img.1378a.xyz Open in urlscan Pro
202.81.230.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://img.1378a.xyz/
Submission: On October 25 via manual (October 25th 2023, 10:22:20 am UTC) from HK — Scanned from DE

Summary HTTP 61 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 61 HTTP transactions. The main IP is 202.81.230.136, located in Hong Kong and belongs to M2012LIMITED-AS 2012 Limited Netfront, HK. The main domain is img.1378a.xyz.

This is the only time img.1378a.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	202.81.230.136 202.81.230.136	4658 (M2012LIMI...) (M2012LIMITED-AS 2012 Limited Netfront)
1	2606:4700:303... 2606:4700:3035::ac43:bad7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 30	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	15

6 202.81.230.136 (Hong Kong)

ASN4658 (M2012LIMITED-AS 2012 Limited Netfront, HK)
PTR: 230-136.ha.cloud.netfront.net

img.1378a.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:bad7 (United States)

ASN13335 (CLOUDFLARENET, US)

www.emailnator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

botsafeguard.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	botsafeguard.net 1 redirects botsafeguard.net	552 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	223 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	167 KB
6	1378a.xyz img.1378a.xyz	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	148 KB
1	hcaptcha.com newassets.hcaptcha.com — Cisco Umbrella Rank: 10576	237 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	600 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	252 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2668	442 B
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 23960	145 KB
1	emailnator.com www.emailnator.com	192 KB
61	12

	Domain	Requested by
30	botsafeguard.net	1 redirects img.1378a.xyz botsafeguard.net
7	pagead2.googlesyndication.com	img.1378a.xyz pagead2.googlesyndication.com tpc.googlesyndication.com
6	img.1378a.xyz	www.emailnator.com img.1378a.xyz
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	cdn4.buysellads.net securepubads.g.doubleclick.net
2	www.googletagmanager.com	www.emailnator.com www.googletagmanager.com
1	newassets.hcaptcha.com	botsafeguard.net
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.paypalobjects.com	img.1378a.xyz
1	cdn4.buysellads.net	img.1378a.xyz
1	www.emailnator.com	img.1378a.xyz
61	14

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com
smsnator.online
premium.emailnator.com
www.facebook.com
discord.gg
tools-ai.online

Subject Issuer	Validity	Valid
emailnator.com GTS CA 1P5	`2023-10-25` - `2024-01-23`	3 months	crt.sh
botsafeguard.net GTS CA 1P5	`2023-09-05` - `2023-12-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
cdn4.buysellads.net R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://img.1378a.xyz/
Frame ID: ADD4D43F987879A2FA39F684EF88162F
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/zrt_lookup.html
Frame ID: EB9227A6978485B0A73EB7C6331D36DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&adk=1812271804&adf=3025194257&lmt=1698222135&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=http%3A%2F%2Fimg.1378a.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1698229334730&bpp=5&bdt=251&idt=252&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4104684829064&frm=20&pv=2&ga_vid=1505087671.1698229335&ga_sid=1698229335&ga_hid=542501429&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44801484%2C44805113%2C44805534%2C44805915%2C44805934%2C31078301%2C31079056&oid=2&pvsid=4092813173793664&tmod=816580587&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=282
Frame ID: A21AE9D3A531BCF86470FF9365C71F82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=90&slotname=4269377563&adk=2000705666&adf=1047078985&pi=t.ma~as.4269377563&w=728&fwrn=4&fwrnh=100&lmt=1698222135&rafmt=12&format=728x90&url=http%3A%2F%2Fimg.1378a.xyz%2F&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1698229334735&bpp=13&bdt=256&idt=290&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4104684829064&frm=20&pv=1&ga_vid=1505087671.1698229335&ga_sid=1698229335&ga_hid=542501429&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44801484%2C44805113%2C44805534%2C44805915%2C44805934%2C31078301%2C31079056&oid=2&pvsid=4092813173793664&tmod=816580587&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FV8LIpLMDb&p=http%3A//img.1378a.xyz&dtd=295
Frame ID: 3004E639DDDC3A1597EF45B115F57D01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=280&slotname=6252367097&adk=655611541&adf=3328144058&pi=t.ma~as.6252367097&w=712&fwrn=4&fwrnh=100&lmt=1698222135&rafmt=1&format=712x280&url=http%3A%2F%2Fimg.1378a.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698229334748&bpp=1&bdt=269&idt=287&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4104684829064&frm=20&pv=1&ga_vid=1505087671.1698229335&ga_sid=1698229335&ga_hid=542501429&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=444&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44801484%2C44805113%2C44805534%2C44805915%2C44805934%2C31078301%2C31079056&oid=2&pvsid=4092813173793664&tmod=816580587&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=GKSQTseL6p&p=http%3A//img.1378a.xyz&dtd=294
Frame ID: B3E6FB1590600C745B4779AAC5594127
Requests: 1 HTTP requests in this frame

Frame: https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html
Frame ID: 8CD5E9A57A407FEAF42C28F69ED114D7
Requests: 7 HTTP requests in this frame

Frame: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
Frame ID: AE52D493199F187796C89B2B47D86B61
Requests: 11 HTTP requests in this frame

Frame: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
Frame ID: 6590B3E745CF4E4AB5A13DFC22DDAFB9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DEBFDE00B0BDEF67DFD1AC8805759157
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D5C4180E13883B36CEF3B2C5295827AF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Temporary Disposable Gmail | Temp Mail | Email Generator

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

61
Requests

89 %
HTTPS

71 %
IPv6

12
Domains

14
Subdomains

15
IPs

4
Countries

1669 kB
Transfer

5157 kB
Size

7
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.emailnator

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id6443654899

Search URL Search Domain Scan URL

URL: https://smsnator.online/
Title: Temp Number

Search URL Search Domain Scan URL

URL: https://premium.emailnator.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gmailnator

Search URL Search Domain Scan URL

URL: https://discord.gg/K68g52HCWt

Search URL Search Domain Scan URL

URL: https://tools-ai.online/
Title: AI Tools |

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://botsafeguard.net/fc/api/sri/ HTTP 308
https://botsafeguard.net/fc/api/sri

61 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
img.1378a.xyz/ 3 KB
3 KB 3123ms
378ms Document
text/html 202.81.230.136
M2012LIMITED-AS 2...

General

Check archive.org

Show headers Download Go to

Full URL: http://img.1378a.xyz/
Protocol: HTTP/1.1
Server: 202.81.230.136 , Hong Kong, ASN4658 (M2012LIMITED-AS 2012 Limited Netfront, HK),
Reverse DNS: 230-136.ha.cloud.netfront.net
Software: nginx /
Resource Hash: d56197687ca74ec27dee2a9585c1fa0470fb075640d39d02191e6163257ebb94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 81b9bcbacaff20e2-HKG
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Oct 2023 10:22:14 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YD%2FFm1zxhdEIga3KjKoJJuYm0uSESOQSmM8qAvjFPSyXb98bTAafX6awNhENEsw6oMDXm9vvug9iZpkatsx0sHCYnkvvkCTDz4jZTgMZGN6qv2JEyf1j7n%2Bnvz68wdYrO1PkOBg%3D"}],"group":"cf-nel","max_age":604800}
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.js Show response
www.emailnator.com/js/ 707 KB
192 KB 106ms
39ms Script
application/javascript 2606:4700:3035::ac43:bad7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.emailnator.com/js/app.js?ver=MfLJevaWBm35
Requested by: Host: img.1378a.xyz
URL: http://img.1378a.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a9c7ff5d09af1805e9a32d1fc7fc7b6336f8a4b8e6fcf08e715e267fe23f29

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82
cf-polished: origSize=723927
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 13 Aug 2023 02:13:04 GMT
server: cloudflare
etag: W/"b0bd7-602c47c65cf4b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJqY10Fw2NwDyzpfCDjzAqYB8njO3BgYlxgb3Aa9gxDcd2wEnwPyvxHPkjGSqzD3JGHdyiqJpMmSJljw%2B%2BdfUyP7H7XjYLvjvKe4wJvsW8G1RnLVkl8Ubonk9UdfMXzRQR%2BA4nnGjH%2B%2FqK7ZLHZl684%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 81b9bcbcfbf41cb9-FRA

GET
H2 200 botsafev1.js Show response
botsafeguard.net/ 2 KB
1 KB 101ms
43ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/botsafev1.js

Requested by

Host: img.1378a.xyz
URL: http://img.1378a.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe436c216aab02cb114520858e7b5bd29c8b65800390330fc945b0666381d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:14 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="botsafev1.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::hr7rc-1698135800290-dad1c3240e06
server: cloudflare
x-matched-path: /botsafev1.js
etag: W/"4e0e7aecff00246de7cd705ac6890c3a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESnYqdVBYnrlk3dhJHcnL7%2BQBxt4HgGxCrxcP2AAqRndvm0xo825umBg5qWZ9CN7M1vuoC79Rfo%2FG5pDtT35I%2BasysiZYbod%2FlA8gctqno4arlt9NqK2Tx2LJqe%2BlVJsW3PfKvNeSp8ASALrlMzB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 81b9bcbcedd33667-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 115ms
70ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2044622973026891

Requested by

Host: img.1378a.xyz
URL: http://img.1378a.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45ab52a5ca7138e53fc1c9ee14ff5ef015c465cad24c2a382cfdfc84ef64bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1378a.xyz/
Origin: http://img.1378a.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51003
x-xss-protection: 0
server: cafe
etag: 16693174431960458803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:22:14 GMT

GET
H/1.1 200
OK emailnator.js Show response
cdn4.buysellads.net/pub/ 509 KB
145 KB 109ms
21ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/emailnator.js?1698229200000
Requested by: Host: img.1378a.xyz
URL: http://img.1378a.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: ed92f11722d0ca0be8286a605822df28810e25b7a86cfc16938bdbc906cef717

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Wed, 25 Oct 2023 10:22:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Oct 2023 10:03:55 GMT
Server: AmazonS3
x-amz-request-id: BCDFZX1C72QA04KT
ETag: "8d5f63985a87bd27a6a786b83941c253"
x-amz-server-side-encryption: AES256
X-HW: 1698229334.cds206.fr8.hn,1698229334.cds261.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 148127
x-amz-id-2: gz60X1wG1ro9DNrFxvX8g6zT80CiLt5rxhiGrtphW2gUYLNBgFqKNlTqUjxdnmmpgddSN+cJ3Ak=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
60 KB 104ms
35ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-P7P66FK

Requested by

Host: www.emailnator.com
URL: https://www.emailnator.com/js/app.js?ver=MfLJevaWBm35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

100592656fa8ce33fabc5b8747debcd3c783b1384dc43fe5e00b42403c810fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61419
x-xss-protection: 0
last-modified: Wed, 25 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 Oct 2023 10:22:14 GMT

POST
H/1.1 200
OK generate-email Show response
img.1378a.xyz/ 36 B
2 KB 417ms
417ms XHR
application/json 202.81.230.136
M2012LIMITED-AS 2...

General

Check archive.org

Show headers Download Go to

Full URL: http://img.1378a.xyz/generate-email
Requested by: Host: www.emailnator.com
URL: https://www.emailnator.com/js/app.js?ver=MfLJevaWBm35
Protocol: HTTP/1.1
Server: 202.81.230.136 , Hong Kong, ASN4658 (M2012LIMITED-AS 2012 Limited Netfront, HK),
Reverse DNS: 230-136.ha.cloud.netfront.net
Software: nginx /
Resource Hash: c5ff4d35122c67c92a1a9fdea8ef823aca6fc8c0912210dc9be840894a5abc30

Request headers

Accept: application/json, text/plain, */*
Referer: http://img.1378a.xyz/
X-XSRF-TOKEN: eyJpdiI6IkUzVFJxVjdzeS8rYU1CMlNLclNQYUE9PSIsInZhbHVlIjoiRTBhTThQMTE3UDYrcDZMNlllMC9NNXdPT0NWeXBDN2RRcWtITmN0aisvOFE4VjVNYVFEU2d1VXQ1dWlRdCtwdW5jSkpkSWpJc05zYmc4YkxyT3cyU1NZY2RTTHpyWWxvKzN3UkEyT3U4MFZPdDNMMW1FUWZaYWd1SXRJbjFzVmQiLCJtYWMiOiI3MTQ5NWNlNDhiNmM3YmM4OTM4NjhiNDM2ZTllYTc5YWY3OTYwYjExNDY4ZmU4ZjBkN2Y2MzBhNTE3MTFhZDM0IiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 25 Oct 2023 10:22:15 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx
X-RateLimit-Remaining: 4997
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ekCC4Yid8SSHdP6pHNSbIc3vM0okZEUsWxjTYbbP7Uczb6gLnbqCUfdA1HBRjcs2hMXCYpD8Uyh9NsCximils9cGNmgL7hr0%2FSNkfGSqs0U%2BZz%2Bhm7MQOhRK%2BndYXI4Nbi9H%2Fjs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json
Cache-Control: no-cache, private
X-RateLimit-Limit: 5000
Connection: keep-alive
CF-RAY: 81b9bcbeae951fb8-HKG
alt-svc: h3=":443"; ma=86400
Content-Length: 36

GET
H/1.1 404
Not Found google-play.svg
img.1378a.xyz/images/ 34 B
34 B 407ms
203ms Image
text/plain 202.81.230.136
M2012LIMITED-AS 2...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.1378a.xyz/images/google-play.svg
Requested by: Host: img.1378a.xyz
URL: http://img.1378a.xyz/
Protocol: HTTP/1.1
Server: 202.81.230.136 , Hong Kong, ASN4658 (M2012LIMITED-AS 2012 Limited Netfront, HK),
Reverse DNS: 230-136.ha.cloud.netfront.net
Software: /
Resource Hash: 2a86ed34d4001e36593bc4d9ca43986155796497584b56efa3ba6ac5375094c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 34
Content-Type: text/plain; charset=utf-8

GET
H/1.1 404
Not Found app-store.svg
img.1378a.xyz/images/ 32 B
32 B 408ms
204ms Image
text/plain 202.81.230.136
M2012LIMITED-AS 2...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.1378a.xyz/images/app-store.svg
Requested by: Host: img.1378a.xyz
URL: http://img.1378a.xyz/
Protocol: HTTP/1.1
Server: 202.81.230.136 , Hong Kong, ASN4658 (M2012LIMITED-AS 2012 Limited Netfront, HK),
Reverse DNS: 230-136.ha.cloud.netfront.net
Software: /
Resource Hash: 31aec2e1225cb19957e4526aa419fdfdc6add76d69133cb0aa5bab0fac9dc6fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 32
Content-Type: text/plain; charset=utf-8

GET
H/1.1 404
Not Found logo.webp
img.1378a.xyz/images/ 28 B
28 B 409ms
205ms Image
text/plain 202.81.230.136
M2012LIMITED-AS 2...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.1378a.xyz/images/logo.webp?2245a08de0624eb2d3f7cecc7337e846
Requested by: Host: img.1378a.xyz
URL: http://img.1378a.xyz/
Protocol: HTTP/1.1
Server: 202.81.230.136 , Hong Kong, ASN4658 (M2012LIMITED-AS 2012 Limited Netfront, HK),
Reverse DNS: 230-136.ha.cloud.netfront.net
Software: /
Resource Hash: 6270b9c0cec36f64b874b24c1e1c6a9e51c5203e5f44d54ee14aea37ee943f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 28
Content-Type: text/plain; charset=utf-8

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
442 B 104ms
24ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: img.1378a.xyz
URL: http://img.1378a.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBC) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 44dbe3fea9359
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/4CBC)
traceparent: 00-000000000000000000044dbe3fea9359-d84c23b7606d6317-01
etag: "5d5637be-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 25 Oct 2023 11:22:14 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/ 394 KB
134 KB 138ms
95ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2044622973026891&plah=img.1378a.xyz&bust=31079056

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2044622973026891

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

814274bbe3a5ab4db129581ecafc9dc5172efb64f526c10360dd6e3445950a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136887
x-xss-protection: 0
server: cafe
etag: 1190539966313081977
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:22:14 GMT

GET
H/1.1 404
Not Found bg.webp
img.1378a.xyz/images/ 26 B
26 B 408ms
204ms Image
text/plain 202.81.230.136
M2012LIMITED-AS 2...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.1378a.xyz/images/bg.webp?d106f605c767b21bd98d289ed67929cf
Requested by: Host: img.1378a.xyz
URL: http://img.1378a.xyz/
Protocol: HTTP/1.1
Server: 202.81.230.136 , Hong Kong, ASN4658 (M2012LIMITED-AS 2012 Limited Netfront, HK),
Reverse DNS: 230-136.ha.cloud.netfront.net
Software: /
Resource Hash: 34648b9834c23ed67ee80466475c2e58550360d76d72e22148ca4c79c7e92d0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 26
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/ Frame EB92 10 KB
5 KB 67ms
18ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231023/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2044622973026891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1378a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Oct 2023 11:25:52 GMT
etag: 4569948109300706969
expires: Tue, 07 Nov 2023 11:25:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
29 KB 128ms
79ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/emailnator.js?1698229200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c40fcc96479907f15f5ece2954095e5c2aa9f48b8c65aa8c1b3c361d53d853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29052
x-xss-protection: 0
server: cafe
etag: 670 / 19655 / m202310190101 / config-hash: 8781403783862612309
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 Oct 2023 10:22:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 40ms
37ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6R52Y0NSMR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-P7P66FK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9bf96ca945b721f029d9b41ddcb27c0d9e449ab12b6514bef0d1fe63f802a0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 25 Oct 2023 10:22:14 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 422 KB
132 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 07:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9093
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135316
x-xss-protection: 0
server: cafe
etag: 9779678222609117831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 24 Oct 2024 07:50:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
63 B 95ms
54ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=img.1378a.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd39621de2a3340a17fe67ec3aa764f0dd83d207f48988b5d749be357294fec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
x-xss-protection: 0
expires: Wed, 25 Oct 2023 10:22:14 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 96ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6R52Y0NSMR&gtm=45je3an0v879839310z89128604173&_p=542501429&cid=1505087671.1698229335&ul=en-us&sr=1600x1200&_s=1&sid=1698229334&sct=1&seg=0&dl=http%3A%2F%2Fimg.1378a.xyz%2F&dt=Temporary%20Disposable%20Gmail%20%7C%20Temp%20Mail%20%7C%20Email%20Generator&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6R52Y0NSMR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 10:22:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://img.1378a.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 76ms
27ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=img.1378a.xyz&callback=_gfp_s_&client=ca-pub-2044622973026891

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2044622973026891&plah=img.1378a.xyz&bust=31079056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59db806560b5bf0c003571990936621f54dac0d90fdba37ba0466ed6ade43eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A21A 603 B
218 B 188ms
186ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&adk=1812271804&adf=3025194257&lmt=1698222135&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=http%3A%2F%2Fimg.1378a.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1698229334730&bpp=5&bdt=251&idt=252&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4104684829064&frm=20&pv=2&ga_vid=1505087671.1698229335&ga_sid=1698229335&ga_hid=542501429&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44801484%2C44805113%2C44805534%2C44805915%2C44805934%2C31078301%2C31079056&oid=2&pvsid=4092813173793664&tmod=816580587&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=282

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1378a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 10:22:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-notice&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: img.1378a.xyz
URL: http://img.1378a.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Oct 2023 10:22:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3004 603 B
215 B 179ms
179ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=90&slotname=4269377563&adk=2000705666&adf=1047078985&pi=t.ma~as.4269377563&w=728&fwrn=4&fwrnh=100&lmt=1698222135&rafmt=12&format=728x90&url=http%3A%2F%2Fimg.1378a.xyz%2F&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1698229334735&bpp=13&bdt=256&idt=290&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4104684829064&frm=20&pv=1&ga_vid=1505087671.1698229335&ga_sid=1698229335&ga_hid=542501429&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44801484%2C44805113%2C44805534%2C44805915%2C44805934%2C31078301%2C31079056&oid=2&pvsid=4092813173793664&tmod=816580587&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FV8LIpLMDb&p=http%3A//img.1378a.xyz&dtd=295

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1378a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 10:22:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B3E6 603 B
215 B 177ms
175ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=280&slotname=6252367097&adk=655611541&adf=3328144058&pi=t.ma~as.6252367097&w=712&fwrn=4&fwrnh=100&lmt=1698222135&rafmt=1&format=712x280&url=http%3A%2F%2Fimg.1378a.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698229334748&bpp=1&bdt=269&idt=287&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4104684829064&frm=20&pv=1&ga_vid=1505087671.1698229335&ga_sid=1698229335&ga_hid=542501429&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=444&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44801484%2C44805113%2C44805534%2C44805915%2C44805934%2C31078301%2C31079056&oid=2&pvsid=4092813173793664&tmod=816580587&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=GKSQTseL6p&p=http%3A//img.1378a.xyz&dtd=294

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1378a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 10:22:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 botsafev2.js Show response
botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/ 56 KB
18 KB 75ms
74ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/botsafev2.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafev1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

818f7d3e746ca9d585efc917b764ed8e01a98598a27ff46230b4edfdfbaaf841

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="botsafev2.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::r6k4c-1698107108986-e29caa93126f
server: cloudflare
x-matched-path: /v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/botsafev2.js
etag: W/"3a329bc8dd64e523e19bd58f0964d467"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBf5AKr9M41RslF1gTRFqzEd7VxD3C99FvoIA5mn8%2FNXb1YLs9AwOLX87cAL5rdkCcQoFNyKTUnQUjUqJ%2BSHow0Ssz3J2yM26oY8MomyEkuLRMW9uKVf2Le7SgH51e50pAv%2B6dnh3FhKOKdK%2F0EN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 81b9bcc13bca3667-FRA

GET
H2 200 api.js Show response
botsafeguard.net/ 310 KB
88 KB 54ms
53ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/api.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafev1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a63afc7f4e22a4f3637df748bb4d98622be10ce9f2696f6602f2c9538a26072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="api.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::92767-1698197029018-27a0330b3326
server: cloudflare
x-matched-path: /api.js
etag: W/"f38eb5406c959002a8c5c3489f4ad61a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NRadwotrzebO6IfvgE0BGkEmUKHDy5RAmgNM4qngKBK7cjMmt8vsyF6381dL1Kr6PfD4xlMLRzBOiKPmRwaP6EcAZlp6KYP17TocqP8QyFfD0CE0GkQm1MMYNV6qivVnxMJqrnJIzzCTqNXltGU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 81b9bcc13bcd3667-FRA

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231023&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53be2b761e68167536fe9a847b0b86aada266a9db54f5b9604fd9eb727a8cc77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12346
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 78ms
29ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 Oct 2023 10:22:15 GMT

GET
H3 200 enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html Show response
botsafeguard.net/v2/1.5.5/ Frame 8CD5 792 B
1 KB 50ms
49ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/botsafev2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

658e9f7a1d94ecd1deed9cb457b6367d9cd37813adce1bad024c9827d1820ac6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://img.1378a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 509244
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81b9bcc1ef142ba3-FRA
content-disposition: inline; filename="enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html"
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 10:22:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krot%2BrEZktWbOOBqVZfX3WpexbyS7xGp0pbfxLSQ8FoghyHrNsCik%2BE5nSt8IB5L8qptCAm2SvHA15yF1fg7hIfG0qemZo1gImt52Bu3jCDp5P1LqNeJSfAFHcVzqiowwgpAqCjnDygsNWDKlJDK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
x-matched-path: /v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html
x-vercel-cache: HIT
x-vercel-id: fra1::zn4bl-1698229335368-6399245a9644

GET
H3 200 botsafe.html Show response
botsafeguard.net/captcha/v1/c572e75/static/ Frame AE52 8 KB
2 KB 187ms
187ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

0ed17cbe9a220fc69ff84735d3bfb9cb3ab358aa68616f6c4b2a7fc7517fda60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://img.1378a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81b9bcc1ff212ba3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 10:22:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E9Ot%2Fn4m%2B1sCLBeslDw0yWzZQNH%2FQ%2Bkt5BVEN37TxMQSYmM3E3QxqligYzBjFOahJtOX6PLstLtE8uoSbex6z1wrkMCb0aZCvF3CGvjUa%2BtU8LGtV8E0mAiBD%2FL9sPq%2FZPsYbPNxLknm98hDuEY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-matched-path: /captcha/v1/[slug]/static/botsafe.html
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: fra1::iad1::zn4bl-1698229335373-a44e6ba918e2

GET
H3 200 botsafe.html Show response
botsafeguard.net/captcha/v1/c572e75/static/ Frame 6590 8 KB
2 KB 172ms
171ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

0ed17cbe9a220fc69ff84735d3bfb9cb3ab358aa68616f6c4b2a7fc7517fda60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://img.1378a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 81b9bcc1ff282ba3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 25 Oct 2023 10:22:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hQeY%2FMun9JADnNdY2y1brZ6UUyDMrQrpW8aXQ5yEOagwN%2BncQw3SjLiHiZwaS62AsUZiIHRdJ67h%2FiSQAfpQkksSS1zfCSjC5he00SgMCaYYejXUBKu%2FPxT4s0OJTtsLBDibpLVw%2Bg4%2BW5WkItV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-matched-path: /captcha/v1/[slug]/static/botsafe.html
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: fra1::iad1::2fdzz-1698229335375-9d4a0c4535d5

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DEBF 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1378a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 06:22:23 GMT
expires: Thu, 24 Oct 2024 06:22:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D5C4 829 B
1 KB 81ms
30ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aa1b3721f7d2cd5612b9474f34e82409cae2c2b0ed46e3755709db3f2862fc73

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VRNmxwAp6jBIuU46kq-5dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://img.1378a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VRNmxwAp6jBIuU46kq-5dA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 10:22:15 GMT
expires: Wed, 25 Oct 2023 10:22:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.js Show response
botsafeguard.net/v2/1.5.5/ Frame 8CD5 110 KB
38 KB 43ms
43ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3df4e43c307f722c3ca7c477a49d629616a7b34f14a707ccd57bc42e2a3ac7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::h6hpm-1698184313650-7d8fed985be7
server: cloudflare
x-matched-path: /v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.js
etag: W/"24ab02066bb75e129eea1e8f941928ef"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Hc58Mf3HRfhZx5%2FK9DN%2BQZJfKYtSKZCaMndXhYq6s0GXxh7eZ8TOd5QKRrYBFxiv23Bv8mHrlXriebBnlPbK9GkRL7Sn%2FPRpvhGXlvQsOvHaQkDeRmrYAy9m3qYvadHg4daORdB5SUFqbfZ%2F63M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 81b9bcc24f852ba3-FRA

GET
H3 200 nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js Show response
pagead2.googlesyndication.com/bg/ Frame DEBF 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 06:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15187
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 06:22:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D5C4 0
0 55ms
54ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231023&jk=4092813173793664&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 settings Show response
botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/ Frame 8CD5 58 B
660 B 158ms
157ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/settings

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d8a074a10d67166ecfd5b1d2503739d9c365285be8bd0bf97b06d77fd15c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::iad1::gbghh-1698229335528-786602895501
server: cloudflare
x-matched-path: /v2/[slug]/settings
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBImcLNiy%2Fo7w3NQ9SR0MR1ygxTHo6SAb2jMHaugtrvtAAMj6biZx1wU5C4W6H9sGTWCKZnX7c7PNfQ9eUzKYk5w1dI2h8a7kXJMr9dVYr3FWbHYtdpfeUzlDM4%2FSIDiLuBy3xnF7HtM8V0GT0Yw"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
cf-ray: 81b9bcc2f87b2ba3-FRA

GET
H3

200

sri Show response
botsafeguard.net/fc/api/ Frame 8CD5
Redirect Chain

https://botsafeguard.net/fc/api/sri/
https://botsafeguard.net/fc/api/sri

145 B
747 B

96ms
95ms

XHR
text/plain

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/fc/api/sri

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cefea4b2f781e3c6bb24b4ba2a90a49b7fdeaa9983fedc6d3c7794c78d7c86d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 520454
content-disposition: inline
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::ss8gj-1698229335564-1fc758195fdf
server: cloudflare
x-matched-path: /fc/api/sri
etag: W/"cb53b268cc0681946078a02e9e5cb713"
x-vercel-cache: HIT
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Kf4qHfBxrGpNJ272cBn7mcESbBiz%2B4ojEpJVUNbRtZUmvqRRMr6WWew6ZeSdSA5%2Ftowuem2DqZl4FlGjDVU8jtsFVVcBQXpIf7ZCdE6Xe4wutrb6%2FQGn8IrMOl1mp8BgKu7qk5HRe1wuWXlPHlu"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 81b9bcc338eb2ba3-FRA

Redirect headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: fra1::zn4bl-1698229335526-b1291c10d918
server: cloudflare
x-vercel-cache: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYAYJkiNc860zHwvozVp5dVeoyWik%2B5rbWqTqMXVyMPPHyOYPw7SkGifNMx78Oi8kQcejSO61%2BQT7gXJDD8s6U%2B6%2F%2FRWVrWXDjti66TqnlHA1EtCnb2gr%2FA3tYSn%2Bu1VqMb8TGMlT275cMMXyDF9"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
location: /fc/api/sri
cache-control: public, max-age=0, must-revalidate
refresh: 0;url=/fc/api/sri
cf-ray: 81b9bcc2f87d2ba3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 9f00285ccd3c1846.css
botsafeguard.net/_next/static/css/ Frame 6590 6 KB
2 KB 38ms
38ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/css/9f00285ccd3c1846.css

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89aeea5dd4db71980646e5a1a2a10b301ce390f673f2eb2685a44fc03f609654

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4103056
content-disposition: inline; filename="9f00285ccd3c1846.css"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::wzv8k-1694126279156-e2d87163739c
server: cloudflare
x-matched-path: /_next/static/css/9f00285ccd3c1846.css
etag: W/"9c911bce05be893f26ff727058aeca80"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYgIRpRtqa6B9XwqrserBeTGl6ys6DA4vuT7hYSIQ2jz31x9trctE6LX%2BVs9Fqq%2Fi8c6F5Ilb0eQUdd7N1B6%2B1B8E%2FE%2BGumSRLFCUmb7pFaLduiczdYqwDAQmAaKI9M4Cm5XlizM%2By2X1A5ifY2j"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc328a52ba3-FRA

GET
H3 200 botsafe.js Show response
botsafeguard.net/ Frame 6590 310 KB
88 KB 62ms
62ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/botsafe.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a63afc7f4e22a4f3637df748bb4d98622be10ce9f2696f6602f2c9538a26072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="botsafe.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::pj55x-1697242996135-947ba51d70a8
server: cloudflare
x-matched-path: /botsafe.js
etag: W/"f38eb5406c959002a8c5c3489f4ad61a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cpeO4IuXlM85yfd1AWvZejD%2BJQ8ZYg9u3p8HHE5xI44qEPL8drZcfI%2B%2F21QVL%2Fc3hYXrEzIn93mUpSctpoJ7bl6ARvIRlYBdpbmoo2fGRUZsBamt%2B7P1t%2FYSmaET2vvCiWprgYjRBo19AzlqfAG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 81b9bcc328a82ba3-FRA

GET
H3 200 webpack-5d138c676ac39e99.js Show response
botsafeguard.net/_next/static/chunks/ Frame 6590 3 KB
2 KB 36ms
34ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d32bbfa9e54ce10fdf04013c52f8c07ce8d1428c80efccc847326419b9173720

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9855796
content-disposition: inline; filename="webpack-5d138c676ac39e99.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::94x6r-1688373539010-701000cb3aad
server: cloudflare
x-matched-path: /_next/static/chunks/webpack-5d138c676ac39e99.js
etag: W/"e942fb3ab92ef789fe454b7c71f5ec24"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xz3o0D6w%2F5WpiRKH01IR%2BsFsB1%2FS2%2Fuw%2FgKYiPaYdoghDYgd6kci6UiFzK%2B9gzQZOdVr%2B%2BOKaMrrizmwb3dT%2BmxzpaInJLTYxA4oVz9K3Owc6pM79RlH3CC7hA3GRsCswlpsvtqfsiAYC1Aa1p%2B9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc338d12ba3-FRA

GET
H3 200 b51ee262-fcc8afbf20d0d3c1.js Show response
botsafeguard.net/_next/static/chunks/ Frame 6590 157 KB
50 KB 38ms
37ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/b51ee262-fcc8afbf20d0d3c1.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e762a20abb9256e9f046cfa06a525b73bfa524962434c358a4f6e210feadd1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9857806
content-disposition: inline; filename="b51ee262-fcc8afbf20d0d3c1.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::p4ht6-1688371529099-b2d1bfdbcc92
server: cloudflare
x-matched-path: /_next/static/chunks/b51ee262-fcc8afbf20d0d3c1.js
etag: W/"b8df62458bb31f6799e6196743a7e6d4"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2QRO8I%2BzJIhvQYxefWtyAaIu169Io%2BIvgL1WA1dBXS0dyyOnkcz4SVctpUurncCbzIhCiuGbSMh64oynBkorq2GcUWqcU8IvYF9V85csyStBWmqbgbQonbvcXTojevwmWRegigDDI%2F0pd2kVr1z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc338d42ba3-FRA

GET
H3 200 275-d3fb3348b6ec9437.js Show response
botsafeguard.net/_next/static/chunks/ Frame 6590 94 KB
25 KB 97ms
96ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/275-d3fb3348b6ec9437.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1363e427a6186e40e32312f014881f9615f274a22cebadae3dc8c2878a1ce1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 579855
content-disposition: inline; filename="275-d3fb3348b6ec9437.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::tlnm7-1697649480825-6266a43cb74c
server: cloudflare
x-matched-path: /_next/static/chunks/275-d3fb3348b6ec9437.js
etag: W/"67082095635c0b12d98a4e3e7f6ff6ca"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Y00SEilQbRCCXzXo%2BPx6UtssnMuJbfU62fmYTdlevllM3gfHEMEQa%2BhDWvODwJ%2FVn2rAXN3SOpCSmbcPqzJE1X7WS%2Bpg55wdpzH4zOzwMVRcXbNsZPj8478hootxNyAz%2B%2FutFiWU%2Fwi8cPG4o1W"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc338d92ba3-FRA

GET
H3 200 main-app-71dd5d6e86cb4f59.js Show response
botsafeguard.net/_next/static/chunks/ Frame 6590 415 B
850 B 36ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/main-app-71dd5d6e86cb4f59.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d436ab7f223c8a4a8caf8481ea995de081967e93403168c30e13588ee30a0b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9857805
content-disposition: inline; filename="main-app-71dd5d6e86cb4f59.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::k5qr2-1688371530019-80f0e5e5413a
server: cloudflare
x-matched-path: /_next/static/chunks/main-app-71dd5d6e86cb4f59.js
etag: W/"8b2302a7f92d8512952ef6f1926db3a0"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3lPVNwzH5iHyS6TJQTgMUSO07hXBENFR8rrgt3UNnUYcn%2FW5M6R6L0gtkEWQjySrSC0tk1%2F60kx%2FfSSfRXCanM3I%2B16F4SHv8WOk8i775qUeXwt7LuCtZxF%2Fy2wYXOhLNCAxpfXZ1hExV7x4845"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc338de2ba3-FRA

GET
H3 200 9f00285ccd3c1846.css
botsafeguard.net/_next/static/css/ Frame AE52 6 KB
2 KB 79ms
78ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/css/9f00285ccd3c1846.css

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89aeea5dd4db71980646e5a1a2a10b301ce390f673f2eb2685a44fc03f609654

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4103056
content-disposition: inline; filename="9f00285ccd3c1846.css"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::wzv8k-1694126279156-e2d87163739c
server: cloudflare
x-matched-path: /_next/static/css/9f00285ccd3c1846.css
etag: W/"9c911bce05be893f26ff727058aeca80"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIqVhoeQGqHosUfRaJ9%2FxA1M%2BT1AgjR9UT1jHdVn9MdHctH2vnpcHw50saLZzzvb90Bjhfvq096AM9yxkw0r86JB9v6rC6vlUOVvzBVQnXL%2BApeBORNEDGE7AC2OaulveVSEp6lNPwxXJ2AfVo8M"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc328c82ba3-FRA

GET
H3 200 botsafe.js Show response
botsafeguard.net/ Frame AE52 310 KB
88 KB 79ms
77ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/botsafe.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a63afc7f4e22a4f3637df748bb4d98622be10ce9f2696f6602f2c9538a26072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="botsafe.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::pj55x-1697242996135-947ba51d70a8
server: cloudflare
x-matched-path: /botsafe.js
etag: W/"f38eb5406c959002a8c5c3489f4ad61a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3QDJkGa1A0mk7tE5yxXay%2FAnFEkDcTxWpUl1IKsdNf0z0bWeA9HwcPzjMiS1zSy8d0St8%2Fu2w9N6Ses2d%2BZ8dbhWWOhTjx83kM1e6F1X5Chye0hbjVNjovd3TyP4hbEM7bYpSoeQ4e9lk1WNXUg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 81b9bcc338cd2ba3-FRA

GET
H3 200 webpack-5d138c676ac39e99.js Show response
botsafeguard.net/_next/static/chunks/ Frame AE52 3 KB
2 KB 28ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d32bbfa9e54ce10fdf04013c52f8c07ce8d1428c80efccc847326419b9173720

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9855796
content-disposition: inline; filename="webpack-5d138c676ac39e99.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::94x6r-1688373539010-701000cb3aad
server: cloudflare
x-matched-path: /_next/static/chunks/webpack-5d138c676ac39e99.js
etag: W/"e942fb3ab92ef789fe454b7c71f5ec24"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGOiXQtuf3U%2FEo2b%2FLEbxzJJYhP6bF161lU5u4svsVuOVYc7LHFYglFulXpKRxx%2BdOCbbQpys%2Fbfsl2XD4Ou0bTNjhW9X7QHbLR1euOAZjRZVPCT3g9UpvAFF97YIMCZUJHLrE6cGhEMP2AJOHUN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc338e52ba3-FRA

GET
H3 200 b51ee262-fcc8afbf20d0d3c1.js Show response
botsafeguard.net/_next/static/chunks/ Frame AE52 157 KB
50 KB 94ms
93ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/b51ee262-fcc8afbf20d0d3c1.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e762a20abb9256e9f046cfa06a525b73bfa524962434c358a4f6e210feadd1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9857806
content-disposition: inline; filename="b51ee262-fcc8afbf20d0d3c1.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::p4ht6-1688371529099-b2d1bfdbcc92
server: cloudflare
x-matched-path: /_next/static/chunks/b51ee262-fcc8afbf20d0d3c1.js
etag: W/"b8df62458bb31f6799e6196743a7e6d4"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBRXeRsYUuq%2BSVhExRpeamgQgaOq%2F8UZGDMMKmJgsl7TH9jzErrGlLMjrKbpKQlk5g0Z1Am%2B3SIeKJ0Nvo08aDkG4%2BoQbQXZpUReT3Puc7yA7neWHwwQ9bXrleqz1R1hT9T97jeS6EN2BmgMigEn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc338e62ba3-FRA

GET
H3 200 275-d3fb3348b6ec9437.js Show response
botsafeguard.net/_next/static/chunks/ Frame AE52 94 KB
25 KB 32ms
32ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/275-d3fb3348b6ec9437.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1363e427a6186e40e32312f014881f9615f274a22cebadae3dc8c2878a1ce1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 579855
content-disposition: inline; filename="275-d3fb3348b6ec9437.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::tlnm7-1697649480825-6266a43cb74c
server: cloudflare
x-matched-path: /_next/static/chunks/275-d3fb3348b6ec9437.js
etag: W/"67082095635c0b12d98a4e3e7f6ff6ca"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXPiwxdhQ2h4c6Tv5whrP1Skenv98bIJjfQFWk5Hynm7olFYAy3yz%2Bget9WQawNFcwgFBG5v3k1Ea6AyyQ9k6wlNjqI%2B4pRX3xX9KnrCU2Zc%2FIJ4vxIpBuJncXuinrij9ddUDxtHyU0yhcNl1YAE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc338e82ba3-FRA

GET
H3 200 main-app-71dd5d6e86cb4f59.js Show response
botsafeguard.net/_next/static/chunks/ Frame AE52 415 B
846 B 95ms
95ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/main-app-71dd5d6e86cb4f59.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d436ab7f223c8a4a8caf8481ea995de081967e93403168c30e13588ee30a0b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9857805
content-disposition: inline; filename="main-app-71dd5d6e86cb4f59.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::k5qr2-1688371530019-80f0e5e5413a
server: cloudflare
x-matched-path: /_next/static/chunks/main-app-71dd5d6e86cb4f59.js
etag: W/"8b2302a7f92d8512952ef6f1926db3a0"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEu2O0iC6JX9Se3IR38rXKMkKZzOWt4Trk5OYGt6SYIStNr%2Fdxoiwb1HFfXG6%2BP4quojn6r8Qa%2BH1tkVZGD6bse38oJQv3PaGwJXnpr7XbyHD2pKtaFx8hwRGiACrb55PwuJDWkIoE2ZELrBF5oF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc338ea2ba3-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DEBF 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oxRAUA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 botsafev2_api.js Show response
botsafeguard.net/cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/ Frame 8CD5 147 KB
50 KB 43ms
43ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/botsafev2_api.js?onload=loadChallenge

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bc6e12937bf14b898184c6d4c863cd33ca09732c43d2e0a322eafc9f5c61557

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html
Origin: https://botsafeguard.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="botsafev2_api.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::v8m5f-1690944481541-d68a91c8f83a
server: cloudflare
x-matched-path: /cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/botsafev2_api.js
etag: W/"3763ca5c6d75616a43468902aff7b465"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZ%2FjS2ZWs%2FcsbE95eaViXLPi9KmE0bKNFzCe9u%2Folq6Z93XUg4MDatVX3PC%2FHiT5EyvWwpL%2B3n6O%2F1mHR0x9Ec9%2FXWjrYLxcFwb8%2BHBvIILy%2FDgQ4TJA%2FafapThFOQKQP%2FV7%2Ffrbb9lPaz4mbvxB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 81b9bcc3e9b32ba3-FRA

GET
H3 200 549-a3844f67ddcf1cac.js Show response
botsafeguard.net/_next/static/chunks/ Frame 6590 7 KB
3 KB 30ms
29ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/549-a3844f67ddcf1cac.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b5c214ee34b953c560b3f129950e70dbacfd21a13d24d8a4c16b7dff4c3d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9857805
content-disposition: inline; filename="549-a3844f67ddcf1cac.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::8bqvc-1688371530538-2d9922312de5
server: cloudflare
x-matched-path: /_next/static/chunks/549-a3844f67ddcf1cac.js
etag: W/"278e396ee8dd021ec23a2275f29f8eda"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pb6a4u0LmBE5%2BdOGa%2FYXxQqTmoibcqwmhZt7iA59Ak0mjzXsF92LUBVNHjZXtAZFjonQxS3fLlps%2FGYXCwO%2Fzc3rLPoAyA1aQ3hFyBZ50AIGXd6RIOsr8z%2BGoc9EF136TqnZc7%2Btckx3uptrCmSu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc3e9bb2ba3-FRA

GET
H3 200 page-53d509ea03eb9b5d.js Show response
botsafeguard.net/_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/ Frame 6590 216 B
847 B 28ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/page-53d509ea03eb9b5d.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4d2a299111013a4fd4254e9cd9ea7c409998e48f1b994e457f4b049ff1c9957

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9857805
content-disposition: inline; filename="page-53d509ea03eb9b5d.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::g54nc-1688371530540-e16d684f21d3
server: cloudflare
x-matched-path: /_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/page-53d509ea03eb9b5d.js
etag: W/"a3d2e122c737492231ba55afca9d27b5"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ7n%2BT6D3RKGnQgNzFbmL0%2BsuuEQ2LVHmnKk%2FBLPz9bpk%2By1fwfdEZjNbcjvabulnD4SDAtZbGBr9siYNLPQedIYwQhIurlsLNY3XMxVqq6ZlXBMuodBlrDTAZDPruUo5MLP%2BIZSbfZ%2BtuFEBOaF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc3e9bc2ba3-FRA

GET
H3 200 549-a3844f67ddcf1cac.js Show response
botsafeguard.net/_next/static/chunks/ Frame AE52 7 KB
3 KB 31ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/549-a3844f67ddcf1cac.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b5c214ee34b953c560b3f129950e70dbacfd21a13d24d8a4c16b7dff4c3d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9857805
content-disposition: inline; filename="549-a3844f67ddcf1cac.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::8bqvc-1688371530538-2d9922312de5
server: cloudflare
x-matched-path: /_next/static/chunks/549-a3844f67ddcf1cac.js
etag: W/"278e396ee8dd021ec23a2275f29f8eda"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIrHG%2FsuOfWsSL38ig8YlG49Gc%2FPsqdWavYRmegYEGLSlyShw3%2BWpvz%2Fs1TFBF%2BUDzPp8QMeDZNO6GKAHojuqqd7J0FytG7s2Jm%2F0EpvjSzdUWVy%2BQq5hKdLYhzUQODwEj%2FtUmJprfnFW%2BOEtr%2B6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc3f9ca2ba3-FRA

GET
H3 200 page-53d509ea03eb9b5d.js Show response
botsafeguard.net/_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/ Frame AE52 216 B
843 B 28ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/page-53d509ea03eb9b5d.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4d2a299111013a4fd4254e9cd9ea7c409998e48f1b994e457f4b049ff1c9957

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9857805
content-disposition: inline; filename="page-53d509ea03eb9b5d.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::g54nc-1688371530540-e16d684f21d3
server: cloudflare
x-matched-path: /_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/page-53d509ea03eb9b5d.js
etag: W/"a3d2e122c737492231ba55afca9d27b5"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrPe4EKWu2f9pfhzLBoE3011AmW%2F7YKH3nxz1sp7nCEbFhbgJcH5rayDjWK1ReqELOAMmQAiY5dvs20Xqa1r9ooHeC0gBK3KNMdIL5%2BMTSxZ%2BbFQ5i5kbwlktu1%2FyLaTs0y%2FH%2FKWmqroDL1qkdBE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 81b9bcc3f9cc2ba3-FRA

GET
DATA 200
OK truncated
/ Frame 6590 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 checksiteconfig Show response
botsafeguard.net/ Frame 6590 780 B
1 KB 187ms
186ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/checksiteconfig?v=c572e75&host=img.1378a.xyz&sitekey=botsafe-test-key&sc=1&swa=1&spst=0

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83f647a9eb7199795a74e8995033376b48bf3bfb3edaf237484bc605ddc83fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 Oct 2023 10:22:15 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::iad1::txx64-1698229335753-84120e7d3b69
server: cloudflare
x-matched-path: /checksiteconfig
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1BV8E4X%2F3Cze1IkGp54V8Uz9IgKX6FpDIAR4cLmaLRT5RA8N66CCQ7MIqQW1njkmFFPrEMfOc9pCuky4pMSCv0RFU%2FLzhUmJ5YdiC39dvaSbeLGEVEIu4ZdJxZpUi1AO2QaDX%2FhSXHibWZuFbBB"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
cf-ray: 81b9bcc46a3f2ba3-FRA

GET
DATA 200
OK truncated
/ Frame 8CD5 874 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea0e289bc72163ed2e5ad612c985b6356d1a19f5cac9cd717f8e145dae1299d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3 200 AAAAA-AAAA-AAAA-AAAA-AAAAAAAA Show response
botsafeguard.net/fc/gt2/public_key/ Frame 8CD5 2 B
618 B 168ms
167ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/fc/gt2/public_key/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/cdn/fc/js/6af2c0d87b9879cbf3365be1a208293f84d37b1e/standard/botsafev2_api.js?onload=loadChallenge

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://botsafeguard.net/v2/1.5.5/enforcement.fbfc14b0d793c6ef8359e0e4b4a91f67.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 25 Oct 2023 10:22:16 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::iad1::whj5c-1698229335879-46d2fb8823a1
server: cloudflare
x-matched-path: /fc/gt2/public_key/[slug]
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPz7neaE1Dv8cshQO40Kci8AKkECBPWH6h14h9w8hUm%2FICwAwvbe8J%2BZCIGj8IsnxzgNpQtPI14JWXNKCGXWQa1nzpiurFpeCAmwena5MQj%2BHUouwxHAtqlL45Egt0cDYZNfrrkJw2IBvFRNW9AO"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
cf-ray: 81b9bcc52b112ba3-FRA

GET
H2 200 hsw.js Show response
newassets.hcaptcha.com/c/78ee6fc/ Frame AE52 563 KB
237 KB 89ms
37ms Script
application/javascript 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/78ee6fc/hsw.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4aedae609aaed9eee18be831f2f68431bbf164fee995c3778b3d967e78a89dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://botsafeguard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 10:22:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: zRd.mnqF5ln6CQ3PkLHTaIjuF7gynRfq
age: 166023
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 11 Oct 2023 15:52:15 GMT
server: cloudflare
etag: W/"88ec119edce744c1711cd5ee39d7077a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 81b9bcc5fa5818c7-FRA
x-amz-cf-id: sbNxwdWyanyJ4jHP_t7CjeujEZ9i9WrMxmXQ8_LTiYtOOPWrorTrBw==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231023&jk=4092813173793664&bg=!NDelN3jNAAaMkNwkrJA7ADQBe5WfOEyeb1GORyedV0xqH1A0Io7U0-ti6OnqqlUyV2WBU1YUUgFSAlvDQJvm_n9mnMIEAgAAAG9SAAAAAmgBBwoAvq5S8iNl8NgawnBBqMns0QaE4pTlNcvN9wx3SdmMZRirwrY3G4y8rmMjJkux5R3nv-lu20oboKBg7uZdlF7tICbXJrhAJXaPKfjT89WwO1r-IxEST3sJMfwOvhntTJDMqMAN1RkiE8jVoAKt180m9D042I_kavMbqEDtCcMKIihac-XkgOIAeo4xF6bIaF1L4VcYwI_AfW-nTzX1BdEcduGTRPkhqg_4lR-SVSZkSX3ieSfLRXCa0yup6XQCF-WZArljB6c-AZwFqGpoWhXd4P5a7SZ5MD-2pSH1dCtUPIRZrkpCm-6l1qWxY10BhdT2hAYSB6GO62eS0aSNdamsPbMp9l7-xYH77SyOjk4OoKRt14gw6cS_AMtIDetAx52FR_P-KFgr1wR_kWVEdaijvD1vF6amP7gCnt3289bQmk3O63-i-rkXqFJ_2hcZaUJCUkq4ugCBn2YFwAJMNFZs_JxLK3GX_Vuo-Igc6iHKLgy6Z1eXwuWfa8qLnvI3XjxVQOseCAqckfNmoE5qRwgoxtuRyyiPpdr1GmuzkkIFjLdUA9BpjGhFwWjyy9-ZAWJhtT9IWzY6kxuWjwfH0g70fUTwqQqB0_DXWkaT1rXUkQ-3FgyX2ZTwvirXGbOXneZz-x1XId_araUWeBOV7D6vppOWc2s5fGrWsdvEpVum7J2Xl2KafG_prWFmpNb-HlID6k1tDtRkIFZ-okyklqT8CEputC2_0hqjIbd7p1Y8zf2UoUp2ZFTyX6lYrC7ed7nZNYnVfHyrSgiVt053E3UKgiTuPKKmc5UqbFqOQErYuUy0bqb95W-OwJq1TSt1hRPl_NF8Sx18BkpF_m9l5j_V4RmLJ8_LvSZw-vqpOHLrUeAZPYywovexJHKYGF-OnN31affngxdA3p6D1NAxoo6HFnB7Fx8CHHjBJZX0aIn8D6DGgY0SZTtJJ9XmEg2lzuyP4GprADBHD8r0dzbXcvwayrO0BheHYDMHgg_WJsdfmTVM3-qQ1XOGbnHzDHMAhNXbT_ygwhi9XrkxR8UoKE253gQa7qjcbhcMZbWxU_C_uP0NOaRjuhjFKAJx2EWHsxVwdktI91-ag9L7Ib-Q9w6V4C8Q0RQYZP4LnSDEfCBhvgyguxQQN4KwKCkaDD_-rpKQCkk8yNd4jML1P25xfHqSMBeJZxoH3COc5vFB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://img.1378a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

POST
H3 200 botsafe-test-key Show response
botsafeguard.net/getcaptcha/ Frame AE52 5 KB
4 KB 170ms
170ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/getcaptcha/botsafe-test-key

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5604ef46380b209bc64a3a2f32b1d393ec3c13207b2b27d40700ddfe142f1a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 25 Oct 2023 10:22:16 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::iad1::p5pn5-1698229336231-17f522701818
server: cloudflare
x-matched-path: /getcaptcha/[slug]
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhbXq8aFOCubdKKSu5cni0nTQso1krBQ%2BtDprlPLdxCm3RG6tfOs29D%2Fh9avCo8i1yW1rnvK88VzBc6t00KrhbOESpMIRoDwehJS2h%2FXrX4iDzH9mb2r7CiDIBDZO4UcYrOHYqdtI5BJyTgADNe4"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
cf-ray: 81b9bcc76d7d2ba3-FRA

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1378a.xyz/	1970-01-21 01:19:49	Name: _ga_6R52Y0NSMR Value: GS1.1.1698229334.1.0.1698229334.0.0.0
.1378a.xyz/	1970-01-21 01:19:49	Name: _ga Value: GA1.1.1505087671.1698229335
.1378a.xyz/	1970-01-21 01:05:25	Name: __gads Value: ID=03eaf612cf3afdba-22a9ff2f0ce3005c:T=1698229335:RT=1698229335:S=ALNI_MbrdbV3g1NE4jhX1MfIVyAZDYH4Xw
.1378a.xyz/	1970-01-21 01:05:25	Name: __gpi Value: UID=00000d9c6b7cc5d8:T=1698229335:RT=1698229335:S=ALNI_MZYcgpvI23Sa-TjpZwvBW0FBUHzbw
img.1378a.xyz/	1970-01-20 15:43:56	Name: XSRF-TOKEN Value: eyJpdiI6IjNaRnBLaVMxNlV1RGNlcFJxMklIcEE9PSIsInZhbHVlIjoib0xBbFljeUx3THVpMkZFV2pxUTFZRmUrU3N5WkEvY01SeC9jY2FhUDAvZzg1YXBKMHNQZmVVRk5hWUN3STVnMzdZaFpNb1ZOUmlhUlY4VHVjanh6K0dkRk1DSHNSRUd2Y29lSHZLeFlYa01UUWNQczEzN2dzR2lzVDZ0NzNDV3AiLCJtYWMiOiIxOGZiMDUxMTYwMWY4NDViNTM3YjY4NmI5OGYxNTlkOWZiNDVhNTA0M2IwNWIwM2JjMjkwMjc3MGMwODBjZjQ2IiwidGFnIjoiIn0%3D
img.1378a.xyz/	1970-01-20 15:43:56	Name: gmailnator_session Value: eyJpdiI6IlJnSGlLaHlMUldFU2VmMmxHZEQ5Umc9PSIsInZhbHVlIjoiQmM1UldFV3FqVEVEOE5mYWxHS0picnd6NUNvblNHVzNQdVdpSTc1MmR6RnVYeExKTEFyYy9XcjFTM1RwVysyamgweStHNHNXYVBPZGlXdXpneU83c0tJNE9HNS96OS8xR28rV1hQeFpnTHhyRTUzYzhCclhNamNsNHRUSmlWeXQiLCJtYWMiOiJlZGM5Yzk5NTc1NjZhM2EzYzE0ZmM4ZDg0ZjFhOTdmNGJmOTY2Y2I1ZGM3OTIwODFmNWYxYjQyZGRkY2QxOTY0IiwidGFnIjoiIn0%3D
.doubleclick.net/	1970-01-20 15:43:50	Name: test_cookie Value: CheckForPermission

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://img.1378a.xyz/images/google-play.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://img.1378a.xyz/images/app-store.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://img.1378a.xyz/images/logo.webp?2245a08de0624eb2d3f7cecc7337e846 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://img.1378a.xyz/images/bg.webp?d106f605c767b21bd98d289ed67929cf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&adk=1812271804&adf=3025194257&lmt=1698222135&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=http%3A%2F%2Fimg.1378a.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&dt=1698229334730&bpp=5&bdt=251&idt=252&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4104684829064&frm=20&pv=2&ga_vid=1505087671.1698229335&ga_sid=1698229335&ga_hid=542501429&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44801484%2C44805113%2C44805534%2C44805915%2C44805934%2C31078301%2C31079056&oid=2&pvsid=4092813173793664&tmod=816580587&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=282 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=90&slotname=4269377563&adk=2000705666&adf=1047078985&pi=t.ma~as.4269377563&w=728&fwrn=4&fwrnh=100&lmt=1698222135&rafmt=12&format=728x90&url=http%3A%2F%2Fimg.1378a.xyz%2F&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1698229334735&bpp=13&bdt=256&idt=290&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4104684829064&frm=20&pv=1&ga_vid=1505087671.1698229335&ga_sid=1698229335&ga_hid=542501429&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44801484%2C44805113%2C44805534%2C44805915%2C44805934%2C31078301%2C31079056&oid=2&pvsid=4092813173793664&tmod=816580587&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=FV8LIpLMDb&p=http%3A//img.1378a.xyz&dtd=295 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=280&slotname=6252367097&adk=655611541&adf=3328144058&pi=t.ma~as.6252367097&w=712&fwrn=4&fwrnh=100&lmt=1698222135&rafmt=1&format=712x280&url=http%3A%2F%2Fimg.1378a.xyz%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1698229334748&bpp=1&bdt=269&idt=287&shv=r20231023&mjsv=m202310190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4104684829064&frm=20&pv=1&ga_vid=1505087671.1698229335&ga_sid=1698229335&ga_hid=542501429&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=444&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C44801484%2C44805113%2C44805534%2C44805915%2C44805934%2C31078301%2C31079056&oid=2&pvsid=4092813173793664&tmod=816580587&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=GKSQTseL6p&p=http%3A//img.1378a.xyz&dtd=294 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

botsafeguard.net
cdn4.buysellads.net
googleads.g.doubleclick.net
img.1378a.xyz
newassets.hcaptcha.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.emailnator.com
www.google.com
www.googletagmanager.com
www.paypalobjects.com
104.16.168.131
151.139.128.10
192.229.221.25
2001:4860:4802:32::36
202.81.230.136
2606:4700:3035::ac43:bad7
2a00:1450:4001:806::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2002
2a06:98c1:3120::3
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
0bc6e12937bf14b898184c6d4c863cd33ca09732c43d2e0a322eafc9f5c61557
0ed17cbe9a220fc69ff84735d3bfb9cb3ab358aa68616f6c4b2a7fc7517fda60
100592656fa8ce33fabc5b8747debcd3c783b1384dc43fe5e00b42403c810fe5
23d8a074a10d67166ecfd5b1d2503739d9c365285be8bd0bf97b06d77fd15c18
2a86ed34d4001e36593bc4d9ca43986155796497584b56efa3ba6ac5375094c3
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31a9c7ff5d09af1805e9a32d1fc7fc7b6336f8a4b8e6fcf08e715e267fe23f29
31aec2e1225cb19957e4526aa419fdfdc6add76d69133cb0aa5bab0fac9dc6fe
34648b9834c23ed67ee80466475c2e58550360d76d72e22148ca4c79c7e92d0a
3a63afc7f4e22a4f3637df748bb4d98622be10ce9f2696f6602f2c9538a26072
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ab52a5ca7138e53fc1c9ee14ff5ef015c465cad24c2a382cfdfc84ef64bffc
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4e762a20abb9256e9f046cfa06a525b73bfa524962434c358a4f6e210feadd1e
53be2b761e68167536fe9a847b0b86aada266a9db54f5b9604fd9eb727a8cc77
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5604ef46380b209bc64a3a2f32b1d393ec3c13207b2b27d40700ddfe142f1a09
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
59db806560b5bf0c003571990936621f54dac0d90fdba37ba0466ed6ade43eea
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6270b9c0cec36f64b874b24c1e1c6a9e51c5203e5f44d54ee14aea37ee943f90
658e9f7a1d94ecd1deed9cb457b6367d9cd37813adce1bad024c9827d1820ac6
814274bbe3a5ab4db129581ecafc9dc5172efb64f526c10360dd6e3445950a1d
818f7d3e746ca9d585efc917b764ed8e01a98598a27ff46230b4edfdfbaaf841
83f647a9eb7199795a74e8995033376b48bf3bfb3edaf237484bc605ddc83fe5
89aeea5dd4db71980646e5a1a2a10b301ce390f673f2eb2685a44fc03f609654
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
a1363e427a6186e40e32312f014881f9615f274a22cebadae3dc8c2878a1ce1d
a3df4e43c307f722c3ca7c477a49d629616a7b34f14a707ccd57bc42e2a3ac7a
a9bf96ca945b721f029d9b41ddcb27c0d9e449ab12b6514bef0d1fe63f802a0a
aa1b3721f7d2cd5612b9474f34e82409cae2c2b0ed46e3755709db3f2862fc73
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b4aedae609aaed9eee18be831f2f68431bbf164fee995c3778b3d967e78a89dc
b4d2a299111013a4fd4254e9cd9ea7c409998e48f1b994e457f4b049ff1c9957
b5c40fcc96479907f15f5ece2954095e5c2aa9f48b8c65aa8c1b3c361d53d853
c5ff4d35122c67c92a1a9fdea8ef823aca6fc8c0912210dc9be840894a5abc30
c6b5c214ee34b953c560b3f129950e70dbacfd21a13d24d8a4c16b7dff4c3d16
cd39621de2a3340a17fe67ec3aa764f0dd83d207f48988b5d749be357294fec0
cefea4b2f781e3c6bb24b4ba2a90a49b7fdeaa9983fedc6d3c7794c78d7c86d2
d32bbfa9e54ce10fdf04013c52f8c07ce8d1428c80efccc847326419b9173720
d436ab7f223c8a4a8caf8481ea995de081967e93403168c30e13588ee30a0b8d
d56197687ca74ec27dee2a9585c1fa0470fb075640d39d02191e6163257ebb94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0e289bc72163ed2e5ad612c985b6356d1a19f5cac9cd717f8e145dae1299d9
ebe436c216aab02cb114520858e7b5bd29c8b65800390330fc945b0666381d47
ed92f11722d0ca0be8286a605822df28810e25b7a86cfc16938bdbc906cef717

img.1378a.xyz Open in urlscan Pro 202.81.230.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

89 %HTTPS

71 %IPv6

12 Domains

14 Subdomains

15 IPs

4 Countries

1669 kBTransfer

5157 kBSize

7 Cookies

7 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

img.1378a.xyz Open in urlscan Pro
202.81.230.136 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

89 %
HTTPS

71 %
IPv6

12
Domains

14
Subdomains

15
IPs

4
Countries

1669 kB
Transfer

5157 kB
Size

7
Cookies

61 HTTP transactions
3 data transactions