register.maliglobal.com Open in urlscan Pro
2606:4700:4400::ac40:91a2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod
Effective URL:
https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560...
Submission: On September 12 via manual (September 12th 2023, 4:08:21 pm UTC) from EC — Scanned from DE

Summary HTTP 45 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 45 HTTP transactions. The main IP is 2606:4700:4400::ac40:91a2, located in United States and belongs to CLOUDFLARENET, US. The main domain is register.maliglobal.com.
TLS certificate: Issued by Cloudflare Inc RSA CA-2 on February 28th 2023. Valid for: a year.

This is the only time register.maliglobal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a02:4780:9:1... 2a02:4780:9:1111:0:9d3:ef86:7	47583 (AS-HOSTINGER) (AS-HOSTINGER)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6814:81f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.31 149.56.240.31	16276 (OVH) (OVH)
1 1	18.159.140.92 18.159.140.92	16509 (AMAZON-02) (AMAZON-02)
13	2606:4700:440... 2606:4700:4400::ac40:91a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.147.108 18.66.147.108	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:440... 2606:4700:4400::ac40:9bc5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	18.66.147.46 18.66.147.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:1ee1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:440... 2606:4700:4400::ac40:9608	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	13

2 2a02:4780:9:1111:0:9d3:ef86:7 (Vilnius, Lithuania)

ASN47583 (AS-HOSTINGER, CY)

cacus.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:81f (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.31 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534110.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.140.92 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-140-92.eu-central-1.compute.amazonaws.com

kirujh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:4400::ac40:91a2 (United States)

ASN13335 (CLOUDFLARENET, US)

register.maliglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o374482.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-108.fra60.r.cloudfront.net

cdn.milk-pay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9bc5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.66.147.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-46.fra60.r.cloudfront.net

production-mb-api-tracking.mb-tracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:1ee1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aimtell.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::ac40:9608 (United States)

ASN13335 (CLOUDFLARENET, US)

mfb-be.easycompute.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	maliglobal.com register.maliglobal.com	1 MB
6	easycompute.systems mfb-be.easycompute.systems	15 KB
6	mb-tracking.com production-mb-api-tracking.mb-tracking.com	1 KB
4	gstatic.com fonts.gstatic.com	190 KB
4	aimtell.com cdn.aimtell.com — Cisco Umbrella Rank: 7193 signals.aimtell.com — Cisco Umbrella Rank: 5007 beacon.aimtell.com — Cisco Umbrella Rank: 23068	14 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1171	28 KB
2	aimtell.io cdn.aimtell.io — Cisco Umbrella Rank: 5618	1 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 12396 s4.histats.com — Cisco Umbrella Rank: 12421	5 KB
2	cacus.xyz cacus.xyz	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56	1 KB
1	milk-pay.com cdn.milk-pay.com	37 KB
1	sentry.io o374482.ingest.sentry.io	333 B
1	kirujh.com 1 redirects kirujh.com	769 B
45	13

	Domain	Requested by
13	register.maliglobal.com	register.maliglobal.com
6	mfb-be.easycompute.systems	register.maliglobal.com
6	production-mb-api-tracking.mb-tracking.com	register.maliglobal.com
4	fonts.gstatic.com	fonts.googleapis.com
3	maxcdn.bootstrapcdn.com	cacus.xyz
2	beacon.aimtell.com	register.maliglobal.com
2	cdn.aimtell.io	register.maliglobal.com
2	cacus.xyz	cacus.xyz
1	signals.aimtell.com	register.maliglobal.com
1	fonts.googleapis.com	register.maliglobal.com
1	cdn.aimtell.com	cacus.xyz
1	cdn.milk-pay.com	register.maliglobal.com
1	o374482.ingest.sentry.io	register.maliglobal.com
1	kirujh.com	1 redirects
1	s4.histats.com	s10.histats.com
1	s10.histats.com	cacus.xyz
45	16

This site contains links to these domains. Also see Links.

Domain
members.maliglobal.com
maliglobal.com
support.maliglobal.com
downloadplayerz.com

Subject Issuer	Validity	Valid
cacus.xyz R3	`2023-08-27` - `2023-11-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
histats.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
register.maliglobal.com Cloudflare Inc RSA CA-2	`2023-02-28` - `2024-02-28`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-25` - `2024-08-24`	a year	crt.sh
cdn.milk-pay.com Amazon RSA 2048 M01	`2023-03-07` - `2024-04-05`	a year	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
mb-tracking.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
easycompute.systems Cloudflare Inc ECC CA-3	`2023-09-01` - `2024-08-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
Frame ID: 76F17E4CD75B00F8189721A21E0B11C6
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmeldung

Page URL History Show full URLs

https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod Page URL
https://kirujh.com/pl?o=d07da65f132914058ec13481cf024c03:27d9d0aad179f2c75a2f4f1d045c4f73&subid... HTTP 302
https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569ced... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Aimtell (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.aimtell\.\w+/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

45
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

16
Subdomains

13
IPs

4
Countries

1375 kB
Transfer

2189 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://members.maliglobal.com/
Title: Bestehende Benutzer, loggen Sie sich hier ein.

Search URL Search Domain Scan URL

URL: https://maliglobal.com/
Title: hier.

Search URL Search Domain Scan URL

URL: https://support.maliglobal.com/
Title: Hilfecenter

Search URL Search Domain Scan URL

URL: https://downloadplayerz.com/
Title: Mitgliedsorganisationen

Search URL Search Domain Scan URL

URL: https://maliglobal.com/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://maliglobal.com/cookies.html
Title: Cookie Notice

Search URL Search Domain Scan URL

URL: https://maliglobal.com/terms
Title: Terms and Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod Page URL
https://kirujh.com/pl?o=d07da65f132914058ec13481cf024c03:27d9d0aad179f2c75a2f4f1d045c4f73&subid=Rc_Bkentod&cid=Rc_Bkentod HTTP 302
https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 gtxforce.php Show response
cacus.xyz/ 2 KB
1 KB 175ms
49ms Document
text/html 2a02:4780:9:1111:0:9d3:ef86:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:9:1111:0:9d3:ef86:7 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/7.4.33

Resource Hash

e5ea149c365602ee0d29d67798e5e1e2edb3817abf5e59ff25a1798758a25550

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 900
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 12 Sep 2023 16:08:16 GMT
platform: hostinger
refresh: 0; url=https://kirujh.com/pl?o=d07da65f132914058ec13481cf024c03:27d9d0aad179f2c75a2f4f1d045c4f73&subid=Rc_Bkentod&cid=Rc_Bkentod
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 77ms
31ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: cacus.xyz
URL: https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cacus.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 19313879
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8059687dd9bb1951-FRA
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 115 KB
19 KB 77ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: cacus.xyz
URL: https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cacus.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 19313841
cdn-cachedat: 2021-06-08 17:56:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4bd704688cb08bed1c10c8f26826e421
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8059687dd9bc1951-FRA
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 19 KB
3 KB 76ms
30ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap-theme.min.css

Requested by

Host: cacus.xyz
URL: https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cacus.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 864
age: 19312692
cdn-cachedat: 02/23/2022 12:20:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"89b29714ad4aaaa3953ef3b51cf9c43a"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d44e0f6cd983f05ee58da1527472a462
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 8059687dd9be1951-FRA
cdn-requestpullsuccess: True

GET
H2 200 load.gif
cacus.xyz/include/images/ 29 KB
29 KB 46ms
45ms Image
image/gif 2a02:4780:9:1111:0:9d3:ef86:7
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cacus.xyz/include/images/load.gif

Requested by

Host: cacus.xyz
URL: https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:9:1111:0:9d3:ef86:7 Vilnius, Lithuania, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

9eb442caf593ea96298bcb44a7fb79f24c414ceeece61aea0357e44008889602

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:16 GMT
content-security-policy: upgrade-insecure-requests
last-modified: Sat, 19 Aug 2023 01:47:37 GMT
server: LiteSpeed
etag: "7507-64e01f39-3f55fb168efa4dae;;;"
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
platform: hostinger
content-length: 29959
expires: Tue, 19 Sep 2023 16:08:16 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 105ms
35ms Script
text/javascript 2606:4700:10::6814:81f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: cacus.xyz
URL: https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:81f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cacus.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 530
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 805968806c9219ab-FRA
content-length: 4547

GET
H/1.1 200
OK 0.php
s4.histats.com/stats/ 51 B
185 B 452ms
110ms Script
text/html 149.56.240.31
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4779181&@f16&@g1&@h1&@i1&@j1694534896727&@k0&@l1&@mREGISTER&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:81881568&@b3:1694534897&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fcacus.xyz%2Fgtxforce.php%3Fsub%3DRc_Bkentod&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534110.ip-149-56-240.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cacus.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Tue, 12 Sep 2023 16:08:13 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
H2

200

Primary Request / Show response
register.maliglobal.com/
Redirect Chain

https://kirujh.com/pl?o=d07da65f132914058ec13481cf024c03:27d9d0aad179f2c75a2f4f1d045c4f73&subid=Rc_Bkentod&cid=Rc_Bkentod
https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ff...

2 KB
1 KB

968ms
878ms

Document
text/html

2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 615fa1dd6512963ea7cdbe7d433be3d24770bd892804e2c9da96bd34978a35ff

Request headers

Referer: https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 805968860d895b9e-FRA
content-encoding: br
content-type: text/html
date: Tue, 12 Sep 2023 16:08:18 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

content-length: 1862
content-type: text/html; charset=utf-8
date: Tue, 12 Sep 2023 16:08:17 GMT
location: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
vary: Accept
x-powered-by: Express

GET
H2 200 funnel Show response
register.maliglobal.com/ 369 KB
84 KB 56ms
55ms Script
application/javascript 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26c43e9a4a7329431343c007fc294b11258361c8dc7923722334fda0a7b9fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8059688b89d85b9e-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

GET
H2 200 recipe Show response
register.maliglobal.com/ 284 KB
43 KB 169ms
168ms XHR
application/json 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register.maliglobal.com/recipe?fl=m9
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6dcef3add9494b1d66e801ce79b2d28c5dc3be5d4466789334d1842a34049cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8059688ba9ee5b9e-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

GET
H2 200 brand Show response
register.maliglobal.com/ 593 B
385 B 39ms
39ms XHR
application/json 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register.maliglobal.com/brand?fl=m9
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06168877f807e8c207406cab6fd847e07c21b3b60f4823440ec10f12b08de013

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 8059688ba9ef5b9e-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

GET
H2 200 session Show response
register.maliglobal.com/ 233 B
508 B 27ms
27ms XHR
application/json 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://register.maliglobal.com/session?fl=m9
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2053477258b16a6782f0331f45be4d59d0151cadb1d21bf8ecf9fd2c702f16a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 8059688ba9f05b9e-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

POST
H2 200 / Show response
o374482.ingest.sentry.io/api/5682230/envelope/ 2 B
333 B 96ms
23ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o374482.ingest.sentry.io/api/5682230/envelope/?sentry_key=65d3f88afe9b460a817edb354f0e8e82&sentry_version=7

Requested by

Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://register.maliglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 gw-fe-sdk-v8.js Show response
cdn.milk-pay.com/ 118 KB
37 KB 90ms
23ms Script
application/javascript 18.66.147.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.milk-pay.com/gw-fe-sdk-v8.js
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-108.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 128fb425859c261d7270656ec60edc3beb1f35b6bbe53c3ecc0b2605c16ed05c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-amz-version-id: qAw6cnv0X5EuvqcGmxv_q1Oi0ocx.Vim
content-encoding: br
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date: Tue, 12 Sep 2023 05:24:54 GMT
last-modified: Tue, 11 Apr 2023 17:01:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 38987
x-amz-server-side-encryption: AES256
etag: W/"abc63c129b1a807242554d06e02f20e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Mys4pzgLGl6xC2yD04sDoK9sG8a4wiHEKTHhhrk6qLQudySW-RZ9MA==

GET
H2 200 trackpush.min.js Show response
cdn.aimtell.com/trackpush/ 48 KB
14 KB 104ms
32ms Script
text/javascript 2606:4700:4400::ac40:9bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.com/trackpush/trackpush.min.js
Requested by: Host: cacus.xyz
URL: https://cacus.xyz/gtxforce.php?sub=Rc_Bkentod
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08e9f17596573f12e053a5bdb4d9dfb09a45386322801eb7d47245791b25a3ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
content-encoding: gzip
via: 1.1 ec8f33e5a3517538e3358f9bcc47d868.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: MXP64-C1
age: 3648
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13450
last-modified: Tue, 05 Sep 2023 17:55:08 GMT
server: cloudflare
etag: "702d020ca7ddd27e420979f979dc897e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8059688d384e1c34-FRA
x-amz-cf-id: zHzpPsEGwI_xbcCjTKaSOSk8p3SS8kbShJeO98ZbUZP4ZxRHT2rE5Q==
expires: Wed, 13 Sep 2023 16:08:18 GMT

OPTIONS
H2 200 notifications_prompted
production-mb-api-tracking.mb-tracking.com/process/ 0
0 388ms
308ms Preflight
text/plain 18.66.147.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production-mb-api-tracking.mb-tracking.com/process/notifications_prompted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-46.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://register.maliglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
access-control-allow-origin: https://register.maliglobal.com
content-length: 2
content-type: text/plain
date: Tue, 12 Sep 2023 16:08:19 GMT
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-apigw-id: LJr2CEHPIAMF1UA=
x-amz-cf-id: Y3FmWMsGd_Rkjh-ugYyjtXsxJiJv83zVb2OEkyYu-wgpGj5SXTJbww==
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: 6da1c9f3-e04b-4db5-a2c7-0a9b7824f229
x-amzn-trace-id: Root=1-65008cf3-61d39f6705d930ed7bbe7627
x-cache: Miss from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 75ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&display=swap

Requested by

Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7aaf36bccbdf32a81edd9d28b4f942c5f6df97b78d6f94556d8afd3bd038735d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 12 Sep 2023 16:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 16:02:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Sep 2023 16:08:18 GMT

GET
H3 200 boxless_hero_bg.jpg
register.maliglobal.com/funnel_asset/ 261 KB
262 KB 59ms
58ms Image
image/jpeg 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register.maliglobal.com/funnel_asset/boxless_hero_bg.jpg?fdata=eyJtb2RlIjoiZnVubmVsIiwiYWNjb3VudF9pZCI6ImQxMWNjNzE0LWQyODctNDgyOS05ODMzLTdiNTNmMDU5MDI0ZiIsImZ1bm5lbF9pZCI6IjIwNTJiMTI4LTdmMTItNGY2NS04YWY4LWNmNjJmYTM5MjE4MiIsInJlY2lwZV9pZCI6ImQ3MTVmODIxLTk2NmEtNGRiNS04M2YzLTU4NzJlNWFjZTk0ZCIsInRlbXBsYXRlX2lkIjoiIiwiYmxvY2tfaWQiOiJibG9jay14eHgifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23840dd4511effb9145bb3d8ea3f8bc473d0384e50a66f7423f67a5937eee8fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8059688d9bfd30f3-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

POST
H2 200 notifications_prompted Show response
production-mb-api-tracking.mb-tracking.com/process/ 2 B
354 B 336ms
335ms XHR
text/plain 18.66.147.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production-mb-api-tracking.mb-tracking.com/process/notifications_prompted
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-46.fra60.r.cloudfront.net
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://register.maliglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amzn-trace-id: Root=1-65008cf3-1e2e78132a7cd00f53adedcc
x-amzn-requestid: 5364515f-4ce6-4354-9b10-7c47620364b0
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: *
x-amz-apigw-id: LJr2FEniIAMFlOA=
content-length: 2
x-amz-cf-id: vGU5oTvZf1AC2FoOW0A9lXpaVGp_M_AESAZcCIo8KPklNzEisa-XPw==

GET
H3 200 yellow-alert.png
register.maliglobal.com/funnel_asset/ 540 B
1 KB 125ms
124ms Image
image/png 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register.maliglobal.com/funnel_asset/yellow-alert.png?fdata=eyJtb2RlIjoiZnVubmVsIiwiYWNjb3VudF9pZCI6ImQxMWNjNzE0LWQyODctNDgyOS05ODMzLTdiNTNmMDU5MDI0ZiIsImZ1bm5lbF9pZCI6IjIwNTJiMTI4LTdmMTItNGY2NS04YWY4LWNmNjJmYTM5MjE4MiIsInJlY2lwZV9pZCI6ImQ3MTVmODIxLTk2NmEtNGRiNS04M2YzLTU4NzJlNWFjZTk0ZCIsInRlbXBsYXRlX2lkIjoiIiwiYmxvY2tfaWQiOiJibG9jay14eHgifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94383f178cf3d25f7684ba830237187f56ceca90a5da3a9a25223fdcb6f8a9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8059688dac1630f3-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
register.maliglobal.com/brand_image/ 2 KB
3 KB 206ms
205ms Image
image/png 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register.maliglobal.com/brand_image/logo.png?fdata=eyJtb2RlIjoiZnVubmVsIiwiYWNjb3VudF9pZCI6ImQxMWNjNzE0LWQyODctNDgyOS05ODMzLTdiNTNmMDU5MDI0ZiIsImZ1bm5lbF9pZCI6IjIwNTJiMTI4LTdmMTItNGY2NS04YWY4LWNmNjJmYTM5MjE4MiIsInJlY2lwZV9pZCI6ImQ3MTVmODIxLTk2NmEtNGRiNS04M2YzLTU4NzJlNWFjZTk0ZCIsInRlbXBsYXRlX2lkIjoiIiwiYmxvY2tfaWQiOiJibG9jay14eHgifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d53c557f7458644418a8528a3c4b0e7da0e16209108703656aa884915ccd110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 8059688dac1730f3-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

GET
H3 200 media-m9-covers-1x.png
register.maliglobal.com/funnel_asset/ 223 KB
224 KB 125ms
124ms Image
image/png 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register.maliglobal.com/funnel_asset/media-m9-covers-1x.png?fdata=eyJtb2RlIjoiZnVubmVsIiwiYWNjb3VudF9pZCI6ImQxMWNjNzE0LWQyODctNDgyOS05ODMzLTdiNTNmMDU5MDI0ZiIsImZ1bm5lbF9pZCI6IjIwNTJiMTI4LTdmMTItNGY2NS04YWY4LWNmNjJmYTM5MjE4MiIsInJlY2lwZV9pZCI6ImQ3MTVmODIxLTk2NmEtNGRiNS04M2YzLTU4NzJlNWFjZTk0ZCIsInRlbXBsYXRlX2lkIjoiIiwiYmxvY2tfaWQiOiJibG9jay14eHgifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577d70e7078d922ae500eeb548d111800cc18352ada19f318b7d1f28dc00c74a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8059688dac1830f3-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

GET
H3 200 media-m9-covers--large-up-1x.png
register.maliglobal.com/funnel_asset/ 141 KB
142 KB 142ms
142ms Image
image/png 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register.maliglobal.com/funnel_asset/media-m9-covers--large-up-1x.png?fdata=eyJtb2RlIjoiZnVubmVsIiwiYWNjb3VudF9pZCI6ImQxMWNjNzE0LWQyODctNDgyOS05ODMzLTdiNTNmMDU5MDI0ZiIsImZ1bm5lbF9pZCI6IjIwNTJiMTI4LTdmMTItNGY2NS04YWY4LWNmNjJmYTM5MjE4MiIsInJlY2lwZV9pZCI6ImQ3MTVmODIxLTk2NmEtNGRiNS04M2YzLTU4NzJlNWFjZTk0ZCIsInRlbXBsYXRlX2lkIjoiIiwiYmxvY2tfaWQiOiJibG9jay14eHgifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1627b8739ba2347ad4c088e33f6193a94a656ee65f97000841045dcc0ad6f1da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8059688dac1b30f3-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

GET
H3 200 media-m9-1-1x.png
register.maliglobal.com/funnel_asset/ 84 KB
84 KB 155ms
155ms Image
image/png 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register.maliglobal.com/funnel_asset/media-m9-1-1x.png?fdata=eyJtb2RlIjoiZnVubmVsIiwiYWNjb3VudF9pZCI6ImQxMWNjNzE0LWQyODctNDgyOS05ODMzLTdiNTNmMDU5MDI0ZiIsImZ1bm5lbF9pZCI6IjIwNTJiMTI4LTdmMTItNGY2NS04YWY4LWNmNjJmYTM5MjE4MiIsInJlY2lwZV9pZCI6ImQ3MTVmODIxLTk2NmEtNGRiNS04M2YzLTU4NzJlNWFjZTk0ZCIsInRlbXBsYXRlX2lkIjoiIiwiYmxvY2tfaWQiOiJibG9jay14eHgifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0739d899823f89909aedccfe714e2c24322ce01377c5458db1b53c5a729d663

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8059688dbc2130f3-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

GET
H3 200 media-m9-2-1x.png
register.maliglobal.com/funnel_asset/ 143 KB
143 KB 157ms
156ms Image
image/png 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register.maliglobal.com/funnel_asset/media-m9-2-1x.png?fdata=eyJtb2RlIjoiZnVubmVsIiwiYWNjb3VudF9pZCI6ImQxMWNjNzE0LWQyODctNDgyOS05ODMzLTdiNTNmMDU5MDI0ZiIsImZ1bm5lbF9pZCI6IjIwNTJiMTI4LTdmMTItNGY2NS04YWY4LWNmNjJmYTM5MjE4MiIsInJlY2lwZV9pZCI6ImQ3MTVmODIxLTk2NmEtNGRiNS04M2YzLTU4NzJlNWFjZTk0ZCIsInRlbXBsYXRlX2lkIjoiIiwiYmxvY2tfaWQiOiJibG9jay14eHgifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf0723e84f2867fd2270d71b52732010608040ccddef71a2242ca207c2fc69f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8059688dbc2330f3-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

GET
H3 200 media-m9-3-1x.png
register.maliglobal.com/funnel_asset/ 63 KB
63 KB 160ms
159ms Image
image/png 2606:4700:4400::ac40:91a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://register.maliglobal.com/funnel_asset/media-m9-3-1x.png?fdata=eyJtb2RlIjoiZnVubmVsIiwiYWNjb3VudF9pZCI6ImQxMWNjNzE0LWQyODctNDgyOS05ODMzLTdiNTNmMDU5MDI0ZiIsImZ1bm5lbF9pZCI6IjIwNTJiMTI4LTdmMTItNGY2NS04YWY4LWNmNjJmYTM5MjE4MiIsInJlY2lwZV9pZCI6ImQ3MTVmODIxLTk2NmEtNGRiNS04M2YzLTU4NzJlNWFjZTk0ZCIsInRlbXBsYXRlX2lkIjoiIiwiYmxvY2tfaWQiOiJibG9jay14eHgifQ==
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:91a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: defbed36e9f79f46df7dcace4a1e42bf54facdc1bad04a1e76c2ebb761c86c95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8059688dbc2730f3-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
alt-svc: h3=":443"; ma=86400

POST
H2 200 notifications_accepted Show response
production-mb-api-tracking.mb-tracking.com/process/ 2 B
353 B 171ms
171ms XHR
text/plain 18.66.147.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production-mb-api-tracking.mb-tracking.com/process/notifications_accepted
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-46.fra60.r.cloudfront.net
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://register.maliglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amzn-trace-id: Root=1-65008cf3-21bde0b569214ade7845e105
x-amzn-requestid: 937c1c25-038a-4404-8421-b103a4d0a0eb
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: *
x-amz-apigw-id: LJr2DH-SIAMFqaw=
content-length: 2
x-amz-cf-id: IvcAGFVqG--iM9eIIQO3_-WkdIT8kItm1WAn_31usgbLWsP5ShKyxw==

OPTIONS
H2 200 notifications_accepted
production-mb-api-tracking.mb-tracking.com/process/ 0
0 336ms
308ms Preflight
text/plain 18.66.147.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production-mb-api-tracking.mb-tracking.com/process/notifications_accepted
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-46.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://register.maliglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
access-control-allow-origin: https://register.maliglobal.com
content-length: 2
content-type: text/plain
date: Tue, 12 Sep 2023 16:08:19 GMT
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-apigw-id: LJr2CE3TIAMF6CA=
x-amz-cf-id: 1e-2oyBXwanFo3lc-PYRBWslD45g2NKTCn2pS_mE55oAxc2ip77JDQ==
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: 972962bf-29c6-4bf1-b3d6-7a77b5be9115
x-amzn-trace-id: Root=1-65008cf3-3ffa160247deb1e1349d4de8
x-cache: Miss from cloudfront

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://register.maliglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 371119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 09:02:59 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 94ms
44ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://register.maliglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 371119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 09:02:59 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 108ms
61ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://register.maliglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 371119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 09:02:59 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 100ms
54ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://register.maliglobal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 09:02:59 GMT
x-content-type-options: nosniff
age: 371119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 09:02:59 GMT

POST
H2 200 pageview Show response
signals.aimtell.com/ 43 B
360 B 62ms
38ms XHR
image/gif 2606:4700:4400::ac40:9bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/pageview?id_site=26980&v=3.979&support=1&state=default&wl=0&ref=aHR0cHM6Ly9yZWdpc3Rlci5tYWxpZ2xvYmFsLmNvbS8/Zmw9bTkmbT1ib29rcyZzdWI9UmNfQmtlbnRvZCZvZmZlcl9pZD00MzU2MiZjYW1wYWlnbl9pZD0xMDI3MDIxJmxpZD0yNTY5Y2VkZC00MzBhLTQzZWItODU1Ny01NjA0NDM5MDBkNjcmYXA9MiZzcmM9MTQ2ODk4JnBheWxvYWQ9ZGNkN2YyYWQ3ZTk0NmE5YzY4OGQ3ZmU1MjE2YzgxMTg6ZmZiYzY3MTRmZWY3NDBmNzlkZDQ3N2Y0NjRkMGUyOGU2OGExNDlhODk4N2QyYjMwMjMzYWIxZDQyNmUzMGUzMTNmYmNlNWVjZmM3OTUwZDlkYzFiNGM3YzUyMDVlMTYzMTQwN2ZlZmQ5MjJiMDRkODE0ODE4MmQ2OWJjMjFmMDMyMjgxNDQyMGJkNDQzYzkyMDgxNWZmYmYwY2VkNjhjYzk4MGRiNDgyM2M4ZDZlOWJmZDRiNDU3YWRjNzM0MmVkZjgzN2ZkNjgxMjlkYzY5ZWQzNmNmNzVlZmZkYTY2MjFkZjg0MDcyNjAyOTk3MjIxNTUyOGFmYWFjMDI1MDRjZGYxOGIxNmU4Njc3Nzk1Njc0NzEwZWJiNWYxODZjMGNjMDRlYTdkOTAzMjUyYzk0NzA2ZDQ0ODY1NGY1OTlmYTYwYTc5MTAwM2VmNjI3NTVmNDAxMmNjNjUxMDYxZTY1NzZhYWU5OWZhNjBmYWI5ZTIwMmRhMmMzM2RjZDkwZWMyOGY5MTE5OTlhOGQ2NDE2ZmM5OWVkODZhMjJmMWE2NTA5MTBmNzlmMmI2ZjZjZGUzNDE5OTlmZTQ4ZmNmNzQ0ZTg4ZDNhNWY1ZTlhN2ZjYTdhZDdjZWY5MzU0ZDNmZGZjMDE3NWY4MGY4MGE2ZWIxMTNhNDYxYWQ5ZjIxMzdmYTdjM2I3N2QzM2VjZjVlMjc0NTVjMDQ2ZDI2NDczMzM4M2E1OTE0NWM3MzJmMDRhY2EzMmI3NTFhZTdhODY0MGZhNDA0YjYzNDQwMmYzMWNjOTU1ZDg2OTMxZmY5NDZhMzAzZjhkYjZmMWMxNzRkY2Y5NGIyNWM5Zjc3ZWQyNjhkNyZoYXNoPWMzZmQzNmQ5OTM5ZWMyNWUwNTAzNWIwZWJjMjkyMjBm
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:18 GMT
aimtell-hash-exists: 0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: https://register.maliglobal.com
aimtell-traverse: 0
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal, Aimtell-Iso
access-control-allow-credentials: true
aimtell-iso: DE
aimtell-signal: 0
cf-ray: 8059688e6a051c34-FRA
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 26980-689710958bae.json Show response
cdn.aimtell.io/config/optin/ 376 B
806 B 485ms
408ms XHR
application/json 2606:4700:10::ac43:1ee1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/optin/26980-689710958bae.json
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ee1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a62f7363abf6348ce85555d3977b887d899d6539c8d8aa08a29484f5cc76ccfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
content-encoding: gzip
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 300
last-modified: Wed, 12 Jul 2023 15:50:23 GMT
server: cloudflare
etag: "e3ed96483b677da8d78558a6fc56365b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 8059688eb995926b-FRA
x-amz-cf-id: Tzi_Haw5gZfkiE__pJoGKXm9FQiTlTH8i6_wR4bMypMBGuATqp9ZWQ==

OPTIONS
H2 200 get_policies
mfb-be.easycompute.systems/ 0
0 152ms
67ms Preflight
application/json 2606:4700:4400::ac40:9608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mfb-be.easycompute.systems/get_policies
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://register.maliglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
access-control-allow-methods: *
access-control-allow-origin: https://register.maliglobal.com
cf-ray: 8059688efc302bae-FRA
content-length: 4
content-type: application/json
date: Tue, 12 Sep 2023 16:08:19 GMT
server: cloudflare
vary: Accept-Encoding

OPTIONS
H2 200 get_exit_traffic
mfb-be.easycompute.systems/ 0
0 152ms
68ms Preflight
application/json 2606:4700:4400::ac40:9608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mfb-be.easycompute.systems/get_exit_traffic
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://register.maliglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
access-control-allow-methods: *
access-control-allow-origin: https://register.maliglobal.com
cf-ray: 8059688efc312bae-FRA
content-length: 4
content-type: application/json
date: Tue, 12 Sep 2023 16:08:19 GMT
server: cloudflare
vary: Accept-Encoding

OPTIONS
H2 200 get_plans
mfb-be.easycompute.systems/ 0
0 153ms
69ms Preflight
application/json 2606:4700:4400::ac40:9608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mfb-be.easycompute.systems/get_plans
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://register.maliglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token
access-control-allow-methods: *
access-control-allow-origin: https://register.maliglobal.com
cf-ray: 8059688efc322bae-FRA
content-length: 4
content-type: application/json
date: Tue, 12 Sep 2023 16:08:19 GMT
server: cloudflare
vary: Accept-Encoding

POST
H2 200 get_policies Show response
mfb-be.easycompute.systems/ 43 KB
14 KB 551ms
550ms XHR
application/json 2606:4700:4400::ac40:9608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mfb-be.easycompute.systems/get_policies
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cdd292fc852792b363c4d53fca874bbc13aaa0577f58b81b8f6eeaf0433bb4f

Request headers

Accept: application/json, text/plain, */*
Referer: https://register.maliglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://register.maliglobal.com
access-control-allow-credentials: true
cf-ray: 8059688f6cd92bae-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token

POST
H2 200 get_exit_traffic Show response
mfb-be.easycompute.systems/ 276 B
241 B 75ms
73ms XHR
application/json 2606:4700:4400::ac40:9608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mfb-be.easycompute.systems/get_exit_traffic
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be8c89df085651a8afb106120cb21047a09f185ee932a73c81de7dbaa454e938

Request headers

Accept: application/json, text/plain, */*
Referer: https://register.maliglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://register.maliglobal.com
access-control-allow-credentials: true
cf-ray: 8059688f6cdc2bae-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token

POST
H2 200 get_plans Show response
mfb-be.easycompute.systems/ 3 KB
665 B 571ms
571ms XHR
application/json 2606:4700:4400::ac40:9608
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mfb-be.easycompute.systems/get_plans
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9608 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e2e46760f7fd204dbdeb188f0a47c0637f775728a7346984fe2e61e768b3a88

Request headers

Accept: application/json, text/plain, */*
Referer: https://register.maliglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://register.maliglobal.com
access-control-allow-credentials: true
cf-ray: 8059688f6cdd2bae-FRA
access-control-allow-headers: Referer, User-Agent, X-Requested-With, Content-Type, Authorization, Sec-Fetch-Mode, X-Amz-Date, X-Amz-Security-Token

POST
H2 200 visit_base Show response
production-mb-api-tracking.mb-tracking.com/process/ 2 B
355 B 431ms
431ms XHR
text/plain 18.66.147.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production-mb-api-tracking.mb-tracking.com/process/visit_base
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-46.fra60.r.cloudfront.net
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://register.maliglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amzn-trace-id: Root=1-65008cf3-38c6973248f8140b68477543
x-amzn-requestid: 0c2dc094-cfd0-438d-be76-2a1730d0a18c
x-cache: Miss from cloudfront
content-type: text/plain
access-control-allow-origin: *
x-amz-apigw-id: LJr2GHQEoAMFiBw=
content-length: 2
x-amz-cf-id: YcFon9g3BkrJpY68qYqXft9k_FqUjqb_J39FLrMUVYxZZs5HoIvPuA==

OPTIONS
H2 200 visit_base
production-mb-api-tracking.mb-tracking.com/process/ 0
0 314ms
312ms Preflight
text/plain 18.66.147.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://production-mb-api-tracking.mb-tracking.com/process/visit_base
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-46.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://register.maliglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type, Authorization
access-control-allow-origin: https://register.maliglobal.com
content-length: 2
content-type: text/plain
date: Tue, 12 Sep 2023 16:08:19 GMT
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-apigw-id: LJr2CGrNIAMFx8w=
x-amz-cf-id: qJM6CjeZfs0DFM8HO5QobD8TkXoIQZjvlmOfDtWWFmp82P4WjUNmPw==
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: 610de9cc-76f0-408d-bf4c-f17453ebc5c1
x-amzn-trace-id: Root=1-65008cf3-6d53889b367043e919ddae05
x-cache: Miss from cloudfront

GET
H2 200 suppression Show response
beacon.aimtell.com/ 1 B
77 B 29ms
28ms XHR
text/plain 2606:4700:4400::ac40:9bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.aimtell.com/suppression?id_sites=26981,26982,26991,27014,27015
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://register.maliglobal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://register.maliglobal.com
access-control-allow-credentials: true
cf-ray: 805968926feb1c34-FRA
access-control-allow-headers: Content-Type, *
content-length: 1

OPTIONS
H2 200 suppression
beacon.aimtell.com/ 0
0 94ms
26ms Preflight
text/plain 2606:4700:4400::ac40:9bc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.aimtell.com/suppression?id_sites=26981,26982,26991,27014,27015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9bc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://register.maliglobal.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: https://register.maliglobal.com
cf-ray: 805968923af14d64-FRA
content-length: 1
content-type: text/plain;charset=UTF-8
date: Tue, 12 Sep 2023 16:08:19 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 26980-689710958bae.json Show response
cdn.aimtell.io/config/ 95 B
333 B 132ms
132ms XHR
application/json 2606:4700:10::ac43:1ee1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/26980-689710958bae.json
Requested by: Host: register.maliglobal.com
URL: https://register.maliglobal.com/funnel?id=d11cc714-d287-4829-9833-7b53f059024f:2052b128-7f12-4f65-8af8-cf62fa392182&mb_as_asset=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1ee1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39bd848448ddf14c0601670bced03afca2cd2ca1954f62b691a4684d72a9cfd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://register.maliglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 16:08:19 GMT
content-encoding: gzip
via: 1.1 920a6dce56a0ee957dbaa3bf4429f8fe.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 104
last-modified: Wed, 12 Jul 2023 15:39:04 GMT
server: cloudflare
etag: "2e9a47727caf9c4def7ceb9e72845ea1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 805968929d7f926b-FRA
x-amz-cf-id: om2fFntQkaOxw5hYJAYnVvgSdjYV1ASPs_SUEg0KJsYCcglanu4Flg==

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cacus.xyz/	1970-01-20 23:27:50	Name: HstCfa4779181 Value: 1694534896727
cacus.xyz/	1970-01-20 23:27:50	Name: HstCla4779181 Value: 1694534896727
cacus.xyz/	1970-01-20 23:27:50	Name: HstCmu4779181 Value: 1694534896727
cacus.xyz/	1970-01-20 23:27:50	Name: HstPn4779181 Value: 1
cacus.xyz/	1970-01-20 23:27:50	Name: HstPt4779181 Value: 1
cacus.xyz/	1970-01-20 23:27:50	Name: HstCnv4779181 Value: 1
cacus.xyz/	1970-01-20 23:27:50	Name: HstCns4779181 Value: 1
kirujh.com/	1970-01-20 14:43:41	Name: uv Value: false
register.maliglobal.com/	1970-01-21 00:18:14	Name: X-Feed-production Value: {"sign":"e871a6b35d552e23664fcc2328936db4","signt":1694534959,"session_id":"b04faf69-f596-4b9a-8f3f-e1726c599666","account_id":"d11cc714-d287-4829-9833-7b53f059024f","funnel_id":"2052b128-7f12-4f65-8af8-cf62fa392182","block_id":"block-xxx","recipe_id":"d715f821-966a-4db5-83f3-5872e5ace94d","mode":"funnel","language":"de"}
register.maliglobal.com/	1970-01-20 23:27:50	Name: _aimtellSubscriberID Value: 18ed7143-2f6e-527d-dc74-06aaee2529dc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://register.maliglobal.com/?fl=m9&m=books&sub=Rc_Bkentod&offer_id=43562&campaign_id=1027021&lid=2569cedd-430a-43eb-8557-560443900d67&ap=2&src=146898&payload=dcd7f2ad7e946a9c688d7fe5216c8118:ffbc6714fef740f79dd477f464d0e28e68a149a8987d2b30233ab1d426e30e313fbce5ecfc7950d9dc1b4c7c5205e1631407fefd922b04d8148182d69bc21f0322814420bd443c920815ffbf0ced68cc980db4823c8d6e9bfd4b457adc7342edf837fd68129dc69ed36cf75effda6621df840726029972215528afaac02504cdf18b16e8677795674710ebb5f186c0cc04ea7d903252c94706d448654f599fa60a791003ef62755f4012cc651061e6576aae99fa60fab9e202da2c33dcd90ec28f911999a8d6416fc99ed86a22f1a650910f79f2b6f6cde341999fe48fcf744e88d3a5f5e9a7fca7ad7cef9354d3fdfc0175f80f80a6eb113a461ad9f2137fa7c3b77d33ecf5e27455c046d264733383a59145c732f04aca32b751ae7a8640fa404b634402f31cc955d86931ff946a303f8db6f1c174dcf94b25c9f77ed268d7&hash=c3fd36d9939ec25e05035b0ebc29220f Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.aimtell.com
cacus.xyz
cdn.aimtell.com
cdn.aimtell.io
cdn.milk-pay.com
fonts.googleapis.com
fonts.gstatic.com
kirujh.com
maxcdn.bootstrapcdn.com
mfb-be.easycompute.systems
o374482.ingest.sentry.io
production-mb-api-tracking.mb-tracking.com
register.maliglobal.com
s10.histats.com
s4.histats.com
signals.aimtell.com
149.56.240.31
18.159.140.92
18.66.147.108
18.66.147.46
2606:4700:10::6814:81f
2606:4700:10::ac43:1ee1
2606:4700:4400::ac40:91a2
2606:4700:4400::ac40:9608
2606:4700:4400::ac40:9bc5
2606:4700::6812:bcf
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2003
2a02:4780:9:1111:0:9d3:ef86:7
34.120.195.249
06168877f807e8c207406cab6fd847e07c21b3b60f4823440ec10f12b08de013
08e9f17596573f12e053a5bdb4d9dfb09a45386322801eb7d47245791b25a3ca
0cdd292fc852792b363c4d53fca874bbc13aaa0577f58b81b8f6eeaf0433bb4f
128fb425859c261d7270656ec60edc3beb1f35b6bbe53c3ecc0b2605c16ed05c
1627b8739ba2347ad4c088e33f6193a94a656ee65f97000841045dcc0ad6f1da
1e2e46760f7fd204dbdeb188f0a47c0637f775728a7346984fe2e61e768b3a88
23840dd4511effb9145bb3d8ea3f8bc473d0384e50a66f7423f67a5937eee8fd
2453e31f9c5e0dbee528d11f97a85edf897ed93406954ce8e475f0244abf249a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
39bd848448ddf14c0601670bced03afca2cd2ca1954f62b691a4684d72a9cfd7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577d70e7078d922ae500eeb548d111800cc18352ada19f318b7d1f28dc00c74a
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
615fa1dd6512963ea7cdbe7d433be3d24770bd892804e2c9da96bd34978a35ff
6d53c557f7458644418a8528a3c4b0e7da0e16209108703656aa884915ccd110
7aaf36bccbdf32a81edd9d28b4f942c5f6df97b78d6f94556d8afd3bd038735d
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
94383f178cf3d25f7684ba830237187f56ceca90a5da3a9a25223fdcb6f8a9ef
9eb442caf593ea96298bcb44a7fb79f24c414ceeece61aea0357e44008889602
a0739d899823f89909aedccfe714e2c24322ce01377c5458db1b53c5a729d663
a26c43e9a4a7329431343c007fc294b11258361c8dc7923722334fda0a7b9fa3
a62f7363abf6348ce85555d3977b887d899d6539c8d8aa08a29484f5cc76ccfe
b6dcef3add9494b1d66e801ce79b2d28c5dc3be5d4466789334d1842a34049cd
be8c89df085651a8afb106120cb21047a09f185ee932a73c81de7dbaa454e938
bf0723e84f2867fd2270d71b52732010608040ccddef71a2242ca207c2fc69f1
defbed36e9f79f46df7dcace4a1e42bf54facdc1bad04a1e76c2ebb761c86c95
e2053477258b16a6782f0331f45be4d59d0151cadb1d21bf8ecf9fd2c702f16a
e5ea149c365602ee0d29d67798e5e1e2edb3817abf5e59ff25a1798758a25550
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

register.maliglobal.com Open in urlscan Pro 2606:4700:4400::ac40:91a2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

64 %IPv6

13 Domains

16 Subdomains

13 IPs

4 Countries

1375 kBTransfer

2189 kBSize

10 Cookies

7 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

register.maliglobal.com Open in urlscan Pro
2606:4700:4400::ac40:91a2 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

64 %
IPv6

13
Domains

16
Subdomains

13
IPs

4
Countries

1375 kB
Transfer

2189 kB
Size

10
Cookies

45 HTTP transactions
0 data transactions