www.casetify.com Open in urlscan Pro
54.161.242.76 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ww01.capitaloine.com/
Effective URL:
https://www.casetify.com/?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedid=144714&utm_medium=...
Submission: On August 09 via api (August 9th 2022, 9:20:36 am UTC) from US — Scanned from DE

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 14 domains to perform 37 HTTP transactions. The main IP is 54.161.242.76, located in and belongs to . The main domain is www.casetify.com.
TLS certificate: Issued by Amazon on March 14th 2022. Valid for: a year.

This is the only time www.casetify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.182.241 103.224.182.241	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	162.55.54.68 162.55.54.68	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2606:4700:303... 2606:4700:3031::ac43:9d4e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700::68... 2606:4700::6813:a960	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:10:... 2606:4700:10::6816:30a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	54.154.216.171 54.154.216.171	16509 (AMAZON-02) (AMAZON-02)
1 1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.161.242.76 54.161.242.76	() ()
18	65.9.66.70 65.9.66.70	() ()
1	99.86.240.28 99.86.240.28	() ()
3	99.86.4.77 99.86.4.77	() ()
1	2a00:1450:400... 2a00:1450:4001:827::2008	() ()
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	() ()
37	11

2 103.224.182.241 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com

ww01.capitaloine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.54.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.54.55.162.clients.your-server.de

spidershopping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::ac43:9d4e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

buybutwhere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:a960 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

r.srvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:30a9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.linkconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.216.171 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-216-171.eu-west-1.compute.amazonaws.com

casetify.hyyc7q.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.242.76 (None, )

ASN- ()

www.casetify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 65.9.66.70 (None, )

ASN- ()

cdn.casetify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.240.28 (None, )

ASN- ()

eu-library.klarnaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.77 (None, )

ASN- ()

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	casetify.com www.casetify.com cdn.casetify.com	715 KB
5	1redirc.com 1 redirects 1redirc.com — Cisco Umbrella Rank: 158453	8 KB
3	trustpilot.com widget.trustpilot.com	6 KB
2	facebook.net connect.facebook.net	111 KB
2	hyyc7q.net 2 redirects casetify.hyyc7q.net — Cisco Umbrella Rank: 558001	2 KB
2	srvtrck.com 2 redirects r.srvtrck.com — Cisco Umbrella Rank: 58911	986 B
2	buybutwhere.com 1 redirects buybutwhere.com — Cisco Umbrella Rank: 555927	3 KB
2	spidershopping.com spidershopping.com	1 KB
2	capitaloine.com 2 redirects ww01.capitaloine.com	2 KB
1	googletagmanager.com www.googletagmanager.com	106 KB
1	klarnaservices.com eu-library.klarnaservices.com	8 KB
1	ojrq.net 1 redirects www.ojrq.net — Cisco Umbrella Rank: 5832	590 B
1	linkconnector.com 1 redirects www.linkconnector.com — Cisco Umbrella Rank: 41326	1 KB
1	clever-redirect.com clever-redirect.com — Cisco Umbrella Rank: 955687	693 B
37	14

	Domain	Requested by
18	cdn.casetify.com	www.casetify.com cdn.casetify.com
5	1redirc.com	1 redirects 1redirc.com
3	widget.trustpilot.com	www.casetify.com widget.trustpilot.com
2	connect.facebook.net	www.casetify.com connect.facebook.net cdn.casetify.com
2	casetify.hyyc7q.net	2 redirects
2	r.srvtrck.com	2 redirects
2	buybutwhere.com	1 redirects spidershopping.com
2	spidershopping.com	clever-redirect.com
2	ww01.capitaloine.com	2 redirects
1	www.googletagmanager.com	www.casetify.com
1	eu-library.klarnaservices.com	www.casetify.com
1	www.casetify.com	buybutwhere.com
1	www.ojrq.net	1 redirects
1	www.linkconnector.com	1 redirects
1	clever-redirect.com	1redirc.com
37	15

This site contains no links.

Subject Issuer	Validity	Valid
tracker.clever-redirect.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
spidershopping.com R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-13` - `2023-02-12`	a year	crt.sh
*.casetify.com Amazon	`2022-03-14` - `2023-04-12`	a year	crt.sh
*.klarnaservices.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.trustpilot.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-18` - `2022-08-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.casetify.com/?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedid=144714&utm_medium=smarterchaos&utm_source=affiliate&clickid=UjoQ9txCwxyNTln3ItVONx-YUkDysbXxh1412M0
Frame ID: 257951F24A8BF9EC5E0BB35055B80DD8
Requests: 38 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=54afdf0e0000ff00057c9dee
Frame ID: 048483C2E7200971205557AB4A76741F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ww01.capitaloine.com/ HTTP 302
https://ww01.capitaloine.com/ HTTP 302
http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWd... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D64657... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=646576550&sid=20220809192029cb80d5b062b85d8e66 Page URL
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=casetify.com&s1=72161... Page URL
https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dca... Page URL
https://buybutwhere.com/buy/with/o4/in?store=casetify.com&sid1=cbe0aa2b9a344adbde54bb2da9d70419&nid=3 HTTP 302
https://buybutwhere.com/buy/in?store=casetify.com Page URL
https://r.srvtrck.com/v1/redirect?api_key=a3ae2e816af8f1662ffc6841c5087225&site_id=ee50063cceb54d6... HTTP 302
https://r.srvtrck.com/v2/go?t=ct0p2%3A3%2F8wc.eibk6odn5ceoc.6o0%2Fea%3Dpipnl3%3Df447a430f0d210f6b3... HTTP 302
https://www.linkconnector.com/ta.php?lc=144714000012005663&url=https%3A%2F%2Fwww.casetify.com&atid=v030400... HTTP 302
https://casetify.hyyc7q.net/c/74588/650142/3937?sharedid=144714&subId1=740057&subId2=5663&subId3=1660036... HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fcasetify.hyyc7q.net%2Fc%2F74588%2F650142%2F3937%3Fsh... HTTP 302
https://casetify.hyyc7q.net/c/74588/650142/3937?sharedid=144714&subId1=740057&subId2=5663&subId3=1660036... HTTP 301
https://www.casetify.com/?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedi... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

37
Requests

81 %
HTTPS

33 %
IPv6

14
Domains

15
Subdomains

11
IPs

4
Countries

957 kB
Transfer

3724 kB
Size

18
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ww01.capitaloine.com/ HTTP 302
https://ww01.capitaloine.com/ HTTP 302
http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaNXR6MlFzVnhuNnBSUzlabjRXYlNzeHVXRjlQSXNQNTdmdlVUWjV2djd0ZUFYSGZGN0VML09mVHNZNWNrc0ZoQ2JIZXlLY1JMcmlKNkQ0NnBHWUx4RzBhZERYeTlTV3RieXhUM2Joazg0VittMDV2R213eE5tNXVQYyt4R2VLMG01b3lnSEpMVkFGK2NzTnZvU1BGNXZpU1lsZHdHYjlyajZHOTBlRTVOZk9wRGFRRkIvb0haMG9DaEZ3RWlyRkZpUm5lYlFaalhPVzhQbDRPMTVWL08xa0FlRVhIMy90dXJ6Y1UwWW8vNWpWYitIY3JhZzJITVhDREU0OTBRTmNEbkxlYXdZNUtRdUgrYUFRTHJLUXZ3RW5ScFd3RWd1K09HY3FyTW1EUTVqNWRzeHRwN2ZrblhSZ2xhZ0FnaFU0ankzaXl5SmRjZ3VIejJoVzM1NjRqMUhucHdrOUtodUJIZFNnYnBCSURUeHpLLy9MOVl0OGQ4aitIRTgyOWsyYjVRK0NWNkYzTXk0dXBpa0VCbUpMclhNQ3Jwd3M3N09BcW80blJmVmlpWFMxL3duR2RScS9Ua3k4OXVOQUl1WHAwMUx0VXkzQXNzQ2I0ZW5URVY2ZjNxdHUyaEp3ZEFBNHpHRWtiaGk3d2pWbStZaWJqRTg5clVxb0ZNa2dDeXprVmVOTm5pbW1MQU9ZN1B0UmM2SjhxWTFJSHZsUXg0ZHRQaFJxaWxHbkI3OENkTTlSOURUbkNOMDZKdUpKS2pJd3I3RWJYcUVwRWRnZ09Da2pBelJVUW9lLzJzVzM4cG1Cb1pHUWxZbTdJSVJYWGZvKzgvdFJWQVNyTnZKR1BmcTRNdXlPeHZpdUNiT0hXajhwU1hoSHNWcmtBMVgxNFF2bi9ZTWRmQnAybEFpWEFWZk5mdDdoS2NpUHRwakN2S3d2aDA9 Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D646576550%26sid%3D20220809192029cb80d5b062b85d8e66&s=j&enc=uM6VYO0VuUU5K5bt1JnoOn49fjQ4cnVSV25tQXFRa3ZEaFZMaGVYbEM2b2FOSkpiSlhnZTNoYlh5eDNEUWpZVHNlRHVQOEhNOU5iOURFRkRLbXMrdURpVjlmUFVjR0RBVVkxemwwcFBNUDdxbng4b1dWMlBMNE0vNkJrVmRnY29rWWgzdTZZSWRZYkJCdHA4eHBGUTBoMmp4SWtwMDlCeE1ZRVpCZEd2UVQxVVdGMUQyWi82ajJlWWJJRlQ1MFpNY3Zqc1ZnQURrTUVhNDZEWVFtL1dwU21WRnZIL1VFcSs5NkZyaU9GeGJYMmZ0a0R2V2phY05xQjFBM2RxckdFaFk4QWorWGM5Vnoxb052ZUVDeXpwS3drM1pwN3V5UVJnb25TVU1ybXVCNWNnNE5xWG5JMjJMZmhQeldXSXdQcHBLbm9mYkllZ2E3dWZ4a1lERTBiY25GUm82NXNsdHliaVNKb1d1OGFiV0NKK1hmS0crWitITlZpSXB6KzRMdTlvV0RnRVk5Q2JCcytyUUt6ZUJ5ZmpFMi9aSUdrV1luRlBodkloZDRSS1VkaEVEUkFVeHR4emVVMGRRaSs4RGdsQUFuSUg5ck05ZUtCS2dUM1V6M3F5VVUzS29lWm5vdjBRRzNWTmM4eitNcnE3c3A2V2FFS0FoMkRDL2lOemFEQkFnaWxCZW12QmdqNnZRQ00wWmtuRlNhYjJrWUovTGlFbGZYU3JSY3dmdklPNHUzYTUxZzMxdnVNdStOQUllK1lHYnRkRXNqWDFtaFkya0d5WVpRNlk2OUkxa0QvMzJXd1d1ODFZU2JsWW5TRkFrYUtXRnEvc2liWUcxSTR2a0hZVGR6czk5czN4cVNPN3RJQWwzU0M2ZUZGNlBmK2ptZGtzeUZEdy9PWVNqSHZSQjJEdjRxWHl6ZEdBeTNmTkVVNUVCODd6eENoRjFYcGZzVmlpQzRwYVJwMlU4WDJmT2x0RVhQMGFHNXdCamdVZ0RDQnlDMHk4d2hYSiswNHI5aWM3aDc3OWFpaEN3UVZheHhDTVlIaTNPVkw3SnVBYWlCTzlmbElMUUNUVVoxNE9wVHNGRHRPTVFtMUpiNXFYOC80K3B2LzZUZzJ2anVBR2lTOEVwQ0xLZHFIUHQyd3pSQjB3YS9NL1VidXl3PT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=646576550&sid=20220809192029cb80d5b062b85d8e66 Page URL
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=casetify.com&s1=721614&s2=&s3=646576550&s5=cf&it=44&in=3 Page URL
https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dcasetify.com%26sid1%3Dcbe0aa2b9a344adbde54bb2da9d70419%26nid%3D3&h=0440874865f5d6c6fa68c35e5fecffaf Page URL
https://buybutwhere.com/buy/with/o4/in?store=casetify.com&sid1=cbe0aa2b9a344adbde54bb2da9d70419&nid=3 HTTP 302
https://buybutwhere.com/buy/in?store=casetify.com Page URL
https://r.srvtrck.com/v1/redirect?api_key=a3ae2e816af8f1662ffc6841c5087225&site_id=ee50063cceb54d669baeccf803a2c06c&type=url&yk_tag=o462f226e003b2f&source=https%3A%2F%2Fbuybutwhere.com%2Fwhere&url=https%3A%2F%2Fwww.casetify.com HTTP 302
https://r.srvtrck.com/v2/go?t=ct0p2%3A3%2F8wc.eibk6odn5ceoc.6o0%2Fea%3Dpipnl3%3Df447a430f0d210f6b35ublah7t2se33%258F120w4w3cvsdttf%26.ocmyaiie%3Da0.0w0F0%25325A8%259p0ta%3D5re%2646058031d04051b4814c%26%3Fthd.et5m0c3rctbe4n6c9nalcwfw0%2Fasct6h&s=https%3A%2F%2Fbuybutwhere.com%2F&e=1&ai=f88ed0c007bc40fe9c33c5e7cc972355&sct=0&ct=1660036832209&cu=8e9207aa5be54b0f813ddf435ab48f43&sr=1&ykuid=3b6a1dfa35324110b37472f72c793ceb&sc=1&cs=c7ced55cc3d25c0dc2270ec2f4852de3 HTTP 302
https://www.linkconnector.com/ta.php?lc=144714000012005663&url=https%3A%2F%2Fwww.casetify.com&atid=v0304000138538e9207aa5be54b0f813ddf435ab48f43&ntid=ee50063cceb54d669baeccf803a2c06c HTTP 302
https://casetify.hyyc7q.net/c/74588/650142/3937?sharedid=144714&subId1=740057&subId2=5663&subId3=1660036832&u=https%3A%2F%2Fwww.casetify.com%3Flctid%3D740057 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fcasetify.hyyc7q.net%2Fc%2F74588%2F650142%2F3937%3Fsharedid%3D144714%26subId1%3D740057%26subId2%3D5663%26subId3%3D1660036832%26u%3Dhttps%253A%252F%252Fwww.casetify.com%253Flctid%253D740057%26level%3D1%26srcref%3Dhttps%253A%252F%252Fbuybutwhere.com%252F&cid=3937&tpsync=yes HTTP 302
https://casetify.hyyc7q.net/c/74588/650142/3937?sharedid=144714&subId1=740057&subId2=5663&subId3=1660036832&u=https%3A%2F%2Fwww.casetify.com%3Flctid%3D740057&level=1&srcref=https%3A%2F%2Fbuybutwhere.com%2F&brwsr=84e4cf65-17c4-11ed-b556-6b25daad1fb4&brwsrsig=TEM0ZJVdSUOET6O3PHznbTqT1zUQVZ HTTP 301
https://www.casetify.com/?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedid=144714&utm_medium=smarterchaos&utm_source=affiliate&clickid=UjoQ9txCwxyNTln3ItVONx-YUkDysbXxh1412M0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ww01.capitaloine.com/ HTTP 302
https://ww01.capitaloine.com/ HTTP 302
http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaNXR6MlFzVnhuNnBSUzlabjRXYlNzeHVXRjlQSXNQNTdmdlVUWjV2djd0ZUFYSGZGN0VML09mVHNZNWNrc0ZoQ2JIZXlLY1JMcmlKNkQ0NnBHWUx4RzBhZERYeTlTV3RieXhUM2Joazg0VittMDV2R213eE5tNXVQYyt4R2VLMG01b3lnSEpMVkFGK2NzTnZvU1BGNXZpU1lsZHdHYjlyajZHOTBlRTVOZk9wRGFRRkIvb0haMG9DaEZ3RWlyRkZpUm5lYlFaalhPVzhQbDRPMTVWL08xa0FlRVhIMy90dXJ6Y1UwWW8vNWpWYitIY3JhZzJITVhDREU0OTBRTmNEbkxlYXdZNUtRdUgrYUFRTHJLUXZ3RW5ScFd3RWd1K09HY3FyTW1EUTVqNWRzeHRwN2ZrblhSZ2xhZ0FnaFU0ankzaXl5SmRjZ3VIejJoVzM1NjRqMUhucHdrOUtodUJIZFNnYnBCSURUeHpLLy9MOVl0OGQ4aitIRTgyOWsyYjVRK0NWNkYzTXk0dXBpa0VCbUpMclhNQ3Jwd3M3N09BcW80blJmVmlpWFMxL3duR2RScS9Ua3k4OXVOQUl1WHAwMUx0VXkzQXNzQ2I0ZW5URVY2ZjNxdHUyaEp3ZEFBNHpHRWtiaGk3d2pWbStZaWJqRTg5clVxb0ZNa2dDeXprVmVOTm5pbW1MQU9ZN1B0UmM2SjhxWTFJSHZsUXg0ZHRQaFJxaWxHbkI3OENkTTlSOURUbkNOMDZKdUpKS2pJd3I3RWJYcUVwRWRnZ09Da2pBelJVUW9lLzJzVzM4cG1Cb1pHUWxZbTdJSVJYWGZvKzgvdFJWQVNyTnZKR1BmcTRNdXlPeHZpdUNiT0hXajhwU1hoSHNWcmtBMVgxNFF2bi9ZTWRmQnAybEFpWEFWZk5mdDdoS2NpUHRwakN2S3d2aDA9

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D646576550%26sid%3D20220809192029cb80d5b062b85d8e66&s=j&enc=uM6VYO0VuUU5K5bt1JnoOn49fjQ4cnVSV25tQXFRa3ZEaFZMaGVYbEM2b2FOSkpiSlhnZTNoYlh5eDNEUWpZVHNlRHVQOEhNOU5iOURFRkRLbXMrdURpVjlmUFVjR0RBVVkxemwwcFBNUDdxbng4b1dWMlBMNE0vNkJrVmRnY29rWWgzdTZZSWRZYkJCdHA4eHBGUTBoMmp4SWtwMDlCeE1ZRVpCZEd2UVQxVVdGMUQyWi82ajJlWWJJRlQ1MFpNY3Zqc1ZnQURrTUVhNDZEWVFtL1dwU21WRnZIL1VFcSs5NkZyaU9GeGJYMmZ0a0R2V2phY05xQjFBM2RxckdFaFk4QWorWGM5Vnoxb052ZUVDeXpwS3drM1pwN3V5UVJnb25TVU1ybXVCNWNnNE5xWG5JMjJMZmhQeldXSXdQcHBLbm9mYkllZ2E3dWZ4a1lERTBiY25GUm82NXNsdHliaVNKb1d1OGFiV0NKK1hmS0crWitITlZpSXB6KzRMdTlvV0RnRVk5Q2JCcytyUUt6ZUJ5ZmpFMi9aSUdrV1luRlBodkloZDRSS1VkaEVEUkFVeHR4emVVMGRRaSs4RGdsQUFuSUg5ck05ZUtCS2dUM1V6M3F5VVUzS29lWm5vdjBRRzNWTmM4eitNcnE3c3A2V2FFS0FoMkRDL2lOemFEQkFnaWxCZW12QmdqNnZRQ00wWmtuRlNhYjJrWUovTGlFbGZYU3JSY3dmdklPNHUzYTUxZzMxdnVNdStOQUllK1lHYnRkRXNqWDFtaFkya0d5WVpRNlk2OUkxa0QvMzJXd1d1ODFZU2JsWW5TRkFrYUtXRnEvc2liWUcxSTR2a0hZVGR6czk5czN4cVNPN3RJQWwzU0M2ZUZGNlBmK2ptZGtzeUZEdy9PWVNqSHZSQjJEdjRxWHl6ZEdBeTNmTkVVNUVCODd6eENoRjFYcGZzVmlpQzRwYVJwMlU4WDJmT2x0RVhQMGFHNXdCamdVZ0RDQnlDMHk4d2hYSiswNHI5aWM3aDc3OWFpaEN3UVZheHhDTVlIaTNPVkw3SnVBYWlCTzlmbElMUUNUVVoxNE9wVHNGRHRPTVFtMUpiNXFYOC80K3B2LzZUZzJ2anVBR2lTOEVwQ0xLZHFIUHQyd3pSQjB3YS9NL1VidXl3PT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=646576550&sid=20220809192029cb80d5b062b85d8e66

Request Chain 7

https://buybutwhere.com/buy/with/o4/in?store=casetify.com&sid1=cbe0aa2b9a344adbde54bb2da9d70419&nid=3 HTTP 302
https://buybutwhere.com/buy/in?store=casetify.com

37 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

http://ww01.capitaloine.com/
https://ww01.capitaloine.com/
http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaN...

4 KB
2 KB

469ms
157ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaNXR6MlFzVnhuNnBSUzlabjRXYlNzeHVXRjlQSXNQNTdmdlVUWjV2djd0ZUFYSGZGN0VML09mVHNZNWNrc0ZoQ2JIZXlLY1JMcmlKNkQ0NnBHWUx4RzBhZERYeTlTV3RieXhUM2Joazg0VittMDV2R213eE5tNXVQYyt4R2VLMG01b3lnSEpMVkFGK2NzTnZvU1BGNXZpU1lsZHdHYjlyajZHOTBlRTVOZk9wRGFRRkIvb0haMG9DaEZ3RWlyRkZpUm5lYlFaalhPVzhQbDRPMTVWL08xa0FlRVhIMy90dXJ6Y1UwWW8vNWpWYitIY3JhZzJITVhDREU0OTBRTmNEbkxlYXdZNUtRdUgrYUFRTHJLUXZ3RW5ScFd3RWd1K09HY3FyTW1EUTVqNWRzeHRwN2ZrblhSZ2xhZ0FnaFU0ankzaXl5SmRjZ3VIejJoVzM1NjRqMUhucHdrOUtodUJIZFNnYnBCSURUeHpLLy9MOVl0OGQ4aitIRTgyOWsyYjVRK0NWNkYzTXk0dXBpa0VCbUpMclhNQ3Jwd3M3N09BcW80blJmVmlpWFMxL3duR2RScS9Ua3k4OXVOQUl1WHAwMUx0VXkzQXNzQ2I0ZW5URVY2ZjNxdHUyaEp3ZEFBNHpHRWtiaGk3d2pWbStZaWJqRTg5clVxb0ZNa2dDeXprVmVOTm5pbW1MQU9ZN1B0UmM2SjhxWTFJSHZsUXg0ZHRQaFJxaWxHbkI3OENkTTlSOURUbkNOMDZKdUpKS2pJd3I3RWJYcUVwRWRnZ09Da2pBelJVUW9lLzJzVzM4cG1Cb1pHUWxZbTdJSVJYWGZvKzgvdFJWQVNyTnZKR1BmcTRNdXlPeHZpdUNiT0hXajhwU1hoSHNWcmtBMVgxNFF2bi9ZTWRmQnAybEFpWEFWZk5mdDdoS2NpUHRwakN2S3d2aDA9
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5fb7d00c56453ff8a79c8c4c246c5d08abaf0f6d8aef4be71786002b2aa082e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 2034
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 09:20:30 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 09:20:29 GMT
Location: http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaNXR6MlFzVnhuNnBSUzlabjRXYlNzeHVXRjlQSXNQNTdmdlVUWjV2djd0ZUFYSGZGN0VML09mVHNZNWNrc0ZoQ2JIZXlLY1JMcmlKNkQ0NnBHWUx4RzBhZERYeTlTV3RieXhUM2Joazg0VittMDV2R213eE5tNXVQYyt4R2VLMG01b3lnSEpMVkFGK2NzTnZvU1BGNXZpU1lsZHdHYjlyajZHOTBlRTVOZk9wRGFRRkIvb0haMG9DaEZ3RWlyRkZpUm5lYlFaalhPVzhQbDRPMTVWL08xa0FlRVhIMy90dXJ6Y1UwWW8vNWpWYitIY3JhZzJITVhDREU0OTBRTmNEbkxlYXdZNUtRdUgrYUFRTHJLUXZ3RW5ScFd3RWd1K09HY3FyTW1EUTVqNWRzeHRwN2ZrblhSZ2xhZ0FnaFU0ankzaXl5SmRjZ3VIejJoVzM1NjRqMUhucHdrOUtodUJIZFNnYnBCSURUeHpLLy9MOVl0OGQ4aitIRTgyOWsyYjVRK0NWNkYzTXk0dXBpa0VCbUpMclhNQ3Jwd3M3N09BcW80blJmVmlpWFMxL3duR2RScS9Ua3k4OXVOQUl1WHAwMUx0VXkzQXNzQ2I0ZW5URVY2ZjNxdHUyaEp3ZEFBNHpHRWtiaGk3d2pWbStZaWJqRTg5clVxb0ZNa2dDeXprVmVOTm5pbW1MQU9ZN1B0UmM2SjhxWTFJSHZsUXg0ZHRQaFJxaWxHbkI3OENkTTlSOURUbkNOMDZKdUpKS2pJd3I3RWJYcUVwRWRnZ09Da2pBelJVUW9lLzJzVzM4cG1Cb1pHUWxZbTdJSVJYWGZvKzgvdFJWQVNyTnZKR1BmcTRNdXlPeHZpdUNiT0hXajhwU1hoSHNWcmtBMVgxNFF2bi9ZTWRmQnAybEFpWEFWZk5mdDdoS2NpUHRwakN2S3d2aDA9
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 155ms
154ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaNXR6MlFzVnhuNnBSUzlabjRXYlNzeHVXRjlQSXNQNTdmdlVUWjV2djd0ZUFYSGZGN0VML09mVHNZNWNrc0ZoQ2JIZXlLY1JMcmlKNkQ0NnBHWUx4RzBhZERYeTlTV3RieXhUM2Joazg0VittMDV2R213eE5tNXVQYyt4R2VLMG01b3lnSEpMVkFGK2NzTnZvU1BGNXZpU1lsZHdHYjlyajZHOTBlRTVOZk9wRGFRRkIvb0haMG9DaEZ3RWlyRkZpUm5lYlFaalhPVzhQbDRPMTVWL08xa0FlRVhIMy90dXJ6Y1UwWW8vNWpWYitIY3JhZzJITVhDREU0OTBRTmNEbkxlYXdZNUtRdUgrYUFRTHJLUXZ3RW5ScFd3RWd1K09HY3FyTW1EUTVqNWRzeHRwN2ZrblhSZ2xhZ0FnaFU0ankzaXl5SmRjZ3VIejJoVzM1NjRqMUhucHdrOUtodUJIZFNnYnBCSURUeHpLLy9MOVl0OGQ4aitIRTgyOWsyYjVRK0NWNkYzTXk0dXBpa0VCbUpMclhNQ3Jwd3M3N09BcW80blJmVmlpWFMxL3duR2RScS9Ua3k4OXVOQUl1WHAwMUx0VXkzQXNzQ2I0ZW5URVY2ZjNxdHUyaEp3ZEFBNHpHRWtiaGk3d2pWbStZaWJqRTg5clVxb0ZNa2dDeXprVmVOTm5pbW1MQU9ZN1B0UmM2SjhxWTFJSHZsUXg0ZHRQaFJxaWxHbkI3OENkTTlSOURUbkNOMDZKdUpKS2pJd3I3RWJYcUVwRWRnZ09Da2pBelJVUW9lLzJzVzM4cG1Cb1pHUWxZbTdJSVJYWGZvKzgvdFJWQVNyTnZKR1BmcTRNdXlPeHZpdUNiT0hXajhwU1hoSHNWcmtBMVgxNFF2bi9ZTWRmQnAybEFpWEFWZk5mdDdoS2NpUHRwakN2S3d2aDA9
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaNXR6MlFzVnhuNnBSUzlabjRXYlNzeHVXRjlQSXNQNTdmdlVUWjV2djd0ZUFYSGZGN0VML09mVHNZNWNrc0ZoQ2JIZXlLY1JMcmlKNkQ0NnBHWUx4RzBhZERYeTlTV3RieXhUM2Joazg0VittMDV2R213eE5tNXVQYyt4R2VLMG01b3lnSEpMVkFGK2NzTnZvU1BGNXZpU1lsZHdHYjlyajZHOTBlRTVOZk9wRGFRRkIvb0haMG9DaEZ3RWlyRkZpUm5lYlFaalhPVzhQbDRPMTVWL08xa0FlRVhIMy90dXJ6Y1UwWW8vNWpWYitIY3JhZzJITVhDREU0OTBRTmNEbkxlYXdZNUtRdUgrYUFRTHJLUXZ3RW5ScFd3RWd1K09HY3FyTW1EUTVqNWRzeHRwN2ZrblhSZ2xhZ0FnaFU0ankzaXl5SmRjZ3VIejJoVzM1NjRqMUhucHdrOUtodUJIZFNnYnBCSURUeHpLLy9MOVl0OGQ4aitIRTgyOWsyYjVRK0NWNkYzTXk0dXBpa0VCbUpMclhNQ3Jwd3M3N09BcW80blJmVmlpWFMxL3duR2RScS9Ua3k4OXVOQUl1WHAwMUx0VXkzQXNzQ2I0ZW5URVY2ZjNxdHUyaEp3ZEFBNHpHRWtiaGk3d2pWbStZaWJqRTg5clVxb0ZNa2dDeXprVmVOTm5pbW1MQU9ZN1B0UmM2SjhxWTFJSHZsUXg0ZHRQaFJxaWxHbkI3OENkTTlSOURUbkNOMDZKdUpKS2pJd3I3RWJYcUVwRWRnZ09Da2pBelJVUW9lLzJzVzM4cG1Cb1pHUWxZbTdJSVJYWGZvKzgvdFJWQVNyTnZKR1BmcTRNdXlPeHZpdUNiT0hXajhwU1hoSHNWcmtBMVgxNFF2bi9ZTWRmQnAybEFpWEFWZk5mdDdoS2NpUHRwakN2S3d2aDA9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 09:20:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Aug 2022 05:34:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "383-5e52758de4440-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 309ms
155ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaNXR6MlFzVnhuNnBSUzlabjRXYlNzeHVXRjlQSXNQNTdmdlVUWjV2djd0ZUFYSGZGN0VML09mVHNZNWNrc0ZoQ2JIZXlLY1JMcmlKNkQ0NnBHWUx4RzBhZERYeTlTV3RieXhUM2Joazg0VittMDV2R213eE5tNXVQYyt4R2VLMG01b3lnSEpMVkFGK2NzTnZvU1BGNXZpU1lsZHdHYjlyajZHOTBlRTVOZk9wRGFRRkIvb0haMG9DaEZ3RWlyRkZpUm5lYlFaalhPVzhQbDRPMTVWL08xa0FlRVhIMy90dXJ6Y1UwWW8vNWpWYitIY3JhZzJITVhDREU0OTBRTmNEbkxlYXdZNUtRdUgrYUFRTHJLUXZ3RW5ScFd3RWd1K09HY3FyTW1EUTVqNWRzeHRwN2ZrblhSZ2xhZ0FnaFU0ankzaXl5SmRjZ3VIejJoVzM1NjRqMUhucHdrOUtodUJIZFNnYnBCSURUeHpLLy9MOVl0OGQ4aitIRTgyOWsyYjVRK0NWNkYzTXk0dXBpa0VCbUpMclhNQ3Jwd3M3N09BcW80blJmVmlpWFMxL3duR2RScS9Ua3k4OXVOQUl1WHAwMUx0VXkzQXNzQ2I0ZW5URVY2ZjNxdHUyaEp3ZEFBNHpHRWtiaGk3d2pWbStZaWJqRTg5clVxb0ZNa2dDeXprVmVOTm5pbW1MQU9ZN1B0UmM2SjhxWTFJSHZsUXg0ZHRQaFJxaWxHbkI3OENkTTlSOURUbkNOMDZKdUpKS2pJd3I3RWJYcUVwRWRnZ09Da2pBelJVUW9lLzJzVzM4cG1Cb1pHUWxZbTdJSVJYWGZvKzgvdFJWQVNyTnZKR1BmcTRNdXlPeHZpdUNiT0hXajhwU1hoSHNWcmtBMVgxNFF2bi9ZTWRmQnAybEFpWEFWZk5mdDdoS2NpUHRwakN2S3d2aDA9
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaNXR6MlFzVnhuNnBSUzlabjRXYlNzeHVXRjlQSXNQNTdmdlVUWjV2djd0ZUFYSGZGN0VML09mVHNZNWNrc0ZoQ2JIZXlLY1JMcmlKNkQ0NnBHWUx4RzBhZERYeTlTV3RieXhUM2Joazg0VittMDV2R213eE5tNXVQYyt4R2VLMG01b3lnSEpMVkFGK2NzTnZvU1BGNXZpU1lsZHdHYjlyajZHOTBlRTVOZk9wRGFRRkIvb0haMG9DaEZ3RWlyRkZpUm5lYlFaalhPVzhQbDRPMTVWL08xa0FlRVhIMy90dXJ6Y1UwWW8vNWpWYitIY3JhZzJITVhDREU0OTBRTmNEbkxlYXdZNUtRdUgrYUFRTHJLUXZ3RW5ScFd3RWd1K09HY3FyTW1EUTVqNWRzeHRwN2ZrblhSZ2xhZ0FnaFU0ankzaXl5SmRjZ3VIejJoVzM1NjRqMUhucHdrOUtodUJIZFNnYnBCSURUeHpLLy9MOVl0OGQ4aitIRTgyOWsyYjVRK0NWNkYzTXk0dXBpa0VCbUpMclhNQ3Jwd3M3N09BcW80blJmVmlpWFMxL3duR2RScS9Ua3k4OXVOQUl1WHAwMUx0VXkzQXNzQ2I0ZW5URVY2ZjNxdHUyaEp3ZEFBNHpHRWtiaGk3d2pWbStZaWJqRTg5clVxb0ZNa2dDeXprVmVOTm5pbW1MQU9ZN1B0UmM2SjhxWTFJSHZsUXg0ZHRQaFJxaWxHbkI3OENkTTlSOURUbkNOMDZKdUpKS2pJd3I3RWJYcUVwRWRnZ09Da2pBelJVUW9lLzJzVzM4cG1Cb1pHUWxZbTdJSVJYWGZvKzgvdFJWQVNyTnZKR1BmcTRNdXlPeHZpdUNiT0hXajhwU1hoSHNWcmtBMVgxNFF2bi9ZTWRmQnAybEFpWEFWZk5mdDdoS2NpUHRwakN2S3d2aDA9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 09:20:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Aug 2022 05:34:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "27ef-5e52758de4440-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 318ms
162ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=uM6VYO0VuUU5K5bt1JnoOn49fjQ4cnVSV25tQXFRa3ZEaFZMaGVYbEM2b2FOSkpiSlhnZTNoYlh5eDNEUWpZVHNlRHVQOEhNOU5iOURFRkRLbXMrdURpVjlmUFVjR0RBVVkxemwwcFBNUDdxbng4b1dWMlBMNE0vNkJrVmRnY29rWWgzdTZZSWRZYkJCdHA4eHBGUTBoMmp4SWtwMDlCeE1ZRVpCZEd2UVQxVVdGMUQyWi82ajJlWWJJRlQ1MFpNY3Zqc1ZnQURrTUVhNDZEWVFtL1dwU21WRnZIL1VFcSs5NkZyaU9GeGJYMmZ0a0R2V2phY05xQjFBM2RxckdFaFk4QWorWGM5Vnoxb052ZUVDeXpwS3drM1pwN3V5UVJnb25TVU1ybXVCNWNnNE5xWG5JMjJMZmhQeldXSXdQcHBLbm9mYkllZ2E3dWZ4a1lERTBiY25GUm82NXNsdHliaVNKb1d1OGFiV0NKK1hmS0crWitITlZpSXB6KzRMdTlvV0RnRVk5Q2JCcytyUUt6ZUJ5ZmpFMi9aSUdrV1luRlBodkloZDRSS1VkaEVEUkFVeHR4emVVMGRRaSs4RGdsQUFuSUg5ck05ZUtCS2dUM1V6M3F5VVUzS29lWm5vdjBRRzNWTmM4eitNcnE3c3A2V2FFS0FoMkRDL2lOemFEQkFnaWxCZW12QmdqNnZRQ00wWmtuRlNhYjJrWUovTGlFbGZYU3JSY3dmdklPNHUzYTUxZzMxdnVNdStOQUllK1lHYnRkRXNqWDFtaFkya0d5WVpRNlk2OUkxa0QvMzJXd1d1ODFZU2JsWW5TRkFrYUtXRnEvc2liWUcxSTR2a0hZVGR6czk5czN4cVNPN3RJQWwzU0M2ZUZGNlBmK2ptZGtzeUZEdy9PWVNqSHZSQjJEdjRxWHl6ZEdBeTNmTkVVNUVCODd6eENoRjFYcGZzVmlpQzRwYVJwMlU4WDJmT2x0RVhQMGFHNXdCamdVZ0RDQnlDMHk4d2hYSiswNHI5aWM3aDc3OWFpaEN3UVZheHhDTVlIaTNPVkw3SnVBYWlCTzlmbElMUUNUVVoxNE9wVHNGRHRPTVFtMUpiNXFYOC80K3B2LzZUZzJ2anVBR2lTOEVwQ0xLZHFIUHQyd3pSQjB3YS9NL1VidXl3PT0%3D&rand=0.14096403041963534
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=fYtgntc5kfRzj1C23sRYLX49fkxTMFhnQlBPbm5qZC85VGNQeWd5NWREcnhEMGNqQWdyUTkxMVNic1dBY09mN0VlRE96eHRBN3NzM01kbzhuWXEzZ2I0MFJKU1BPU21aY3dxdEl4a05EQS8vaXNLalllNUxNZFNMLzVNTUJaNXR6MlFzVnhuNnBSUzlabjRXYlNzeHVXRjlQSXNQNTdmdlVUWjV2djd0ZUFYSGZGN0VML09mVHNZNWNrc0ZoQ2JIZXlLY1JMcmlKNkQ0NnBHWUx4RzBhZERYeTlTV3RieXhUM2Joazg0VittMDV2R213eE5tNXVQYyt4R2VLMG01b3lnSEpMVkFGK2NzTnZvU1BGNXZpU1lsZHdHYjlyajZHOTBlRTVOZk9wRGFRRkIvb0haMG9DaEZ3RWlyRkZpUm5lYlFaalhPVzhQbDRPMTVWL08xa0FlRVhIMy90dXJ6Y1UwWW8vNWpWYitIY3JhZzJITVhDREU0OTBRTmNEbkxlYXdZNUtRdUgrYUFRTHJLUXZ3RW5ScFd3RWd1K09HY3FyTW1EUTVqNWRzeHRwN2ZrblhSZ2xhZ0FnaFU0ankzaXl5SmRjZ3VIejJoVzM1NjRqMUhucHdrOUtodUJIZFNnYnBCSURUeHpLLy9MOVl0OGQ4aitIRTgyOWsyYjVRK0NWNkYzTXk0dXBpa0VCbUpMclhNQ3Jwd3M3N09BcW80blJmVmlpWFMxL3duR2RScS9Ua3k4OXVOQUl1WHAwMUx0VXkzQXNzQ2I0ZW5URVY2ZjNxdHUyaEp3ZEFBNHpHRWtiaGk3d2pWbStZaWJqRTg5clVxb0ZNa2dDeXprVmVOTm5pbW1MQU9ZN1B0UmM2SjhxWTFJSHZsUXg0ZHRQaFJxaWxHbkI3OENkTTlSOURUbkNOMDZKdUpKS2pJd3I3RWJYcUVwRWRnZ09Da2pBelJVUW9lLzJzVzM4cG1Cb1pHUWxZbTdJSVJYWGZvKzgvdFJWQVNyTnZKR1BmcTRNdXlPeHZpdUNiT0hXajhwU1hoSHNWcmtBMVgxNFF2bi9ZTWRmQnAybEFpWEFWZk5mdDdoS2NpUHRwakN2S3d2aDA9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Tue, 09 Aug 2022 09:20:31 GMT
Server: Apache/2.4.38 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

r6
clever-redirect.com/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D646576550%26sid%3D20220809192029cb80d5b062b85d8e66&s=j&enc=uM6VYO0VuUU5K5bt1JnoOn49fjQ4cnVSV25tQXFRa3ZEaFZM...
https://clever-redirect.com/s/r6?s=721614&s3=646576550&sid=20220809192029cb80d5b062b85d8e66

343 B
693 B

71ms
52ms

Document
text/html

78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clever-redirect.com/s/r6?s=721614&s3=646576550&sid=20220809192029cb80d5b062b85d8e66
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: http://1redirc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 343
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 09:20:31 GMT
referrer-policy: no-referrer
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Aug 2022 09:20:31 GMT
Location: https://clever-redirect.com/s/r6?s=721614&s3=646576550&sid=20220809192029cb80d5b062b85d8e66
Server: Apache/2.4.38 (Debian)

GET
H2 200 a Show response
spidershopping.com/search/ 383 B
756 B 106ms
85ms Document
text/html 162.55.54.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=casetify.com&s1=721614&s2=&s3=646576550&s5=cf&it=44&in=3
Requested by: Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=646576550&sid=20220809192029cb80d5b062b85d8e66
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.54.55.162.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash: 7cffbf82ec1609dba8aaa8650d3f641d61377a32763be101b595dfd396c8f5ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 383
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 09:20:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

GET
H2 200 r
spidershopping.com/search/ 306 B
336 B 11ms
11ms Document
text/html 162.55.54.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dcasetify.com%26sid1%3Dcbe0aa2b9a344adbde54bb2da9d70419%26nid%3D3&h=0440874865f5d6c6fa68c35e5fecffaf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.54.55.162.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=casetify.com&s1=721614&s2=&s3=646576550&s5=cf&it=44&in=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 306
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 09:20:31 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

GET
H2

200

in
buybutwhere.com/buy/
Redirect Chain

https://buybutwhere.com/buy/with/o4/in?store=casetify.com&sid1=cbe0aa2b9a344adbde54bb2da9d70419&nid=3
https://buybutwhere.com/buy/in?store=casetify.com

1 KB
1 KB

49ms
48ms

Document
text/html

2606:4700:3031::ac43:9d4e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://buybutwhere.com/buy/in?store=casetify.com
Requested by: Host: spidershopping.com
URL: https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dcasetify.com%26sid1%3Dcbe0aa2b9a344adbde54bb2da9d70419%26nid%3D3&h=0440874865f5d6c6fa68c35e5fecffaf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9d4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://spidershopping.com/search/r?u=https%3A%2F%2Fbuybutwhere.com%2Fbuy%2Fwith%2Fo4%2Fin%3Fstore%3Dcasetify.com%26sid1%3Dcbe0aa2b9a344adbde54bb2da9d70419%26nid%3D3&h=0440874865f5d6c6fa68c35e5fecffaf
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 737f6a984c66696a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 09:20:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeGB7vMOU63UDcVP2IknzjXh66hFQDUw7f5vjt4TvQqIzaTLMdLb7e8zRApR4y70CG72fypnX9m%2BHjH5VKfRXK6XG8kBn8TwpkxYyl68HkeHbjzKiw1uLhRJVXh5sCJr9eV9X82E27Z38xaYHbA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 737f6a97cbec696a-FRA
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 09:20:32 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://buybutwhere.com/buy/in?store=casetify.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLks90tGcMaFuYNgtE8D6ggVbJVMc9R5h1IvAIGn2pkscwLQEL7KgEBkFITpteGP6hL8FqpWNX5U6nFZi%2BGbPGtM%2F3MLilVGRz18sCIy41WSW732I6zDY%2Fk%2B3GoZ19oq4UGsImU33xd%2F%2BVWt2ew%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2

200

Primary Request / Show response
www.casetify.com/
Redirect Chain

https://r.srvtrck.com/v1/redirect?api_key=a3ae2e816af8f1662ffc6841c5087225&site_id=ee50063cceb54d669baeccf803a2c06c&type=url&yk_tag=o462f226e003b2f&source=https%3A%2F%2Fbuybutwhere.com%2Fwhere&url=...
https://r.srvtrck.com/v2/go?t=ct0p2%3A3%2F8wc.eibk6odn5ceoc.6o0%2Fea%3Dpipnl3%3Df447a430f0d210f6b35ublah7t2se33%258F120w4w3cvsdttf%26.ocmyaiie%3Da0.0w0F0%25325A8%259p0ta%3D5re%2646058031d04051b4814...
https://www.linkconnector.com/ta.php?lc=144714000012005663&url=https%3A%2F%2Fwww.casetify.com&atid=v0304000138538e9207aa5be54b0f813ddf435ab48f43&ntid=ee50063cceb54d669baeccf803a2c06c
https://casetify.hyyc7q.net/c/74588/650142/3937?sharedid=144714&subId1=740057&subId2=5663&subId3=1660036832&u=https%3A%2F%2Fwww.casetify.com%3Flctid%3D740057
https://www.ojrq.net/p/?return=https%3A%2F%2Fcasetify.hyyc7q.net%2Fc%2F74588%2F650142%2F3937%3Fsharedid%3D144714%26subId1%3D740057%26subId2%3D5663%26subId3%3D1660036832%26u%3Dhttps%253A%252F%252Fww...
https://casetify.hyyc7q.net/c/74588/650142/3937?sharedid=144714&subId1=740057&subId2=5663&subId3=1660036832&u=https%3A%2F%2Fwww.casetify.com%3Flctid%3D740057&level=1&srcref=https%3A%2F%2Fbuybutwher...
https://www.casetify.com/?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedid=144714&utm_medium=smarterchaos&utm_source=affiliate&clickid=UjoQ9txCwxyNTln3ItVONx-YUkDysbXxh1...

309 KB
58 KB

2335ms
2114ms

Document
text/html

54.161.242.76

General

Check archive.org

Show headers Download Go to

Full URL

https://www.casetify.com/?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedid=144714&utm_medium=smarterchaos&utm_source=affiliate&clickid=UjoQ9txCwxyNTln3ItVONx-YUkDysbXxh1412M0

Requested by

Host: buybutwhere.com
URL: https://buybutwhere.com/buy/in?store=casetify.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.242.76 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

8671edef0b1f30c0fb36082884e0788afbf8c19964324971786ead6bcadbe42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://buybutwhere.com/buy/in?store=casetify.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2000
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 09 Aug 2022 09:20:35 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
date: Tue, 09 Aug 2022 09:20:32 GMT
expires: Tue, 09 Aug 2022 09:20:32 GMT
location: https://www.casetify.com?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedid=144714&utm_medium=smarterchaos&utm_source=affiliate&clickid=UjoQ9txCwxyNTln3ItVONx-YUkDysbXxh1412M0
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
pragma: no-cache

GET
H2 200 pangram-bold-webfont.woff2
cdn.casetify.com/font/pangram/ 18 KB
18 KB 72ms
21ms Font
text/plain 65.9.66.70

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.casetify.com/font/pangram/pangram-bold-webfont.woff2

Requested by

Host: www.casetify.com
URL: https://www.casetify.com/?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedid=144714&utm_medium=smarterchaos&utm_source=affiliate&clickid=UjoQ9txCwxyNTln3ItVONx-YUkDysbXxh1412M0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

efec014b1f99393c6d4be284b98a887d0ae2d4bc9c3eaab3090a345578840492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.casetify.com/
Origin: https://www.casetify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 08:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123730
x-cache: Hit from cloudfront
x-api-cache: true
content-length: 18331
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.casetify.com
last-modified: Thu, 06 Sep 2018 10:47:52 GMT
server: Apache
x-frame-options: sameorigin
vary: Accept-Encoding, Origin
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
link: <https://cdn.casetify.com/font/pangram/pangram-bold-webfont.woff2>; rel="canonical"
x-amz-cf-id: mHPFVpwMKSk-D9uYqqI1FroKc5KurlXaQm7_YwtgqMasnYw27_Mo5g==

GET
H2 200 HelveticaNeue.woff2
cdn.casetify.com/font/HelveticaNeue/ 82 KB
82 KB 60ms
9ms Font
text/plain 65.9.66.70

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.casetify.com/font/HelveticaNeue/HelveticaNeue.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

82402f2eafde497caff85eccdde8f27bcb3ce206067bbfbd52ab6abcd59f8970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.casetify.com/
Origin: https://www.casetify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 07:12:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94097
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-api-cache: true
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Jul 2021 09:05:41 GMT
server: Apache
x-frame-options: sameorigin
vary: Accept-Encoding, Origin
access-control-allow-origin: https://www.casetify.com
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
link: <https://cdn.casetify.com/font/HelveticaNeue/HelveticaNeue.woff2>; rel="canonical"
x-amz-cf-id: IFiJgXbvc_vejwHoUVb5Vz1nEZa-FLQ6ydU0yf0DGd0xF7cDeTx51w==

GET
H2 200 lib.js Show response
eu-library.klarnaservices.com/ 25 KB
8 KB 47ms
13ms Script
application/javascript 99.86.240.28

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-library.klarnaservices.com/lib.js
Requested by: Host: www.casetify.com
URL: https://www.casetify.com/?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedid=144714&utm_medium=smarterchaos&utm_source=affiliate&clickid=UjoQ9txCwxyNTln3ItVONx-YUkDysbXxh1412M0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.28 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c996036d1f37f18c50fbb7c319726702db35c569c9dfc74339866b16dfd2e1de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 21:57:40 GMT
content-encoding: br
etag: W/"521208e089f1b7df4b1207d2e391f739"
last-modified: Wed, 03 Aug 2022 09:27:47 GMT
server: AmazonS3
age: 40976
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e2fae56164d235b42cd2d6ea7e62d0ae.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: LnDTYPvF5nPI6T7kdG5A995QKtmX8pTeR7g0ODzDSr1LYyNjFgz03Q==

GET
H2 200 user-new.svg
cdn.casetify.com/img/ui/ 752 B
1001 B 55ms
7ms Image
image/svg+xml 65.9.66.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.casetify.com/img/ui/user-new.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

cb7adf30a34af001d738a44d887afbe0adf7dafa2725f3ede6d1425f62c8e364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69093
x-cache: Hit from cloudfront
link: <https://cdn.casetify.com/img/ui/user-new.svg>; rel="canonical"
vary: Accept-Encoding
content-length: 364
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 27 Apr 2022 04:43:07 GMT
server: Apache
x-frame-options: sameorigin
access-control-max-age: 2000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
x-amz-cf-id: fZiPfbrY0PcI68fSFRRFyVIZRb6dorx_whLH5MuylOgEQ9tgTc15-w==

GET
H2 200 menu.svg
cdn.casetify.com/img/ui/ 709 B
906 B 55ms
8ms Image
image/svg+xml 65.9.66.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.casetify.com/img/ui/menu.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

857f189d66d6457d6e5864b6cba29f3b75262573b7ac60be03c67dc20b234159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68282
x-cache: Hit from cloudfront
link: <https://cdn.casetify.com/img/ui/menu.svg>; rel="canonical"
vary: Accept-Encoding
content-length: 271
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 27 Apr 2022 04:43:06 GMT
server: Apache
x-frame-options: sameorigin
access-control-max-age: 2000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
x-amz-cf-id: O8TOZCCPWrMS7y52zxsX_quHHi4N1KUA3ASjL543ztPUEXBuPwMbGw==

GET
H2 200 globe.svg
cdn.casetify.com/img/ui/ 1 KB
1 KB 9ms
7ms Image
image/svg+xml 65.9.66.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.casetify.com/img/ui/globe.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

f736ca6182e6cc7566e0a69c21dc83a8f55511336d074103e477db711088409a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68282
x-cache: Hit from cloudfront
link: <https://cdn.casetify.com/img/ui/globe.svg>; rel="canonical"
vary: Accept-Encoding
content-length: 489
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Thu, 11 Nov 2021 03:42:58 GMT
server: Apache
x-frame-options: sameorigin
access-control-max-age: 2000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
x-amz-cf-id: lJjflgLO-5QE2REDX0Zg0jga6KoD8d-t_yG5DbnixKJ-QqyBPg9HYA==

GET
H2 200 casetify-logo.png
cdn.casetify.com/img/ui/ 8 KB
8 KB 10ms
8ms Image
image/png 65.9.66.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.casetify.com/img/ui/casetify-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

1a4f33fe9cb5c3460525cc706850312ea4e22359e52b12116f7f185506dbf2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:22:20 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68295
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 7760
x-xss-protection: 1; mode=block
link: <https://cdn.casetify.com/img/ui/casetify-logo.png>; rel="canonical"
last-modified: Thu, 06 Sep 2018 10:47:53 GMT
server: Apache
x-frame-options: sameorigin
access-control-max-age: 2000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
x-amz-cf-id: t-W1Ph3G-M_9g3AbPF-kDKTLJFCntBNOYmgUWKPyNHtNRY-hn_v9Bw==

GET
H2 200 cart-new.svg
cdn.casetify.com/img/ui/ 1 KB
1 KB 10ms
9ms Image
image/svg+xml 65.9.66.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.casetify.com/img/ui/cart-new.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

00bb62c69e13140c13e9648608e4f03a6d90d6a0b1a1eb1f818f9975b7eb74e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68284
x-cache: Hit from cloudfront
link: <https://cdn.casetify.com/img/ui/cart-new.svg>; rel="canonical"
vary: Accept-Encoding
content-length: 426
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 27 Apr 2022 04:43:06 GMT
server: Apache
x-frame-options: sameorigin
access-control-max-age: 2000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
x-amz-cf-id: NXCqs5TBryyBoNniK4qy7MaR9R1GnIHYmxNgt0fWrDivkTu37fU-Dw==

GET
H2 200 search-new.svg
cdn.casetify.com/img/ui/ 571 B
916 B 11ms
9ms Image
image/svg+xml 65.9.66.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.casetify.com/img/ui/search-new.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

1d2d4a55d99619473bec34544826b321f02e0bcda2e711a4476ca23395517f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:43:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67097
x-cache: Hit from cloudfront
link: <https://cdn.casetify.com/img/ui/search-new.svg>; rel="canonical"
vary: Accept-Encoding
content-length: 278
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Wed, 27 Apr 2022 04:43:06 GMT
server: Apache
x-frame-options: sameorigin
access-control-max-age: 2000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
x-amz-cf-id: IR8wcrQH6e4lvol8-mccunufvs59IGNxOUNZrj1UZNwosROHGI78Qg==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 left_caret.svg
cdn.casetify.com/img/ui/ 740 B
980 B 8ms
8ms Image
image/svg+xml 65.9.66.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.casetify.com/img/ui/left_caret.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

4ab6845c60e4773320c72928f468feb8064dbfb35c856266dc93862b40fb6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:23:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68228
x-cache: Hit from cloudfront
link: <https://cdn.casetify.com/img/ui/left_caret.svg>; rel="canonical"
vary: Accept-Encoding
content-length: 342
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 28 May 2018 10:16:18 GMT
server: Apache
x-frame-options: sameorigin
access-control-max-age: 2000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
x-amz-cf-id: 4oQ7ZZGQRANtV9x3Of2g_kKDF_hs1VCn3guPHb8lDD_kMIL5rMLNsA==

GET
H2 200 right_caret.svg
cdn.casetify.com/img/ui/ 748 B
982 B 9ms
8ms Image
image/svg+xml 65.9.66.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.casetify.com/img/ui/right_caret.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

b1ea9f107c88e7112db619722e2d94175272941362268469f2cd66819475da97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68227
x-cache: Hit from cloudfront
link: <https://cdn.casetify.com/img/ui/right_caret.svg>; rel="canonical"
vary: Accept-Encoding
content-length: 344
x-xss-protection: 1; mode=block
access-control-allow-origin: *
last-modified: Mon, 28 May 2018 10:16:18 GMT
server: Apache
x-frame-options: sameorigin
access-control-max-age: 2000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/svg+xml
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
x-amz-cf-id: W1HWtoSffw_PvrxYCNsdK01AKz8Rb3ekjU-dacfYK4F8iYtm4xwGdg==

GET
H2 200 klarna-footer-banner-de.png
cdn.casetify.com/img/klarna/ 7 KB
7 KB 8ms
7ms Image
image/png 65.9.66.70

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.casetify.com/img/klarna/klarna-footer-banner-de.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

ec3e5cff2ef311e399c66eadc9d3c52a7262048186cfac262da588b3cd9dd362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:22:29 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 68286
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 6880
x-xss-protection: 1; mode=block
link: <https://cdn.casetify.com/img/klarna/klarna-footer-banner-de.png>; rel="canonical"
last-modified: Mon, 10 May 2021 09:46:40 GMT
server: Apache
x-frame-options: sameorigin
access-control-max-age: 2000
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
access-control-allow-headers: origin, authorization, content-type, accept, x-requested-with
x-amz-cf-id: CwxTozDhOD6MI-PtmJNFQgMeCNb2rclGTcaSyVtzIB_phZYuGnkQLg==

GET
H2 200 landing.0c9dfb66.css
cdn.casetify.com/css/ 906 KB
113 KB 8ms
7ms Stylesheet
text/css 65.9.66.70

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.casetify.com/css/landing.0c9dfb66.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

b204202e67e573508614d36649b46b15372ef8f71b224c1cba2b0c9bef730526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.casetify.com/
Origin: https://www.casetify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 05:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98807
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Aug 2022 05:11:56 GMT
server: Apache
x-frame-options: sameorigin
vary: Accept-Encoding, Origin
content-type: text/css
access-control-allow-origin: https://www.casetify.com
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: ifenznd3RtUOXVl3TzLZNymassKyzC0u_IpR1CXgrvVpPk8fprP5Uw==

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 117ms
9ms Script
application/x-javascript 99.86.4.77

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 23585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Tue, 09 Aug 2022 02:47:30 GMT
content-length: 6124
x-xss-protection: 1; mode=block
last-modified: Mon, 30 May 2022 14:38:02 GMT
server: AmazonS3
etag: "5add60196e5f96a414fb4b9586764e5d"
content-type: application/x-javascript
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: m5OxRcjnRZC_ioEq-y4bQuesr9LsKJ-LblnczDvjNZ_cx3yPLPoazg==

GET
H2 200 landing.min.c836f740.js
cdn.casetify.com/js/dist/ 1 MB
327 KB 8ms
8ms Script
text/javascript 65.9.66.70

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.casetify.com/js/dist/landing.min.c836f740.js
Requested by: Host: www.casetify.com
URL: https://www.casetify.com/?lctid=740057&utm_campaign=650142&irpid=74588&irmpname=LinkConnector&sharedid=144714&utm_medium=smarterchaos&utm_source=affiliate&clickid=UjoQ9txCwxyNTln3ItVONx-YUkDysbXxh1412M0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.70 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.casetify.com/
Origin: https://www.casetify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 05:17:05 GMT
content-encoding: br
last-modified: Tue, 09 Aug 2022 05:09:58 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: md5:c836f7406a39c7d6e5f963e847992467
age: 14611
etag: W/"c836f7406a39c7d6e5f963e847992467"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: https://www.casetify.com
cache-control: public, max-age=604800, must-revalidate
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: bECzGt4RMHYMw8JOZNp7hYv1oRDmAN03tQAeprrQnuGhMg2rKRQUtg==
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)

GET
H2 200 gtm.js
www.googletagmanager.com/ 423 KB
106 KB 165ms
48ms Script
application/javascript 2a00:1450:4001:827::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TP8H4S

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 09:20:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108362
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Aug 2022 09:20:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 124ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26506
x-xss-protection: 0
pragma: public
x-fb-debug: wreGKnvP4NODAaXTjWvekju3V/cVpr3aCsHyPrzJcvW6APhAy5Afjcvl+/8SsJkxE+nwoI/OMdahHg8q0izAWw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 09 Aug 2022 09:20:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 casetify2_0.cc57ca7a.css
cdn.casetify.com/css/static/ 24 KB
5 KB 18ms
17ms Stylesheet
text/css 65.9.66.70

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.casetify.com/css/static/casetify2_0.cc57ca7a.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

7944704cb4d46343bd07a9831a51f8862825e3302965eb1db992ffeb6e718b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.casetify.com/
Origin: https://www.casetify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 17:52:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574147
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 4992
x-xss-protection: 1; mode=block
last-modified: Fri, 06 Aug 2021 05:02:24 GMT
server: Apache
x-frame-options: sameorigin
vary: Accept-Encoding, Origin
content-type: text/css
access-control-allow-origin: https://www.casetify.com
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: zV5RjJUZKzUSKUSBvJP8HKV-mTSi-8bZP7myAu5Jq-4PX9xCqtM9ng==

GET
H2 200 HelveticaNeue-Medium.woff2
cdn.casetify.com/font/HelveticaNeue/ 37 KB
38 KB 8ms
7ms Font
text/plain 65.9.66.70

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.casetify.com/font/HelveticaNeue/HelveticaNeue-Medium.woff2

Requested by

Host: cdn.casetify.com
URL: https://cdn.casetify.com/css/landing.0c9dfb66.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

93f889a08cadf7683e607e27d789f025ad3802b0c0de8112102ac49fa27f070c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.casetify.com/css/landing.0c9dfb66.css
Origin: https://www.casetify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 03:33:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107270
x-cache: Hit from cloudfront
x-api-cache: true
content-length: 37933
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.casetify.com
last-modified: Wed, 14 Jul 2021 09:05:41 GMT
server: Apache
x-frame-options: sameorigin
vary: Accept-Encoding, Origin
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
link: <https://cdn.casetify.com/font/HelveticaNeue/HelveticaNeue-Medium.woff2>; rel="canonical"
x-amz-cf-id: ovHI8fbJ14kxExD9kqshUgsSMJeeP1dRshM92ZqTse9Tn1hf5qh0qQ==

GET
H2 200 pangram-extrabold-webfont.woff2
cdn.casetify.com/font/pangram/ 18 KB
19 KB 7ms
7ms Font
text/plain 65.9.66.70

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.casetify.com/font/pangram/pangram-extrabold-webfont.woff2

Requested by

Host: cdn.casetify.com
URL: https://cdn.casetify.com/css/landing.0c9dfb66.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

77a744babbe322071c6f4021cf670bdbc884373706e607f39c4674e1c9ac6cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.casetify.com/css/landing.0c9dfb66.css
Origin: https://www.casetify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 03:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109141
x-cache: Hit from cloudfront
x-api-cache: true
content-length: 18647
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.casetify.com
last-modified: Thu, 06 Sep 2018 10:47:52 GMT
server: Apache
x-frame-options: sameorigin
vary: Accept-Encoding, Origin
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
link: <https://cdn.casetify.com/font/pangram/pangram-extrabold-webfont.woff2>; rel="canonical"
x-amz-cf-id: GGwtJwcHabfisR1dJFCogDJo4MKs3vm1oYCRKb7ijwUnf1xEw9kYvw==

GET
H2 200 pangram-black-webfont.woff2
cdn.casetify.com/font/pangram/ 17 KB
18 KB 7ms
7ms Font
text/plain 65.9.66.70

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.casetify.com/font/pangram/pangram-black-webfont.woff2

Requested by

Host: cdn.casetify.com
URL: https://cdn.casetify.com/css/landing.0c9dfb66.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

a8a1e791e0129ba7f849331f88c797027223e3ab7f26d33d49747bdf8324967b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.casetify.com/css/landing.0c9dfb66.css
Origin: https://www.casetify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 07 Aug 2022 14:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153148
x-cache: Hit from cloudfront
x-api-cache: true
content-length: 17823
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.casetify.com
last-modified: Thu, 06 Sep 2018 10:47:52 GMT
server: Apache
x-frame-options: sameorigin
vary: Accept-Encoding, Origin
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
link: <https://cdn.casetify.com/font/pangram/pangram-black-webfont.woff2>; rel="canonical"
x-amz-cf-id: DU9DTiuY1JWbatYoY5uC9KXE4SVC0UYCvl24INL9tDw6fNbDth2Wfw==

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 566241023d6dd19d88d88673de132f882f0082a5578002252e72b6c20ba675e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 icomoon.woff2
cdn.casetify.com/font/icons/~v19/ 14 KB
14 KB 9ms
9ms Font
text/plain 65.9.66.70

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.casetify.com/font/icons/~v19/icomoon.woff2

Requested by

Host: cdn.casetify.com
URL: https://cdn.casetify.com/css/landing.0c9dfb66.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.70 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

04cc451aa4494ab920902c25a1316beb15441687edde76c8c9241df6cdbb173a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.casetify.com/css/landing.0c9dfb66.css
Origin: https://www.casetify.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 12:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74314
x-cache: Hit from cloudfront
x-api-cache: true
content-length: 13887
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.casetify.com
last-modified: Tue, 31 Aug 2021 03:43:34 GMT
server: Apache
x-frame-options: sameorigin
vary: Accept-Encoding, Origin
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control: public, max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
link: <https://cdn.casetify.com/font/icons/icomoon.woff2>; rel="canonical"
x-amz-cf-id: _z4kX3dSVABqKHLwDhdkVdDW-Q3B7DzIlalNnBbvlkuHiXEoStfj7g==

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 0484 7 KB
0 8ms
7ms Document
text/html 99.86.4.77

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=54afdf0e0000ff00057c9dee

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.casetify.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17691
cache-control: max-age=86400
content-encoding: gzip
content-length: 1968
content-type: text/html
date: Tue, 09 Aug 2022 04:25:45 GMT
etag: "7e6ce93cd2ad7bd5b3ea7e37c8ca26f4"
last-modified: Tue, 14 Jun 2022 14:06:19 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
x-amz-cf-id: OtOX1HV0I3KwotlFQ4xc47hfS_uAEzmfE9iVU2PtFpLehmSeIZrVlw==
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 294445090712566
connect.facebook.net/signals/config/ 293 KB
84 KB 19ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/294445090712566?v=2.9.73&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.casetify.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85869
x-xss-protection: 0
pragma: public
x-fb-debug: X5Z5lszRLDufkVV6rqC7kblpEO1ZJgmSp/+v94rzp6iBO1KRAClF+iSetLsaxizJJn2L/pyfsw9p+SMEka6+PQ==
x-frame-options: DENY
date: Tue, 09 Aug 2022 09:20:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.js
widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/ Frame 0484 54 KB
0 8ms
8ms Script
application/x-javascript 99.86.4.77

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=54afdf0e0000ff00057c9dee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.77 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/5419b6ffb0d04a076446a9af/index.html?templateId=5419b6ffb0d04a076446a9af&businessunitId=54afdf0e0000ff00057c9dee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 57324
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Mon, 08 Aug 2022 17:25:12 GMT
content-length: 16722
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Jun 2022 14:06:37 GMT
server: AmazonS3
etag: "4d0fd141f7da95d26ca93dc473d13a4f"
content-type: application/x-javascript
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: AU2kKyu7Vi2rsL3YsBjouxxIealU3P8nkl_kNFztB_eqHzbsQ9EdqA==

GET sdk.js
connect.facebook.net/en_US/ 0
0

GET Jed_v2
cdn.casetify.com/api-cache/5m/ 0
0

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/webp

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Domain: cdn.casetify.com
URL: https://cdn.casetify.com/api-cache/5m/Jed_v2?lang=de_DE&v=39c6576a41c25458941b4267f1a57e3f&context=LANDING

Domain: cdn.casetify.com
URL: https://cdn.casetify.com/api-cache/5m/Jed_v2?fallback=en_US&v=64b5e83cddbe0a1a2895b9279c64a4c3&context=LANDING

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ww01.capitaloine.com/	1970-01-20 14:43:16	Name: __tad Value: 1660036829.1833440
.1redirc.com/	1970-01-20 13:52:52	Name: __dsnsid Value: 20220809192029cb80d5b062b85d8e66
clever-redirect.com/	1970-01-20 05:08:43	Name: 66072006b9d439dbbfb96e6e07b8d880 Value: 28bc851bfac0106cef382ccb49d8e763f9308793f7c3a67bc0b83d7418fa90d6a%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2266072006b9d439dbbfb96e6e07b8d880%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
spidershopping.com/	1970-01-20 05:08:43	Name: 735e1f8133023612ff023812b7d4d5bb Value: dafad08152011b7672af15ef0bf33fbad05c7957190bc0cdc111b903f9a0ad2ba%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22735e1f8133023612ff023812b7d4d5bb%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
buybutwhere.com/	1970-01-20 05:07:24	Name: XSRF-TOKEN Value: eyJpdiI6IlVSejRra2dSc3ZsQTFBM2M4QXZUVGc9PSIsInZhbHVlIjoiWm9MR2EyQ3ZTZDJzR2dzZE1LdlFUTVp5a0U5THY0cWpnNDZZSEc0dWVoM01UNDRJdGFxOXNZS3ltOXpuK093VGY1aFlsVXhWajdtTkdHL0Z2RjdRSXBiUmY2SDg2cHNWZHF5d05OaXNualBNd2xyNU5xY2FJNXJTNUxBdTZpdDAiLCJtYWMiOiI0ZjM3Y2Q2NmRiOWM3YjljY2Q0ODBjMDZmMWEyY2ZiZWY2YTBiMTkyM2YzZGNiYTQ0YTI0N2RiZmQ0ODY0NzQ3IiwidGFnIjoiIn0%3D
buybutwhere.com/	1970-01-20 05:07:24	Name: buybutwhere_session Value: eyJpdiI6Imw2MndieEtCVmVEWnZkWmdscFBtbFE9PSIsInZhbHVlIjoidEZUd29jaDlSbko1MFNRYllWaUMvU3B2eW5TVnQvdTN3NGpadFZOSmg4RGpVSEk3aUNibE9FYXRXb2FINUpIVFdlbm1nMDV3WVFCb01mVG53ZjJseStHUUNEREdqZHZBMVlYYkNYY0Z2bytWc1hQQTYvNFVBVVdHM2VUdWlUYUUiLCJtYWMiOiIyN2FmYTRlMDk1ZTBkZWYyOGI3ZTZiZmRiYWIxNTU2MzBhNWM0OGNlZmNkMmEzNzljOGYwNTc1MWNkMmZiMzJlIiwidGFnIjoiIn0%3D
.srvtrck.com/	1970-01-20 13:52:52	Name: ykuid Value: 3b6a1dfa35324110b37472f72c793ceb
.linkconnector.com/	1970-01-20 14:43:16	Name: LCID Value: LC1660036832.4326977
.linkconnector.com/	1970-01-20 14:43:16	Name: LastIP Value: 2a01%3A4a0%3A2b%3A%3A9
.linkconnector.com/	1970-01-20 14:43:16	Name: LastIP_Date Value: 2022-08-09+02%3A20%3A32
.linkconnector.com/	1970-01-20 14:43:16	Name: lc_dnk Value: 1
.linkconnector.com/	1970-01-20 14:43:16	Name: LCXX Value: 144714000012005663%7C2022-08-09+02%3A20%3A32%7Chttps%3A%2F%2Fbuybutwhere.com%2F
.linkconnector.com/	1970-01-20 06:12:04	Name: uts_lctid_900588 Value: 740057
.ojrq.net/	1970-01-20 14:43:16	Name: brwsr Value: 84e4cf65-17c4-11ed-b556-6b25daad1fb4
casetify.hyyc7q.net/	1970-01-20 05:17:21	Name: AWSALB Value: Hb7LUe1ds7LUad2c0qeJR4u10KCriwkTZYWTVb84wPTJfN+yDRHHr1XRl4U0rq7w0CL5wqzIXyFujWLOyKuTAnu/Sx4phhhugdZ16C528ll4chujgCTXxNmeyW/Q
casetify.hyyc7q.net/	1970-01-20 05:17:21	Name: AWSALBCORS Value: Hb7LUe1ds7LUad2c0qeJR4u10KCriwkTZYWTVb84wPTJfN+yDRHHr1XRl4U0rq7w0CL5wqzIXyFujWLOyKuTAnu/Sx4phhhugdZ16C528ll4chujgCTXxNmeyW/Q
.hyyc7q.net/	1970-01-20 14:43:16	Name: brwsr Value: 84e4cf65-17c4-11ed-b556-6b25daad1fb4
casetify.hyyc7q.net/	1970-01-20 09:26:28	Name: irld Value: LU%3AFRSOSYTWOBxpMxR308cWTHXox2a21MfUFcXnry9s1TeX5G

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
buybutwhere.com
casetify.hyyc7q.net
cdn.casetify.com
clever-redirect.com
connect.facebook.net
eu-library.klarnaservices.com
r.srvtrck.com
spidershopping.com
widget.trustpilot.com
ww01.capitaloine.com
www.casetify.com
www.googletagmanager.com
www.linkconnector.com
www.ojrq.net
cdn.casetify.com
connect.facebook.net
103.224.182.206
103.224.182.241
162.55.54.68
2606:4700:10::6816:30a9
2606:4700:3031::ac43:9d4e
2606:4700::6813:a960
2a00:1450:4001:827::2008
2a03:2880:f01c:8012:face:b00c:0:3
34.95.127.121
54.154.216.171
54.161.242.76
65.9.66.70
78.46.197.88
99.86.240.28
99.86.4.77
00bb62c69e13140c13e9648608e4f03a6d90d6a0b1a1eb1f818f9975b7eb74e0
04cc451aa4494ab920902c25a1316beb15441687edde76c8c9241df6cdbb173a
1a4f33fe9cb5c3460525cc706850312ea4e22359e52b12116f7f185506dbf2e9
1d2d4a55d99619473bec34544826b321f02e0bcda2e711a4476ca23395517f3b
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
4ab6845c60e4773320c72928f468feb8064dbfb35c856266dc93862b40fb6a66
566241023d6dd19d88d88673de132f882f0082a5578002252e72b6c20ba675e0
5fb7d00c56453ff8a79c8c4c246c5d08abaf0f6d8aef4be71786002b2aa082e2
77a744babbe322071c6f4021cf670bdbc884373706e607f39c4674e1c9ac6cce
7944704cb4d46343bd07a9831a51f8862825e3302965eb1db992ffeb6e718b8b
7cffbf82ec1609dba8aaa8650d3f641d61377a32763be101b595dfd396c8f5ec
82402f2eafde497caff85eccdde8f27bcb3ce206067bbfbd52ab6abcd59f8970
857f189d66d6457d6e5864b6cba29f3b75262573b7ac60be03c67dc20b234159
8671edef0b1f30c0fb36082884e0788afbf8c19964324971786ead6bcadbe42a
93f889a08cadf7683e607e27d789f025ad3802b0c0de8112102ac49fa27f070c
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a8a1e791e0129ba7f849331f88c797027223e3ab7f26d33d49747bdf8324967b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ea9f107c88e7112db619722e2d94175272941362268469f2cd66819475da97
b204202e67e573508614d36649b46b15372ef8f71b224c1cba2b0c9bef730526
c996036d1f37f18c50fbb7c319726702db35c569c9dfc74339866b16dfd2e1de
cb7adf30a34af001d738a44d887afbe0adf7dafa2725f3ede6d1425f62c8e364
e75555ca161f289d4830a84a1856b37a9cb0077f78af600fb47c67c135baa8fd
ec3e5cff2ef311e399c66eadc9d3c52a7262048186cfac262da588b3cd9dd362
efec014b1f99393c6d4be284b98a887d0ae2d4bc9c3eaab3090a345578840492
f3496bc7c277d917d35553c46ed1597a86065494cac582e42a3a1d55aedef7fb
f736ca6182e6cc7566e0a69c21dc83a8f55511336d074103e477db711088409a

www.casetify.com Open in urlscan Pro 54.161.242.76 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

81 %HTTPS

33 %IPv6

14 Domains

15 Subdomains

11 IPs

4 Countries

957 kBTransfer

3724 kBSize

18 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.casetify.com Open in urlscan Pro
54.161.242.76 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

81 %
HTTPS

33 %
IPv6

14
Domains

15
Subdomains

11
IPs

4
Countries

957 kB
Transfer

3724 kB
Size

18
Cookies

37 HTTP transactions
3 data transactions