www.undertow.club Open in urlscan Pro
2606:4700:3033::6815:1e18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.undertow.club/downloads/super-deepthroat.522/
Submission: On January 24 via manual (January 24th 2022, 8:51:06 am UTC) from FI — Scanned from DE

Summary HTTP 85 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 24 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3033::6815:1e18, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.undertow.club.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time www.undertow.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3033::6815:1e18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 6	185.94.237.101 185.94.237.101	42567 (MOJHOST-EU) (MOJHOST-EU)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700:303... 2606:4700:3033::6815:c99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3034::ac43:a41b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	136.243.69.157 136.243.69.157	24940 (HETZNER-AS) (HETZNER-AS)
2	206.54.181.250 206.54.181.250	35415 (WEBZILLA) (WEBZILLA)
2	94.130.138.158 94.130.138.158	24940 (HETZNER-AS) (HETZNER-AS)
12	95.211.229.248 95.211.229.248	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	66.254.114.233 66.254.114.233	29789 (REFLECTED) (REFLECTED)
2	2606:4700:303... 2606:4700:3033::6815:3d6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700:303... 2606:4700:3031::6815:a8d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	35.156.143.147 35.156.143.147	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
85	23

24 2606:4700:3033::6815:1e18 (United States)

ASN13335 (CLOUDFLARENET, US)

www.undertow.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.94.237.101 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

img.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

i.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:c99 (United States)

ASN13335 (CLOUDFLARENET, US)

gamesfromheaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:a41b (United States)

ASN13335 (CLOUDFLARENET, US)

iadoremakingpics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.69.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.69.243.136.clients.your-server.de

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.54.181.250 (United States)

ASN35415 (WEBZILLA, NL)
PTR: 1c2-14-d8685-250.webazilla.com

qqjar.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.138.158 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.158.138.130.94.clients.your-server.de

runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 95.211.229.248 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ds03.evo.0x3e.net

main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.254.114.233 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

syndication.traffichaus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3d6c (United States)

ASN13335 (CLOUDFLARENET, US)

nextgencounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:a8d (United States)

ASN13335 (CLOUDFLARENET, US)

suchenachmuschi.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.143.147 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-143-147.eu-central-1.compute.amazonaws.com

venetrigni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yourfreecounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	undertow.club www.undertow.club	334 KB
9	jads.co 1 redirects poweredby.jads.co — Cisco Umbrella Rank: 30032 i.jads.co — Cisco Umbrella Rank: 47385	338 KB
4	realsrv.com main.realsrv.com — Cisco Umbrella Rank: 87701	2 KB
4	exoclick.com main.exoclick.com — Cisco Umbrella Rank: 30962	2 KB
4	exdynsrv.com main.exdynsrv.com — Cisco Umbrella Rank: 85096	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1532	197 B
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1463	15 KB
2	yourfreecounter.com yourfreecounter.com — Cisco Umbrella Rank: 103950	769 B
2	venetrigni.com 2 redirects venetrigni.com — Cisco Umbrella Rank: 13238	1 KB
2	suchenachmuschi.space suchenachmuschi.space — Cisco Umbrella Rank: 179963	521 KB
2	nextgencounter.com nextgencounter.com — Cisco Umbrella Rank: 91997	2 KB
2	traffichaus.com syndication.traffichaus.com — Cisco Umbrella Rank: 54690	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98 Failed	396 B
2	runative-syndicate.com runative-syndicate.com — Cisco Umbrella Rank: 30284	903 B
2	qqjar.ru qqjar.ru — Cisco Umbrella Rank: 161459	718 B
2	tsyndicate.com tsyndicate.com — Cisco Umbrella Rank: 9412	892 B
2	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 9045 Failed	982 B
2	iadoremakingpics.com iadoremakingpics.com — Cisco Umbrella Rank: 190226	25 KB
2	gamesfromheaven.com gamesfromheaven.com — Cisco Umbrella Rank: 308802	4 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 5174	72 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1366	5 KB
1	icons8.com img.icons8.com — Cisco Umbrella Rank: 29613	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
85	24

	Domain	Requested by
24	www.undertow.club	www.undertow.club static.cloudflareinsights.com
6	poweredby.jads.co	1 redirects www.undertow.club poweredby.jads.co
4	main.realsrv.com	gamesfromheaven.com
4	main.exoclick.com	gamesfromheaven.com
4	main.exdynsrv.com	gamesfromheaven.com
3	i.jads.co	poweredby.jads.co
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	alb.reddit.com	gamesfromheaven.com
2	www.redditstatic.com	gamesfromheaven.com
2	yourfreecounter.com	gamesfromheaven.com
2	venetrigni.com	2 redirects
2	suchenachmuschi.space	gamesfromheaven.com
2	nextgencounter.com	gamesfromheaven.com
2	syndication.traffichaus.com	gamesfromheaven.com
2	www.facebook.com	gamesfromheaven.com
2	runative-syndicate.com	gamesfromheaven.com
2	qqjar.ru	gamesfromheaven.com
2	tsyndicate.com	gamesfromheaven.com
2	my.rtmark.net	gamesfromheaven.com
2	iadoremakingpics.com	gamesfromheaven.com
2	gamesfromheaven.com	poweredby.jads.co
1	i.imgur.com	www.undertow.club
1	static.cloudflareinsights.com	www.undertow.club
1	img.icons8.com	www.undertow.club
1	www.googletagmanager.com	www.undertow.club
85	25

This site contains links to these domains. Also see Links.

Domain
discord.gg
juicyads.in
konashion.blogspot.com
xenforo.com
xenmade.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.icons8.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-13` - `2022-05-13`	2 years	crt.sh
*.jads.co Sectigo RSA Domain Validation Secure Server CA	`2021-11-30` - `2022-12-31`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
tsyndicate.com R3	`2022-01-12` - `2022-04-12`	3 months	crt.sh
qqjar.ru ZeroSSL RSA Domain Secure Site CA	`2021-11-23` - `2022-02-21`	3 months	crt.sh
runative-syndicate.com R3	`2021-12-31` - `2022-03-31`	3 months	crt.sh
exdynsrv.com R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
exoclick.com R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
realsrv.com R3	`2022-01-07` - `2022-04-07`	3 months	crt.sh
traffichaus.com R3	`2021-12-07` - `2022-03-07`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-02` - `2022-01-31`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-05` - `2022-04-02`	6 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.undertow.club/downloads/super-deepthroat.522/
Frame ID: 12043A0E7B7039D818EDEA55504AA9C4
Requests: 35 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=917907
Frame ID: 1E742960438CC6C89ED067767ECD93FA
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=917907
Frame ID: AC34F3F67F44FC0DB46C341609320030
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=494246
Frame ID: A5246EE5AF692B6486C9284D1EF5F124
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=494246
Frame ID: 4AE6E21F75780BCDEC85F5F7ED35297F
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=917907
Frame ID: CD781EE15DF1FDA832093C0111D37F2E
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=917907
Frame ID: BE64B1D3535F442A7D6E5E0460C350B9
Requests: 3 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=494246
Frame ID: 0CC81233D9F00CF75230B766552C30DA
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=494246
Frame ID: 09EA9D830FE0CA5940FB214841CC89A3
Requests: 1 HTTP requests in this frame

Frame: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Frame ID: 07F10CFA4EE8FDD05F44594EBF51A4D4
Requests: 21 HTTP requests in this frame

Frame: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Frame ID: 3685743B6902FECE83410C96302A37FF
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Super Deepthroat | Undertow Club

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

87 %
HTTPS

50 %
IPv6

24
Domains

25
Subdomains

23
IPs

4
Countries

1386 kB
Transfer

2456 kB
Size

17
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/YKz5eZmEUT
Title: Discord

Search URL Search Domain Scan URL

URL: https://juicyads.in/tab.php?id=1819177
Title: Live Sex

Search URL Search Domain Scan URL

URL: https://konashion.blogspot.com/
Title: More information

Search URL Search Domain Scan URL

URL: https://xenforo.com/
Title: Community platform by XenForo® © 2010-2021 XenForo Ltd.

Search URL Search Domain Scan URL

URL: https://xenmade.com/
Title: Add-Ons

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

Request Chain 79

https://venetrigni.com/px.gif?akey=e39a6a46f15b8ccd52813778a058820a HTTP 307
https://yourfreecounter.com/dbs?uuid=79ae0856-4c76-41ea-803e-e42be9e34715&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjIzIjoxNjQzMDE0MjYzfSwiYWNjbCI6eyAiMjAsMSI6MTY0MzAxNDI2M319.FhSeNNZmlyFxTFWnwNAAVrvoWytLehrvI_-KdLwHbhs

Request Chain 81

https://venetrigni.com/px.gif?akey=e39a6a46f15b8ccd52813778a058820a HTTP 307
https://yourfreecounter.com/dbs?uuid=fea51d35-4371-404c-af93-ef5454fb9c8b&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjIzIjoxNjQzMDE0MjYzfSwiYWNjbCI6eyAiMjAsMSI6MTY0MzAxNDI2M319.UnQuvDXIgtE2S_KZkqAqp7smfzm-_WyHAMsIOUIznWo

85 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.undertow.club/downloads/super-deepthroat.522/ 72 KB
16 KB 160ms
121ms Document
text/html 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.27 PleskLin

Resource Hash

beab4f21ca93bb5895430e69b0645c84d99e2e05af0c11408a7ae7db75554dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/7.4.27 PleskLin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
link: </styles/fonts/fa/fa-regular-400-min.woff2?_v=5.15.3.1637055964>; rel=preload; as=font; crossorigin=anonymous
vary: Accept-Encoding
last-modified: Mon, 24 Jan 2022 08:51:02 GMT
strict-transport-security: max-age=15768000; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0CgsHdeIxMpNbIQoDacKfp%2F3mTfpvtWNrEPvnZFboNBeWOs5foCeLufKqmeNCIctw%2FjReWtqzGGwgsOscNucGv74AHA0KlmA2qmvoGK1BOAC%2FoiWA%2F0CfPiXrhxoZf5DIwfWOk8ABAiDdPGW%2F83EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d2804821e7a0bf9-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-h2-pushed: </styles/fonts/fa/fa-regular-400-min.woff2?_v=5.15.3.1637055964>

GET
H2 200 fa-regular-400-min.woff2
www.undertow.club/styles/fonts/fa/ 14 KB
14 KB 14ms
0ms Font
font/woff2 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/styles/fonts/fa/fa-regular-400-min.woff2?_v=5.15.3.1637055964

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

6df245815e64fa0e1648884e4088996c32f0b17865e0054116864e4074cf0f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.undertow.club/downloads/super-deepthroat.522/
Origin: https://www.undertow.club
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6945
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13968
last-modified: Tue, 16 Nov 2021 09:46:11 GMT
server: cloudflare
etag: "61937de3-3690"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5JLrTXOj0qc9BjidMZ7fcEaUnSUFVz4rOdkRLtGnXmVlt1cHHV81ocQ0UShbAG278N%2FGg0thLOMgzInullg6QYf9vtHS4L%2BzZLVfMysI7xS46fILQ5jEZubrsfdEmTR%2FUa8oruQeRd%2Fmnf6F%2BYmAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
accept-ranges: bytes
cf-ray: 6d280482cf7d0bf9-AMS

GET
H2 200 css.php
www.undertow.club/ 248 KB
39 KB 30ms
29ms Stylesheet
text/css 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=7&l=1&d=1640548173&k=72d733c088eb8543f9dcfcff7b739a59eb134a5e

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.27, PleskLin

Resource Hash

aa3ee4fe635c732a3115c72ac40b3f4946ac7a4a9c0fc683f3b2b7a729d507b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41900
x-powered-by: PHP/7.4.27, PleskLin
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Dec 2021 19:49:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZeAINhSHCet9m4GZRak%2Bt9TbfmkOf4sIuJqGMx3aQoWvBinP2rcMSz26zqTkG8oVOc0jzSxG13fVP7cteNwfnELo9NNdCqkmPMw%2B6hBupbJwbAuIIgmvrTbjamyyAqM%2Bs4J74uG3%2Bnwg%2BcLFHN%2FYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-polished: origSize=254797
cf-ray: 6d2804830fdf0bf9-AMS
expires: Mon, 26 Dec 2022 19:52:00 GMT

GET
H2 200 css.php
www.undertow.club/ 65 KB
12 KB 31ms
31ms Stylesheet
text/css 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/css.php?css=public%3Alightbox.less%2Cpublic%3Amessage.less%2Cpublic%3Anotices.less%2Cpublic%3Arating_stars.less%2Cpublic%3Ashare_controls.less%2Cpublic%3AsvLazyImageLoader.less%2Cpublic%3Axfrm.less%2Cpublic%3Aextra.less&s=7&l=1&d=1640548173&k=225d099bd262980163c449692f06b0ff3f120b74

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.27, PleskLin

Resource Hash

d275fae05ffabe5cc87ff0af8adb8c2c4ab4f5a784a434991b4945a27ff2f4f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35667
x-powered-by: PHP/7.4.27, PleskLin
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Dec 2021 19:49:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMVES4IIDpg3Aly4ltSTw0%2BtudeXXWecp8WyokHbC%2FQZbGGEzHsh8EaGPGLXj7ityirI8RoXhtI1t%2FYRY2%2B917BVjPnrqGyMWH6HJkjCCK4bZfkfLBprqY94ZoVMv8ucXrqJoKXdk6HOGT%2BiDp7zgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-polished: origSize=67178
cf-ray: 6d2804830fe00bf9-AMS
expires: Mon, 26 Dec 2022 19:52:00 GMT

GET
H2 200 preamble.min.js Show response
www.undertow.club/js/xf/ 3 KB
2 KB 33ms
32ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/js/xf/preamble.min.js?_v=d8536536

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

f8f0d5e29e4408e8ecdccee5e73a185566774f71c7f440cc50ad5c647b127ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6246
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Dec 2021 04:18:21 GMT
server: cloudflare
etag: W/"61b1838d-cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPTWD37%2B0FwvXSUGG9p2xjCxgHwF371fwqLnlg4jS4R2nyTdmdB00xfp4RbS0k862sBTdY4VTExiaACguEg6qn5Qj9yRl9AjqMIzkJZTirzAt6W%2BemGpoKKeORtedoU5%2FyQotdCI5FNEtTuox%2F0f1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d2804830fe20bf9-AMS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 140ms
52ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-20811279-14

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f647a5e9b846b5201b53a1b9884c8e2058658c7bb4c6fe92d185892607ae801

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36500
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Jan 2022 08:51:02 GMT

GET
H3 200 invisible.js Show response
www.undertow.club/cdn-cgi/challenge-platform/h/b/scripts/ 41 KB
15 KB 84ms
83ms Script
text/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.undertow.club/cdn-cgi/challenge-platform/h/b/scripts/invisible.js
Requested by: Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79fbbb40c88c823796111c5ad83e2ffcd3cfa9f26748725eaefd425abb0e20b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzrKHpxL%2FFcXHYt6eg06K4l3b8%2FIe92KElh%2B%2B%2BWstKmVxmQjZ0eDVvcmbYzitSfkpah5P4qWHGJKApcRej6z8iUCJg%2Bz%2F60%2BWUXsuln8Ec%2BgGuGJb6MN5eS9YC7CkOfntsZT66iPVrU0JOjxln%2BxEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6d2804835e0a41a8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 522.jpg
www.undertow.club/data/resource_icons/0/ 15 KB
16 KB 85ms
84ms Image
image/jpeg 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.undertow.club/data/resource_icons/0/522.jpg?1451761811

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

603b773aa6c25eb5fccf77cd6aad907a53af44f24a99c7c9144c901790f08b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3162
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15325
last-modified: Sat, 02 Jan 2016 11:10:12 GMT
server: cloudflare
etag: "5687b014-3bdd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CmxvSiD9nRfHIYlyV%2BE0D%2BE1%2BPAuth4YeP5Pzd4TmaGQF6LpwRBDGhYkXFM33AQnXYVJFHh9xvk%2Fnj4opLnJB%2Fs6mcjwMuAdOjN8oni85FSLnNVRXn5poQ74kpnsB1F3r%2Bh2yiArrnrSIs8oohKELw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6d2804835e0c41a8-AMS

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

48ms
14ms

Script
application/x-javascript

185.94.237.101
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/
Protocol: HTTP/1.1
Server: 185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Dec 2019 19:10:29 GMT
Server: nginx
ETag: W/"5e0262a5-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Mon, 24 Jan 2022 08:51:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H3 200 email-decode.min.js Show response
www.undertow.club/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
25ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jan 2022 15:52:06 GMT
server: cloudflare
etag: W/"61e833a6-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRRdVKtXTzWCWwBCLXvYwIuhjMfvBOk2AiKoS1S%2BpQ9Qex8YiRXBymXqBheamaSPgUhPZAtSBnv4RH2SGEjQyXhnHD5D98WZxPwD7Ud1zi5ZwyngWJylp4nuO7kE%2F9akFnOlxlKoK7abOeNN82YsvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d2804833db641a8-AMS
vary: Accept-Encoding
expires: Wed, 26 Jan 2022 08:51:02 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
www.undertow.club/js/vendor/jquery/ 87 KB
32 KB 69ms
69ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/js/vendor/jquery/jquery-3.5.1.min.js?_v=d8536536

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6189
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 19 Dec 2020 19:41:25 GMT
server: cloudflare
etag: W/"5fde5765-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BtHA1OLx4MXeN0moFDKvyVZLEwSXQ1EYfs9SMAJR7zV8bymaabW%2FSih9%2FkfHV6TfbM6g%2BkGSwvO3OQSJ%2F1pyqEGa4EoEQQylkPlcTC4w3DDPIqQCRQKxfy8E7eCzq0GSbHi2dYpDw%2FAGfJIh0pajg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d2804834ddb41a8-AMS

GET
H3 200 vendor-compiled.js Show response
www.undertow.club/js/vendor/ 42 KB
13 KB 28ms
27ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/js/vendor/vendor-compiled.js?_v=d8536536

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6945
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Sep 2021 02:02:20 GMT
server: cloudflare
etag: W/"614fd4ac-aab8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3Wmk4rLbqCXsuEeUabysdvCoT1g96y49g6TKd%2Bt7BppLmqaxkZ1YJ5wgT7XNf3TV9f4EC0FfioYrt%2FCYOV49lFxtvvHBRgCF%2BB%2B%2BUeQJE%2F7bES43G9LkmdzYhgwQru%2BG7m2VwnkwSCcWq%2F5mnkJ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-polished: origSize=43704
cf-ray: 6d2804835df841a8-AMS
cf-bgj: minify

GET
H3 200 core-compiled.js Show response
www.undertow.club/js/xf/ 206 KB
60 KB 42ms
40ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/js/xf/core-compiled.js?_v=d8536536

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

f0b527f9ecb9b255ab9ae38a357541a17b05edb34aa3bdd7d4dda97a088f2af4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1004
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Dec 2021 04:18:21 GMT
server: cloudflare
etag: W/"61b1838d-33b35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=we4wpXkx%2Bz5VfK6f%2B%2FkBnZW9BRvJysBaNtQFq2Z2W56Zbo8bjcIos7tUEvhKJnszyIwdAEunyOGD68EiC3cUHxSw6O6yb%2FAP4iaHPUunJ%2FIukD%2Bfgtn8kKyY4LVZmNc1ir0ebf5EnERqp5mWMxHQQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-polished: origSize=211765
cf-ray: 6d2804835dfa41a8-AMS
cf-bgj: minify

GET
H3 200 lightbox-compiled.js Show response
www.undertow.club/js/xf/ 80 KB
26 KB 82ms
80ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/js/xf/lightbox-compiled.js?_v=d8536536

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

5fcfb74ca9dc3f7ebdf97b04b4e1daf040621b51527e1424e8cbd3c67370c924

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1498
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Dec 2021 04:18:21 GMT
server: cloudflare
etag: W/"61b1838d-14104"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEdzPNPX56Vlsjm3W%2FbCDo9rl52OTNyxAh%2F63H3Hb2HkOFTmPlTubtM0C%2FVEicwZr6R%2BZ%2B0j%2FiZ0Qte35%2F2mbtEroRYMnDRsrmArTxEEDfjr0zkx4s63SdreIa5o6MX4oKuLgorKdcYkba92upS9Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-polished: origSize=82180
cf-ray: 6d2804835dfd41a8-AMS
cf-bgj: minify

GET
H3 200 lightbox.min.js Show response
www.undertow.club/js/sv/lazyimageloader/xf/ 513 B
849 B 83ms
81ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/js/sv/lazyimageloader/xf/lightbox.min.js?_v=d8536536

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

665e892d2c051f2eef4cc3d260ccd07e819d2ffd5f07c1bf0553702573898e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1511
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 08 Oct 2021 06:58:52 GMT
server: cloudflare
etag: W/"615fec2c-201"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK12eBcBn83MPyiWPMjS8FhmSNvsvSW7laTEaBGiKFXQqYB3uws8ox2YSUVT2Rl2DKBdy98%2BXPEvNvi8bwrCErGzTB6uv%2Fd2P%2FmGybRPNv9z8NUy5Pz9Nt%2FMOP0Ex%2BpprwTbwrsIaYXniJoi3zX3Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d2804835dfe41a8-AMS

GET
H3 200 lazy-compiled.js Show response
www.undertow.club/js/sv/lazyimageloader/ 9 KB
5 KB 83ms
82ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/js/sv/lazyimageloader/lazy-compiled.js?_v=d8536536

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

cfdecbcb31163260618b2fe030e6c816f142692b38a1f19dff076ee9c0ad439a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1233
x-powered-by: PleskLin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 08 Oct 2021 06:58:52 GMT
server: cloudflare
etag: W/"615fec2c-25fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4aiFwq%2Be%2B7dOprodfIxEFHYDiHPTdN4cVxWkieP6jA0ULaQGVMX8JJ4UL5gJQRFh%2BSShGfRGjEkQ8XWkCkx3fhHaE3USx7Wxphc71a48u8TGmkFfhpjnj7HKSSOogkncjjJPoAtSuqefIAJqmj4cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-polished: origSize=9725
cf-ray: 6d2804835e0041a8-AMS
cf-bgj: minify

GET
H3 200 comment.min.js Show response
www.undertow.club/js/xf/ 1 KB
1 KB 84ms
82ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/js/xf/comment.min.js?_v=d8536536

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

db706a3dc7a3ad3e0bfe56eced86c0fb8791081042c81cc198b2418230e42cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5512
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Sep 2021 02:02:21 GMT
server: cloudflare
etag: W/"614fd4ad-4a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMqP4uOgvmwBekSveH%2B%2FK0wuRGp9xUTV67zkQadWHyHBtr4%2B5uca%2BisgPgc19K2G05Diz%2Fp0yodKiQ5qLUdO1XiaqtQ4m9HnYTee60j8dgG%2FAmi%2Bvz2IPSDkGctmyOmKdCgY%2FyIr7kMPw8UhfZCzOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d2804835e0441a8-AMS

GET
H3 200 notice.min.js Show response
www.undertow.club/js/xf/ 3 KB
2 KB 84ms
82ms Script
application/javascript 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/js/xf/notice.min.js?_v=d8536536

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

bfe3ecad86362036bfbf2e0d2bc27a6a593cb0fff32a97a5b1b5f81b409a3bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6070
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 26 Sep 2021 02:02:21 GMT
server: cloudflare
etag: W/"614fd4ad-c24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUDP6yiehHF8UgWS%2B6twrKezfkMf6ka5finw2%2B2l4Uda4tZOO0N8sLjA%2FaWy6Mbocev2Z1HE0Ud3Pxv8UEvIzQo%2B8H%2BytEHhQn42lb7NgznKjGexPwnuSLmiAfYjgQ0rVNKXPDTlnOo1c1sDyR1Eiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 6d2804835e0841a8-AMS

GET
H2 200 lock--v5.png
img.icons8.com/flat_round/64/000000/ 2 KB
3 KB 54ms
7ms Image
image/png 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/flat_round/64/000000/lock--v5.png

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

9e635ab7644baee730ddeeaf83b9335b7149e15f870cb82f279bf1c0f9ef54ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 24 Jan 2022 08:51:02 GMT
icon-size: 64
x-content-type-options: nosniff
memory-svg-cache: false
access-control-allow-origin: *
from-cache: false
from-svg-cache: false
icon-format: png
x-cache: HIT
x-age: 105615
x-dns-prefetch-control: off
content-length: 2168
x-xss-protection: 1; mode=block
x-77-nzt: AcO1rzVQNCn/j5wBAA==
x-accel-expires: @1643211047
not-found-platform: false
last-modified: Sun, 23 Jan 2022 03:30:47 GMT
server: CDN77-Turbo
x-77-nzt-ray: IYTS+XLNRsE=
x-download-options: noopen
x-77-cache: HIT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/png
memory-cache: false
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=302400
icon-id: 73485
accept-ranges: bytes
version: 0.1.0-SNAPSHOT.20220122201305437

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 84ms
57ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.undertow.club/
Origin: https://www.undertow.club
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6d2804837c095c0e-FRA

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a05d4368cfa7171ec877d86b221f81c278519609fbb4b0aed7106ff2dc0a188d

Request headers

Referer
Origin: https://www.undertow.club
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H3 206 Undertow.webm
www.undertow.club/styles/ 256 KB
0 63ms
63ms Media
video/webm 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.undertow.club/styles/Undertow.webm
Requested by: Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.undertow.club/downloads/super-deepthroat.522/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2465947
Content-Range: bytes 0-271429/271430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 271430
last-modified: Wed, 10 Nov 2021 06:58:13 GMT
server: cloudflare
etag: "618b6d85-42446"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emmB%2B1a3AcQX9qUwTy2oD9kW5ggFDSxzNi1ESvJpTOjvgsWVufLCEO07GF6wyxTpmDBpBWiPBapfFePA9Uc1%2F1CAIQNTrxgKUJrTXJHLUbsQH5eOJNPtmbNuG%2BYKv7cIXokPIBvqtEzeJ9RWs%2FUztQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
cache-control: public, max-age=31536000
cf-ray: 6d2804838e4f41a8-AMS

GET
H3 206 Undertow.webm
www.undertow.club/styles/ 64 KB
0 86ms
86ms Media
video/webm 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.undertow.club/styles/Undertow.webm
Requested by: Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.undertow.club/downloads/super-deepthroat.522/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2465947
Content-Range: bytes 0-271429/271430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 271430
last-modified: Wed, 10 Nov 2021 06:58:13 GMT
server: cloudflare
etag: "618b6d85-42446"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qajTpWIf5JR5c4KWDpcyOwKHCymSWAMfDXg0kvOnfU10Je%2BX8i%2BI%2Bx%2F02QVgkqd1BU5CrRM2H%2BIxcgaXS3vEHmfkT6sTFEZi5zrfNk9EX7XGOKsGQ9ZDgGeNb7xk02caMJ%2BxqOxCBr8auekxDf7Lcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
cache-control: public, max-age=31536000
cf-ray: 6d2804838e5241a8-AMS

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sprite_sheet_emojione.png
www.undertow.club/styles/default/xenforo/reactions/emojione/ 7 KB
8 KB 95ms
94ms Image
image/png 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.undertow.club/styles/default/xenforo/reactions/emojione/sprite_sheet_emojione.png

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=7&l=1&d=1640548173&k=72d733c088eb8543f9dcfcff7b739a59eb134a5e

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

da4f904df05d820628611d7b19738510a3eb1779064f82d4136568bafd272009

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=7&l=1&d=1640548173&k=72d733c088eb8543f9dcfcff7b739a59eb134a5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1510
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7443
last-modified: Sat, 19 Dec 2020 19:41:31 GMT
server: cloudflare
etag: "5fde576b-1d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uH1BjG%2Bf7fI6eKcI51z%2BH0%2BpDQEGzGkaEy6eHcmtVfhMubBC6%2FrVsXoO81zytM3%2BbzoeX6O8H3dv3rNX2wOz7kQO94LxZqzikvB%2BzWUcM5bLwlpOetrSiJ1SW7dLnuAvOzRreHIRaaJ6j68LVymqnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 6d2804839e7441a8-AMS

GET
H3 200 242163.jpg
www.undertow.club/data/avatars/s/242/ 6 KB
6 KB 36ms
35ms Image
image/jpeg 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.undertow.club/data/avatars/s/242/242163.jpg?1588895622

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

49531654e24da5cca54e3243c8822bbc36cb3df1be3bd603e60fed64f0181de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 280
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5766
last-modified: Thu, 07 May 2020 23:53:42 GMT
server: cloudflare
etag: "5eb49f86-1686"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQOoeqO52kV22bTlkhNLuyddaNm%2BMXH9hupw34Bar6lXOouM2qQcnawCV4BV7sKT08yWsqXo8LWehwfesjrkLQ1SBjf%2FlDivc4eY8A%2BLBi6fMh4%2BnqubzX4Izf0Mgy8JH7A2UBfOFK53WrbHJB8qTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6d280483ff1541a8-AMS

GET
H3 200 5850.jpg
www.undertow.club/data/avatars/s/5/ 51 KB
52 KB 39ms
39ms Image
image/jpeg 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.undertow.club/data/avatars/s/5/5850.jpg?1598197146

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

bb2d979d585ecb234b8ab8f6df932e29ed532c532cd83cc44883ffc4296ce1d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/downloads/super-deepthroat.522/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2646
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52378
last-modified: Sun, 23 Aug 2020 15:39:24 GMT
server: cloudflare
etag: "5f428dac-cc9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B52XPPnS7%2BLI8dr%2FFzS6WVjbIDcID7i5Jcv486iJgcdchdLGzLH90nur3Mmj%2FL0QbfsW9tccqoHrsZxzGgYq6oeipTKCnxrWpJV5e1sNZkocQyzr4tBrAUg7KIy1bQIMLyaPxprJM6xleOuzHuihg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 6d280483ff1f41a8-AMS

GET
H3 200 fa-brands-400-min.woff2
www.undertow.club/styles/fonts/fa/ 4 KB
4 KB 25ms
24ms Font
font/woff2 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/styles/fonts/fa/fa-brands-400-min.woff2?_v=5.15.3.1637055964

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

1a1f262ecbe3da94d38931106bd01f3dceea23d272f78b7a20c7e1c7ffb412b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

Referer: https://www.undertow.club/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=7&l=1&d=1640548173&k=72d733c088eb8543f9dcfcff7b739a59eb134a5e
Origin: https://www.undertow.club
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1187
x-powered-by: PleskLin
strict-transport-security: max-age=15768000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3852
last-modified: Tue, 16 Nov 2021 09:46:11 GMT
server: cloudflare
etag: "61937de3-f0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QB%2Bvf7apdXjsTr0Z2wFwhB3FnkFLuxdjBnMb%2FXIiVMjcYj3ojke8EgE7pCLI5ZzuBNRUwlu3XS8rEstWQeXfHH3Ox9Ykc0Vr%2FELHvcu9y0XhKTmKeQHuZT6mt1jBjdqJ9IUV18phPvJUavrf3zGFDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
accept-ranges: bytes
cf-ray: 6d2804843f9441a8-AMS

GET
DATA 200
OK truncated
/ 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8047d7fba8f98fdd31c65637247532d5e354d699f07f540855d67c8258c39ac5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 206 Undertow.webm
www.undertow.club/styles/ 9 KB
10 KB 34ms
33ms Media
video/webm 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.undertow.club/styles/Undertow.webm
Requested by: Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ffd5a67a451130ce982a6a712e76172dd0f141bbe836f59c9df4a9723808627

Request headers

Referer: https://www.undertow.club/downloads/super-deepthroat.522/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=262144-

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2465947
Content-Range: bytes 262144-271429/271430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 9286
last-modified: Wed, 10 Nov 2021 06:58:13 GMT
server: cloudflare
etag: "618b6d85-42446"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JmOC6lujs8f60g3OwPOmGnsg%2FLq%2BPjmrAChkLQCJlTmgWH270bLo9uL5bsMF9gp3s5KWv4LCdX%2FnjwDzvVln3SR9srace3rPHyL%2BZDsTbTjqyBXJcDM07riSgc7TWlTAKJxwp3h8aluoy8trg1QuKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/webm
cache-control: public, max-age=31536000
cf-ray: 6d280484780841a8-AMS

GET adshow.php
poweredby.jads.co/ Frame 1E74 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame AC34 3 KB
2 KB 622ms
595ms Document
text/html 185.94.237.101
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=917907
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 019e89fbced29bd0c8a99837c8647aab8072877d9b544531c8f849569a0df0ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/

Response headers

Server: nginx
Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Content-Encoding: gzip

GET adshow.php
poweredby.jads.co/ Frame A524 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame 4AE6 3 KB
2 KB 640ms
614ms Document
text/html 185.94.237.101
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=494246
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 394ea1ddf59d486a2c479a9373e06a95a1a04eb6e7c77b5fb8970b6c1a12d797

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/

Response headers

Server: nginx
Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Content-Encoding: gzip

GET adshow.php
poweredby.jads.co/ Frame CD78 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame BE64 5 KB
2 KB 638ms
612ms Document
text/html 185.94.237.101
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=917907
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 6fffb1afbe823540976d49be1f22109f9d20add85d92acd1bb51b4e2aa7d67b6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/

Response headers

Server: nginx
Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Content-Encoding: gzip

GET adshow.php
poweredby.jads.co/ Frame 0CC8 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame 09EA 3 KB
2 KB 637ms
613ms Document
text/html 185.94.237.101
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=494246
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.237.101 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 1b278596a325a7f4f0e8cd5bad2235c1b24f160e1e6922249f2edbaa98f03fe8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/

Response headers

Server: nginx
Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Content-Encoding: gzip

GET
H2 200 5X5Kaxe.jpg
i.imgur.com/ 72 KB
72 KB 30ms
9ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/5X5Kaxe.jpg

Requested by

Host: www.undertow.club
URL: https://www.undertow.club/downloads/super-deepthroat.522/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8824d963e1ffd479cff828fa28673122f5897ad2fe0b1bde6a8af4751be43a9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:02 GMT
x-content-type-options: nosniff
age: 4589273
x-cache: HIT, HIT, HIT
content-length: 73220
x-served-by: cache-bwi5182-BWI, cache-iad-kjyo7100077-IAD, cache-fra19154-FRA
last-modified: Thu, 03 Dec 2015 00:49:59 GMT
server: cat factory 1.0
x-timer: S1643014263.507498,VS0,VE2
etag: "b12fb7a320cec2c4ca728b75c6a37fd6"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20811279-14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2770
date: Mon, 24 Jan 2022 08:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 24 Jan 2022 10:04:52 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 93ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=346355869&t=pageview&_s=1&dl=https%3A%2F%2Fwww.undertow.club%2Fdownloads%2Fsuper-deepthroat.522%2F&ul=en-us&de=UTF-8&dt=Super%20Deepthroat%20%7C%20Undertow%20Club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=946463530&gjid=1633585306&cid=1664419658.1643014263&tid=UA-20811279-14&_gid=959292637.1643014263&_r=1&gtm=2ou1j0&z=662658077

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.undertow.club/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 08:51:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.undertow.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 271-1569119961-0684838001569119961.jpg
i.jads.co/network/user4057a/ Frame AC34 75 KB
75 KB 65ms
18ms Image
image/jpeg 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jads.co/network/user4057a/271-1569119961-0684838001569119961.jpg
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=917907
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 3e9dfeb8e396ad9ac3d90fbe228743c9c07898d6953cf4d8efc6586cd7b1b067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
last-modified: Sun, 22 Sep 2019 02:39:21 GMT
etag: "1569119961"
x-hw: 1643014263.dop239.am5.t,1643014263.cds302.am5.hn,1643014263.cds110.am5.c
content-type: image/jpeg
cache-control: max-age=7577275
accept-ranges: bytes
content-length: 76466

GET
H2 200 35528-1580823012-0421756001580823012.gif
i.jads.co/network/user17228/ Frame BE64 252 KB
252 KB 68ms
43ms Image
image/gif 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jads.co/network/user17228/35528-1580823012-0421756001580823012.gif
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=917907
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 16d77ddfd7631005863686a39c27137d64d64471e2f3d55a8be7c68b6f3fc39a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
last-modified: Tue, 04 Feb 2020 13:30:12 GMT
etag: "1580823012"
x-hw: 1643014263.dop239.am5.t,1643014263.cds302.am5.hn,1643014263.cds206.am5.c
content-type: image/gif
cache-control: max-age=22455207
accept-ranges: bytes
content-length: 257935

GET
H2 200 1x1.gif
i.jads.co/ Frame BE64 43 B
176 B 91ms
66ms Image
image/gif 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.jads.co/1x1.gif
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=917907
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
etag: "1457030838"
x-hw: 1643014263.dop239.am5.t,1643014263.cds302.am5.hn,1643014263.cds151.am5.c
content-type: image/gif
cache-control: max-age=12675002
accept-ranges: bytes
content-length: 43

GET
H2 200 5d43ef594e3 Show response
gamesfromheaven.com/iframe/ Frame 07F1 3 KB
2 KB 176ms
124ms Document
text/html 2606:4700:3033::6815:c99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=494246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:c99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bdc6f82afca66e1e0196d870840491e2b8066440be2b73629d9edbf43c0ce55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eH3ZaqlRQmN5QhAt5SsjRNOl9C2pso6DWLvP5%2F3uSJh3ChHLAzxpUFROTNSfJiNpLDFm2pz6DU00lM4wJV5if%2BER2kBex%2B5KAnTo4EAMxPBZonLotpI2tZUcA3ZAd85EtamNZGSQUV6IIbA4bsCs5aqK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d280488fffd1ffc-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 5d43ef594e3 Show response
gamesfromheaven.com/iframe/ Frame 3685 3 KB
2 KB 182ms
131ms Document
text/html 2606:4700:3033::6815:c99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=494246
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:c99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee50f2d8ebecc2020cfa5ecb4e6dc30d7320df831e020a427e36f12b8edadbeb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://poweredby.jads.co/

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGoi9E8fQ3fLJ6tMu4r5FxKeLzjgY551wNDEXL8lLfBILV0QI7WETMdbyDtx42cjaTUbBITQmipQhFWVKUBnTRWwiSyLm9RH2AiwuEoPrA4heORDHtzPpB0hYkZBvGXI4nZJrSLyszM1vaeQ1pBKmjOt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d280488ffff1ffc-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 7bab87db76c326ad9eeabb836e80651f.jpg
iadoremakingpics.com/bnr/4/7ba/b87db7/ Frame 07F1 11 KB
11 KB 209ms
137ms Image
image/jpeg 2606:4700:3034::ac43:a41b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iadoremakingpics.com/bnr/4/7ba/b87db7/7bab87db76c326ad9eeabb836e80651f.jpg
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3daa9d74405a93b22256ad519b73bf74584180e0c36110435eb1ef5bd74aaa5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 05 Nov 2021 12:58:38 GMT
server: cloudflare
etag: "61852a7e-2b71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtOQf%2FOp3EzpNww6tt6sOTU4EmPv02VgBllMN7bHG3vA6gRYEeMUgt5%2FXeeyolJWIBGnPWFxkegvOFkgtNj4%2FyobA8gMhQ2O47Z04DoGCJYRAc%2BbqE%2F4oPkgqtCapPot3teOVGpE94XcXWJdjEmeqmZ%2BgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d28048a5e13fadf-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11121
expires: Tue, 25 Jan 2022 08:51:03 GMT

GET img.gif
my.rtmark.net/ Frame 07F1 0
0

GET
H2 200 b5e023d7-d6ac-495d-8e3b-e65703a0f52a
tsyndicate.com/api/v1/retargeting/set/ Frame 07F1 35 B
447 B 45ms
12ms Image
image/gif 136.243.69.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/b5e023d7-d6ac-495d-8e3b-e65703a0f52a
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.69.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.69.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 08:51:03 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: 386726e855d4a389
expires: 0

GET
H/1.1 200
OK add
qqjar.ru/retarget/ Frame 07F1 70 B
359 B 499ms
461ms Image
image/png 206.54.181.250
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qqjar.ru/retarget/add?retargeting_code=1&add=1&retargeting_id=3958
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 206.54.181.250 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS: 1c2-14-d8685-250.webazilla.com
Software: /
Resource Hash: 76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 08:51:03 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
connection: close
content-length: 70
content-type: image/png

GET
H2 200 1a59e97d-a1c2-4718-89ea-5a19b9d400ea
runative-syndicate.com/api/v1/retargeting/set/ Frame 07F1 35 B
451 B 58ms
11ms Image
image/gif 94.130.138.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runative-syndicate.com/api/v1/retargeting/set/1a59e97d-a1c2-4718-89ea-5a19b9d400ea
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.138.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.158.138.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 08:51:03 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: 389c4435f5d5eae9
expires: 0

GET tr
www.facebook.com/ Frame 07F1 0
0

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame 07F1 0
419 B 64ms
17ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame 07F1 0
419 B 63ms
17ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame 07F1 0
418 B 59ms
16ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame 07F1 0
419 B 59ms
16ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame 07F1 0
419 B 62ms
19ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame 07F1 0
418 B 30ms
16ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK r.php
syndication.traffichaus.com/adserve/ Frame 07F1 95 B
619 B 851ms
828ms Image
image/png 66.254.114.233
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syndication.traffichaus.com/adserve/r.php?k=HAT&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322079002
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.114.233 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: nginx /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:04 GMT
server: nginx
transfer-encoding: chunked
x-request-id: 61EE6877-42FE72E901BB4EE2-2032270E
content-type: image/png

GET
H2 200 index.min.js Show response
nextgencounter.com/ Frame 07F1 645 B
955 B 65ms
29ms Script
application/javascript 2606:4700:3033::6815:3d6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nextgencounter.com/index.min.js?pk=e39a6a46f15b8ccd52813778a058820a
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3d6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c65084e8fffee537fd981f8b9cb2d9c79db4d1dd18adbc703b66d85bc735ed0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Mar 2021 11:14:58 GMT
server: cloudflare
age: 3954
etag: W/"605487b2-285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQeFXhwRhsgAHVOpAFqNDTZ%2B%2FI%2B7JmuuctxGyTSvUptj1vKx4zJJ9ruPR1zAbD5X1cg6eV4fsdhp2EgiVhZuF%2BI2hdBM8RNFmSjbg8TU3S%2BMbAM4O374io6xXd3eFRBawXAKXM3jzJZFFD4m0SBzdFk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d28048a1bb57a52-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 84b09227137751eb4958def82760be01.jpg
iadoremakingpics.com/bnr/4/84b/092271/ Frame 3685 13 KB
13 KB 205ms
134ms Image
image/jpeg 2606:4700:3034::ac43:a41b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iadoremakingpics.com/bnr/4/84b/092271/84b09227137751eb4958def82760be01.jpg
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cfd1527a6af177dc22c7070965ac9b7f25fd3315b65a72d851ceb7fc833879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 20 May 2021 13:51:46 GMT
server: cloudflare
etag: "60a66972-32fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eqpHBO0h9PqmxSQuBlDVHORhyleAqitoFtDe4Ec9JbXleVxbu3y1rg3WrYSc7B1ODlGC57NPN7v5JZ1PHsDCymmB%2BAO6p0x9liVA62xq%2B1RSRd2KCQ3o4vQPKvsFZKAFnnpJ%2FE%2FRH6qfHBcWdasnUVxpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6d28048a5e1afadf-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13054
expires: Tue, 25 Jan 2022 08:51:03 GMT

GET img.gif
my.rtmark.net/ Frame 3685 0
0

GET
H2 200 b5e023d7-d6ac-495d-8e3b-e65703a0f52a
tsyndicate.com/api/v1/retargeting/set/ Frame 3685 35 B
445 B 44ms
12ms Image
image/gif 136.243.69.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/b5e023d7-d6ac-495d-8e3b-e65703a0f52a
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.69.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.69.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 08:51:03 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: a9e1e52c7aa91860
expires: 0

GET
H/1.1 200
OK add
qqjar.ru/retarget/ Frame 3685 70 B
359 B 502ms
466ms Image
image/png 206.54.181.250
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qqjar.ru/retarget/add?retargeting_code=1&add=1&retargeting_id=3958
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 206.54.181.250 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS: 1c2-14-d8685-250.webazilla.com
Software: /
Resource Hash: 76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 08:51:03 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
connection: close
content-length: 70
content-type: image/png

GET
H2 200 1a59e97d-a1c2-4718-89ea-5a19b9d400ea
runative-syndicate.com/api/v1/retargeting/set/ Frame 3685 35 B
452 B 56ms
10ms Image
image/gif 94.130.138.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runative-syndicate.com/api/v1/retargeting/set/1a59e97d-a1c2-4718-89ea-5a19b9d400ea
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.138.158 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.158.138.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jan 2022 08:51:03 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: d8270a1768efcd6c
expires: 0

GET tr
www.facebook.com/ Frame 3685 0
0

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame 3685 0
419 B 62ms
17ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame 3685 0
419 B 60ms
15ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame 3685 0
418 B 58ms
17ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=05f747f9753a0b4172a8faf1128a78e1
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame 3685 0
419 B 58ms
15ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame 3685 0
419 B 59ms
16ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame 3685 0
418 B 30ms
16ms Image
text/html 95.211.229.248
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=f84a30695485b0b005f7984d20b6af81
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.248 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ds03.evo.0x3e.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 08:51:03 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK r.php
syndication.traffichaus.com/adserve/ Frame 3685 95 B
619 B 2783ms
2760ms Image
image/png 66.254.114.233
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syndication.traffichaus.com/adserve/r.php?k=HAT&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322079002
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.114.233 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: nginx /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:06 GMT
server: nginx
transfer-encoding: chunked
x-request-id: 61EE6877-42FE72E901BB373D-202424D8
content-type: image/png

GET
H2 200 index.min.js Show response
nextgencounter.com/ Frame 3685 645 B
642 B 65ms
31ms Script
application/javascript 2606:4700:3033::6815:3d6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nextgencounter.com/index.min.js?pk=e39a6a46f15b8ccd52813778a058820a
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3d6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c65084e8fffee537fd981f8b9cb2d9c79db4d1dd18adbc703b66d85bc735ed0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 Mar 2021 11:14:58 GMT
server: cloudflare
age: 3954
etag: W/"605487b2-285"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFsdZWdcCzyvm2Npz%2BWfPZ6CFgf4H%2FLL5f8ds7sAj6V%2BhP4NWsIEY24OD3wBHVLOxDMuxdMeGBkdmdKpNfiVV63zBlU4q8ec93SO6o9l3ag%2BWUs2%2Fk1YgcN%2FxVaqX329DI5LFNxsCQ0jdvtkhogRAw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d28048a1bc77a52-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 img.gif
my.rtmark.net/ Frame 07F1 43 B
491 B 15ms
13ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502

Requested by

Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 tr
www.facebook.com/ Frame 07F1 44 B
295 B 11ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=138979298216852&ev=PageView&noscript=1

Requested by

Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 24 Jan 2022 08:51:03 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 3685 43 B
491 B 15ms
12ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502

Requested by

Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 tr
www.facebook.com/ Frame 3685 44 B
101 B 10ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=138979298216852&ev=PageView&noscript=1

Requested by

Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 24 Jan 2022 08:51:03 GMT

GET
H2 206 7bab87db76c326ad9eeabb836e80651f.mp4
suchenachmuschi.space/bnr/4/7ba/b87db7/ Frame 07F1 425 KB
426 KB 80ms
35ms Media
video/mp4 2606:4700:3031::6815:a8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://suchenachmuschi.space/bnr/4/7ba/b87db7/7bab87db76c326ad9eeabb836e80651f.mp4
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 105540c011e03303e5aa717666b0cc956b36859e53d4cfae441f93cb91ebff33

Request headers

Referer: https://gamesfromheaven.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56714
Content-Range: bytes 0-435503/435504
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 435504
last-modified: Fri, 05 Nov 2021 12:58:38 GMT
server: cloudflare
etag: "61852a7e-6a530"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LWFiBhaVYWZL6cLrbR1pVKQMkyp5H0ROlTv8mWuHfavwYmHY6CpKRITbIsc1TxXYGErobtX5n68cW3yLerVYydlKnCnRCkE8o5lv8t5hChjYy8Q12dm%2Bj%2BorU7Zc1rLVTePdbMsuvyyz%2F0xSWLxqp28oIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=14400
cf-ray: 6d28048a281e716e-DUS

GET
H2 206 84b09227137751eb4958def82760be01.mp4
suchenachmuschi.space/bnr/4/84b/092271/ Frame 3685 94 KB
94 KB 102ms
58ms Media
video/mp4 2606:4700:3031::6815:a8d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://suchenachmuschi.space/bnr/4/84b/092271/84b09227137751eb4958def82760be01.mp4
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:a8d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b38a7c8fe220c5241cbda25cd0d128da8e1167291340806a9c24d9f5a4b656

Request headers

Referer: https://gamesfromheaven.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68241
Content-Range: bytes 0-96121/96122
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 96122
last-modified: Thu, 20 May 2021 13:51:46 GMT
server: cloudflare
etag: "60a66972-1777a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91KROYjSq95qrnAa5PeYa8NhS24HDylEQgMLTyl%2FNvWFWqvn7lq63%2F%2BLQJoTol%2Fbmp05uKJbAO9tl%2Birsn%2F%2Fcs%2BZ5XPcvcarQhKLrz29ZGa%2B8SQerxyL8dtyvEXcFKPVsy7oGiflrO45fB04w9trQtuMEYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cache-control: max-age=14400
cf-ray: 6d28048a2820716e-DUS

GET
H2

200

dbs
yourfreecounter.com/ Frame 07F1
Redirect Chain

https://venetrigni.com/px.gif?akey=e39a6a46f15b8ccd52813778a058820a
https://yourfreecounter.com/dbs?uuid=79ae0856-4c76-41ea-803e-e42be9e34715&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjIzIjoxNjQzMDE0MjYzfSwiYWNjbCI6eyAiMjAsMSI6MTY0MzAxNDI2M319.FhS...

7 B
384 B

213ms
199ms

Image
image/gif

35.156.143.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfreecounter.com/dbs?uuid=79ae0856-4c76-41ea-803e-e42be9e34715&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjIzIjoxNjQzMDE0MjYzfSwiYWNjbCI6eyAiMjAsMSI6MTY0MzAxNDI2M319.FhSeNNZmlyFxTFWnwNAAVrvoWytLehrvI_-KdLwHbhs
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Server: 35.156.143.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-143-147.eu-central-1.compute.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
cache-control: max-age=0, : no-cache
server: nginx/1.17.6
content-type: image/gif
content-length: 7
expires: Mon, 24 Jan 2022 08:51:03 GMT

Redirect headers

location: https://yourfreecounter.com/dbs?uuid=79ae0856-4c76-41ea-803e-e42be9e34715&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjIzIjoxNjQzMDE0MjYzfSwiYWNjbCI6eyAiMjAsMSI6MTY0MzAxNDI2M319.FhSeNNZmlyFxTFWnwNAAVrvoWytLehrvI_-KdLwHbhs
date: Mon, 24 Jan 2022 08:51:03 GMT
cache-control: max-age=0, : no-cache
server: nginx/1.17.6
content-type: image/gif
content-length: 0
expires: Mon, 24 Jan 2022 08:51:03 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame 07F1 23 KB
8 KB 33ms
6ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H2

200

dbs
yourfreecounter.com/ Frame 3685
Redirect Chain

https://venetrigni.com/px.gif?akey=e39a6a46f15b8ccd52813778a058820a
https://yourfreecounter.com/dbs?uuid=fea51d35-4371-404c-af93-ef5454fb9c8b&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjIzIjoxNjQzMDE0MjYzfSwiYWNjbCI6eyAiMjAsMSI6MTY0MzAxNDI2M319.UnQ...

7 B
385 B

206ms
201ms

Image
image/gif

35.156.143.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yourfreecounter.com/dbs?uuid=fea51d35-4371-404c-af93-ef5454fb9c8b&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjIzIjoxNjQzMDE0MjYzfSwiYWNjbCI6eyAiMjAsMSI6MTY0MzAxNDI2M319.UnQuvDXIgtE2S_KZkqAqp7smfzm-_WyHAMsIOUIznWo
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Server: 35.156.143.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-143-147.eu-central-1.compute.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
cache-control: max-age=0, : no-cache
server: nginx/1.17.6
content-type: image/gif
content-length: 7
expires: Mon, 24 Jan 2022 08:51:03 GMT

Redirect headers

location: https://yourfreecounter.com/dbs?uuid=fea51d35-4371-404c-af93-ef5454fb9c8b&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjozLCJhY3VzIjoxLCJhY2kiOnsgIjIzIjoxNjQzMDE0MjYzfSwiYWNjbCI6eyAiMjAsMSI6MTY0MzAxNDI2M319.UnQuvDXIgtE2S_KZkqAqp7smfzm-_WyHAMsIOUIznWo
date: Mon, 24 Jan 2022 08:51:03 GMT
cache-control: max-age=0, : no-cache
server: nginx/1.17.6
content-type: image/gif
content-length: 0
expires: Mon, 24 Jan 2022 08:51:03 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame 3685 23 KB
7 KB 32ms
7ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 03 Nov 2021 15:08:58 GMT
server: snooserv
etag: "3fbf36d562f1d2a543a89683060265ed"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-encoding: gzip
content-length: 7632

GET
H2 200 rp.gif
alb.reddit.com/ Frame 3685 42 B
125 B 133ms
107ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1643014263443&id=t2_a7co1m6o&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=9adea087-4d6e-4b7c-8691-8178b78b490f&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

GET
H2 200 rp.gif
alb.reddit.com/ Frame 07F1 42 B
72 B 416ms
393ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1643014263447&id=t2_a7co1m6o&event=PageVisit&m.itemCount=&m.value=&m.currency=&m.transactionId=&m.customEventName=&uuid=391dd88e-4312-42b4-bbe7-78901e359feb&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5b7866e3
Requested by: Host: gamesfromheaven.com
URL: https://gamesfromheaven.com/iframe/5d43ef594e3?iframe&ag_custom_domain=undertow.club
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gamesfromheaven.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 08:51:03 GMT
via: 1.1 varnish
server: Varnish
accept-ranges: bytes
content-length: 42
retry-after: 0
content-type: image/gif

POST
H3 200 rum Show response
www.undertow.club/cdn-cgi/ 0
168 B 24ms
24ms XHR
text/plain 2606:4700:3033::6815:1e18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.undertow.club/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:1e18 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.undertow.club/downloads/super-deepthroat.522/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

date: Mon, 24 Jan 2022 08:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.undertow.club
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6d28049b982841a8-AMS
vary: Origin

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=346355869&t=timing&_s=2&dl=https%3A%2F%2Fwww.undertow.club%2Fdownloads%2Fsuper-deepthroat.522%2F&ul=en-us&de=UTF-8&dt=Super%20Deepthroat%20%7C%20Undertow%20Club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4114&pdt=1&dns=0&rrt=0&srt=121&tcp=39&dit=371&clt=372&_gst=438&_gbt=575&_cst=230&_cbt=433&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1664419658.1643014263&tid=UA-20811279-14&_gid=959292637.1643014263&gtm=2ou1j0&z=1516154023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.undertow.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Jan 2022 15:04:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63978
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=917907

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=494246

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=917907

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=494246

Domain: my.rtmark.net
URL: https://my.rtmark.net/img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502

Domain: www.facebook.com
URL: https://www.facebook.com/tr?id=138979298216852&ev=PageView&noscript=1

Domain: my.rtmark.net
URL: https://my.rtmark.net/img.gif?f=sync&lr=1&partner=306f137c13013ee4f568122355835e079f577844602bde9f161b0a61a23db502

Domain: www.facebook.com
URL: https://www.facebook.com/tr?id=138979298216852&ev=PageView&noscript=1

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.undertow.club/	1969-12-31 23:59:59	Name: xf_csrf Value: yfAAWl8pu1R13oAb
.undertow.club/	1970-01-20 17:54:46	Name: _ga Value: GA1.2.1664419658.1643014263
.undertow.club/	1970-01-20 00:25:00	Name: _gid Value: GA1.2.959292637.1643014263
.undertow.club/	1970-01-20 00:23:34	Name: _gat_gtag_UA_20811279_14 Value: 1
.gamesfromheaven.com/	1970-01-20 00:25:00	Name: c_c2832131e30996e6a77442da5ec678d9 Value: 1
.gamesfromheaven.com/	1970-01-20 00:25:00	Name: z_296dcf881c5ec3a62edeb80ccd843a69 Value: 1
.gamesfromheaven.com/	1970-01-20 00:25:00	Name: showed_14485_9688 Value: [2489300]
.exdynsrv.com/	1970-01-20 09:09:10	Name: goals Value: a%3A1%3A%7Bi%3A43686%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-01-24%22%3B%7D%7D
.exoclick.com/	1970-01-20 09:09:10	Name: goals Value: a%3A1%3A%7Bi%3A83749%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-01-24%22%3B%7D%7D
my.rtmark.net/	1970-01-20 09:09:10	Name: ID Value: 6db58ad365244c078ec5c8a4709945d6
.realsrv.com/	1970-01-20 09:09:10	Name: goals Value: a%3A1%3A%7Bi%3A83749%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-01-24%22%3B%7D%7D
venetrigni.com/	1970-01-20 02:33:10	Name: ak Value: 23,1643014263
venetrigni.com/	1970-01-20 02:33:10	Name: acl Value: 20,1,1643014263
venetrigni.com/	1970-01-23 15:59:34	Name: uid_id2 Value: fea51d35-4371-404c-af93-ef5454fb9c8b:3:1
yourfreecounter.com/	1970-01-20 02:33:10	Name: ak Value: 23,1643014263
yourfreecounter.com/	1970-01-20 02:33:10	Name: acl Value: 20,1,1643014263
yourfreecounter.com/	1970-01-23 15:59:34	Name: uid_id2 Value: fea51d35-4371-404c-af93-ef5454fb9c8b:3:1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
gamesfromheaven.com
i.imgur.com
i.jads.co
iadoremakingpics.com
img.icons8.com
main.exdynsrv.com
main.exoclick.com
main.realsrv.com
my.rtmark.net
nextgencounter.com
poweredby.jads.co
qqjar.ru
runative-syndicate.com
static.cloudflareinsights.com
suchenachmuschi.space
syndication.traffichaus.com
tsyndicate.com
venetrigni.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.redditstatic.com
www.undertow.club
yourfreecounter.com
my.rtmark.net
poweredby.jads.co
www.facebook.com
136.243.69.157
139.45.195.8
151.101.12.193
151.101.193.140
185.94.237.101
206.54.181.250
2606:4700:3031::6815:a8d
2606:4700:3033::6815:1e18
2606:4700:3033::6815:3d6c
2606:4700:3033::6815:c99
2606:4700:3034::ac43:a41b
2606:4700::6810:5f41
2a00:1450:4001:808::200e
2a00:1450:4001:82f::2008
2a02:6ea0:c700::4
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::396
35.156.143.147
66.254.114.233
69.16.175.42
94.130.138.158
95.211.229.248
019e89fbced29bd0c8a99837c8647aab8072877d9b544531c8f849569a0df0ab
04686da390f8eec3ccd75869fa71e22cad452cfcff6ffa31c979f599d64831d8
0f647a5e9b846b5201b53a1b9884c8e2058658c7bb4c6fe92d185892607ae801
105540c011e03303e5aa717666b0cc956b36859e53d4cfae441f93cb91ebff33
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16d77ddfd7631005863686a39c27137d64d64471e2f3d55a8be7c68b6f3fc39a
1a1f262ecbe3da94d38931106bd01f3dceea23d272f78b7a20c7e1c7ffb412b0
1b278596a325a7f4f0e8cd5bad2235c1b24f160e1e6922249f2edbaa98f03fe8
22cfd1527a6af177dc22c7070965ac9b7f25fd3315b65a72d851ceb7fc833879
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bdc6f82afca66e1e0196d870840491e2b8066440be2b73629d9edbf43c0ce55
394ea1ddf59d486a2c479a9373e06a95a1a04eb6e7c77b5fb8970b6c1a12d797
3e9dfeb8e396ad9ac3d90fbe228743c9c07898d6953cf4d8efc6586cd7b1b067
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
49531654e24da5cca54e3243c8822bbc36cb3df1be3bd603e60fed64f0181de9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ffd5a67a451130ce982a6a712e76172dd0f141bbe836f59c9df4a9723808627
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5fcfb74ca9dc3f7ebdf97b04b4e1daf040621b51527e1424e8cbd3c67370c924
603b773aa6c25eb5fccf77cd6aad907a53af44f24a99c7c9144c901790f08b24
665e892d2c051f2eef4cc3d260ccd07e819d2ffd5f07c1bf0553702573898e98
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df245815e64fa0e1648884e4088996c32f0b17865e0054116864e4074cf0f19
6fffb1afbe823540976d49be1f22109f9d20add85d92acd1bb51b4e2aa7d67b6
76975ba315befd03dd68246f65598f13854cda92700123dd8a0635fd3baf2b65
79fbbb40c88c823796111c5ad83e2ffcd3cfa9f26748725eaefd425abb0e20b4
8047d7fba8f98fdd31c65637247532d5e354d699f07f540855d67c8258c39ac5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8824d963e1ffd479cff828fa28673122f5897ad2fe0b1bde6a8af4751be43a9c
9c65084e8fffee537fd981f8b9cb2d9c79db4d1dd18adbc703b66d85bc735ed0
9e635ab7644baee730ddeeaf83b9335b7149e15f870cb82f279bf1c0f9ef54ae
a05d4368cfa7171ec877d86b221f81c278519609fbb4b0aed7106ff2dc0a188d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b38a7c8fe220c5241cbda25cd0d128da8e1167291340806a9c24d9f5a4b656
aa3ee4fe635c732a3115c72ac40b3f4946ac7a4a9c0fc683f3b2b7a729d507b0
bb2d979d585ecb234b8ab8f6df932e29ed532c532cd83cc44883ffc4296ce1d0
beab4f21ca93bb5895430e69b0645c84d99e2e05af0c11408a7ae7db75554dfe
bfe3ecad86362036bfbf2e0d2bc27a6a593cb0fff32a97a5b1b5f81b409a3bb6
c3daa9d74405a93b22256ad519b73bf74584180e0c36110435eb1ef5bd74aaa5
cfdecbcb31163260618b2fe030e6c816f142692b38a1f19dff076ee9c0ad439a
d275fae05ffabe5cc87ff0af8adb8c2c4ab4f5a784a434991b4945a27ff2f4f0
da4f904df05d820628611d7b19738510a3eb1779064f82d4136568bafd272009
db706a3dc7a3ad3e0bfe56eced86c0fb8791081042c81cc198b2418230e42cba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee50f2d8ebecc2020cfa5ecb4e6dc30d7320df831e020a427e36f12b8edadbeb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1
f0b527f9ecb9b255ab9ae38a357541a17b05edb34aa3bdd7d4dda97a088f2af4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8f0d5e29e4408e8ecdccee5e73a185566774f71c7f440cc50ad5c647b127ce3
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.undertow.club Open in urlscan Pro 2606:4700:3033::6815:1e18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

87 %HTTPS

50 %IPv6

24 Domains

25 Subdomains

23 IPs

4 Countries

1386 kBTransfer

2456 kBSize

17 Cookies

5 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.undertow.club Open in urlscan Pro
2606:4700:3033::6815:1e18 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

87 %
HTTPS

50 %
IPv6

24
Domains

25
Subdomains

23
IPs

4
Countries

1386 kB
Transfer

2456 kB
Size

17
Cookies

85 HTTP transactions
3 data transactions