www.thz3.xyz Open in urlscan Pro
2606:4700:3032::ac43:a24f Public Scan

Software

nginx /

Resource Hash

80e990e4fe9095022fd6922e55352942c130525e3940e3cc5ac5be19fb0b67de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET

/
creativebux.com/ Frame 39C4
Redirect Chain

https://tinyurl.com/mwan97er
https://creativebux.com/

0
0

GET
H2

200

/ Show response
vipkopilka.pp.ua/ Frame 081D
Redirect Chain

https://tinyurl.com/y62d5cu7
https://vipkopilka.pp.ua/

52 KB
32 KB

1433ms
1385ms

Document
text/html

185.237.206.6
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL

https://vipkopilka.pp.ua/

Requested by

Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.237.206.6 , Ukraine, ASN21100 (ITLDC-NL, UA),

Reverse DNS

Software

nginx / PHP/7.3.33

Resource Hash

ec0a14e382af199b46e4acaeba5c4a2be667b1e529356b2a7f613a55a1702b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

server: nginx
date: Thu, 20 Jan 2022 01:56:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-xss-protection: 0 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
x-server-powered-by: Engintron
content-encoding: gzip

Redirect headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=UTF-8
location: https://vipkopilka.pp.ua
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d04b01c5c614ec1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/
www.seabux.net/ Frame EF6A
Redirect Chain

https://tinyurl.com/vz7nn2zb
https://www.seabux.net/

0
0

406ms
370ms

Document
text/html

2606:4700:3034::ac43:b465
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.seabux.net/

Requested by

Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b465 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.1.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xeqw4wDR2cDETO4kW7F5Y4ldL0bNrfjudLpOqOhxqBHtvp70SAJ8tYEhlg0zayjESwZEFTrk1bJXTfl8E%2F3KCSIRaiyqNwjpzZlj1USdb%2Bdmep95JD5xbj3tc2mroQnOuN4tyDbRBKEcpkyrXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b0218fad43b8-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=UTF-8
location: https://www.seabux.net
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d04b01c5c634ec1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

pay.html Show response
vipkopilka.top/LTC/ Frame FAC5
Redirect Chain

https://tinyurl.com/2p9aufst
https://vipkopilka.top/LTC/pay.html

2 KB
2 KB

72ms
40ms

Document
text/html

2606:4700:3036::ac43:db35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vipkopilka.top/LTC/pay.html
Requested by: Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:db35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45bf140c17f6e11469ad5a802bfdf875297da41fc6acdc1bc7f48c339bf142ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html
last-modified: Thu, 20 Jan 2022 00:47:28 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWdjydPMZZX1OHY87qN%2FvVdJ7Mo1i1vAvFsm8MPmY2sUmpMY0JgUsv9QEmluaxMeAFiUM9pFRDQbLJLv4TYK1o%2FMBRg351gdQOo2U3klyd7%2BPweJeMUjvRXfCtBWN0FLuqquK3pG6ngs1ZAgXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b0218c52702b-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=UTF-8
location: https://vipkopilka.top/LTC/pay.html
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d04b01c5c644ec1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

pay.html Show response
unlimfaucet.com/ Frame A2B0
Redirect Chain

https://tinyurl.com/y6bvbmfc
https://unlimfaucet.com/pay.html

2 KB
1 KB

915ms
836ms

Document
text/html

185.237.206.6
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL

https://unlimfaucet.com/pay.html

Requested by

Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.237.206.6 , Ukraine, ASN21100 (ITLDC-NL, UA),

Reverse DNS

Software

nginx /

Resource Hash

106c7105b77125bb83ff697d418f71507524ca2f80e0f318954df8acd6e70220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

server: nginx
date: Thu, 20 Jan 2022 01:56:45 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 20 Jan 2022 01:39:37 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
x-server-powered-by: Engintron
content-encoding: gzip

Redirect headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=UTF-8
location: https://unlimfaucet.com/pay.html
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d04b01c5c654ec1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

/ Show response
cryptogpt.com/ Frame BF2F
Redirect Chain

https://tinyurl.com/y6pwue2s
https://cryptogpt.com/

20 KB
5 KB

808ms
777ms

Document
text/html

2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/
Requested by: Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2864d202c7df2d18f95dfa440c8e17f368ad69d94cc1503688645d5908067f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNh4geb%2BWtnf1GFGzkz5sPeDmXYdNjA1Zy8IhnNoSKkqs3wNMmFb19IX71EjIjkuoiF45IZqPFSACyqkqwGDV%2BhyHqQmTwK%2FjPOLnPda6MTGXD2n6Yupa74vP68COFtEODk66SrkmfSOTp0M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b021888a690f-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=UTF-8
location: https://cryptogpt.com/
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d04b01c5c664ec1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

503

bitcoinad Show response
www.bitcoin-ad.com/ Frame FA22
Redirect Chain

https://tinyurl.com/5446xrdv
https://www.bitcoin-ad.com/bitcoinad?utm_source=&utm_medium=&utm_content=

269 B
920 B

141ms
109ms

Document
text/html

2606:4700:e2::ac40:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bitcoin-ad.com/bitcoinad?utm_source=&utm_medium=&utm_content=

Requested by

Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8616 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0ffcd55b47d1972fb99a89c2244d62f5db0d47849ba075e2e53983771b8fc07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUh5LZ1ycI4DuHTIjiu74BLLONneK%2B9bbYIWCwqRaXZoZscvJCm1Tcr8MM6eWCmGHHlQNGJVUW0cnyaVon5i%2FqXbuhjxBhx9a4P2%2FDn2NjHUfq3GLXChwebG8%2Bev%2FfhvKdhyEqjjNc8SmX8ON3dDK%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b0218eb46931-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=UTF-8
location: https://www.bitcoin-ad.com/bitcoinad?utm_source=&utm_medium=&utm_content=
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d04b01c5c684ec1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 page.html Show response
mediacpm.pl/ Frame 1C33 2 KB
1 KB 196ms
168ms Document
text/html 2606:4700:3038::6815:ea5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacpm.pl/page.html
Requested by: Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe738cde029a15971b0abd97185726545dec9002ea3f35ae0af2a0f9097fc40f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html
last-modified: Sun, 16 Jan 2022 18:29:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uAt1YPaX5iCjfMVdaK0LYr%2BDWEQPwdAXEhXDI2gbZDzKjaq1rAXVbJvp3Q%2F%2FwodwmPZ8byUKzlasa1n%2FVhg%2BgcroCb%2FDZ4uPIGUWNv5KE3aCO%2F%2BOiLUsa%2B5fZcqoJvVj0XbpKRBK3X6AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b01c5a4a2b65-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 viewads.php Show response
www.zapbux.net/ Frame A4DA 28 KB
7 KB 82ms
42ms Document
text/html 2606:4700:3030::ac43:aedf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zapbux.net/viewads.php

Requested by

Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.0.33

Resource Hash

97898a4d5f4d2616061b007921f266dceaa5fd7e439ed19d34957221790b1094

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEaBECS7jHbizjayKjcAb8BuTz1UqibnOPPJ4t7agZaHsimVTUhFRy9dDvxfxF5WFr6WMdgeU2lh8tWQErObEB7Xoi5HZ91ILlTgq9EYTmfHh0nMwj2PHhu5%2FfDuBtOon6VzHo9qVFe0hgMMqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b01c689168e9-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 page4.html Show response
mediacpm.pl/ Frame 9766 285 B
928 B 191ms
165ms Document
text/html 2606:4700:3038::6815:ea5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacpm.pl/page4.html
Requested by: Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4663b5c7b2a94e780c8982d0e678ec0d5d0d32270c40579ed81393d6dd74fb5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html
last-modified: Sun, 22 Aug 2021 10:30:33 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hHxVBOj%2Byf%2B9ZcPfIZcJs3%2BVhlUt6Q57jxLE1DPg6CjjOWJ5LE5jrszcDDtmCDWuLIkYExgUdWpb3DTPGRRu08ZklxH1XPDDEkzPIFExNs0tgk8TdPO5aKlwQ0HtG%2BPxVv0CgabxF6OEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b01c5a4b2b65-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 page2.html Show response
adsluna.com/ Frame 1FD0 81 B
825 B 196ms
166ms Document
text/html 2606:4700:3030::6815:4916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adsluna.com/page2.html
Requested by: Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:4916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a73c6e6b96ff3a9c1c878325e74fbf39cadab5e3b969be3c06c758ee53e432c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html
last-modified: Fri, 28 May 2021 12:18:21 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVh%2BgMN77jkQxImX0sMImWqtv7yHDOg7Hl6IFs1Tb7HuIz8adl5IdMPuqy2eqDUadr6ESI8A5ezOa1nogqJp4ay24cJ4RJXNZh6GlMeBPbW7MiB92dtTYwezIJnzZeI6xg%2FQYx%2FFQwssgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b01c58487039-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 404 4y3ceszt Show response
tinyurl.com/ Frame 5CB7 5 KB
2 KB 806ms
786ms Document
text/html 2606:4700:10::6814:8b41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tinyurl.com/4y3ceszt

Requested by

Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acef084c3bf3279537e37a0b2c70b716a4a13473cd833e5f1441d267ca6e3c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=UTF-8
cache-control: must-revalidate, no-cache, no-store, private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d04b01c5c674ec1-FRA
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET /
faucetbox.online/ Frame 6C69 0
0

GET
H2 200 page.html Show response
mediacpm.pl/ Frame 6496 2 KB
1 KB 183ms
166ms Document
text/html 2606:4700:3038::6815:ea5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacpm.pl/page.html
Requested by: Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe738cde029a15971b0abd97185726545dec9002ea3f35ae0af2a0f9097fc40f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html
last-modified: Sun, 16 Jan 2022 18:29:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQ3UzUgb09ToSpmtZuGCs%2BZSvCU3ibKFTYmvnF%2F2QkL9w8ySpGUarOd%2FOcz9xzMBIPu463TtOB2absu97ZP2T0LYzc7JnCxGbCocXyJB5Wqrmky8qz1kgygGFvORjDo%2FP6lFbt0Qz767hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b01c5a4c2b65-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

novel-coronavirus-2019
www.who.int/emergencies/diseases/ Frame 7D52
Redirect Chain

https://engine.spotscenered.info/link.engine?z=60751&guid=c50b1c72-8f6d-4393-a8ac-fb565f497872&kw=
https://www.adsupplyads.net/_adunits/pageunder/index.html?source=d
https://is.gd/defaultinfad
https://www.who.int/emergencies/diseases/novel-coronavirus-2019

0
0

103ms
45ms

Document
text/html

2606:4700::6811:70bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.who.int/emergencies/diseases/novel-coronavirus-2019

Requested by

Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:70bc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com player.4am.ch polyfill.io services.arcgis.com www.googleadservices.com assets.sitescdn.net .nativechat.com .addthis.com static.hotjar.com app.powerbi.com dc.services.visualstudio.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net content.powerapps.com visuals.azureedge.net gis.azureedge.net pbi.azureedge.net .who.int m.addthis.com liveapi-cached.yext.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com liveapi.yext.com answers.yext-pixel.com westeurope.tts.speech.microsoft.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net who.cloudflareaccess.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com www.youtube.com cdn.insight.sitefinity.com public.tableau.com .googleapis.com .nativechat.com .gstatic.com www.google.com .google-analytics.com apis.google.com .sharethis.com connect.facebook.net ajax.aspnetcdn.com cdnjs.cloudflare.com www.clarity.ms c.clarity.ms https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net .eloqua.com js.hs-scripts.com js.hs-analytics.net .en25.com cdn.ampproject.org s7.addthis.com kendo.cdn.telerik.com www.googletagmanager.com z.moatads.com v1.addthisedge.com cdnjs.cloudflare.com www.who.int polyfill.io kendo.cdn.telerik.com .googletagmanager.com .pingdom.net .jwpcdn.com .doubleclick.net assets.sitescdn.net whosearch.searchblox.com .msecnd.net tagmanager.google.com static.hotjar.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com script.hotjar.com assets.pinterest.com apps.who.int m.addthis.com npmcdn.com script.hotjar.com; style-src 'self' 'unsafe-inline' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com .googleapis.com .nativechat.com .sharethis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com cdn.insight.sitefinity.com cdnjs.cloudflare.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ .twimg.com use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com tagmanager.google.com; font-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com fonts.gstatic.com kendo.cdn.telerik.com .nativechat.com .sharethis.com netdna.bootstrapcdn.com data: use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com script.hotjar.com app.powerbi.com pbi.azureedge.net; img-src 'self' data: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com cdn.insight.sitefinity.com js.arcgis.com .gstatic.com .googleapis.com .nativechat.com .sharethis.com .google-analytics.com platform.tumblr.com www.clarity.ms c.clarity.ms web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://apps.who.int https://.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ .twimg.com data: blob: .eloqua.com track.hubspot.com stats.g.doubleclick.net .who.int yt3.ggpht.com i.ytimg.com addthis.com .googleusercontent.com googletagmanager.com script.hotjar.com www.addthis.com log.pinterest.com whosearch.searchblox.com app.powerbi.com pbi.azureedge.net kendo.cdn.telerik.com; media-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com terrance.who.int data: blob: .who.int; frame-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com who.maps.arcgis.com player.vimeo.com html5-player.libsyn.com .nativechat.com public.tableau.com experience.arcgis.com www.facebook.com s7.addthis.com www.youtube.com platform.twitter.com .who.int .doubleclick.net docs.google.com syndication.twitter.com .sitefinity.cloud player.4am.ch .sharethis.mgr.consensu.org .google.com vars.hotjar.com youtube-nocookie.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com assets.pinterest.com www.youtube-nocookie.com vars.hotjar.com app.powerbi.com pbi.azureedge.net wabi-north-europe-g-primary-redirect.analysis.windows.net; frame-ancestors tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com app.powerbi.com pbi.azureedge.net .who.int; child-src 'self' blob: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com https://platform.twitter.com/ https://syndication.twitter.com/ .nativechat.com https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com www.who.int; connect-src 'self' frontdoor-l4uikgap6gz3m.azurefd.net geocode.arcgis.com tiles.arcgis.com www.arcgis.com services.arcgis.com static.arcgis.com utility.arcgisonline.com js.arcgis.com stats.g.doubleclick.net accounts.google.com https://.dec.sitefinity.com .nativechat.com .mktoresp.com .who.int www.clarity.ms c.clarity.ms services.arcgis.com dc.services.visualstudio.com whosearch.searchblox.com .google-analytics.com smartsuggest.searchblox.com m.addthis.com liveapi-cached.yext.com liveapi.yext.com answers.yext-pixel.com wss://westeurope.tts.speech.microsoft.com in.hotjar.com wss://.hotjar.com *.hotjar.com vc.hotjar.io app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net; object-src tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=utf-8
cf-ray: 6d04b01f99fe6910-FRA
access-control-allow-origin: *
age: 7337
cache-control: public, max-age=0, s-maxage=21600
expires: Wed, 19 Jan 2022 23:54:27 GMT
last-modified: Wed, 19 Jan 2022 11:43:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: HTTP_HOST,Accept-Encoding
cf-cache-status: HIT
access-control-expose-headers: Request-Context
content-security-policy: default-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com player.4am.ch polyfill.io services.arcgis.com www.googleadservices.com assets.sitescdn.net *.nativechat.com *.addthis.com static.hotjar.com app.powerbi.com dc.services.visualstudio.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net content.powerapps.com visuals.azureedge.net gis.azureedge.net pbi.azureedge.net *.who.int m.addthis.com liveapi-cached.yext.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com liveapi.yext.com answers.yext-pixel.com westeurope.tts.speech.microsoft.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net who.cloudflareaccess.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com www.youtube.com cdn.insight.sitefinity.com public.tableau.com *.googleapis.com *.nativechat.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com *.sharethis.com connect.facebook.net ajax.aspnetcdn.com cdnjs.cloudflare.com www.clarity.ms c.clarity.ms https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org s7.addthis.com kendo.cdn.telerik.com www.googletagmanager.com z.moatads.com v1.addthisedge.com cdnjs.cloudflare.com www.who.int polyfill.io kendo.cdn.telerik.com *.googletagmanager.com *.pingdom.net *.jwpcdn.com *.doubleclick.net assets.sitescdn.net whosearch.searchblox.com *.msecnd.net tagmanager.google.com static.hotjar.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com script.hotjar.com assets.pinterest.com apps.who.int m.addthis.com npmcdn.com script.hotjar.com; style-src 'self' 'unsafe-inline' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com *.googleapis.com *.nativechat.com *.sharethis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com cdn.insight.sitefinity.com cdnjs.cloudflare.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com tagmanager.google.com; font-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com fonts.gstatic.com kendo.cdn.telerik.com *.nativechat.com *.sharethis.com netdna.bootstrapcdn.com data: use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com script.hotjar.com app.powerbi.com pbi.azureedge.net; img-src 'self' data: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com cdn.insight.sitefinity.com js.arcgis.com *.gstatic.com *.googleapis.com *.nativechat.com *.sharethis.com *.google-analytics.com platform.tumblr.com www.clarity.ms c.clarity.ms web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://apps.who.int https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com stats.g.doubleclick.net *.who.int yt3.ggpht.com i.ytimg.com addthis.com *.googleusercontent.com googletagmanager.com script.hotjar.com www.addthis.com log.pinterest.com whosearch.searchblox.com app.powerbi.com pbi.azureedge.net kendo.cdn.telerik.com; media-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com terrance.who.int data: blob: *.who.int; frame-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com who.maps.arcgis.com player.vimeo.com html5-player.libsyn.com *.nativechat.com public.tableau.com experience.arcgis.com www.facebook.com s7.addthis.com www.youtube.com platform.twitter.com *.who.int *.doubleclick.net docs.google.com syndication.twitter.com *.sitefinity.cloud player.4am.ch *.sharethis.mgr.consensu.org *.google.com vars.hotjar.com youtube-nocookie.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com assets.pinterest.com www.youtube-nocookie.com vars.hotjar.com app.powerbi.com pbi.azureedge.net wabi-north-europe-g-primary-redirect.analysis.windows.net; frame-ancestors tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com app.powerbi.com pbi.azureedge.net *.who.int; child-src 'self' blob: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com https://platform.twitter.com/ https://syndication.twitter.com/ *.nativechat.com https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com www.who.int; connect-src 'self' frontdoor-l4uikgap6gz3m.azurefd.net geocode.arcgis.com tiles.arcgis.com www.arcgis.com services.arcgis.com static.arcgis.com utility.arcgisonline.com js.arcgis.com stats.g.doubleclick.net accounts.google.com https://*.dec.sitefinity.com *.nativechat.com *.mktoresp.com *.who.int www.clarity.ms c.clarity.ms services.arcgis.com dc.services.visualstudio.com whosearch.searchblox.com *.google-analytics.com smartsuggest.searchblox.com m.addthis.com liveapi-cached.yext.com liveapi.yext.com answers.yext-pixel.com wss://westeurope.tts.speech.microsoft.com in.hotjar.com wss://*.hotjar.com *.hotjar.com vc.hotjar.io app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net; object-src tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net;
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer-when-downgrade
request-context: appId=cid-v1:7d90af53-a640-4c9a-9d36-1c3f84f71f51
x-aspnet-version: 4.0.30319
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-instance-name: RD0003FF1A97CF
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br

Redirect headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-type: text/html; charset=UTF-8
location: https://www.who.int/emergencies/diseases/novel-coronavirus-2019
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsXtA4hO5bJObHyMpIzubZKDE1OPK181gDRqfPX3DzVEHdVvsNNm5bFT%2Bw11%2BYD0Owhgd4995MDL7iHEi%2FjjXi6LHE498iWBGAt1nkHCgTTaMH6anNYp585%2FlU8GepYHKwP9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b01e7f098bc3-FRA

GET
H2 200 jw.js Show response
c.blyatflix.de/ Frame 055A 2 KB
684 B 45ms
11ms Script
text/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO

Requested by

Host: media.hubuhost.com
URL: https://media.hubuhost.com/?key=15A50

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

c4c1c6b27fdece858ac471acee4add06ead4c42d3caa2d26662eed70a9ac228c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H2 200 view.php Show response
traffic-buchen.de/ Frame FD79 0
191 B 49ms
12ms Document
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://traffic-buchen.de/view.php

Requested by

Host: c.blyatflix.de
URL: https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

199-223-255-125.static.as40244.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

server: nginx
date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H3 200 style-compress-best.css
www.zapbux.net/css/ Frame A4DA 16 KB
4 KB 33ms
17ms Stylesheet
text/css 2606:4700:3030::ac43:aedf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zapbux.net/css/style-compress-best.css

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26bb270d523d35f04356eb3f64ce91a7dfcf21b47dac8ffe2fe2420f2266c52e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2589687
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 07 Oct 2021 03:58:22 GMT
server: cloudflare
etag: W/"4191-615e705e-ad9c2da489d7efd7;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OKrDw5MhjGO0krqDPUnnCeupKTkBkcfb3wWSN4Am2tY0VbGZheYzki3OVBVBIMdkAncaT81JBE5psdtZcFygvz7VrnvVXQvtYUXiu%2F5ulUwP%2BW3moMXdtipQAeVV1NnaG1EBHdgLgBoQNJrDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6d04b01cef9a4eeb-FRA
expires: Thu, 20 Jan 2022 02:35:16 GMT

GET
H2 200 jquery-1.10.1.min.js Show response
code.jquery.com/ Frame A4DA 91 KB
32 KB 91ms
33ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.1.min.js
Requested by: Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-16b88"
vary: Accept-Encoding
x-hw: 1642643803.dop006.am5.t,1642643803.cds273.am5.hn,1642643803.cds131.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32828

GET
H3 200 logo-zapbux.png
www.zapbux.net/img/ Frame A4DA 9 KB
9 KB 33ms
20ms Image
image/png 2606:4700:3030::ac43:aedf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zapbux.net/img/logo-zapbux.png

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2d8e7981f66f1fe60e94554e3d5facaff531a3caf20cada8f2e9d8ff585af41

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208791
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8964
last-modified: Thu, 07 Oct 2021 03:58:22 GMT
server: cloudflare
etag: "2304-615e705e-321ed1eac934e4c7;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qCXTqASx9Qh90DBiWQLTmFA7Y2uhqd%2FBE4GO8rIwL7rreH43zLTZV0OIbQyUBlO2u31v4RYQISCneiS6dHUhwfHHL00WZQ6y9YMuZV8j%2BDHE%2Bt6Z8Ai3EptyWY64nPEYTHiGDuRgJApy49flQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6d04b01cef954eeb-FRA
expires: Fri, 06 Jan 2023 02:10:12 GMT

GET
H3 200 us-flag.png
www.zapbux.net/img/ Frame A4DA 3 KB
4 KB 28ms
15ms Image
image/png 2606:4700:3030::ac43:aedf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zapbux.net/img/us-flag.png

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7285d1087e23345eba1d796f23e4156b182a41ce3396b2f038e5608cd852043e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1108834
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3254
last-modified: Thu, 07 Oct 2021 03:58:22 GMT
server: cloudflare
etag: "cb6-615e705e-5b90df7bcd72e937;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FwfkKxIwvooBDWtOqpOfRhvmTKUjrZ9fecER70pdqUFOcBOr2jccQSwOA7GlqPDoqeBzlJr7sFAv4Tcygp%2FPaAsBGdEED8g3sipaB6irWdL8lc7HFIYPsXOYe3EgV9gJV2Uo%2FhmIhENy8JfxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6d04b01cef974eeb-FRA
expires: Sat, 07 Jan 2023 05:56:09 GMT

GET
H3 200 icn-clock.png
www.zapbux.net/img/ Frame A4DA 298 B
955 B 29ms
16ms Image
image/png 2606:4700:3030::ac43:aedf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zapbux.net/img/icn-clock.png

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d365fce925d84fd745fcc6a7536eedf88e4c05dcce72296df872f0254adb511

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 745499
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 298
last-modified: Thu, 07 Oct 2021 03:58:22 GMT
server: cloudflare
etag: "12a-615e705e-5cfd2f83727de602;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enxdx9EdFYLTiY3zlWUd%2FFB6OUfnJZFDynfWJdJz%2BCSmcrTmL6PmHw38Pn3H2DTC%2FHc%2BAmX55D7dHDn%2BukSQg%2BitgQTJR8UGJft6ST9yR63xTYDBX4OmGxEkmBqv%2FdijHSbh8ihMrjTLc%2F99Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6d04b01cef964eeb-FRA
expires: Wed, 11 Jan 2023 10:51:44 GMT

GET
H3 200 delete-error.png
www.zapbux.net/img/ Frame A4DA 542 B
1 KB 27ms
14ms Image
image/png 2606:4700:3030::ac43:aedf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.zapbux.net/img/delete-error.png

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:aedf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba10b2e826bbbdbeff5ae2dbc2212dc659810b26651156c4afdd3e9804b2917d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 571564
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 542
last-modified: Thu, 07 Oct 2021 03:58:22 GMT
server: cloudflare
etag: "21e-615e705e-f96d4baa7ea7c712;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aH76EoObeBctpfZ6KLxIefckoFsrsuxt6lTqBLYEqO1X%2FdFZg0seVd3n7Mn3ZEq3amgGc99Ec4EEOIljuZ8uM1Ikq3oiXXCK79jpvLUt6F4vwpZOz68bquOVpKbjvrZklu0vSDMSuk8%2FCBvjGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6d04b01cef9b4eeb-FRA
expires: Fri, 13 Jan 2023 11:10:39 GMT

GET
H2 200 /
thisis.aninter.net/ Frame 055A 150 KB
0 582ms
388ms Media
audio/mpeg 199.223.255.125
TURNKEY-INTERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://thisis.aninter.net/?type=https

Requested by

Host: show.adorion.net
URL: https://show.adorion.net/in4.php?uid=188&e=1&s=1&p=1&w=300&h=250&sz=4&name=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

199.223.255.125 , United States, ASN40244 (TURNKEY-INTERNET, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://show.adorion.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

icy-genre: Misc
date: Thu, 20 Jan 2022 01:56:44 GMT
icy-name: Hubu.FM | Radio Hunteburg
icy-notice2: Shoutcast DNAS/posix(linux x64) v2.6.0.753<BR>
icy-url: https://hubu.fm
icy-notice1: <BR>This stream requires <a href="http://www.winamp.com">Winamp</a><BR>
x-xss-protection: 1; mode=block
x-clacks-overhead: GNU Terry Pratchett
server: nginx
icy-br: 128
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
icy-sr: 44100
icy-pub: 1
accept-ranges: none

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 880D 266 B
504 B 131ms
44ms Document
text/html 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-MC769C8

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Thu, 20 Jan 2022 01:56:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 1620004 Show response
ad.a-ads.com/ Frame 3CF9 6 KB
2 KB 55ms
17ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1620004?size=728x90

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

1056a8246ef01eb85d7b9176f63b0f4d1e159398799679fba98ec4d8598d11b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 1898450 Show response
ad.a-ads.com/ Frame 7B75 6 KB
2 KB 55ms
18ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1898450?size=468x60

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

6ee764f0016782e7d4c69b56629f5a3949275a85850875cb9ac04cf97ad5cd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H2 200 viewads.php Show response
www.probux.net/ Frame 4928 33 KB
6 KB 89ms
40ms Document
text/html 2606:4700:3036::6815:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.probux.net/viewads.php

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.0.33

Resource Hash

4d95abad7da57df59d2e8d2709c6d9326aa79be0b94120af8574688790b0b3d4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCooldFLoBfAeSr8elsxh3Z7P3sQav7iHbt0hIIBUrVk2fK1Agw5F3HJ6XSHKfVBsgCTGjORT%2FvrrBcPt%2FZczMfBv6X5vUTa%2BgA402ix1VrF7ClGcEGJtKu7L2y%2FM1wuqdAze%2BLhK6N2sXErog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d04b01d2dfa5c32-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 1898461 Show response
ad.a-ads.com/ Frame FB5C 6 KB
2 KB 52ms
17ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1898461?size=300x250

Requested by

Host: www.zapbux.net
URL: https://www.zapbux.net/viewads.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

55a43c66788860654e4dd8b0faee77a146343bba0fbd304d7225c7984b302609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/104028/ Frame 3CF9 674 KB
675 KB 67ms
23ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/104028/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1620004?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 951036f01a969b7b181d7952ee802c9ab4989a447b171dabf959934e9814118a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:43 GMT
Last-Modified: Sun, 29 Dec 2019 17:09:03 GMT
Server: nginx
x-amz-request-id: 4J1FPMRP3ZDX2MAV
ETag: "74ffa6390dd104c5c534c4f2f266f4d3"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 690629
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: 3TC98TKnrka7oOabxFNTsHEKH4LZcc9h
x-amz-id-2: IQYmcNBWkdCP8Yy+f01A567svRS2v5Psd/djvIi6KRYzd0Fnm5cvDOIAtNR7s/LjA1e294EXjP4=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/118229/ Frame FB5C 682 KB
683 KB 68ms
23ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/118229/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1898461?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:43 GMT
Last-Modified: Sun, 26 Apr 2020 07:21:07 GMT
Server: nginx
x-amz-request-id: B1JT2QFJ8DM39QPF
ETag: "ce8c5673a039ad9769d3265284d8f5f4"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 698412
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: UQkZBCfcjGWdsi6lCz_51AvW3yIHMTsf
x-amz-id-2: aXAfAw3Fu8/t0beO4umC/g7tjVllnkBKN3lanANb68XpLZsbrSB/e6aH7gQMdA0jVBB+JlO6Kv4=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1036911 Show response
adhitzads.com/ Frame 6496 448 B
847 B 55ms
23ms Script
text/html 172.64.141.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1036911
Requested by: Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91f2ec691d2323f836c727fc51a931baaf7eea44242d73ea335015da20a7c3e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDDJf3Cm3DJf6CP95mF1XvFfyJsjSACn%2FlRx0W5uAl%2BOQUuHtKSk%2BmaIiSKQS4qG9O2SEiuuSOCP4yuJBv8KjZ%2FbV1%2FPSOaA%2BczDaXg%2BD474RwNnvYZsvNMNk9UnLYeN"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 6d04b01dc8b068f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 02:56:43 GMT

GET
H3 200 css-style.css
www.probux.net/css_probux/ Frame 4928 20 KB
5 KB 45ms
22ms Stylesheet
text/css 2606:4700:3036::6815:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.probux.net/css_probux/css-style.css

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0b31ca18cf70163eec38030f9fb90d017b5a5b4cb64a71bfad4ad233b78cbd6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1111365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Oct 2021 04:54:57 GMT
server: cloudflare
etag: W/"51ea-615a8921-d23f133f636a429;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQnldXTj%2Flj2jR5mGUnltUw1C3Wy7N8lfUQrqmq2VnJSzAIvzPmjfWxHmSThdVec%2BOsFqCvgEOM%2BaYgB3rFRBFI3YgsvBoE5D0toVwZBRKpT0TR6ctS5zN6OPQoSNZJbHvlDdYegbJY9LOZzeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6d04b01dba495b62-FRA
expires: Sun, 06 Feb 2022 05:13:58 GMT

GET
H3 200 view-anc.css
www.probux.net/css_probux/ Frame 4928 3 KB
1 KB 43ms
21ms Stylesheet
text/css 2606:4700:3036::6815:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.probux.net/css_probux/view-anc.css

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d814f4c6971b5f412f4ee77c35ea93a8944268ee052e811878f6be848a72032

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 534861
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Oct 2021 04:54:57 GMT
server: cloudflare
etag: W/"a98-615a8921-73071d9aee9e7aad;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJgqLaQKrqFaSmILzxLn041E%2BCT74YiwsNlc2%2FrRk7WDNkXChZhdfSV7TIwDUctZe7rMy1h4PrblD%2FM3G%2F67lc94LrGLSBL2lMB%2FHDhmS%2F9YrqF%2FdFem6yjeTh1OPuNE7MfCJ6Qf%2Bp5%2B%2BvgZ3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6d04b01dba4a5b62-FRA
expires: Sat, 12 Feb 2022 21:22:22 GMT

GET
H2 200 jquery-1.10.1.min.js Show response
code.jquery.com/ Frame 4928 91 KB
32 KB 33ms
30ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.1.min.js
Requested by: Host: www.probux.net
URL: https://www.probux.net/viewads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-16b88"
vary: Accept-Encoding
x-hw: 1642643803.dop006.am5.t,1642643803.cds273.am5.hn,1642643803.cds131.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32828

GET
H3 200 tipped.js Show response
www.probux.net/tooltip/tipped/ Frame 4928 47 KB
19 KB 58ms
32ms Script
application/x-javascript 2606:4700:3036::6815:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.probux.net/tooltip/tipped/tipped.js

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58fc258151f29962dd03659788839e9e28fe846d48f2bcd25a68d465909c648b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 822492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Oct 2021 04:54:59 GMT
server: cloudflare
etag: W/"ba51-615a8923-3bcb3b7e7821a174;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MpbT6OeKvbJrmIaDaADbZvRO4B3y7GWFjY3RaBmkl%2BZ3pPSpUHUTrH16awACg%2FKmzCjYTB2vQXHgO9y0ouwIh4z8eodcesVXM3ej9j7O4zETNB7Ecbfhr8s%2BOyl13I7Rwb6ht0K4qlSSF%2Bk%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6d04b01dca525b62-FRA
expires: Mon, 17 Jan 2022 13:28:31 GMT

GET
H3 200 tipped.css
www.probux.net/tooltip/css/ Frame 4928 4 KB
2 KB 64ms
38ms Stylesheet
text/css 2606:4700:3036::6815:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.probux.net/tooltip/css/tipped.css

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a2701d0684f1f57d2240bd48afc91f95730f290a1c164c7607797833154e469

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 822145
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Oct 2021 04:54:59 GMT
server: cloudflare
etag: W/"1113-615a8923-71d9889061021e4a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL9VfU60NchrZxqDvwdX0YhBdEPOpElCPLR14OiUjY7dl85ZqaY4wdWANqa%2F13dmyO7nYWrDZR%2BhJ4UA6I4%2FQTSiWy0gi7o6O7LJwvZMmiiSYPZ06JJi6dbEqL09Cnx4kpAn%2BcWo0W268YsOMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6d04b01dca515b62-FRA
expires: Wed, 09 Feb 2022 13:34:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4928 10 KB
819 B 141ms
50ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:32:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 01:56:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 01:56:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4928 2 KB
488 B 143ms
51ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,600,700

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:49:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 01:56:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 01:56:43 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 4928 30 KB
6 KB 48ms
18ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 194035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfH2vFSklEeNy4a6FVzSSXk5ZWeu2zNlw9cFpDPkEZ7WBzfhz%2BOtMybRS54rV9S2VtBYtFhn9F1A%2FPbVagwvm%2BkelFi%2Bqkuves6L%2FF6reiOMpooBPDESW6pJlFzmTBH2DmsF2JbYpioHpKKJF6Zd579J"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d04b01dccd57028-FRA
expires: Tue, 10 Jan 2023 01:56:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4928 6 KB
1 KB 140ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dce0ef2e21459bc038d9d279aab00f41fe172870bbd3bc49154db3098990c4f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:38:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 Jan 2022 01:56:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jan 2022 01:56:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4928 146 KB
51 KB 1007ms
914ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f04acc66d39867e7fcc1d23dbdbb40a0bf87c9ef1c96f222199163adf53e1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51980
x-xss-protection: 0
server: cafe
etag: 7831410476806572779
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 01:56:44 GMT

GET
H3 200 jquery.min.js Show response
www.probux.net/js/ Frame 4928 91 KB
34 KB 57ms
36ms Script
application/x-javascript 2606:4700:3036::6815:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.probux.net/js/jquery.min.js

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6bb303df197658003a6ff786f59a788273ba3726242ed0714c461e6a4ed9f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1276570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 04 Oct 2021 04:54:58 GMT
server: cloudflare
etag: W/"16d00-615a8922-207e1247f2f9346c;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpQy%2FHMd8mJl6sHomWX3SNsDDQLGow0FqzLEHshyIz0Y%2Fxzu3S%2ByY5D95PKyl9FKmuVCM8K6Cz%2BfXAT9IGOKR%2Fu%2BxPP%2BIM5iyvIHOEUa54zNWXkv%2FAGTWIAfj9A9LJcHo3uVvXPzSxSmA0xyzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 6d04b01dba485b62-FRA
expires: Wed, 12 Jan 2022 07:20:33 GMT

GET
H3 200 probux-logo.png
www.probux.net/image/ Frame 4928 7 KB
8 KB 55ms
32ms Image
image/png 2606:4700:3036::6815:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.probux.net/image/probux-logo.png

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd510ed07aa03914066e69200710711a282c189791eba95924bedc36f4fd3f6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 822492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7597
last-modified: Mon, 04 Oct 2021 04:54:58 GMT
server: cloudflare
etag: "1dad-615a8922-8c01e3cb51bd2487;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ipo%2Fe5gsgZ5%2F4lHe1k%2BGowlHr4Uwom4PsEw6XrZaCDu4aKBIOO80TIsqsJBk1u9qraHdtXAPAgMsAS95zpIoOmIOJxAJ56OY77lki3M5uQTv15s5sEPPbtdO0ffZosmtYLjGc%2F1Z%2F0CwEX7Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6d04b01dca4d5b62-FRA
expires: Tue, 10 Jan 2023 13:28:31 GMT

GET
H2 200 banner1.gif
www.adzbux.com/ Frame 4928 94 KB
95 KB 52ms
18ms Image
image/gif 2606:4700:3033::6815:180d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adzbux.com/banner1.gif
Requested by: Host: www.probux.net
URL: https://www.probux.net/viewads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:180d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c76d9355f1166cc8ad3a9949f752188e0892e3d0b529e8190da524e18ed210

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 96443
last-modified: Sun, 11 Apr 2021 12:36:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AN9rm%2FJSbpOjtUDtIsodEqNt8VQ%2FwK5WDZ9rwFINebbezib1dixtdPMGtD9RKhJRLRBUwAR456kZHn01zQZHOyEWTkLXYTp5VnvX%2Fx69pfp9UQR2yrGD5Rur4pufKGYUATg0Sw5VunCsBG4zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d04b01ddebb5cb0-FRA
expires: Thu, 20 Jan 2022 02:08:54 GMT

GET
H3 200 f-seals.jpg
www.probux.net/image/seals/ Frame 4928 6 KB
6 KB 50ms
28ms Image
image/jpeg 2606:4700:3036::6815:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.probux.net/image/seals/f-seals.jpg

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84052be05bb19365dd2ff81d71c60acf37850ace29aca698d458a22a6b6dd703

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1107961
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 Oct 2021 04:54:58 GMT
server: cloudflare
etag: "162c-615a8922-7c446a8266e294a8;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlOcY9vuW0cG2aDbDNU4Vi6wbiuY8kys0K%2FLsF5ehOpWvNuljOzdZa5aJ%2FlJf0JmMAhsBeI77uwOql8NaJJ8Ku3lusT1vMazORN0Tp15zL7aetFm8eQHN0j0uE9TK6KpeIRzT1LwTA7R5wfqtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6d04b01dca4f5b62-FRA
expires: Sat, 07 Jan 2023 06:10:42 GMT

GET
H3 200 btn_close.gif
www.probux.net/image/ Frame 4928 362 B
1016 B 60ms
38ms Image
image/gif 2606:4700:3036::6815:2894
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.probux.net/image/btn_close.gif

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:2894 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1107960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 362
last-modified: Mon, 04 Oct 2021 04:54:58 GMT
server: cloudflare
etag: "16a-615a8922-6fcbbc550fdbdf88;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ih59AAOigEKO22wS4P6CSTy2B%2FUXM9YlmHeUQVjfWuUNsT2UG7on10o%2Bav4oswVePkLHtVh9%2BkXZ1KqMCUVgNHkY9IzV4TL8607tdebWXFiXVN%2BVgJXOLrJS9VpD8UQYDI%2BQv1DQVFp%2FTwAewA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 6d04b01dca505b62-FRA
expires: Sat, 07 Jan 2023 06:10:43 GMT

GET
H2 200 1036911 Show response
adhitzads.com/ Frame 1C33 448 B
552 B 54ms
23ms Script
text/html 172.64.141.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1036911
Requested by: Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91f2ec691d2323f836c727fc51a931baaf7eea44242d73ea335015da20a7c3e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G8h%2FCf2ilO%2B8n3kr3dkPe0PwO%2B89P%2BaBNJaYu6RvNW8zjqAmx5Og%2FO2t%2BY3u6Oiok2wlU8mtP6FyDSVYQVN%2BnC%2FnNkOx2mSiTG1aDjhicE4g1MiAD3SjBOqUj2A7eeBF"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 6d04b01dc8b168f8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 02:56:43 GMT

GET
H/1.1 577 1650865 Show response
acceptable.a-ads.com/ Frame 8E02 0
112 B 74ms
12ms Document
text/plain 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acceptable.a-ads.com/1650865
Requested by: Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK 1650865 Show response
ad.a-ads.com/ Frame 1635 7 KB
2 KB 21ms
21ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1650865?size=970x250

Requested by

Host: mediacpm.pl
URL: https://mediacpm.pl/page.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

7a04e00a46629eddacf13a00c299eba2b588dfeac6c8f5b5f3de920c2ed18daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H2 503 /
a-ads.com/ Frame F122 0
0 48ms
14ms Document
text/html 104.26.15.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a-ads.com/?partner=87296_1650865&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1650865

Requested by

Host: mediacpm.pl
URL: https://mediacpm.pl/page.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfK585MTBZbumBHK2779Otc3vKNm%2FIsR%2FID%2Fa9pa6bHc%2FVbBVrDb620S0hiHSPGw0Jf3ZbrLVjJU6TZCyHm8nsjksqXb0gISNsHm8sDxZxHb6nPybhJLRFgJQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d04b01ddd7a5bf1-FRA

GET
H2 200 / Show response
bc.game/ Frame 4444 6 KB
2 KB 283ms
248ms Document
text/html 143.204.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc.game/?partner=104700_1650865&i=1bxqew2m&s=&c=
Requested by: Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-116.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1bd006927c76056bc19fb4284b96cd453cbde016070ef631167d8d0440e2dd17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
server: nginx
last-modified: Tue, 18 Jan 2022 02:54:24 GMT
content-encoding: br
date: Thu, 20 Jan 2022 01:56:43 GMT
cache-control: max-age=600
etag: W/"61e62be0-171a"
vary: Accept-Encoding
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ks1z7YsTTKXxUE0VShwQmy-AN_XGGjtVjI3vUizUrIKSyyUO7ok58Q==

GET
H2 503 /
a-ads.com/ Frame D84B 0
0 46ms
15ms Document
text/html 104.26.15.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a-ads.com/?partner=87296_1634265&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1634265

Requested by

Host: mediacpm.pl
URL: https://mediacpm.pl/page.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiSjFmRS5i6ZGe8lxwUqaKjq0%2FYHSOg955Ph05VdcJlwdTV7uSmExuJ6jrfy5kPcwnLGgF4Mp31EyfZvrRc4npOgOvYz2tkSYhS3ejwFCVN4mcPHZv3vpBUP%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d04b01ddd7d5bf1-FRA

GET
H2 200 / Show response
bc.game/ Frame 2119 6 KB
2 KB 736ms
704ms Document
text/html 143.204.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc.game/?partner=104700_1634265&i=1bxqew2m&s=&c=
Requested by: Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-116.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1bd006927c76056bc19fb4284b96cd453cbde016070ef631167d8d0440e2dd17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
server: nginx
last-modified: Tue, 18 Jan 2022 02:54:24 GMT
content-encoding: br
date: Thu, 20 Jan 2022 01:56:44 GMT
cache-control: max-age=600
etag: W/"61e62be0-171a"
vary: Accept-Encoding
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: ks3YnL90DocEVsEuDmMTtaiDNYr4HAjuX2jnkbafvG2TFis-Wn2Y5w==

GET
H/1.1 200
OK 1634265 Show response
ad.a-ads.com/ Frame 5297 6 KB
2 KB 17ms
17ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1634265?size=300x250

Requested by

Host: mediacpm.pl
URL: https://mediacpm.pl/page.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

81248307d0e5f0032b951105dbb4b89801f6598347a24c44d6bd8d5c60017cd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 1898508 Show response
ad.a-ads.com/ Frame B3ED 6 KB
2 KB 17ms
17ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1898508?size=728x90

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

32034c7b621931011bfdc3859d355a624c7f24173e912090961dc13dbd8631e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 1898517 Show response
ad.a-ads.com/ Frame C87A 6 KB
2 KB 41ms
21ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1898517?size=468x60

Requested by

Host: www.probux.net
URL: https://www.probux.net/viewads.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

d1c332b95f5807c67681dd60849b6b25b8750566221dffb4e8938557c35b0d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 1650865 Show response
acceptable.a-ads.com/ Frame 786E 23 KB
5 KB 73ms
21ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://acceptable.a-ads.com/1650865

Requested by

Host: mediacpm.pl
URL: https://mediacpm.pl/page.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

1d445e8a91704393eb89818ebe783cd41963e7192b5eb267026388f138cd320d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 577 1650865 Show response
ad.a-ads.com/ Frame 762E 0
112 B 36ms
19ms Document
text/plain 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.a-ads.com/1650865?size=970x250
Requested by: Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Length: 0
Connection: keep-alive

GET
H2 503 /
a-ads.com/ Frame 9AD4 0
0 43ms
20ms Document
text/html 104.26.15.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a-ads.com/?partner=87296_1650865&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1650865

Requested by

Host: mediacpm.pl
URL: https://mediacpm.pl/page.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QV1zG7hde3U8ibfQMumy1BN%2BEXv25BheqMSD7RyjLGfISwqvK%2BECUhh2sWu0Zkv6E%2BtQ0tbgNSUokuAfoc0Eyt2sUBaoBb0%2F2jCV7hrYjE14oYFOMcsSfQfJ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d04b01ddd7e5bf1-FRA

GET
H2 200 / Show response
bc.game/ Frame FFA4 6 KB
2 KB 272ms
248ms Document
text/html 143.204.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc.game/?partner=104700_1650865&i=1bxqew2m&s=&c=
Requested by: Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-116.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1bd006927c76056bc19fb4284b96cd453cbde016070ef631167d8d0440e2dd17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
server: nginx
last-modified: Tue, 18 Jan 2022 02:54:24 GMT
content-encoding: br
date: Thu, 20 Jan 2022 01:56:43 GMT
cache-control: max-age=600
etag: W/"61e62be0-171a"
vary: Accept-Encoding
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 5PY-QhhSa6FYq4VyC1MEnsYO9qfwxVRo3lpWBqbT4ystFa69r4bxaw==

GET
H2 503 /
a-ads.com/ Frame 0CEA 0
0 36ms
14ms Document
text/html 104.26.15.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a-ads.com/?partner=87296_1634265&utm_source=A-ADS&utm_medium=Banner&utm_campaign=a_ads_affiliate_US&utm_term=87296_1634265

Requested by

Host: mediacpm.pl
URL: https://mediacpm.pl/page.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 20 Jan 2022 01:56:43 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRUcF4wFA27ew63Ty9T5hF%2BBqxRjLKJxpJgC1d2YE%2Fyzc4NXijW2ccZpncEb%2FdLR8FOws4fgRnxngtn4EcuaEWS0PO9%2BNddZXfwdfpAcxVVf2TV%2BQkY6IGd5nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d04b01ddd7f5bf1-FRA

GET
H2 200 / Show response
bc.game/ Frame 0AD8 6 KB
2 KB 726ms
703ms Document
text/html 143.204.215.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc.game/?partner=104700_1634265&i=1bxqew2m&s=&c=
Requested by: Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-116.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1bd006927c76056bc19fb4284b96cd453cbde016070ef631167d8d0440e2dd17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
server: nginx
last-modified: Tue, 18 Jan 2022 02:54:24 GMT
content-encoding: br
date: Thu, 20 Jan 2022 01:56:44 GMT
cache-control: max-age=600
etag: W/"61e62be0-171a"
vary: Accept-Encoding
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: E45RvQLzdMg8tzvsX1YvYULWARVAbjt9mD5AsijDUfdw1NsrONHfIA==

GET
H/1.1 577 1634265 Show response
ad.a-ads.com/ Frame DF51 0
112 B 32ms
19ms Document
text/plain 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.a-ads.com/1634265?size=300x250
Requested by: Host: mediacpm.pl
URL: https://mediacpm.pl/page.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Length: 0
Connection: keep-alive

GET
H/1.1 577 1898520 Show response
ad.a-ads.com/ Frame 4437 0
112 B 33ms
14ms Document
text/plain 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.a-ads.com/1898520?size=300x250
Requested by: Host: www.probux.net
URL: https://www.probux.net/viewads.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:43 GMT
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/103763/ Frame 5297 686 KB
687 KB 35ms
11ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/103763/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1634265?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:43 GMT
Last-Modified: Fri, 27 Dec 2019 12:20:30 GMT
Server: nginx
x-amz-request-id: 2N4KVC7TXEECYRK0
ETag: "28dd56aa4c3448923f2e06f6f90e1017"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 702864
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: KIPQ8aj2AKbgfuqCDbQF8bZCjZrg7.Bd
x-amz-id-2: rl+e/V+gbVYImLWd7TMOyoX2SGSxRONiQpaty5+r9SLVyclbQVvGMkKgk6UcpflZXMNGOymAEGA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/118231/ Frame B3ED 683 KB
684 KB 50ms
22ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/118231/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1898508?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:43 GMT
Last-Modified: Sun, 26 Apr 2020 07:21:07 GMT
Server: nginx
x-amz-request-id: CYXAJX43FT0Z88DN
ETag: "241238ff9e1a7f85dbec8aa10f72f723"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 699692
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: t6FJBbIGBKpJobE5rxtWIqCTMlD50_5h
x-amz-id-2: 0FfAbl3e/Ec8R+4PaOtn1hzsTssggZpDgun6A5ZIiGEJ0qVyk/XC3BYt4PdOAIT9HKyoFjiFeF4=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 468x60
static.a-ads.com/a-ads-banners/104029/ Frame C87A 615 KB
615 KB 11ms
11ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/104029/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1898517?size=468x60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 607afef00fd5897e2ecbda82aa560057f1b9c6e5f97f613468b048903079890f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:43 GMT
Last-Modified: Sun, 29 Dec 2019 17:09:04 GMT
Server: nginx
x-amz-request-id: X1J2AWXR2A6R419J
ETag: "365a46b73920464356581df598644a81"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 629554
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: n7DE0Ih2SX67KfJXQVo9P6D5u9ksDvm.
x-amz-id-2: rw/o+MelCLtKzwIVeGvkUh+8tqc4dX7RSUUsRLIPXYDW1IWFKFt2KVPI7BSiM8SxUKHSFQKsjng=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 160x600
static.a-ads.com/a-ads-banners/117616/ Frame 786E 69 KB
69 KB 13ms
13ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117616/160x600?region=eu-central-1
Requested by: Host: acceptable.a-ads.com
URL: https://acceptable.a-ads.com/1650865
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 20f3a387fbcb1f55acf43b88e0628d8caae1cce02fd5c09bbf573de755fd8ce6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:43 GMT
Last-Modified: Sun, 19 Apr 2020 16:08:09 GMT
Server: nginx
x-amz-request-id: C0KMV2Q3000PGWTX
ETag: "c848631aa56eb03b8cf56723624828e8"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 70430
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: Vly2RmS64q4VblC2nRqz_g1rs.jq2Fic
x-amz-id-2: GXwDJBxJNqtqNj03Biq+rcrbw84z6zXqtSG6RPGZiOzdS74VBAbFcqFSkzxynBnBOP+mel4f0L4=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.js Show response
www.thz3.xyz/static/common/layuiadmin/layui/lay/modules/ 95 KB
35 KB 1652ms
1652ms Script
application/javascript 2606:4700:3032::ac43:a24f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thz3.xyz/static/common/layuiadmin/layui/lay/modules/jquery.js
Requested by: Host: www.thz3.xyz
URL: https://www.thz3.xyz/static/common/layuiadmin/layui/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f63ee4ee1307f3921d0f1b82ac1516375ea5b7878e4ac34219c1ee9bc124ee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thz3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWRlSIZT2AN0QWrsrDUPQ5bSOVoOMdoSi7hPDSKGkrTQDbosthRQZVdv0tFf1jSWbcOP3U4CBsQDtrajHGGtezbvwtN57Hp9%2FS0JXt6mWPTpggYLct8O2%2BGX4437U9ZTkvucu1BmUGg4s0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
roubsite-license: Open-Source(www.roubsite.com)
cf-ray: 6d04b01eaa3a704c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
roubsite-version: RoubSite/V4
expires: Thu, 20 Jan 2022 02:01:44 GMT

GET polyfills-modern.3ae5c693.js
static.bc.game/assets/ Frame FFA4 0
0

GET index.6e88f856.js
static.bc.game/assets/ Frame FFA4 0
0

GET vendor.faa0aa6a.js
static.bc.game/assets/ Frame FFA4 0
0

GET
H2 200 index.f7fdf494.css
static.bc.game/assets/ Frame FFA4 10 KB
4 KB 38ms
8ms Stylesheet
text/css 65.9.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bc.game/assets/index.f7fdf494.css
Requested by: Host: bc.game
URL: https://bc.game/?partner=104700_1650865&i=1bxqew2m&s=&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-104.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b89376a98aa98395ca78f4a0b6ca61d3b12fac419562ab42ac1140ced7792578

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 12:53:34 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 12:50:38 GMT
server: nginx
age: 738190
etag: W/"61dd7d1e-292c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://bc.game
cache-control: max-age=8640000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: putZE2iQax2wULG8IK7kjoqDkHMoJNC0r1Gyat9m-Y6yTnbYxCLpbw==
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)

GET polyfills-modern.3ae5c693.js
static.bc.game/assets/ Frame 4444 0
0

GET index.6e88f856.js
static.bc.game/assets/ Frame 4444 0
0

GET vendor.faa0aa6a.js
static.bc.game/assets/ Frame 4444 0
0

GET
H2 200 index.f7fdf494.css
static.bc.game/assets/ Frame 4444 10 KB
4 KB 39ms
10ms Stylesheet
text/css 65.9.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bc.game/assets/index.f7fdf494.css
Requested by: Host: bc.game
URL: https://bc.game/?partner=104700_1650865&i=1bxqew2m&s=&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-104.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b89376a98aa98395ca78f4a0b6ca61d3b12fac419562ab42ac1140ced7792578

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 12:53:34 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 12:50:38 GMT
server: nginx
age: 738190
etag: W/"61dd7d1e-292c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://bc.game
cache-control: max-age=8640000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: J3sn--9udZUZep7-y_AXrAriaXTClcS8Z5jIXuz4U3QN1x-kQ51yIA==
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)

GET
H/1.1 200
OK t.php
d.trafiq.trade/ 0
414 B 204ms
146ms Image
text/html 23.235.244.212
SSASN2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.trafiq.trade/t.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.235.244.212 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thz3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Jan 2022 01:56:44 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3 200 legacy.css
tinyurl.com/css/ Frame 5CB7 3 KB
1 KB 27ms
16ms Stylesheet
text/css 2606:4700:10::6814:8b41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tinyurl.com/css/legacy.css

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/4y3ceszt

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8cba0a196d49f8d22dd25f99b3c2fd4a112a52f1f93f38dc603212c9ed87629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Nov 2021 13:08:11 GMT
server: cloudflare
age: 910
etag: W/"245667365"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d04b0215e434e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ Frame 5CB7 94 KB
34 KB 129ms
42ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/4y3ceszt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 20:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Jan 2023 20:28:11 GMT

GET
H2 200 tr
www.facebook.com/ Frame 5CB7 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=196261077476671&ev=PageView&noscript=1

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/4y3ceszt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 20 Jan 2022 01:56:44 GMT

GET
H3 200 tinyurl_logo.png
tinyurl.com/siteresources/images/ Frame 5CB7 20 KB
20 KB 26ms
17ms Image
image/png 2606:4700:10::6814:8b41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tinyurl.com/siteresources/images/tinyurl_logo.png

Requested by

Host: tinyurl.com
URL: https://tinyurl.com/4y3ceszt

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:8b41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbd195fb6d9f8e94530a0d720b4a96dda93a7c870e77c62796651298ffd2f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Dec 2021 17:16:49 GMT
server: cloudflare
age: 923
etag: "1665558311"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 6d04b0215e424e4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20029

GET
H/1.1 200
OK tinyurl.com.js Show response
tags-cdn.deployads.com/a/ Frame 5CB7 437 KB
136 KB 59ms
25ms Script
text/javascript 143.204.215.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags-cdn.deployads.com/a/tinyurl.com.js
Requested by: Host: tinyurl.com
URL: https://tinyurl.com/4y3ceszt
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-10.fra53.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: a58cf72a29722250b6aeef16af85e24036ea47f6ea8f7a57e7c6c4d08a8cf51b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:46:28 GMT
Content-Encoding: gzip
Age: 616
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Pragma: public
Last-Modified: Thu, 20 Jan 2022 01:46:28 GMT
Server: awselb/2.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
Cache-Control: max-age=1800,public
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: lqjX2j-tOwyW1bLTpZ8AQYhDcIayMEoS_JK_msdbRAnqi8phL2ow9A==
Expires: Thu, 20 Jan 2022 02:16:28 GMT

GET
H/1.1 200
OK iframe Show response
d.trafiq.trade/d/n/ Frame FDDD 5 KB
2 KB 267ms
145ms Document
text/html 23.235.244.212
SSASN2

General

Check archive.org

Show headers Download Go to

Full URL: https://d.trafiq.trade/d/n/iframe?domain=thz3.xyz&id=2241051
Requested by: Host: www.thz3.xyz
URL: https://www.thz3.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.235.244.212 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software: nginx / Express
Resource Hash: 1c4fdc254501670e2467f16234d615f5fc920dde8ac9d5f2f467f985b954af95

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thz3.xyz/

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
ETag: W/"146f-p6mDkPNI+3OkSgiZktqkAIcJOIg"
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

GET
H2 200 oHoFJes59TgjhmVsUhUgzpP9dZGMcF.jpeg
s.trafiq.trade/prnotifications/2020/12/17/ 24 KB
25 KB 41ms
13ms Image
image/jpeg 2606:4700:3037::6815:55b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.trafiq.trade/prnotifications/2020/12/17/oHoFJes59TgjhmVsUhUgzpP9dZGMcF.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:55b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64befb9a066594a90f55db2f6711c290f14ae6c973763064d134a2039a1c5ee3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thz3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2131
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24538
last-modified: Thu, 17 Dec 2020 16:45:41 GMT
server: cloudflare
etag: "5fdb8b35-5fda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDMrcu9rb2Z%2BBV3FoEBRNJTuS2qrhnL0SvxhFUpTHC0ZazUnJau98pVcKS9uYsjsOpGcA4c3Plw0huEy8DrzOlrBHLlax3hbq2YUF7svUyzmo8o%2BnC8om8DGX7Bnku%2BkmNs%2FP2DpfD4SWXta1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04b021ea354414-FRA

GET
H2 200 ZwRkFR2KgdXsRqL6BL5gNY2mRHH7yo.jpeg
s.trafiq.trade/prnotifications/2020/12/17/ 41 KB
41 KB 49ms
21ms Image
image/jpeg 2606:4700:3037::6815:55b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.trafiq.trade/prnotifications/2020/12/17/ZwRkFR2KgdXsRqL6BL5gNY2mRHH7yo.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:55b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b9b64cf42a28bb77db65da2c09d5d6dc544d5d8f774667893f8957d1b0028d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thz3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2131
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41752
last-modified: Thu, 17 Dec 2020 16:45:41 GMT
server: cloudflare
etag: "5fdb8b35-a318"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmpx8chRrDTqvRFgU%2B%2FCOpEvBA%2B2ef5UxPxibwkqWEWCtbrGQef5OXAdJYGUsBy2DQqIwQFbVTB9eFqx0G%2BcdP9EPf%2Br%2F4PI9VAWIRcXf0TwMujVEaSrIvH1Ig4QaCAKbduAqF0syYAi5uqFpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04b021ea364414-FRA

GET
H2 200 wNAnPJuzf92Looa56sWYrreXjreW75.jpeg
s.trafiq.trade/prbanners/2021/12/19/ 79 KB
79 KB 42ms
14ms Image
image/jpeg 2606:4700:3037::6815:55b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.trafiq.trade/prbanners/2021/12/19/wNAnPJuzf92Looa56sWYrreXjreW75.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:55b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03e2dff2eb725eadf0dfaad4938da86623ced76783961b8d768559dccc72345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thz3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3033
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80876
last-modified: Sun, 19 Dec 2021 11:09:35 GMT
server: cloudflare
etag: "61bf12ef-13bec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMfO5JhmCZGvNkMqGmCyoWL3UUL3%2FzAsJKIeu%2Bn2gVuXetKsqdYRMJG%2FFLzxRPeEiMHQW8KWgT6rjm4jDbwL%2BBOaI0pKLNMaR5x4n3hZIaiZkqi701bXG9WOlnw%2Bp8juq9r40KtyB5eGtDBo5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d04b021ea374414-FRA

GET
H2 200 net.js Show response
static.surfe.pro/js/ Frame FAC5 4 KB
3 KB 44ms
15ms Script
application/javascript 2606:4700:3035::ac43:d116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.surfe.pro/js/net.js
Requested by: Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 726f449314a21b2062a33e5141b25d8969751d9a3126a27c7ca3d472b4ac9fb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 13:02:23 GMT
server: cloudflare
age: 3551
etag: W/"613a05df-ec5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m64yPqrvk5S644bFSNuirPPJS1TcAqObFtYJh9idpOk%2FTXkp356sZAKlVSaPA4h521SNZAjy%2B9XZygmTEkleD0T%2FmTzgW8PchZx%2FjkW01wcEmoB1bJXw8vMIO2C6SXqe9MIeRx%2FPVT1I95hXa8gB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0221faf5caa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
appsha-lon2.cointraffic.io/js/ Frame FAC5 5 KB
3 KB 99ms
26ms Script
application/javascript 2a0d:da00:a:401f::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL

https://appsha-lon2.cointraffic.io/js/?wkey=cd9NBdlv2D

Requested by

Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a0d:da00:a:401f:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),

Reverse DNS

Software

nginx /

Resource Hash

2604d5934ae634fc53747fed790ebde4237dcaf5e0845ab63bde217003fe8b43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';frame-src 'self';
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block;
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: cross-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
permissions-policy: geolocation=(self), payment=(self)
content-security-policy: frame-ancestors 'self';frame-src 'self';
expires: 0

GET
H3 200 1133122 Show response
adhitzads.com/ Frame FAC5 448 B
812 B 39ms
26ms Script
text/html 172.64.141.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1133122
Requested by: Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.141.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffd8a750249810f2e27aa829a7f7725c4d9590a65559c3b2bc683f3f27ca46c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdrckhqkieFvuljqv%2Fp48dmv9VMnfgWOYzj7kBGEitCpfCUIibv0u8C1fdWyxafipMt8Ykww4CpOl3c5eY%2Fh%2BcvTTM2gH3QfOnL5EeHL5y3rn22CjCns9MTEZJgjYPMq"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 6d04b021fb0f5ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 02:56:44 GMT

GET
H3 200 1134977 Show response
adhitzads.com/ Frame FAC5 448 B
852 B 35ms
23ms Script
text/html 172.64.141.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1134977
Requested by: Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.141.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9566235c2aca211cd958ead8fb1930e1ca521603201b6891bc88a73c4b177ca7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaWSrmSvIKT%2FOuTTHMJWDL%2FmDt6Z1hN0KvESgfypgxDorJ3PIvNTaSgae3r79Cr%2BthzbO3Wu8sCSmFDDYvUq2S0WHYFo4WITSJtRhZGKM%2FJbtSDoJDKpUI%2FB8ie5zAcq"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 6d04b021fb0e5ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 02:56:44 GMT

GET
H2 200 hit.js Show response
widget.supercounters.com/ssl/ Frame FAC5 4 KB
2 KB 47ms
18ms Script
application/javascript 2606:4700:3033::6815:4208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.supercounters.com/ssl/hit.js
Requested by: Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3d3499fc09b0bea26ef49c3547df27fe96e2a2ddb7a9cf821ffde4cac3c69f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2017 08:14:18 GMT
server: cloudflare
age: 3811
etag: W/"5965da5a-edd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uynWLrHb731QLCV3q0dpcZkZ44lSr97loxYlg2jPW9NV88gm%2B5FVafmbqme0x9VVmIGPTy9ERRQ9HedlEUODveutCjC4BBMHaCzU2Bt%2F2Iy12QxGOmVhPGBnDU9AblQsDErOX40QBH4vTiuisLf%2FXbTIhA2i5OU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b02219f942c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lincode.php Show response
linkslot.ru/ Frame FAC5 15 KB
5 KB 90ms
61ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://linkslot.ru/lincode.php?id=334095

Requested by

Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a003f9f65d1753f1300365e1369801746e5015718ee493b2fdd9eac18d8c7a6a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S24gjvuo8dshXCn3EBKpi5kzIOO2POw2q09WgAnNCiTleLDDutED3lCH%2BcrbQbQ7Big201jqb9Uwk%2F46jqD%2FnQFEwSwjSOJ5W2pyOwgwpv8FVTwjk87AdoTiGVqc23achmNUVDlzedmx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 6d04b0221adf6951-FRA

GET
H2 200 bancode.php Show response
linkslot.ru/ Frame FAC5 14 KB
5 KB 92ms
64ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://linkslot.ru/bancode.php?id=334094

Requested by

Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c0c6aa7fc35631dcdaf9bf60b831ca8b31be1a4f91c9096f262eae6e4289690

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpI%2BEoBR%2Ft5Z0BUOjRpnJ%2B0ekPIUQPo8oFZh3F9028wdL51GKV0AohlFqDwA9lJllHpeAMGbM3hsXWOdPAEDMnTl%2BTRbp8DFWHSqmPO8G%2BNUpm%2FbnOWA6vQ%2BO8uYtPXrYqH8Se1jKm21"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 6d04b0221ae06951-FRA

GET
H/1.1 200
OK 1703336 Show response
ad.a-ads.com/ Frame B545 6 KB
2 KB 22ms
21ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1703336?size=200x200

Requested by

Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

0b2d504429dee5353c000d5ce14378b5d5b9ac022cd5227bb368416942c71fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 1703336 Show response
ad.a-ads.com/ Frame A50A 6 KB
2 KB 22ms
22ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1703336?size=200x200

Requested by

Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

d0094a20c5acca38d7328c939fa72893912a103dd875920148016e37acadcbe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 1703316 Show response
ad.a-ads.com/ Frame 7CF5 6 KB
2 KB 17ms
17ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1703316?size=728x90

Requested by

Host: vipkopilka.top
URL: https://vipkopilka.top/LTC/pay.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

server-99-86-3-62.fra6.r.cloudfront.net

Software

nginx / Phusion Passenger(R)

Resource Hash

b13286c9fdf2664caec3923455f4434f05ef8dd8669773f67cb4f068aaa22299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame FAC5 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/118231/ Frame 7CF5 683 KB
684 KB 14ms
12ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/118231/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1703316?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 52768beb6e9a4d1619ced6e98c515f416b23632839c8092d615f06513dc6146c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:44 GMT
Last-Modified: Sun, 26 Apr 2020 07:21:07 GMT
Server: nginx
x-amz-request-id: CYXAJX43FT0Z88DN
ETag: "241238ff9e1a7f85dbec8aa10f72f723"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 699692
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: t6FJBbIGBKpJobE5rxtWIqCTMlD50_5h
x-amz-id-2: 0FfAbl3e/Ec8R+4PaOtn1hzsTssggZpDgun6A5ZIiGEJ0qVyk/XC3BYt4PdOAIT9HKyoFjiFeF4=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 C-k9TIksGvum59BrD1AXgu0_5iM.js Show response
www.bitcoin-ad.com/cdn-cgi/apps/head/ Frame FA22 5 KB
2 KB 312ms
12ms Script
application/javascript 2606:4700:e2::ac40:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bitcoin-ad.com/cdn-cgi/apps/head/C-k9TIksGvum59BrD1AXgu0_5iM.js
Requested by: Host: www.bitcoin-ad.com
URL: https://www.bitcoin-ad.com/bitcoinad?utm_source=&utm_medium=&utm_content=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe56e1283d0c66df2e226021d45c2d338b70c727dc25cd7457e469340f721193

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11144195
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: A2PGT3Y7925PHADZ
x-amz-id-2: al5GJFh0bVDbfK+P+F8rRAqHNCpGQesoYLPQRdf2ODj7V0B3QNoM5HB6OCmrJXXlMYqS6i5DpsA=
last-modified: Thu, 05 Aug 2021 14:44:41 GMT
server: cloudflare
etag: W/"28a23988e5eefde96267586353be8dc7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jrt2W3O0G4SJKp0L1s4DmtE8%2B5LEcB7L65pfqc%2FzfZ9r79vSbf16ex7nWtnej6yqLLO2YopVQGrTTBDFlS43k5qls65gSg6zzLzgxScivpTxBwrf%2FPsIVK0hKq5tVWwSi%2Bksl4awWKOOVFfKVQ8pF5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: nxXub33NqGG1ifaDRyxbW5L4Nq5ztpgT
cf-ray: 6d04b0243a0d6931-FRA

GET polyfills-modern.3ae5c693.js
static.bc.game/assets/ Frame 0AD8 0
0

GET index.6e88f856.js
static.bc.game/assets/ Frame 0AD8 0
0

GET vendor.faa0aa6a.js
static.bc.game/assets/ Frame 0AD8 0
0

GET
H2 200 index.f7fdf494.css
static.bc.game/assets/ Frame 0AD8 10 KB
4 KB 9ms
7ms Stylesheet
text/css 65.9.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bc.game/assets/index.f7fdf494.css
Requested by: Host: bc.game
URL: https://bc.game/?partner=104700_1634265&i=1bxqew2m&s=&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-104.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b89376a98aa98395ca78f4a0b6ca61d3b12fac419562ab42ac1140ced7792578

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 12:53:34 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 12:50:38 GMT
server: nginx
age: 738190
etag: W/"61dd7d1e-292c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://bc.game
cache-control: max-age=8640000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 3cNHEA6svcD0GVA4vZd89XLQGDfdBD9VREBPVQ6qvpo8_glWzu34Gw==
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)

GET polyfills-modern.3ae5c693.js
static.bc.game/assets/ Frame 2119 0
0

GET index.6e88f856.js
static.bc.game/assets/ Frame 2119 0
0

GET vendor.faa0aa6a.js
static.bc.game/assets/ Frame 2119 0
0

GET
H2 200 index.f7fdf494.css
static.bc.game/assets/ Frame 2119 10 KB
4 KB 9ms
8ms Stylesheet
text/css 65.9.58.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bc.game/assets/index.f7fdf494.css
Requested by: Host: bc.game
URL: https://bc.game/?partner=104700_1634265&i=1bxqew2m&s=&c=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-104.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b89376a98aa98395ca78f4a0b6ca61d3b12fac419562ab42ac1140ced7792578

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 12:53:34 GMT
content-encoding: br
last-modified: Tue, 11 Jan 2022 12:50:38 GMT
server: nginx
age: 738190
etag: W/"61dd7d1e-292c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: https://bc.game
cache-control: max-age=8640000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: D5tBP2uF4KjiXfgro9e6-ENqekvkd-jjR3BWt9ZKHlhgksY6xyDeGA==
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BF2F 146 KB
51 KB 99ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1673537377498725

Requested by

Host: cryptogpt.com
URL: https://cryptogpt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b21a4c303b5a723a5dd094cb37921aeefef87f14d7d1f4ac96b962d54a15eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51981
x-xss-protection: 0
server: cafe
etag: 9130043276172369363
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 Jan 2022 01:56:45 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ Frame BF2F 25 KB
9 KB 164ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: cryptogpt.com
URL: https://cryptogpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b74b2d05640b791b4f0b45b900f572183279f685b3105ecee4a322a50412ca9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7754
x-xss-protection: 0
server: sffe
date: Thu, 20 Jan 2022 01:56:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "480ab06cc693700c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jan 2022 01:56:45 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ Frame BF2F 933 B
961 B 268ms
241ms Script
application/javascript 2606:4700:10::6816:3ac7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.vlitag.com/adv1/?q=ac4257f04fb815884f463792c192f9d0
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5516701c38573dbe69f82982715b82be2d2cc546f74db45fc21755d4daee3d97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 20 Jan 2022 01:56:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 6d04b026af794abd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H3 200 bootstrap.min.css
cryptogpt.com/asset/home/bexo/assets/css/vendors/ Frame BF2F 138 KB
22 KB 97ms
79ms Stylesheet
text/css 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/css/vendors/bootstrap.min.css
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Nov 2018 20:55:06 GMT
server: cloudflare
age: 482426
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSY9w8JDV9sM8ETtCpLPAlBLvYyCPeS5K5vzO7x1SOt7QTl6C%2BUlKDf%2F8SRaDyBGk81lLIoXIFbLNd74O%2Bei2J5BveqwDM7V0WdJYpx%2BnKlSrRO%2BDAnVsyj6zsDvDX3Qu1kF3pW9HA%2FnON0o"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268efe4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 13 Feb 2022 10:02:14 GMT

GET
H3 200 font-awesome.min.css
cryptogpt.com/asset/home/bexo/assets/css/vendors/ Frame BF2F 30 KB
7 KB 97ms
80ms Stylesheet
text/css 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/css/vendors/font-awesome.min.css
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e900131f1807900f44395d35ba44115973e7237a8863eb4bb459077326726dd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 May 2019 01:31:28 GMT
server: cloudflare
age: 1111436
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NHK%2BYz5Cr39%2F4RNI6SncfFUGHcmu3RJduVZRUGcZoD34gt6ItTpPafXvhjUQK5aeGlZnXI%2BZ6B05Vm8htueCmJXof2vamIYeKV4OMLe9831TSJNSwtv%2FA42WMXFyYzb3hq%2BoBIxL4mUkRx1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268eff4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 14 Jan 2022 10:01:43 GMT

GET
H3 200 slick.min.css
cryptogpt.com/asset/home/bexo/assets/css/vendors/ Frame BF2F 1 KB
975 B 105ms
88ms Stylesheet
text/css 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/css/vendors/slick.min.css
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4cbb41ba2812c7076f09fcfe9af4162f3723f2b231475659d68774bb2fb85df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Apr 2020 07:34:52 GMT
server: cloudflare
age: 482265
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJ75bHxGntARJCaT6cGNDPS860p7BSKlJ5TQwZ5wF9AIiFeCXQg%2FGqmDQGxFFPfrjNohqK99HAcD2IH%2B7DNMLdeC1o1Qk9tyvrOo%2FGZtfcEzxCTiuaqi49Y1GHw52C8wYikhqeB4O3qOTQUK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268f024d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 13 Feb 2022 10:00:17 GMT

GET
H3 200 aos.css
cryptogpt.com/asset/home/bexo/assets/css/vendors/ Frame BF2F 25 KB
2 KB 106ms
89ms Stylesheet
text/css 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/css/vendors/aos.css
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482265
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 08 Jul 2018 04:40:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twTmeiEDZwiqqCCLWR6LsON091NuWOrMdoFVujETfHEJmubzFCLdchE3gAYphB%2FL%2FcdYpa9fnNnn3GFp4xGdqDu6gHWLgdSS4MxJq%2BsN1MY2civQLIaLS9KN8RyMLsIGvQ4Fy0GB4%2B%2FLtFkE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6d04b0268f044d84-FRA
expires: Wed, 09 Feb 2022 20:54:15 GMT

GET
H3 200 style.css
cryptogpt.com/asset/home/bexo/assets/css/theme/ Frame BF2F 25 KB
5 KB 105ms
88ms Stylesheet
text/css 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/css/theme/style.css
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d65fb6c450a30c94d0e63878b750629fcadd69ea792722be5842f9d9e22ea4ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482265
cf-polished: origSize=37234
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 22 Aug 2021 06:31:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jKfzsY6l4MydLCuklYvZOS8QIs0KAQyB%2FmSz7MH%2FUG0Gwhp2CO8zAzxf70xXnk4kx21di80ZUws87sntHwSH5SvA1NR%2Bn6ajD9DGhCK0Ads2m5sPwOOy2xbqGs8DMkMUFQvW208K8H35Um6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6d04b0268f034d84-FRA
expires: Sun, 13 Feb 2022 10:00:17 GMT

GET
H3 200 index.css
cryptogpt.com/asset/home/bexo/assets/css/theme/ Frame BF2F 5 KB
2 KB 109ms
92ms Stylesheet
text/css 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/css/theme/index.css
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f5c800bb4bb7764c70ff86e5dab8b315346944b775f94652207ba1cec3b173c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482265
cf-polished: origSize=7923
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 22 Aug 2021 06:16:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQdGbnd16qg1qc3Pv7WnBJCM%2ByGcNx2e8PNrJ57aWyPUPBIK3%2BH1Qyd%2FJX5rWwAHhIvjbG1yGeXe4Bh4ephO4tpXczANWalY29TAzFU1dDSEdE7XbseXxk23sl0h6DQArDRejbgQekwv4k1F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 6d04b0268f064d84-FRA
expires: Fri, 14 Jan 2022 12:40:23 GMT

GET
H3 200 invisible.js Show response
cryptogpt.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame BF2F 48 KB
17 KB 90ms
77ms Script
text/javascript 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c75fd53a523bf1d623d1049335a57f92200d5ed84a16ba25590d313d62a50cae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmfNKRdU6HInHgiMAcIFEQMj84VYl30zzswnh3CTtVIpfBEb6GMXOvbeQCYtwa6qP1RNy%2BrcnjfO74JWYSadg%2FGvGv94Jpku10Udzocr8Cyt1ENI%2FpJYHE9Sj2Oaxt9qz8wt4b2ula295g29"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6d04b0268efd4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame BF2F 91 KB
36 KB 105ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111679161-1

Requested by

Host: cryptogpt.com
URL: https://cryptogpt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ee48fbcc20da855dcce138693c4974242ab305fced8a95e2febe142e5c741cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36489
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 00:28:58 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jan 2022 01:56:45 GMT

GET
H3 200 header.png
cryptogpt.com/asset/home/bexo/assets/images/ Frame BF2F 248 KB
249 KB 28ms
16ms Image
image/png 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/header.png
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9eab513f93a19803987d618b40f5bc253230f8d71707e56401a477de62dc2006

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475312
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 254450
last-modified: Sat, 21 Aug 2021 08:30:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCrWTIAMSNl8%2BBMo3gMfvJC6W0S1sxJngB%2FmLlaQ8AedRlkcZtYnL0%2FabnEZK6yq2FEzx7WHI4ghs59Uc8Xaql8vsfDj%2BPvXQnvXG4WHYGu61VQl3CAgpRKbv9i2%2FCHIJBHl74sudNZHG0XG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d04b0268edd4d84-FRA
expires: Wed, 09 Feb 2022 20:54:15 GMT

GET
H3 200 faucet.png
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 51 KB
51 KB 66ms
55ms Image
image/png 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/faucet.png
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cba0f0518412bd35472357f02ab7e15b8c550e597df7add06b94d6bea2b04384

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1278834
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52057
last-modified: Sat, 21 Aug 2021 08:52:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WugAVWFqSBEsX5TZxOZN7JspWAygRc87pN2dKYxJCYPas0RSmRinHYZ7U8cWhYGbcuQ4aCNZdhwLXX5gvbj7LOpw2kwb5AqdomxZ0SGjN0pr1WDjsSspjyhrR%2FRITGVMme24Y7Z5nQqRweZS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d04b0268ee04d84-FRA
expires: Fri, 14 Jan 2022 12:40:23 GMT

GET
H3 200 wall.png
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 261 KB
261 KB 68ms
56ms Image
image/png 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/wall.png
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 012c6c547f05480e1f7efca5e60c60bb8672e9a7e95ed1758a555a8ef04aa74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1111436
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 267049
last-modified: Sat, 21 Aug 2021 08:55:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWhv%2BADYCQvNWO3G9%2BSD7UgrXdJlgyQ7ngQz4LTQxmFP09c%2FYOEw3h0CoYyWvMPCt%2F2d8YbLUqrsS1syWUgA40APjNr0BFEDFCvG6GTUsZsyoRzQdW8A%2FsvTSXK%2FLcfCMvi1a3qfT%2BF5brz4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d04b0268ee14d84-FRA
expires: Fri, 14 Jan 2022 10:13:17 GMT

GET
H3 200 jobs.png
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 45 KB
45 KB 77ms
65ms Image
image/png 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/jobs.png
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7ad1c0522fec6192b6221a1be7c4ea2fb9b2217fd1dabd5a9313785939d5ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45986
last-modified: Sat, 21 Aug 2021 09:00:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpgpHMbnndMDm%2FxLStKxqgOBttDirUiylmsA%2FGV16UYnJzXE%2FAEzU5RHvIwqN1bjqObGA9sR72kEJUczMWeI8S48%2BWlV2KF%2BpCpdnTVnLZiWViTRjY4Ff6Irfxx2erm0%2FB34tKQ2vrJkOWGS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d04b0268ee24d84-FRA
expires: Sun, 13 Feb 2022 10:16:00 GMT

GET
H3 200 clicks.png
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 11 KB
12 KB 86ms
73ms Image
image/png 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/clicks.png
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d91f54faf9e3d6df09dfbd717ec243141897f8b69af2cae4a09ca1c572796128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11571
last-modified: Sat, 21 Aug 2021 09:02:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvpFaEkO%2BTO5Fj1OAJsLAT3VXvkqk6bHu%2FWwus%2FDuzIPc5drWq5VjZsNeVDfLhpJEAzp0Glj%2Fy7kT%2FIj%2Fu3Sn82GXQou3EnrfNaQBs2%2BJX%2FH9De%2ByDqnelnEq8lyu63s8O5VNTEAjbbmxuGs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d04b0268ef54d84-FRA
expires: Sun, 13 Feb 2022 10:11:02 GMT

GET
H/1.1 404
Not Found banner.php
unitraffic.ru/ Frame BF2F 0
0 1335ms
1174ms Script
text/html 194.61.53.41

General

Check archive.org

Show headers Download Go to

Full URL: https://unitraffic.ru/banner.php?user=213
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 194.61.53.41 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 20 Jan 2022 01:56:46 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3 200 shield.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 4 KB
2 KB 88ms
75ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/shield.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470e39b6b8d70be39202d49d0dccbcdc2761879cf53cef2bfd0d8f09277cbdb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 May 2020 18:47:08 GMT
server: cloudflare
age: 133447
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UCHV7Xxw5B9SCfDx9zzk8q1PaxIyCZEs78NE9tK7AShcgHiOFSwNuMbdUvx%2F83GdIwyv%2FhHMxwCrVPhCDPea9X%2BcH2YxsNQDwGfbeRiv5rxbYhWPnJ3%2FRpmqtEVfqeUG3Mp%2BUxxcwpNgyzJ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ef64d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 12:52:38 GMT

GET
H3 200 speed.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 4 KB
2 KB 85ms
73ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/speed.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c03a060dc07356e458ff9992304f4f0fe87102a92ce52301f1f8cda5cfe1c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 May 2020 18:57:30 GMT
server: cloudflare
age: 133447
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5R4WBSVQWaSfNcgo35gJPHIL%2FHnKILISuh8bTwh0hYVfbhmidmWJ2rfEAXb3aRN2YpXN38kmWakru3SlhA5xuiIA5Di2uaICU930oMz0SZbWSlqOD88wvZv80qmIssWMhEpiFIx20mSgIghM"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ef34d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 12:52:38 GMT

GET
H3 200 project.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 4 KB
3 KB 85ms
73ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/project.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dc14869d76808cca7ad4ea432b84231db0d2d7b1720b5bd8451ad0e62a4465e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 May 2020 19:01:38 GMT
server: cloudflare
age: 64910
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FS3hdvSTRkKp9kuJUCsMzA95OYSwtW2OEw%2BRzkanKUuMg%2Fq9EJOOfGqP5uJ%2FAEgb5S7wNcjfrG4%2FnSi0NAi9TIhzMWD02DZaljnSAQMQy%2F%2Fjo070mlbA%2FDDLC%2FmIaGSsjVNsf0rgF31yelD"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ef44d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Jan 2022 03:34:06 GMT

GET
H3 200 together.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 8 KB
3 KB 88ms
76ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/together.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064a0b6b62e9f16e0f5135c692fda8455490368e3a8d9f0c7f5f667c18c38744

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 May 2020 19:08:20 GMT
server: cloudflare
age: 3561
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPep%2Fx0rS8cXWITgbDHc0xMdgODyWzIFaIfVwfQKNmWuNPjEODpqfe9XgHsoBP%2BRVWAaCMGNdBLm9jIWQbII6OmK3cd838laVfkskRvGDuDNB2jyi8ylX4HOea1cOQ5QxIk8%2BmQdpVrKKAuP"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ef74d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 13:04:12 GMT

GET
H3 200 medal.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 3 KB
2 KB 77ms
66ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/medal.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 535d3ef94b5695c4541a0d06cc940681785f3692eb171c5647b0ad06be02ce3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 May 2020 19:30:18 GMT
server: cloudflare
age: 64910
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGxGHJ%2B9CnGRX7byAIGYNKJIPkT%2B1Tbq9CXo%2FH8ZbqMljBggWNg7CfTtI3NJjPJDPjvQ%2FbZypgsg52mqE7MofdFr29xic9IGsN62tf%2BTOMTEGYtd%2FzOAJ7gHcya0sWNGVyj9k8E3QJdK8e7j"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ee34d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Jan 2022 03:34:06 GMT

GET
H3 200 cloud-computing.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 2 KB
1 KB 77ms
66ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/cloud-computing.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fc6e0373cdf1766eca857c8063b7132115133bf43d5eb51444c1e044a08752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 May 2020 19:40:06 GMT
server: cloudflare
age: 115920
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QmqzlrCRKn2wV5dV7FEMGMXryCr2CBNEgbkpgt9GaPfR1kUhIatrpuaIhSH7F5i%2F2CqfGx%2BXNd54QI8VbP8C3Ge1mEpwEKVHMElGb5QBHCuiZJeS4tnUFmJUCVFqXdVRFhFRdL7Pq2DW3zE"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ee44d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 12:58:20 GMT

GET
H3 200 mail_2.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 2 KB
1 KB 77ms
67ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/mail_2.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a8fd401a50fb648ee95020787bcecd5e55512a2c5946c2e8c3e5f6160eb20d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 May 2020 19:45:08 GMT
server: cloudflare
age: 133447
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czHugP%2FVDKYOD4avijS70BvQopC8x6wYDn%2Fi3luP2bshP7CMhTnXpA4xvY0cU6RvM5gYHCyAvsTLOywy6mw6TeLBZCdQ1KOPBBperNIxy12VN6AXAhM2tF6aWjfcZ71u3twueJupjSmi5YQh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ee64d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 12:52:38 GMT

GET
H3 200 ladybug.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 9 KB
4 KB 78ms
68ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ladybug.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ae8aa2fe9e4c38f6ad5b826379af7184c13c08a12d42949b9b13a807b974731

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 May 2020 19:48:08 GMT
server: cloudflare
age: 133447
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwBHuwtPYKgt672tZReuXPeg%2FwWrbaJdLDj5yUlkXCTgjnQCEIm1d8IQkQ339nysL3pbgJfCWFrfbPdkSspHFO5XIwR%2FsVDxvTlt3tDq8u68bw1AvxI%2BV6Omb9uJiOOLKKtYyeAoW4yGqHdU"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ee74d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 12:52:38 GMT

GET
H3 200 automation.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 9 KB
4 KB 79ms
68ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/automation.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 347d5103868ea62a9c698517deb882c70e480ed48a1b7e1fb0300ce6654ddcd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 May 2020 03:53:14 GMT
server: cloudflare
age: 64910
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6wc1bTD6vGT7mLJIiYEehmaku1Wdkah%2BgG8SqMYF3sd9Y%2FhBbfRw5wWo%2BXveaRhRZbKh8YDNzH1AUP%2FVst6aMGbakcAHkV4%2FXu9%2Fu3sCJ6vRilaTtc0Pjse2HrS2JLbFvz0JIOsvCQN7Vc5"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ee84d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Jan 2022 03:34:06 GMT

GET
H3 200 automation_2.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 5 KB
2 KB 79ms
68ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/automation_2.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97d3a89544ee9e1a9fbb059453f7d6df772056b67b26448205618f5233bca032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 May 2020 05:29:04 GMT
server: cloudflare
age: 133447
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BuOC5%2FXg%2BIpTcVpz%2FiAdoabUMKQIWbSuAbfMTg5i0AVCICVKJ4Eu29Y84ZJrP%2BnM63DYn1wRKiSUPSEtWDH50xYR%2BlBKPZYlDLBJhorcy0z71GPnrObqdsTrKIu8St%2BS%2BE12bPZbk7aon7V"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ee94d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 12:52:38 GMT

GET
H3 200 productivity.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 3 KB
1 KB 79ms
68ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/productivity.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1229fb130ea6baef63cb93a0b1ab70790eca313c20f251e2343f6b74e4ae9fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 May 2020 17:05:34 GMT
server: cloudflare
age: 3557
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv8JcuzY6gLCjOnMXY1fnvpagn1Oh7XrA%2B%2BoQQIKwBPnVquhEVClhRTGPqaq172feyKhByXeP%2FhcXBRNZnCwDi%2BO%2FhTxNvccFyRfQ70NmLqLuhaDoV3Zeeo5%2FlLFumy%2FoeEvTL%2Bnd0GA74DX"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268eea4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Jan 2022 03:34:06 GMT

GET
H3 200 team.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 8 KB
3 KB 79ms
68ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/team.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 370662317750dae3646a1c68b66d2a44b03491fa00cdbe1c3f10e7cdfddfe5f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 May 2020 17:15:26 GMT
server: cloudflare
age: 64375
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eo7GdWfjA%2FYxO8zcDy2HJ7rihVhyntacc3qP88HDmw1QXc3fNZQOuqPXW18hW3kFqhxd7ulk2VEFsXdysEkwo7kBfswu1KdxD1Kxl3xQqaDarK6QakIdOhAw9Gn78oI1Jbdb0fg0e%2FD7mtHX"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268eec4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Jan 2022 18:58:27 GMT

GET
H3 200 rocket.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 3 KB
1 KB 87ms
76ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/rocket.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae874389aa85d41065deb0d884feab9139c4d6e3826bfda5e644e464b9ce68b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 May 2020 20:42:00 GMT
server: cloudflare
age: 125430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugPvDcz472QpKR4ozg9K1hqUIXBG5olBzBmQsVHsEEgeiXTWQ6YMMxx9P0zAKRvkwBsWSBIPePwqRSLrKEuWtxs97JPJl%2FELj1%2B83Ta2vgU6OfUppY8qiHaMHq61zgDv8L7LiT7VzHnKqxnG"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ef94d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Jan 2022 03:34:05 GMT

GET
H3 200 money-back.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 4 KB
2 KB 87ms
76ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/money-back.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93851edfd647f03d5cbef5a9ec2628f18f9d7e42e8cb44e66a2d5365b99ff736

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 May 2020 20:49:44 GMT
server: cloudflare
age: 125430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nG7WHNhyn1aT7v6R0%2FIbyN41Lf6m2oZn67LDEhU3zGJKeQiBIXZeHRgfVgm%2Fps73Y4I%2BYohR%2BsixP4glfzwoXj4h9ZCAYwy9kG2LRNHfDxzvPOVQrPHQcx0Sq6hk97aG6A9Y018ZV5s%2FxlPH"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268efa4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Jan 2022 03:34:05 GMT

GET
H3 200 shield_2.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 1 KB
1 KB 87ms
76ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/shield_2.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15fa7ea8f34056182647408d9055efbd1000fd28442d0fde94626f0e7274074a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 May 2020 20:39:34 GMT
server: cloudflare
age: 64910
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0T2XbJ5ewsbDtbggzkwoEl%2FaJIQM8EGDOgjBLrQoVNmufhlLgLwMHOUHnkxH%2F8WM1GxF9dHTLda2dOlxIsiFE367QuaeHGbholI2cbBNsDuDIbNiHLcXgcc82PJw6VCUFIfM%2B0bzjfPQbKqz"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268efb4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Jan 2022 03:34:06 GMT

GET
H3 200 technical-support.svg
cryptogpt.com/asset/home/bexo/assets/images/svg_icons/ Frame BF2F 2 KB
1 KB 87ms
76ms Image
image/svg+xml 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptogpt.com/asset/home/bexo/assets/images/svg_icons/technical-support.svg
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c8672684d55cbe627b65532b6e8af65ce266522880a19fffed5da864f4219a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 May 2020 20:40:18 GMT
server: cloudflare
age: 64910
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FoIDT3I7pR%2FqK6irDcy2V9CqOM9F0m3yLrrCIRy66wmLtN9ayY%2F2hMbr87wxOqj4hLOTbqkSJoXiW1rXI6UzOVgOn8CDTDJoplqUksemfxD1nlymGjpmKrJiA3l%2BqtlFWi1u9cSrFOe5YJW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=172800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268efc4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 21 Jan 2022 03:34:06 GMT

GET
H2 200 widget.min.js Show response
arc.io/ Frame BF2F 7 KB
3 KB 37ms
8ms Script
application/javascript 99.86.3.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: cryptogpt.com
URL: https://cryptogpt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

98af13d0e5bbfe5f702497459a3c7883bd977eea28d8b051c1c9521ac246094d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Wed, 19 Jan 2022 23:36:32 GMT
age: 1164
etag: "61e8a080-b75"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
date: Thu, 20 Jan 2022 01:37:21 GMT
x-amz-cf-pop: FRA6-C1
content-length: 2933
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-id: S8XbSo4PQvXxuP6pOy19lKB4KxTbFCaK7O56p44GsY0ZU9euVFU5Qg==

GET
H3 200 jquery-3.3.1.min.js Show response
cryptogpt.com/asset/home/bexo/assets/js/vendors/ Frame BF2F 85 KB
31 KB 105ms
89ms Script
application/javascript 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/js/vendors/jquery-3.3.1.min.js
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 01 Nov 2018 16:46:36 GMT
server: cloudflare
age: 1111436
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m95Lp6BoIxzzRbaqTpeppGYEsBruI6HQQrCbdDKf39kTCCJgyRcQJG7xmjuUb6j34Y9s%2BC%2FztrE6NeFgQ3reoyRgQLydalTV2wkF%2Fbd5u5o7Rc5clHxyrpSONdG9Xgyjqer170EJAwQjC0xi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268f054d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 14 Jan 2022 09:56:12 GMT

GET
H3 200 popper.js Show response
cryptogpt.com/asset/home/bexo/assets/js/vendors/ Frame BF2F 27 KB
8 KB 87ms
73ms Script
application/javascript 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/js/vendors/popper.js
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 073982fb46709eb2d8639fd8ba9a70bcc4158635694176c02be63639ecbedeec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482258
cf-polished: origSize=74659
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 01 Nov 2018 16:43:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uj27y6Rgn6QchbpeRnVG37dbj%2FS0K3qLrQBYjqIUV3UvngbzNK2y%2BGzgZ5zqByVgJpZ3ZYNPwrpeCFYITfev26FaZ9K8IuTmccwgenO3QgToAyRAtrVmTb0USYgymqn517PUxX8ZVG0w%2BzEh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6d04b0268ef24d84-FRA
expires: Sun, 13 Feb 2022 10:43:09 GMT

GET
H3 200 bootstrap.min.js Show response
cryptogpt.com/asset/home/bexo/assets/js/vendors/ Frame BF2F 48 KB
14 KB 83ms
69ms Script
application/javascript 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/js/vendors/bootstrap.min.js
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Jan 2018 03:33:36 GMT
server: cloudflare
age: 489489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B538KVVrBStHhQrHtYGAGQDw%2FYL6gXbooIfTHbcsrMUXrc%2BWQ7kNndb8oDFlB0qg8zqx7gd0WTEN%2Boq9Lk%2BkZeqT56gmjVZB2NWdbxVsNUojPb7JmCFAn7rDyjqUiPY05YTNs2AqXPKGZMJ7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ef04d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 09 Feb 2022 20:38:06 GMT

GET
H3 200 particles.min.js Show response
cryptogpt.com/asset/home/bexo/assets/js/vendors/ Frame BF2F 24 KB
7 KB 83ms
69ms Script
application/javascript 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/js/vendors/particles.min.js
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30ac107d42f2cd51ccb05e415d2dbde61b9dbfd95db44e1b21dee449d7133756

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 21 Aug 2021 08:07:16 GMT
server: cloudflare
age: 489489
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TtsvxLU8%2FyFTgbkVxIhzN2XOY%2B6%2BoGbc5V%2Bktzaiz0g%2FhJp%2F1HhpsfMjZw1WaLeI7MXlU%2F%2BiNKM2b3Mp9lDC6XJ%2F%2Bgj7AcNTLFot3zGBsK3hFMTH%2BBxTbDnEQzfCkNpWiYClGZIv1DRAaBU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268eee4d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 13 Feb 2022 09:57:32 GMT

GET
H3 200 slick.min.js Show response
cryptogpt.com/asset/home/bexo/assets/js/vendors/ Frame BF2F 42 KB
11 KB 86ms
72ms Script
application/javascript 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/js/vendors/slick.min.js
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Apr 2020 07:33:56 GMT
server: cloudflare
age: 482264
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPakqAWwC%2Be6wImQ4Z47yOQoO%2FpmuuHmIpMAQC8wzBKuXyDtkLlnQ1mVeJbvA0Ni83nH6iMZOQuuQR2nJS%2BDLXHjRvEk0UXhAd3ZHGdAhgKSh3sAi79xKgv4Ea9XJO2%2Fqdh4NJ8jQeDtehPK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0268ef14d84-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 13 Feb 2022 10:39:06 GMT

GET
H3 200 aos.js Show response
cryptogpt.com/asset/home/bexo/assets/js/vendors/ Frame BF2F 14 KB
5 KB 82ms
69ms Script
application/javascript 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/js/vendors/aos.js
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1111436
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 08 Jul 2018 04:40:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUqXB%2B%2FGRt0Qo6X%2F%2B7MFL8nyghe2jSoye6nYuMzCBOxD9Ifpwrr2qcfIVKIm%2BobiI6oUwqk5zhdaHd83dk9TLdYZsCp66Klpoyqqy2HwwZlZR4x7cCKmlcs1BtxRtd76wWJaDDw9pTjcb0RO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6d04b0268eed4d84-FRA
expires: Fri, 14 Jan 2022 10:46:01 GMT

GET
H3 200 script.js Show response
cryptogpt.com/asset/home/bexo/assets/js/theme/ Frame BF2F 925 B
1013 B 82ms
69ms Script
application/javascript 2606:4700:3036::6815:4d4a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptogpt.com/asset/home/bexo/assets/js/theme/script.js
Requested by: Host: cryptogpt.com
URL: https://cryptogpt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:4d4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60d88efdbb321505b77a4cf9c9b30b4b18d65b79a3541ea053d15975ed256c1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 482298
cf-polished: origSize=1532
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 22 Aug 2021 05:31:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68KKns3UQns7JvKaohHucBdy%2F%2BWdgP5xlWYg1LL6a9tyndXbRJTY2uqF6HAZ2gZnd9hLBw0FUgXjtuydAUPwjA8xDQ6eLKa4rNjSBj67%2FzL4bh%2F%2BmK8ItKroW5AeqlgmzIKu6HU5bGe9dWUK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 6d04b0268eef4d84-FRA
expires: Sun, 13 Feb 2022 10:43:09 GMT

GET
H/1.1 200
OK 1669830 Show response
ad.a-ads.com/ Frame 68B0 6 KB
2 KB 18ms
17ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1669830?size=728x90

Requested by

Host: cryptogpt.com
URL: https://cryptogpt.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

9794d0e24315c5b94c5164fa74662080375f33d8b721460a9aacb9a36b03f52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 1629455 Show response
ad.a-ads.com/ Frame 2123 6 KB
2 KB 17ms
17ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1629455?size=468x60

Requested by

Host: cryptogpt.com
URL: https://cryptogpt.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

9c991c0984dc221172325b180e6a85ac7ff70bea5a26a832ff13778f1ac3dc5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 468x60
static.a-ads.com/a-ads-banners/117620/ Frame 2123 156 KB
157 KB 11ms
11ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1629455?size=468x60
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Last-Modified: Sun, 19 Apr 2020 16:08:09 GMT
Server: nginx
x-amz-request-id: YYXWSBZHBF3AFX6X
ETag: "d89cd17d5e22adfb5532615d116d84b8"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 160195
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4
x-amz-id-2: N9mVQ4BIpphYUaLzykyZqg7ulMujV53YDjmm5N4WASpCSkAQcLCXiArLjf5cgCIgTVeyk8Wzcns=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/117619/ Frame 68B0 122 KB
123 KB 26ms
26ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117619/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1669830?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Last-Modified: Sun, 19 Apr 2020 16:08:09 GMT
Server: nginx
x-amz-request-id: 2FQ1MN3YCS2YW3RW
ETag: "8df22bfbf1b66e4d461cc595236e19c5"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 125388
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: 0fATWmKYpJSZr5TJ6jtiSoqDotlI3uSs
x-amz-id-2: +8BlySzlgZNcTZ2KOaYi1DAnoScH4fR/nY5xOg7x0XtCm0xUh35CRS8G/LRtbxXRTIEcCeWPynA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame A2B0 165 KB
61 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S3KQ02YL98

Requested by

Host: unlimfaucet.com
URL: https://unlimfaucet.com/pay.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64c0226463b4f6b450bd26ee5a8a652deb1abe6431e8fcfbf714dfa89d3a2551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62534
x-xss-protection: 0
expires: Thu, 20 Jan 2022 01:56:45 GMT

GET
H3 200 1151225 Show response
adhitzads.com/ Frame A2B0 448 B
810 B 23ms
23ms Script
text/html 172.64.141.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1151225
Requested by: Host: unlimfaucet.com
URL: https://unlimfaucet.com/pay.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.141.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71c0a3cd17cb402cfdf29609aa785ffbdc6acf8f528c07e23e2313e95b1c1614

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZVXirsQUX74otnf5cXOasSJU6R7YXVHt98pfGzwGvZiphQXNEkAZFV5%2FcUJZv8vi0aikkPPRgP6JrVIet0k6zFqxsmeS74ButKL8EXv4zVpuh0nkgj8jJEa2KXNhDsV"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 6d04b0277a885ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 02:56:45 GMT

GET
H3 200 hit.js Show response
widget.supercounters.com/ssl/ Frame A2B0 4 KB
2 KB 28ms
17ms Script
application/javascript 2606:4700:3033::6815:4208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.supercounters.com/ssl/hit.js
Requested by: Host: unlimfaucet.com
URL: https://unlimfaucet.com/pay.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b3d3499fc09b0bea26ef49c3547df27fe96e2a2ddb7a9cf821ffde4cac3c69f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2017 08:14:18 GMT
server: cloudflare
age: 3812
etag: W/"5965da5a-edd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK%2BFVxm%2Fmix1w9v13R68qa0CoAz1wFfZhHgmiDzubJJXWFYbNhKEVcoz%2BIUdXbdcEdUrEXaaXAhyVA9OY5Y7yAKTt%2FiW7j8kyjI83GVI9YVMA3XqO8%2BAwQAU5GStKvALqwpkrIPEtt%2FesIvNC7vtpmU04wMk5NA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d04b0278a677028-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 1773889 Show response
ad.a-ads.com/ Frame 5EDD 6 KB
2 KB 21ms
21ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1773889?size=728x90

Requested by

Host: unlimfaucet.com
URL: https://unlimfaucet.com/pay.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

cc912a4861d28c32e8282e28a10bf66a3206df0bc305d40b8519571f3ea93b67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
H/1.1 200
OK 1773193 Show response
ad.a-ads.com/ Frame C1DE 6 KB
2 KB 20ms
19ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1773193?size=300x250

Requested by

Host: unlimfaucet.com
URL: https://unlimfaucet.com/pay.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

76027ad67d7d04f03b61c637aee6b4e2216e5aa1294a9eb4df2abaf3d771632a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame A2B0 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/118229/ Frame C1DE 682 KB
683 KB 12ms
11ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/118229/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1773193?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: b81d1d6dc8129dde051254463257a664dfe1bb49b78f0f4cd37dafbb3f960f93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Last-Modified: Sun, 26 Apr 2020 07:21:07 GMT
Server: nginx
x-amz-request-id: B1JT2QFJ8DM39QPF
ETag: "ce8c5673a039ad9769d3265284d8f5f4"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 698412
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: UQkZBCfcjGWdsi6lCz_51AvW3yIHMTsf
x-amz-id-2: aXAfAw3Fu8/t0beO4umC/g7tjVllnkBKN3lanANb68XpLZsbrSB/e6aH7gQMdA0jVBB+JlO6Kv4=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/117619/ Frame 5EDD 122 KB
123 KB 13ms
12ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/117619/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1773889?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: e4503a46dd63eb6398899345e1cf979d0aeb0dedfe051fc6cd213a69d67ddcc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Last-Modified: Sun, 19 Apr 2020 16:08:09 GMT
Server: nginx
x-amz-request-id: 2FQ1MN3YCS2YW3RW
ETag: "8df22bfbf1b66e4d461cc595236e19c5"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 125388
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: 0fATWmKYpJSZr5TJ6jtiSoqDotlI3uSs
x-amz-id-2: +8BlySzlgZNcTZ2KOaYi1DAnoScH4fR/nY5xOg7x0XtCm0xUh35CRS8G/LRtbxXRTIEcCeWPynA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 layer.js Show response
www.thz3.xyz/static/common/layuiadmin/layui/lay/modules/ 22 KB
8 KB 1053ms
1052ms Script
application/javascript 2606:4700:3032::ac43:a24f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thz3.xyz/static/common/layuiadmin/layui/lay/modules/layer.js
Requested by: Host: www.thz3.xyz
URL: https://www.thz3.xyz/static/common/layuiadmin/layui/layui.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a24f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0882ac74e2b8de17fbf558dabbd3924ee4b82305793b440c6dd494e001b2f43d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thz3.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:46 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DoW01r1dE2pJ7bNEQ6gRJZ21v6%2B75in5DNG%2BDLOSmQdWE7OfRfycKilJggZBJl46uR99qXKC8l3ActYvbWdliojJjeh88ma9%2BWlpl1q3rfZi7Ip0N%2BZiu5MhM5eTCJfDUofsc1Xut2FjAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
roubsite-license: Open-Source(www.roubsite.com)
cf-ray: 6d04b02929df704c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
roubsite-version: RoubSite/V4
expires: Thu, 20 Jan 2022 02:01:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 081D 165 KB
61 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C57H04HHTL

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8dd1c45f57c1591f7fadd75e45ffbb8a7afa1d130ff140a82fa83b8878365d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62524
x-xss-protection: 0
expires: Thu, 20 Jan 2022 01:56:45 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootswatch/4.5.2/slate/ Frame 081D 190 KB
27 KB 51ms
24ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootswatch/4.5.2/slate/bootstrap.min.css

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7e5388a230376afe6114459c6f63c7bb000fded3f890593875b520e3807347f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 718, 718
age: 1269839
cdn-cachedat: 2021-05-26 10:28:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:48 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8621852a4ddb9363ed4ed9be373e1422
cf-ray: 6d04b02a8e6a6943-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ Frame 081D 58 KB
11 KB 22ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 187102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10472
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rfjlUwypjPidOvqsQL%2Be8%2FeyfHlK4X9pIR%2B%2FDjaqNFuqMnAaWEGM8PLNNgVX0dNkQyq2JHLMZXo0LZfDBjvGNS4Jfy44Hm4GDl1bxGi8sL5W%2FDnMTqV0GbcFPSP5GcFfTJ7hV69hGwf4l5C1ZZBWi%2FH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d04b02a686b4e8b-FRA
expires: Tue, 10 Jan 2023 01:56:45 GMT

GET
H2 200 base.css
vipkopilka.pp.ua/libs/css/ Frame 081D 748 B
636 B 889ms
888ms Stylesheet
text/css 185.237.206.6
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL

https://vipkopilka.pp.ua/libs/css/base.css

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.237.206.6 , Ukraine, ASN21100 (ITLDC-NL, UA),

Reverse DNS

Software

nginx /

Resource Hash

96d937266e197db610a6e47e75f3afe063b0795eb0559104696e89bf74c538cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jan 2022 19:22:45 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
expires: Sat, 19 Feb 2022 01:56:46 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS

GET
H2 200 bancode.php Show response
linkslot.ru/ Frame 081D 14 KB
5 KB 113ms
112ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://linkslot.ru/bancode.php?id=334094

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c0c6aa7fc35631dcdaf9bf60b831ca8b31be1a4f91c9096f262eae6e4289690

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CsY0o%2FpfBLmro1nCI6lLrK4PWvBV7zSbf84BxbRLtb6QpKZhz%2FmtIJW7W65Q53B%2BQmA1lp6PNmq31Z1rXZgdDxoPhfsYwn9Ps6U04FUIjXVqIXgae9GrVUP2%2Bo1radrr4QEKTPRSB6tU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 6d04b02a5ce96951-FRA

GET
H2 200 lincode.php Show response
linkslot.ru/ Frame 081D 15 KB
5 KB 65ms
65ms Script
application/javascript 2606:4700:20::681a:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://linkslot.ru/lincode.php?id=334095

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:1c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a003f9f65d1753f1300365e1369801746e5015718ee493b2fdd9eac18d8c7a6a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Crt3Eu3FBf1qCHL0eA%2BbD8hkWxx2wKf8CK9EPhjmGMmH2lx6vEBlArbErWo5coDig5RZImTSWC98CQ9sOF1pSDCiFItzXVId1X7PoPB4JMbE2CEVuHG5osges7f8WGTLfvs81OfGDLLY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=windows-1251
cf-ray: 6d04b02a5cec6951-FRA

GET
H3 200 1151227 Show response
adhitzads.com/ Frame 081D 448 B
815 B 24ms
24ms Script
text/html 172.64.141.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1151227
Requested by: Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.141.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d42fdf806c8e82a3f881b0f03fd20f50032c069a4052862651eda1c1cc600f2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yr6lbE9gvCYYkKl5MqpdRTv5YZk0VFRFA6nOyV4D1rP5%2FgbQidmhLK7lW6XrQGHKmCK8b%2B3OAkTLcgo4u3p%2F5JRqwdEOxegNxB%2BOubjc8rxXX34TOUyuI8G202ozvSw8"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 6d04b02a5e4e5ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 02:56:45 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 081D 850 B
967 B 134ms
48ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

47d6a05d6ad84b1c213f47647d1fb89523cf96bf0611728d5fc453fb89c83e23

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Thu, 20 Jan 2022 01:56:45 GMT

GET
H/1.1

404
Not Found

404.php
adrek.ru/ Frame 081D
Redirect Chain

https://adrek.ru/b.php?id=13460
https://adrek.ru/404.php

0
0

54ms
54ms

Script
text/html

5.181.109.142
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adrek.ru/404.php
Requested by: Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/
Protocol: HTTP/1.1
Server: 5.181.109.142 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: adrek.ru
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Server: nginx
X-Powered-By: PHP/7.4.1
Content-Type: text/html; charset=UTF-8
Location: /404.php
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 0

GET
H/1.1

404
Not Found

404.php
adrek.ru/ Frame 081D
Redirect Chain

https://adrek.ru/b.php?id=13462
https://adrek.ru/404.php

0
0

56ms
55ms

Script
text/html

5.181.109.142
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adrek.ru/404.php
Requested by: Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/
Protocol: HTTP/1.1
Server: 5.181.109.142 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: adrek.ru
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Server: nginx
X-Powered-By: PHP/7.4.1
Content-Type: text/html; charset=UTF-8
Location: /404.php
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 0

GET
H3 200 1151216 Show response
adhitzads.com/ Frame 081D 448 B
816 B 21ms
21ms Script
text/html 172.64.141.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1151216
Requested by: Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.141.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f884b2758e1585090288d5062f8060454a70404da07851368e80da7ac4fb753b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sJy1x5kokloNH98V%2BEJSKv74AlRVwL8OL8xYeu4MkRnxlkFM%2FgoreWuZDzmuNXQjH%2BNlJfRQOxlhM6K3ZF%2BPFbya%2BG5Ol1UKTbuiznTzrE0l0UXsOdplZ1jkjcm9IslA"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 6d04b02a5e505ca4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 20 Jan 2022 02:56:45 GMT

GET
H/1.1

404
Not Found

404.php
adrek.ru/ Frame 081D
Redirect Chain

https://adrek.ru/b.php?id=13439
https://adrek.ru/404.php

0
0

77ms
77ms

Script
text/html

5.181.109.142
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adrek.ru/404.php
Requested by: Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/
Protocol: HTTP/1.1
Server: 5.181.109.142 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: adrek.ru
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Server: nginx
X-Powered-By: PHP/7.4.1
Content-Type: text/html; charset=UTF-8
Location: /404.php
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 0

GET
H/1.1

404
Not Found

404.php
adrek.ru/ Frame 081D
Redirect Chain

https://adrek.ru/l.php?id=6836
https://adrek.ru/404.php

0
0

69ms
69ms

Script
text/html

5.181.109.142
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adrek.ru/404.php
Requested by: Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/
Protocol: HTTP/1.1
Server: 5.181.109.142 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: adrek.ru
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Server: nginx
X-Powered-By: PHP/7.4.1
Content-Type: text/html; charset=UTF-8
Location: /404.php
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 0

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ Frame 081D 87 KB
30 KB 138ms
72ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1642643805.dop109.am5.t,1642643805.cds223.am5.hn,1642643805.cds203.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ Frame 081D 82 KB
23 KB 33ms
17ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1320349
x-jsd-version: 4.6.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19163-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6d04b02a7eef691f-FRA

GET
H2 200 show_ads.js Show response
vipkopilka.pp.ua/libs/ Frame 081D 23 B
300 B 889ms
889ms Script
application/javascript 185.237.206.6
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL

https://vipkopilka.pp.ua/libs/show_ads.js

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.237.206.6 , Ukraine, ASN21100 (ITLDC-NL, UA),

Reverse DNS

Software

nginx /

Resource Hash

ae8733fbaff642fc86c871273af6a0430ca67d764e4169c5a38c6fd66fbf8169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Jan 2022 19:23:01 GMT
server: nginx
content-type: application/javascript
expires: Sat, 19 Feb 2022 01:56:46 GMT
cache-control: max-age=2592000
x-server-powered-by: Engintron
accept-ranges: bytes
content-length: 23
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: BYPASS

GET
H/1.1 200
OK 90 Show response
neon.today/context/get/59442/19173/0/728/ Frame C90F 596 B
579 B 72ms
20ms Document
text/html 95.179.157.240
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://neon.today/context/get/59442/19173/0/728/90
Requested by: Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.179.157.240 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS: neon.today
Software: nginx /
Resource Hash: cb44ccd42cae108b4ed9745c1bb47994a743fcf264690b7075c4db9a113da8ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 376
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK 1890959 Show response
ad.a-ads.com/ Frame 22D0 6 KB
2 KB 20ms
20ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1890959?size=300x250

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

d0c8949ae32024f07154feb674d7f952dac03d3099efb6b0b1d60dab919c0e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame 081D 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfa0f0c4ce30374cd3c46a57a7825b405afd62c83dd576fc5a21ad68928d8c57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 1890959 Show response
ad.a-ads.com/ Frame 1881 6 KB
2 KB 20ms
20ms Document
text/html 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1890959?size=300x250

Requested by

Host: vipkopilka.pp.ua
URL: https://vipkopilka.pp.ua/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx / Phusion Passenger(R)

Resource Hash

d0c8949ae32024f07154feb674d7f952dac03d3099efb6b0b1d60dab919c0e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 20 Jan 2022 01:56:45 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame 081D 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/103763/ Frame 22D0 686 KB
687 KB 12ms
12ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/103763/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1890959?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Last-Modified: Fri, 27 Dec 2019 12:20:30 GMT
Server: nginx
x-amz-request-id: 2N4KVC7TXEECYRK0
ETag: "28dd56aa4c3448923f2e06f6f90e1017"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 702864
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: KIPQ8aj2AKbgfuqCDbQF8bZCjZrg7.Bd
x-amz-id-2: rl+e/V+gbVYImLWd7TMOyoX2SGSxRONiQpaty5+r9SLVyclbQVvGMkKgk6UcpflZXMNGOymAEGA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 300x250
static.a-ads.com/a-ads-banners/103763/ Frame 1881 686 KB
687 KB 14ms
13ms Image
image/gif 148.251.53.118
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/103763/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1890959?size=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.53.118 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.118.53.251.148.clients.your-server.de
Software: nginx /
Resource Hash: 2191d31c59541b9c44346fde06c4e0ea2900c7ff88d084e8871ef13d2daa1326

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Last-Modified: Fri, 27 Dec 2019 12:20:30 GMT
Server: nginx
x-amz-request-id: 2N4KVC7TXEECYRK0
ETag: "28dd56aa4c3448923f2e06f6f90e1017"
Content-Type: image/gif
Cache-Control: max-age=315360000
Content-Length: 702864
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: KIPQ8aj2AKbgfuqCDbQF8bZCjZrg7.Bd
x-amz-id-2: rl+e/V+gbVYImLWd7TMOyoX2SGSxRONiQpaty5+r9SLVyclbQVvGMkKgk6UcpflZXMNGOymAEGA=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 728x90.png
neon.today/img/ Frame C90F 67 KB
67 KB 14ms
14ms Image
image/png 95.179.157.240
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neon.today/img/728x90.png
Requested by: Host: neon.today
URL: https://neon.today/context/get/59442/19173/0/728/90
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.179.157.240 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS: neon.today
Software: nginx /
Resource Hash: 909e031bc40149bcea974e2a8e8f07266fad76b90db640391230bb0c27ef5022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Last-Modified: Tue, 04 Dec 2018 21:12:27 GMT
Server: nginx
ETag: "5c06edbb-10b1c"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68380
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK logo_white_small.png
neon.today/ Frame C90F 19 KB
19 KB 52ms
26ms Image
image/png 95.179.157.240
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neon.today/logo_white_small.png
Requested by: Host: neon.today
URL: https://neon.today/context/get/59442/19173/0/728/90
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.179.157.240 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS: neon.today
Software: nginx /
Resource Hash: 595fd725bb9002daf682dfc659e12d7373afbc13bd760f9a7d3f58c5537e2e07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 20 Jan 2022 01:56:45 GMT
Last-Modified: Tue, 04 Dec 2018 21:11:55 GMT
Server: nginx
ETag: "5c06ed9b-4a09"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18953
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET layer.css
www.thz3.xyz/static/common/layuiadmin/layui/css/modules/layer/default/ 0
0

GET
H2 200 / Show response
media.hubuhost.com/re/ Frame 75ED 315 B
445 B 13ms
12ms Document
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://media.hubuhost.com/re/?sess=Bjc7QE3AKkA1h3b4q%2FyLZHF787eEMEDrNbiJYXEcCvPG9K%2BvYWaBkmSfkyyQdTyF

Requested by

Host: www.thz3.xyz
URL: https://www.thz3.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

61af1ce1d3e9569ceefb86c447b0c98e3db41d170390e8e15d817fe0e7fdd2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://show.adorion.net/

Response headers

server: nginx
date: Thu, 20 Jan 2022 01:56:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 lds.gif
media.hubuhost.com/re/ Frame 75ED 7 KB
8 KB 13ms
13ms Image
image/gif 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.hubuhost.com/re/lds.gif

Requested by

Host: media.hubuhost.com
URL: https://media.hubuhost.com/re/?sess=Bjc7QE3AKkA1h3b4q%2FyLZHF787eEMEDrNbiJYXEcCvPG9K%2BvYWaBkmSfkyyQdTyF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

d8a3fd24717c94b02e488de14bf097f271b58c74f15e94c633114e303581e211

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.hubuhost.com/re/?sess=Bjc7QE3AKkA1h3b4q%2FyLZHF787eEMEDrNbiJYXEcCvPG9K%2BvYWaBkmSfkyyQdTyF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:46 GMT
last-modified: Thu, 21 Jan 2021 21:01:23 GMT
server: nginx
etag: "6009eba3-1dff"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 7679
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
media.hubuhost.com/re/ Frame 75ED 245 B
386 B 14ms
14ms Document
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://media.hubuhost.com/re/?sess=fzYM60oJDQRunk2BAEG4KyJ5lerJiyafmzWnPbzMZ8JxctVM6x5b%2BbS0Yg0a3LH8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

14e641f86fbe61ffc2e41f7c0cc844b2d20dfa831957af795dc778a73d033e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://media.hubuhost.com/re/?sess=Bjc7QE3AKkA1h3b4q%2FyLZHF787eEMEDrNbiJYXEcCvPG9K%2BvYWaBkmSfkyyQdTyF

Response headers

server: nginx
date: Thu, 20 Jan 2022 01:56:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 / Show response
g.cash-ads.com/banner/ Frame 75ED 6 KB
2 KB 46ms
12ms Script
text/html 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/banner/?code=rJHSfj2%2BNDqECusCL0ZFNg%3D%3D

Requested by

Host: media.hubuhost.com
URL: https://media.hubuhost.com/re/?sess=fzYM60oJDQRunk2BAEG4KyJ5lerJiyafmzWnPbzMZ8JxctVM6x5b%2BbS0Yg0a3LH8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

6ef242a1146610a846b145b07ef928fa5752620c83dd0f790dec54fa7acda2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.hubuhost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:46 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 base.js
g.cash-ads.com/js/ Frame 75ED 91 KB
37 KB 23ms
23ms Script
application/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/js/base.js

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=rJHSfj2%2BNDqECusCL0ZFNg%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://media.hubuhost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 20 Jan 2022 01:56:46 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 15:27:16 GMT
server: nginx
etag: W/"612e4a54-16b34"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 jw.js Show response
c.blyatflix.de/ Frame 75ED 2 KB
683 B 11ms
11ms Script
text/javascript 5.9.20.91
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.blyatflix.de/jw.js?de=yZX534BoHK8EA9UO

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=rJHSfj2%2BNDqECusCL0ZFNg%3D%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.9.20.91 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS