uid=1483&sid=1545
Domain
www.mega-ad.de
URL
https://www.mega-ad.de/codes/random_textlinkview.php?id=2349&aid=3839
Domain
www.mega-ad.de
URL
https://www.mega-ad.de/codes/random_bannerklick.php?id=2349&aid=3839
Domain
www.mega-ad.de
URL
https://www.mega-ad.de/codes/random_bannerview.php?id=2349&aid=3839
Domain
flag-counter.work
URL
https://flag-counter.work/lt/
Domain
getleads4free.com
URL
https://getleads4free.com/getimg.php?id=1
Domain
getleads4free.com
URL
https://getleads4free.com/getimg.php?id=2
Domain
123-stargate.eu
URL
https://123-stargate.eu/img/123stargate1.gif
Domain
globadino.com
URL
https://globadino.com/src/banners/s-728-en.gif
Domain
globadino.com
URL
https://globadino.com/src/banners/bl-728-en.gif
Domain
globadino.com
URL
https://globadino.com/src/banners/lo-728-en.gif
Domain
dutchycorp.space
URL
https://dutchycorp.space/banners/Final-auto/V2/Coins/A/728x90.gif
Domain
cryptowin.io
URL
https://cryptowin.io/banners/728x90.png
Domain
faucetcrypto.com
URL
https://faucetcrypto.com/banners/728x90.gif
Domain
images2.imgbox.com
URL
https://images2.imgbox.com/52/77/ccDxShxg_o.gif
Domain
images2.imgbox.com
URL
https://images2.imgbox.com/b4/29/EpgN0RJX_o.gif
Domain
www.werbe-ads.de
URL
http://www.werbe-ads.de/kamp/rot.php?art=bannerview&uid=71&sid=89
Domain
browser.sentry-cdn.com
URL
https://browser.sentry-cdn.com/6.2.2/bundle.min.js
Domain
www.werbeflut.net
URL
https://www.werbeflut.net/kamp/rot.php?art=textlinkview&uid=952&sid=1574
Domain
www.gigapromo.de
URL
http://www.gigapromo.de/tools/mystats.php?userid=4468
Domain
www.werbe-ads.de
URL
http://www.werbe-ads.de/kamp/rot.php?art=bannerview&uid=71&sid=89
Domain
www.ads4allweb.de
URL
https://www.ads4allweb.de/api/kamp/rota.php?sid=57&uid=1045&art=traffic
Domain
crypto-fire.website
URL
https://crypto-fire.website/728.gif
Domain
werbe-start.de
URL
https://werbe-start.de/files/sk_views_li.php
Domain
werbe-start.de
URL
https://werbe-start.de/files/sk_views_re.php
Domain
static.arc.io
URL
https://static.arc.io/widget/css/widget.css?11d024e
Domain
static.arc.io
URL
https://static.arc.io/widget/js/widget-ui.js?784632c0
Domain
static.arc.io
URL
https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Domain
www.fastcounter.de
URL
https://www.fastcounter.de/fcounter.php?test=1&rnd=80670496&s=blue&id=34110&l=en-US&u=https%3A%2F%2Flibertad-ads.de%2F&w=1600&h=1200

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _0xf0de function| setRequest function| interpretRequest function| getData string| d string| n string| r string| s object| sendreq number| fcr object| _fcc number| cid object| style object| fjs object| st object| fci object| ifrm

4 Cookies

Domain/Path Name / Value
www.rohrkopf.de/ Name: PHPSESSID
Value: a48b7de289c5ccfbc0304778991acfdd
.r.palmenmann.de/ Name: tsv
Value: kCM!Hqixpk_LAkc!AQ|Cv6Q!A!~qe0oYwA*3n
.awin1.com/ Name: awpv14702
Value: 412871|1663753508|1443a7a0-3992-11ed-8770-22389f118591
.awin1.com/ Name: AWSESS
Value: 365825:2531885

23 Console Messages

Source Level URL
Text
security error URL: https://www.rohrkopf.de/
Message:
Mixed Content: The page at 'https://www.rohrkopf.de/' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.rohrkopf.de/js/main.js(Line 36)
Message:
Mixed Content: The page at 'https://www.rohrkopf.de/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://www.rohrex.de/api.php'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://werbe-start.de/files/sk_views_li.php
Message:
Mixed Content: The page at 'https://werbe-start.de/files/sk_views_li.php' was loaded over HTTPS, but requested an insecure element 'http://bk.adcocktail.com/bk_rota_v.php?tan=MzU0MTR8OTEzNDV8MjA2OTk1fDE2NjM3NTM1MDc='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Message:
Mixed Content: The page at 'https://w-w-diamonds-club.com/?content=/betteln&ref=109' was loaded over HTTPS, but requested an insecure element 'http://flag-counter.work/lt/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://w-w-diamonds-club.com/assets/plugins/simplebar/simplebar.css
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/assets/plugins/nprogress/nprogress.css
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/js/jquery-3.4.1.min.js
Message:
Failed to load resource: the server responded with a status of 503 ()
security error URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Message:
Mixed Content: The page at 'https://www.rohrkopf.de/' was loaded over HTTPS, but requested an insecure script 'http://www.werbe-ads.de/kamp/rot.php?art=bannerview&uid=71&sid=89'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://w-w-diamonds-club.com/assets/plugins/jekyll-search.min.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/assets/plugins/charts/Chart.min.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/assets/plugins/jvectormap/jquery-jvectormap-2.0.3.min.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/assets/plugins/jvectormap/jquery-jvectormap-world-mill.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/assets/plugins/daterangepicker/moment.min.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/assets/plugins/daterangepicker/daterangepicker.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/assets/js/sleek.bundle.js
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/images/fpbanner/Claim%20Free%20Crypto-970x250%20px.gif
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/images/fpbanner/eae/Earn%20and%20exchange-970x250%20px.gif
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://w-w-diamonds-club.com/images/fpbanner/static/FaucetPay%20Contest%20Banner-728x90%20px.gif
Message:
Failed to load resource: the server responded with a status of 503 ()
security error URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Message:
Mixed Content: The page at 'https://www.rohrkopf.de/' was loaded over HTTPS, but requested an insecure script 'http://www.gigapromo.de/tools/mystats.php?userid=4468'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://w-w-diamonds-club.com/?content=/betteln&ref=109
Message:
Mixed Content: The page at 'https://www.rohrkopf.de/' was loaded over HTTPS, but requested an insecure script 'http://www.werbe-ads.de/kamp/rot.php?art=bannerview&uid=71&sid=89'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://flag-counter.work/lt/
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning URL: https://werbe-start.de/files/sk_views_li.php
Message:
Mixed Content: The page at 'https://werbe-start.de/files/sk_views_li.php' was loaded over HTTPS, but requested an insecure element 'http://bk.adcocktail.com/bk_rota_v.php?tan=MzU0MTR8OTEzNDV8MjA2OTk1fDE2NjM3NTM1MDk='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://werbe-start.de/files/sk_views_re.php
Message:
Mixed Content: The page at 'https://werbe-start.de/files/sk_views_re.php' was loaded over HTTPS, but requested an insecure element 'http://bk.adcocktail.com/bk_rota_v.php?tan=MzU0MDl8OTEzNDV8MjA2OTk1fDE2NjM3NTM1MDk='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123-stargate.eu
ad.a-ads.com
ad4m.at
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
arc.io
artemtyse.de
as.ad4m.at
assets.ad4m.at
autofaucet.org
banner.ebesucher.de
bk.adcocktail.com
browser.sentry-cdn.com
c.blyatflix.de
cdn.jsdelivr.net
cdn.materialdesignicons.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cee3f0doi1a2.de
core.arc.io
crypto-fire.website
cryptowin.io
d08q4os3homh.de
de-c114.cdnplus.de
deli.misaglam.com
dualmine.com
dutchycorp.space
faucetcrypto.com
flag-counter.work
fonts.googleapis.com
fonts.gstatic.com
g.cash-ads.com
getleads4free.com
globadino.com
gold-surfer-faucet.de
i.imgur.com
images2.imgbox.com
leadsleap.com
libertad-ads.de
my-banner-ads.com
pop.adcocktail.com
qwedvm.r.palmenmann.de
ref.cdnplus.de
res.cloudinary.com
rollercoin.com
s3.amazonaws.com
sekundensparer.de
spaceeditors.com
static.a-ads.com
static.arc.io
static1.freebitco.in
thisis.aninter.net
tl.adcocktail.com
tool.hubu.link
track.webgains.com
tt.adcocktail.com
w-w-diamonds-club.com
w.leadsleap.com
webminepool.com
werbe-start.de
www.ad-mix.de
www.adcity.eu
www.adcocktail.com
www.ads4allweb.de
www.ads4you.biz
www.amcharts.com
www.awin1.com
www.euro-ads.de
www.fastcounter.de
www.gigapromo.de
www.googletagmanager.com
www.mega-ad.de
www.netzwerk-ad.de
www.rohrex.de
www.rohrkopf.de
www.sekundensparer.de
www.werbe-ads.de
www.werbeflut.net
www.wirb-oder-stirb.eu
zuppelzockt.com
123-stargate.eu
ajax.googleapis.com
browser.sentry-cdn.com
crypto-fire.website
cryptowin.io
dutchycorp.space
faucetcrypto.com
flag-counter.work
getleads4free.com
globadino.com
images2.imgbox.com
static.arc.io
werbe-start.de
www.ads4allweb.de
www.fastcounter.de
www.gigapromo.de
www.mega-ad.de
www.rohrex.de
www.werbe-ads.de
www.werbeflut.net
104.111.239.217
104.20.45.59
109.237.132.11
138.199.37.226
151.101.112.193
162.19.154.224
170.249.194.154
172.67.6.49
172.67.72.239
178.63.98.119
18.134.23.117
18.66.147.41
18.66.147.59
185.180.12.68
195.201.169.184
195.90.212.124
213.239.205.245
213.239.218.117
2400:52e0:1e00::601:1
2606:4700:20::681a:6ba
2606:4700:20::681a:993
2606:4700:20::ac43:4a81
2606:4700:3030::6815:544
2606:4700:3033::6815:2848
2606:4700:3033::6815:581a
2606:4700::6811:190e
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82b::2008
2a01:4f8:10b:ddc::2
2a01:4f8:212:29e0::2
2a01:4f9:4b:1406::2
2a03:4000:68:ed8:1461:73ff:fedd:73ce
2a04:4e42:400::393
2a04:4e42:400::485
3.11.238.206
35.187.21.229
52.216.178.45
52.222.214.64
80.190.117.158
85.13.152.124
85.13.161.133
88.198.5.241
89.163.223.180
91.194.84.77
94.130.146.221
94.130.9.175
04359b56b32cf4ea86f5642d229778295a3166d54b22f37aca983aef79436755
0502be96847bd2527d92638b8b2975352244146b4693636e2020d008593da4fd
08132210afd18ec76c696eacc7fa033322c38ae17a6d4fe4181ea16ab41ea4a6
08da0846fcb1f65a2ead9d380eeb1285d7920fc0ce2d68cd394afe52af059ad2
0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39
1251712f44660a51792f50bcbf799d25bfefee0fff3957aaeecbc81e95553194
12b0c11d36a96f4d31b7faaa96e51af9a0c4e58076ced1723326e6b7d6a3e53a
12d6860333be6aede55b9112ef24a389bd9869cef171ec2f872a077599682cf7
15195e01788c7454c277caf30bee23c2627961f104d467c330c7f5f22f968b1d
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
17deb20c6f6ec3f074a2633c5c1706ae28e6def4c605c81c268dcd6161ad008e
187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1dd6fafa719a0a22cfd6f3c49e92daa3ec0abeb80d7c1a8ab63a8bdbc596b409
1ec2b8ee8d0dad42dc5d96955699f912c8d37b7be13da16d0d1a02560aa44f41
1f5ff409b6fef6cb00a33cd2314536ac300e7d0eac9692707d9deb5e6df44016
232341563dbe97946ab2c798c0223fedc673be3bff22b7ed01820a12e940b1ca
289919299e02fc7da9ca14ffc82bd9cc1f9a51a18391015e6cbf6446f5b55297
293cd31197acb88c8705d3d37afb66049be10c76931aceee8f2a0e4ec6b13f58
2d5c30abc255cc4d9fff63419cd57d600634c22635703ae0255ff8ce3b7636f2
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fbb0f2afc9e44e37d19ae56c0a0fb9a0761595b69e875f33d1091772cb343b1
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0
32f4c1e4c036d78d5bce0ddad05acdba6da51f8ccacf6deec8bb3fe529ec6ea7
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
3771a8c647bae3bbfbc94f461174fe2f2353035faee5d2e9298ed42fb9a33fb3
37f66acb3cf870e548c3f4919bf55a5a623ea375cc163116d6e0111de1a71848
39646863a414e0a84920b3a8639c0f3e8c94535e8dc051b42b485a068dc2902f
39cf7f64f9b9074eda2445cb685b3bbe4b95cc03b5a4a268f042a68aea86f50a
39d11e372f8b40d3207834bd0b64276bfa0d6ee768046620f567d215685c5d68
3f055e459871f6c4e170fd0fc986c21ed0b859e49953e9c4008a3257000443db
3f95692248b493f7f1f92d7469257907b669e2bd9bc31d1cec162f64f305b4ed
409e64d11d5be6d84236508cde160537b30660818cc4d859de02d0f462e3fb5b
41ca6a2c97e43b226f1d4ac7cb3537c7c0a934b61c39921ad3445902ef9517fc
41ed7c3edded4e284d15ee91beb26b49c93419fcf929b9fdcbb6e0cb7148577c
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
47ed261a9b299f1c2593edb1eddd3eedd5303e86daf90131ef48737f223605df
47fd93e696df3f0fdca589963b1123f8d13e9dbd2f85a3af9e8ba9fa283bf40f
49c00329105dd730de5d442cf5304a43e5fe4a0e98891775e4f4364c07d74bcd
50df5c94512b11c2f4c8357774f25d123c5a39c120796dcc5b1d9ec8df548e83
50f4f5c78736b4b5eb13cf588426996e5dbd0391b1228e08e4b7ef35ad0d4459
524a9a0b883d0b660e2dc98ff3c142c8ae52cc092420945fe3229af10d1d696f
529f0c62dbaaab2be266ecdedef4185b2854bd569213d962ef0c13a01bf165e8
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
556f4b38d8e852036affbda57c09b726cc8961d9493cf9cfc234bad406449491
5754b0c799e5412d88c247b2c636dd434a9dc58743768a48253f24fc96790df2
583af78cb2bd65f808dbdda120642526c7d2b5d3fd400194e7453fb6ddd72b7a
58d32cdf18a20946607fc36aca574770bfe544fcbef85071c3a8d7f7fdee6b99
5929bd66bad765911f5cde9ab0abe3ae31b0e619736d82ed47fcc70a20523418
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f36483adc65a2d1869a21f41aba37562bd89b8c6ebdeb3792c149528ea6adf4
6077d96b9bd1b7071f971ce7fb559e3e57af37df56ac67b9c2d64b2b8796fbd4
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
6779b299b94632185be334329da7a4c61007c090e42cd901f8db5d741d46741f
682c3491dcf16fea22d2c78c11da4dcffeb2c3d3e8a8187828d5ff0dde5c8327
692dca3edd84e06b6c91e743cbd1fb88bf02153d15a2bf4f5f7aab457ce07d3b
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae
6eba0e473a3cf4cc59f3610e30b1f2ed90da7e63da650d130c03eb6b92e65c21
6ec00cb21b964f957b1df00b63ece2d8a3432eb4e0b01fa61b21f8315e83b7ac
6eec930f497d52f98e709f5ce39ba1a86002eb9e70116d7ab1fd24d699de63cf
748693caf1a1e42b41d756a643b1e95b950eda0014443a9388d9d65a2167aab0
77ae565eb8c054e6d7d1da8b47ee0d3dcacbced65719ad66a76d0dc71c37a589
793108afa4941102f9b044f335732929cb9f4d51df998ffaa33484e2e60dfbef
7ba6682c4a46a95b8dd5f32935d4ef7ce9bff3826e65b3fbaa9260cff6530006
7c6aa05bfa8349b8df7c4578100fba4ecd53dc714c69be6d155832d72e71cb1e
7dd70534588132b35f58be8e700190cfa8c380d4d1c67acb11de2f25815649c1
7e32e05abc7eb22db05e66009fd5ffb94170b7b6882fe4fa994904668b9a3171
7e6b892a35834f69714545ddb68f58fc9682ab36686bb817b746c64d8b2f4c1c
7e9e3f644c5d4f8213b24673057b95ccfbb9d6b8d531b7e1209d5ceb99e1aeed
803287ef533a6b1158d9a651d204ad107f7f0e905c64562a5c088b739ffcdce9
80337d648ed66781a540dd16c7f627f65777bcc8ca3010df900ba93b2bba2cbc
819369352ff77c2e2e670c3cd68c65a2890af5343be95b5a15822213d280e29f
81dcfc3d71f97e83026bbd5c20e1bc4beb866349789569c4f13604e3c3c0c121
85cb6b6467065f86eaa5276ba9340c87e7050aed341c7b19153bd1443b48d08c
8750afe8852128a5436805f0c885e854fa1f38a12dc8aeb10c0e5d5ce864d9dd
891ce41cbb0089bfbad1a64e8732a82ba241e974be41f7463f0b48cbd77bf483
89dc85aa13da8847f7a4243eb8ab841b40e936ea5cc810a1b174d1507e5a7524
8c8fc9147888c49bda2813d4482be71b23c9341eaee0ea98b16743ccce14f8d6
8dfb9f6390ffd6e38dd62ff1634c41d2fc4176677e5ff9afa4c69ea4dc4c1a76
8f6dae14e9980af2b6b19a7101c68bf7822c08a246d72c93e6ebcaf94bec7f9e
90cbcae2f75cbdcf2a00d82c83cb2926f1a4ad7ab38eb3d629f2e7d3ad72410e
93f4e6e6c9200e14cd4a1fc3a119df84ae8c5e660f58ab1e772720f23b0fdd02
9b4e21734188f38fcdbd418ac5180dda4fb59dd4a1b1df1538ad77970f68ba55
9dc009178053ae2c713bdfc6e301f08b5a3fafdc9f3b2c7dbb0d6df373ea370c
a1974d6b97c684387f83b6ec14b0ba4e61acc8fab0d23696b9d62b2420fca4b4
a1a97802947bc57b1fcaeea4d65d58e742e29508073bd831eb318a7c566d21b8
a1acd74a8faa4ae39d577896c9f50c29398556b4b582eb2aec1f174a067bbcad
a2fa93e8864fbad319eacd4accb04be2e3de083db30dbb745c93c2ae271feef7
a37e805fcbcd731bcdacb726d8668f02f26c6c12eef9cfb2c912a1d7a04e2cf2
a4c53f3e8b4b7c98e4ccc342a9048fbf9fb55158c71832581a02ef280f8ee9cd
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122
ad65814e0fab13fd4ccdf9d94553b15983db7c6014216f15232650da5667341c
ae0d6c068afe0243f2e7a076c5001dc157b28c999a64035d64a3f037d2b3614d
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
af5af988cfc6159df46490b6c2b6d6d73bb4d30060ddaac23fa944ff2356b080
af9b2c82cd0537aa05a12f71cb1f012ef1f23c1cfd14216fe6c9198f8daefebc
b1391d42e97a5da2cf87cf7a40f0964a310c1f71950a5726acd30664b93b2114
b3bfd7dbf327bfd335200787c1cdc95e66b8b361105c3ee78b96eea791bdf681
b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e
b9ba2c9588f6fe8aa9a056868f9d4f806cc27297dae91ec3192c0de7cf2f334e
b9d74d135cb19f70a9e714402c7ae1233ff306d2e6091b9a6b2fc9c159323e88
bfc33bc4e2c550afb4e2ab737bccc9f215eca9346084ee5128eebcc139b1a5e1
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c34827d00df5190bcb25cdf6875c39b1458716d3e9b64762bb46d5c745b4500c
c39a4d006df4edfcf3a6b0eefc514e85bc74be87fa4046d87c177795616c5f20
c48acea38c6404ad95e7a8ff30e719a0f1fa8690b4abc4e78b5750907881f361
c4b0e50bfeaddf85d983aefb4bc77d168bbb25dd397d5dbc35230a1ffb5e3758
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9584f421fb06be52362782600272bf07739aae062c73e970d6dd1aeb3ebcfcf
caf8340f2513401c46bd6623b38cd091850da9664c2f87dc69b1e245824662a7
cb67d1eed70e35911826f04dc2d0b6cd23cc79051cb9a4d8a8b21b1ca6ff32ba
cb74590760eb6d1e360a53a7921bf5c23b688106c4fd1ed6c534025ba852bde1
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce5eccb5f63bbbaafae648659e7434a1403745188cd6e3e07dddaf842cabae68
ced720dcda525f7d3c0f265458a40a28938db86e0540c4051f4d9ebed3228a26
d1814f0411cc849545f4e03d3001bcac5bf9a5cf3384626afbe648b2fcc2eaed
d2144d105f3036f717bad666842ba695f363b781b23fc66c207d619c56e1273c
d2759c23f70d6d6a2efc23cd66fb9223dc7596dd2d6a1a25c06b45f6333b9712
d44eb41b9364038979e4d7bf567643081b48bbf58072e04be9a4e5b042e0438a
d82466d7834db75624424122a4add81c2f38f94f80c024e65978f41f44d48153
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062
dbbb084ae28e85ac0ff08a832f295c7451c4b51d12809244b5902f8bbc0488bc
dcc928c7b842156f5cf06ccfd21c568a1d6e351e957b2558e49ebbc5e03ac810
dcf38d0738d4d14303dfe51cc8c5cc57b887b0f5494b9caa4a6491d5f7b1ce75
dd5a84a6e23457f191cac7988a70502c576153534580110a683c3aa60201be28
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
ddf89cdacf98bb3a625393cc6301c0e57d1a40b9aab4e246c21c9a37301580dc
e2a6514396452c789c97fe3130ee5f376e3f83fc0a96c3ef1b584a527c6bb194
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b729ec632f7ff08e6b87f771efd10f7d2a992a9590667ba017e95737fe5531
e550600b08d13c695d3b17bb6ec1037b69c831550f154ae812bb22aaef848e3a
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
e96f746772a722ae7583af20a04ab8191938cea263e7b9b78f098b167f0ab1c4
eb4384f109b2eb4d0fc2f3e0856515d30aef1f912d7df8385c40f9a8bb50ce4c
ed12ef8cf9ea2967944b53afcacb186ea50bbcc619ffc0782c2f7496f4610cb8
eecca5113bb8736357ec0336753606c51f327ea2c82de631c7d9f23e023bbba4
f17b7ef340f2aa32f89b977ca3faf4532a22a9d32ddc2a74e81b86c0d3d89ddb
f2af6171875d8cc4bcdc402c9307962aba92aec062443afdfd77bcf859b72239
f3aea6adab5c21cb1f73fc071b71d19f189e9f810f09d6d7b6236dbd871d6cd4
f3cc7c307c4a2ec032410bcc2af7a137609bdfe562cd1788e8ae9190ffc355eb
f6e95d01ff8b7193fc073bd4a39439318ebbe3c73089e46f775ca29a3ced1476
f8b03db6b593f6d449810c5576af2b69283fcac76ded922e5856e69c1c63a408
fcb93c7fa31557d316dfe3c1fce04b462aca92c051747c78996f6b8be1f3c63a
fd56b6b59b225fef671e317865c1d787e78b6f60d874034c82dd159dce94fb26
fd91cf53f84892c294cc15e6b81c7f24c3128c10d0e70e5dd6fb556dce64ca93