www.siceu.de Open in urlscan Pro
85.13.135.3  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

• https://billigerscheiss.de/?t=1670408424 HTTP 302
• https://bitporno.de/

Request Chain 16

• https://billigerscheiss.de/?t=1670408424 HTTP 302
• https://www.jefffm.de/

Request Chain 60

• https://go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc7bc7qLprarrXVXU3UWWTulc6qW11U7p3UyuldK6V1FM801Vdjp7qpZqrHT3VSzVXOldM6V0rpXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSulcH2A&sourceId=3918598&p1=4581542&skipOffset=00:00:05 HTTP 302
• https://go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=b1e02e2720203f684f246d97afe36747c347d0383f37e85772df9f975015b451&duration=00%3A00%3A30&endpoint=room&iterationId=257107&masterSmartpopId=2683&memberId=ooc7bc7qLprarrXVXU3UWWTulc6qW11U7p3UyuldK6V1FM801Vdjp7qpZqrHT3VSzVXOldM6V0rpXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSulcH2A&p1=4581542&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3918598&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=29475&videosList=oil-show11

Request Chain 82

• https://tt.adcocktail.com/tt_rota.php?uid=101162&wsid=219521 HTTP 302
• https://tt.adcocktail.com/tt.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1 HTTP 302
• https://tt.adcocktail.com/tt_ma.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de HTTP 302
• https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de/

Request Chain 97

• https://www.lcmmedia.de/kamp/rot.php?art=ztraffic&uid=5638&sid=5686 HTTP 302
• https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1

Request Chain 107

• https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
• https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0210daa9-6c16-470e-9acc-e273566bd73c&ssp=reklamstore&gdpr=&gdpr_consent=

Request Chain 111

• https://turbopreise.de/b/b-c1/de/distribution.php?c=0.000500&pub=101162&s=6661&sub=219521&t=direct&&m=1 HTTP 302
• https://dealsrazor.com/bc_d/red.php?c=0.000500&pub=101162&s=6661&sub=219521&t=direct

Request Chain 115

• https://dealsrazor.com/bc_d/red.php?c=0.000500&pub=101162&s=6661&sub=219521&t=direct&&m=1 HTTP 302
• https://takebest-prizes.life/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2

Request Chain 116

• https://adx.adform.net/adx/?rp=4&bWlkPTE1ODAxMTY%3D&callback=adf__DZitWyzfvQy2BX10VGHM HTTP 302
• https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTE1ODAxMTY%3D&callback=adf__DZitWyzfvQy2BX10VGHM

Request Chain 133

• https://www.croxy.de/goo.php?ip=aHR0cHM6Ly93d3cuZWJheS5kZS9zdHIvc3Bpcml0dWVsbGVlbmVyZ2llbmZ1cmRpY2g/bWtjaWQ9MTYmbWtldnQ9MSZta3JpZD03MDctMTI3NjM0LTIzNTctMCZzc3Nwbz1YcHR6enZvZFNiYSZzc3NyYz0zNDE4MDY1JnNzdWlkPXEzNHBmNXJGUnBDJndpZGdldF92ZXI9YXJ0ZW1pcyZtZWRpYT1DT1BZ HTTP 301
• https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY

Request Chain 144

• https://710.taxsaddim.live/web/?sid=t4~is5st4knwcfxlw1hhrk32vjk HTTP 302
• https://appcloudgoal.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D HTTP 302
• https://appcloudgoal.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D

Request Chain 178

• https://www.ebay.de/srv/app/v2/plugin/survey-modal.js HTTP 302
• https://ir.ebaystatic.com/rs/c/survey-modal--WKJ4YVh.js

Request Chain 198

• https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ads4allweb.de&sn=ChromeSyncframe&so=0&topUrl=www.siceu.de&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=KAEen3xOUkV5SHY1eHR3QTNBS3NuQ2c1SlpFdnQzN3NvbXplaVpQb2E4cDE1S0ZsMHRncnhYcjdoeXJpS3NVeHNTdFUxVFhwYVVVVDNWamFodWxVRVgxUmVXKzg3Sk9FQU1YRm01VGR1ekpxdDFyRHA2dzRGR2ZQVWp3SW5IeHZ6NkozM3h4cWF4UFB6bEREalF6WVFza3NzY1cxNjFtT1V1TnAwNE82S3Y0SEJxWHJNTU1uS1hhZnhxcjRub3VJN2pyNjU2cjJuTFZ6cENlQmRZNGhVL2NqS3JYcjd0S0hHdlgwaHE5K3IydEFCUG5WdUpPSThCTVZ4U1ZPM3FoeStuR25yR0I0elVsMnhyL0NZcStVeDRmWFgyRjE3cHAremdlR3E4cnN6eW9GcS9lUT18&cppv=2

204 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
-3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request kontakt.html Show response www.siceu.de/	15 KB 3 KB	118ms 27ms	Document text/html	85.13.135.3 02742 Friedersdor...
General Check archive.org Show headers Download Go to Full URL http://www.siceu.de/kontakt.html Protocol HTTP/1.1 Server 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE), Reverse DNS dd12828.kasserver.com Software Apache / Resource Hash e30ae42801a77aab5dcfc6b7965f327fa17d8727a931fb9c30ee610db42ba451 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 2611 Content-Type text/html Date Wed, 07 Dec 2022 10:20:23 GMT ETag "3d95-5eb0ee09c3233-gzip" Keep-Alive timeout=2, max=1000 Last-Modified Sat, 15 Oct 2022 08:53:33 GMT Server Apache Upgrade h2,h2c Vary Accept-Encoding,User-Agent
GET H/1.1	200 OK	safe.jpg www.siceu.de/images//	33 KB 34 KB	27ms 27ms	Image image/jpeg	85.13.135.3 02742 Friedersdor...
General Check archive.org Show headers Download Go to Show image Full URL http://www.siceu.de/images//safe.jpg Requested by Host: www.siceu.de URL: http://www.siceu.de/kontakt.html Protocol HTTP/1.1 Server 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE), Reverse DNS dd12828.kasserver.com Software Apache / Resource Hash 55a576007dc76004d64ea3fa099940fdfff3a95647ea31b4e489dbdbf32a7f6d Request headers accept-language de-DE,de;q=0.9 Referer http://www.siceu.de/kontakt.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:24 GMT Last-Modified Mon, 19 Sep 2022 14:16:23 GMT Server Apache ETag "853d-5e9085b471ea3" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=999 Content-Length 34109
GET H/1.1	200 OK	weiterlesen.jpg www.siceu.de/images/	24 KB 24 KB	54ms 28ms	Image image/jpeg	85.13.135.3 02742 Friedersdor...
General Check archive.org Show headers Download Go to Show image Full URL http://www.siceu.de/images/weiterlesen.jpg Requested by Host: www.siceu.de URL: http://www.siceu.de/kontakt.html Protocol HTTP/1.1 Server 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE), Reverse DNS dd12828.kasserver.com Software Apache / Resource Hash a25943884efc7594b09de83f58b3e9c3813c729b8c3385368f9205df77b1831c Request headers accept-language de-DE,de;q=0.9 Referer http://www.siceu.de/kontakt.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:24 GMT Last-Modified Wed, 21 Sep 2022 11:24:52 GMT Server Apache ETag "5fd0-5e92e319055ba" Upgrade h2,h2c Content-Type image/jpeg Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=1000 Content-Length 24528
GET H/1.1	200 OK	videokall.jpg www.siceu.de/images/	49 KB 50 KB	53ms 27ms	Image image/jpeg	85.13.135.3 02742 Friedersdor...
General Check archive.org Show headers Download Go to Show image Full URL http://www.siceu.de/images/videokall.jpg Requested by Host: www.siceu.de URL: http://www.siceu.de/kontakt.html Protocol HTTP/1.1 Server 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE), Reverse DNS dd12828.kasserver.com Software Apache / Resource Hash 05d596fba6ceb784da475d3312851a602b9c1ce38c3e3c761292bc1767a833e6 Request headers accept-language de-DE,de;q=0.9 Referer http://www.siceu.de/kontakt.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:24 GMT Last-Modified Wed, 08 Sep 2021 13:04:38 GMT Server Apache ETag "c5fa-5cb7b8658199f" Upgrade h2,h2c Content-Type image/jpeg Connection Upgrade, Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=1000 Content-Length 50682
GET H/1.1	200 OK	GEWINN.html Show response siceu.de/upload/ Frame DC6B	1 KB 1000 B	166ms 27ms	Document text/html	85.13.135.3 02742 Friedersdor...
General Check archive.org Show headers Download Go to Full URL http://siceu.de/upload/GEWINN.html Requested by Host: www.siceu.de URL: http://www.siceu.de/kontakt.html Protocol HTTP/1.1 Server 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE), Reverse DNS dd12828.kasserver.com Software Apache / Resource Hash f13f7e0035c7e4860cd9c2a4b463b66cd8cbe3931d7ed04b8ec96ef9e2cd060f Request headers Referer http://www.siceu.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 641 Content-Type text/html Date Wed, 07 Dec 2022 10:20:24 GMT ETag "4aa-5ef38b31ee2fc-gzip" Keep-Alive timeout=2, max=1000 Last-Modified Wed, 07 Dec 2022 08:28:05 GMT Server Apache Upgrade h2,h2c Vary Accept-Encoding,User-Agent
GET H2	200	fcount.php Show response www.fastcounter.de/	1 KB 647 B	97ms 30ms	Script text/html	2a01:4f9:4b:1406::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.fastcounter.de/fcount.php?rnd=17616238658 Requested by Host: www.siceu.de URL: http://www.siceu.de/kontakt.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 55c0e6cf93d1a84b6c603c5f0c7abf1afc4aab78d20b9c237d19772f8696cd44 Request headers accept-language de-DE,de;q=0.9 Referer http://www.siceu.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-type text/html; charset=UTF-8 pragma no-cache date Wed, 07 Dec 2022 10:20:24 GMT cache-control no-store, no-cache, must-revalidate content-encoding gzip server nginx/1.18.0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	fcounter.php Show response www.fastcounter.de/	910 B 992 B	31ms 31ms	Script text/javascript	2a01:4f9:4b:1406::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.fastcounter.de/fcounter.php?test=1&rnd=21392736&s=gray&id=35973&l=en-US&u=&w=1600&h=1200 Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/fcount.php?rnd=17616238658 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 157beb18f9680c663116d47e9bb0bdc2229997974443ae88938d0dba73a3d6ed Request headers accept-language de-DE,de;q=0.9 Referer http://www.siceu.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT server nginx/1.18.0 content-length 910 content-type text/javascript;charset=UTF-8
GET H2	200	b.php Show response www.fastcounter.de/ Frame 875B	372 B 364 B	144ms 143ms	Document text/html	2a01:4f9:4b:1406::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.fastcounter.de/b.php Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/fcounter.php?test=1&rnd=21392736&s=gray&id=35973&l=en-US&u=&w=1600&h=1200 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 91bf48eef70b67bada6b0834dd16124f5041c8cd4d869ad7cf0b1b6374743262 Request headers Referer http://www.siceu.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:24 GMT server nginx/1.18.0
GET H2	200	fastcounter-banner-gray.gif www.fastcounter.de/CIncludes/img/	167 B 292 B	30ms 29ms	Image image/gif	2a01:4f9:4b:1406::2 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.fastcounter.de/CIncludes/img/fastcounter-banner-gray.gif Requested by Host: www.siceu.de URL: http://www.siceu.de/kontakt.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a01:4f9:4b:1406::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.18.0 / Resource Hash 3c8ccb6999f4b357495a29295b17c4be3d4b9853df8eed92d491cd47707cea87 Request headers accept-language de-DE,de;q=0.9 Referer http://www.siceu.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT last-modified Tue, 09 Sep 2014 14:37:31 GMT server nginx/1.18.0 accept-ranges bytes etag "540f10ab-a7" content-length 167 content-type image/gif
GET H/1.1	404 Not Found	style.css siceu.de/upload/ Frame DC6B	0 0	27ms 27ms	Stylesheet text/html	85.13.135.3 02742 Friedersdor...
General Check archive.org Show headers Download Go to Full URL http://siceu.de/upload/style.css Requested by Host: siceu.de URL: http://siceu.de/upload/GEWINN.html Protocol HTTP/1.1 Server 85.13.135.3 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE), Reverse DNS dd12828.kasserver.com Software Apache / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://siceu.de/upload/GEWINN.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:24 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=2, max=999 Content-Length 196 Content-Type text/html; charset=iso-8859-1
GET H2	200	jquery.php Show response zuppelzockt.com/ Frame 875B	202 B 353 B	38ms 9ms	Script text/javascript	178.254.33.33 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://zuppelzockt.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1 Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS v35442.1blu.de Software nginx / Resource Hash cd6e1899d1a8beb2f8a6b9339ed8c121f1a89bdd05ce35a3f4fd3ea64ebcbc2d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip server nginx vary Accept-Encoding x-xss-protection 1; mode=block content-type text/javascript;charset=UTF-8
GET H2	200	jw.js Show response mpa4xbbs6m73.de/ Frame 875B	2 KB 700 B	67ms 23ms	Script text/javascript	2a01:4f8:10b:ddc::2 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mpa4xbbs6m73.de/jw.js?de=E6eMu7U8GN5V2QLU Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx / Resource Hash 98e4a8272f4e74cead0568da3198b1dd282c5fec6fc842882e89b37775884f2b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip server nginx vary Accept-Encoding content-type text/javascript;charset=utf-8 access-control-allow-origin * x-xss-protection 1; mode=block
GET H2	200	in4.php Show response zuppelzockt.com/ Frame 60F9	294 B 388 B	15ms 14ms	Document text/html	178.254.33.33 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1 Requested by Host: zuppelzockt.com URL: https://zuppelzockt.com/jquery.php?uid=1191351678&e=0&p=0&s=0&sid=5&size=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS v35442.1blu.de Software nginx / Resource Hash b98e2655c1003beffa9be271f889eb9e45f0c64619f5d0c0872c6d6c20368177 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:24 GMT server nginx strict-transport-security max-age=63072000; includeSubdomains; preload vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	6.html Show response deli.misaglam.com/influ/ Frame C1C2	356 B 463 B	55ms 7ms	Document text/html	178.254.33.33 EVANZOAS
General Check archive.org Show headers Download Go to Full URL https://deli.misaglam.com/influ/6.html Requested by Host: zuppelzockt.com URL: https://zuppelzockt.com/in4.php?uid=1191351678&e=0&s=0&p=0&sid=5&size=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 178.254.33.33 , Germany, ASN42730 (EVANZOAS, DE), Reverse DNS v35442.1blu.de Software nginx / Resource Hash a4c53f3e8b4b7c98e4ccc342a9048fbf9fb55158c71832581a02ef280f8ee9cd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Wed, 07 Dec 2022 10:20:24 GMT etag W/"63730f0e-164" last-modified Tue, 15 Nov 2022 04:01:18 GMT server nginx strict-transport-security max-age=63072000; includeSubdomains; preload vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	/ Show response ref.cdnplus.de/ Frame 747A	805 B 760 B	49ms 8ms	Document text/html	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ref.cdnplus.de/ Requested by Host: mpa4xbbs6m73.de URL: https://mpa4xbbs6m73.de/jw.js?de=E6eMu7U8GN5V2QLU Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash c3147c35070626eb56e89c0d55db3daec18c0eb25bce49dae162ec657191db9d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:24 GMT server nginx strict-transport-security max-age=63072000; includeSubdomains; preload vary Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	1616084 Show response ad.a-ads.com/ Frame ED35	12 KB 5 KB	47ms 13ms	Document text/html	213.239.205.245 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ad.a-ads.com/1616084?size=300x250 Requested by Host: mpa4xbbs6m73.de URL: https://mpa4xbbs6m73.de/jw.js?de=E6eMu7U8GN5V2QLU Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.239.205.245.clients.your-server.de Software nginx / Phusion Passenger(R) Resource Hash 4176b6703e9770b21c6d0f9dd7c52941c0d756e71ea2a578d4cd4a616a3e5866 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html;charset=utf-8 date Wed, 07 Dec 2022 10:20:24 GMT server nginx status 200 OK vary Accept-Encoding Accept-Encoding x-content-type-options nosniff x-powered-by Phusion Passenger(R) x-robots-tag noindex, nofollow, nosnippet, noarchive x-xss-protection 1; mode=block
GET H2	200	/ Show response bitporno.de/ Frame FC91 Redirect Chain https://billigerscheiss.de/?t=1670408424 https://bitporno.de/	58 KB 8 KB	48ms 11ms	Document text/html	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://bitporno.de/ Requested by Host: mpa4xbbs6m73.de URL: https://mpa4xbbs6m73.de/jw.js?de=E6eMu7U8GN5V2QLU Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 33de70cee3ddf1e26169f37bcaf41c13b30e2ef489164a7ee897aa62f10b36af Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html date Wed, 07 Dec 2022 10:20:24 GMT etag W/"6376ba85-e7d1" last-modified Thu, 17 Nov 2022 22:49:41 GMT server nginx strict-transport-security max-age=63072000; includeSubdomains; preload vary Accept-Encoding x-xss-protection 1; mode=block Redirect headers content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:24 GMT location https://bitporno.de server nginx strict-transport-security max-age=63072000; includeSubdomains; preload x-xss-protection 1; mode=block
GET H/1.1	200 OK	/ Show response www.jefffm.de/ Frame C0AB Redirect Chain https://billigerscheiss.de/?t=1670408424 https://www.jefffm.de/	4 KB 2 KB	72ms 18ms	Document text/html	188.165.203.71 OVH
General Check archive.org Show headers Download Go to Full URL https://www.jefffm.de/ Requested by Host: mpa4xbbs6m73.de URL: https://mpa4xbbs6m73.de/jw.js?de=E6eMu7U8GN5V2QLU Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 188.165.203.71 , France, ASN16276 (OVH, FR), Reverse DNS klick4bier.de Software nginx / Resource Hash a167bf2e505e798a66b5fe6897f3b58e4716a944cef9d85ea69781b370dbfa9c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 07 Dec 2022 10:20:24 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Redirect headers content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:24 GMT location https://www.jefffm.de server nginx strict-transport-security max-age=63072000; includeSubdomains; preload x-xss-protection 1; mode=block
GET H2	200	300x250 static.a-ads.com/a-ads-banners/393780/ Frame ED35	609 KB 610 KB	33ms 13ms	Image image/gif	213.239.205.245 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://static.a-ads.com/a-ads-banners/393780/300x250?region=eu-central-1 Requested by Host: ad.a-ads.com URL: https://ad.a-ads.com/1616084?size=300x250 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.239.205.245 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.213.239.205.245.clients.your-server.de Software nginx / Resource Hash 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14 Request headers accept-language de-DE,de;q=0.9 Referer https://ad.a-ads.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT x-amz-version-id jOXVc8Dekisiq0g3Btd0O0TTMs07O0J4 last-modified Tue, 31 May 2022 13:36:40 GMT server nginx x-amz-request-id J9DZFGQG0KKE0CDT etag "022f5a2fb43fb40ba25ebafe6b68c6b2" content-type image/gif cache-control max-age=315360000 x-amz-replication-status COMPLETED accept-ranges bytes content-length 623504 x-amz-id-2 7leCatDfgidPeRhROEAcKs748V9i8oM3n3LE5C1TOJeG2jN/1pt8N6boW+yc5sNyieRURXpZaIw= expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response ref.cdnplus.de/ Frame 747A	94 KB 38 KB	10ms 9ms	Script application/javascript	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ref.cdnplus.de/jquery.min.js Requested by Host: ref.cdnplus.de URL: https://ref.cdnplus.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Request headers accept-language de-DE,de;q=0.9 Referer https://ref.cdnplus.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT content-encoding gzip last-modified Thu, 26 May 2022 14:16:34 GMT server nginx etag W/"628f8bc2-1762a" vary Accept-Encoding content-type application/javascript cache-control max-age=604800, public expires Wed, 14 Dec 2022 10:20:24 GMT
GET H2	200	wgpizbdq.js Show response ad4m.at/ Frame C1C2	36 KB 13 KB	62ms 37ms	Script application/javascript	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/wgpizbdq.js Requested by Host: deli.misaglam.com URL: https://deli.misaglam.com/influ/6.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb8e8fbef32b63fc19cf1c203fffed2310b18acef41e165ef483d0a8218988ba Request headers accept-language de-DE,de;q=0.9 Referer https://deli.misaglam.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT content-encoding br cf-cache-status HIT last-modified Tue, 22 Nov 2022 06:20:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 100776 etag W/"5c3685f2aebb6684b63837e50b8cf870" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCxnBGGLSGtl0k6vPKqtmD466H1rZeimzG5xUCX3RU6OpZmnrKZcB3bIpmiSn%2BKfEvKEi9p1jEQFaqxof03PJqkECwbJvdHDRGz3pdnZfnl3pU1q7746IZi1kK6MGK0ifBCqmIY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 775c874d1d4b9b3d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 06 Dec 2022 06:20:48 GMT
GET H2	200	layout.css bitporno.de/Bitporno_files/ Frame FC91	41 KB 10 KB	10ms 9ms	Stylesheet text/css	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://bitporno.de/Bitporno_files/layout.css Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 4cb249a0471222e8f1bb7982b649fa30ce28f17b949500f6798c877ed38a50d2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip last-modified Thu, 17 Nov 2022 22:10:32 GMT server nginx etag W/"6376b158-a5c5" vary Accept-Encoding content-type text/css x-xss-protection 1; mode=block
GET H2	200	jquery-ui.css bitporno.de/Bitporno_files/ Frame FC91	34 KB 10 KB	10ms 10ms	Stylesheet text/css	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://bitporno.de/Bitporno_files/jquery-ui.css Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip last-modified Thu, 17 Nov 2022 21:38:53 GMT server nginx etag W/"6376a9ed-898c" vary Accept-Encoding content-type text/css x-xss-protection 1; mode=block
GET H2	200	image-picker.css bitporno.de/Bitporno_files/ Frame FC91	1020 B 567 B	10ms 10ms	Stylesheet text/css	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://bitporno.de/Bitporno_files/image-picker.css Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 32008300233eaa25ecfbaaec83513d29559ce1ede590ffc84de495df2fdaa369 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip last-modified Thu, 17 Nov 2022 21:38:53 GMT server nginx etag W/"6376a9ed-3fc" vary Accept-Encoding content-type text/css x-xss-protection 1; mode=block
GET H2	200	logobt.png bitporno.de/Bitporno_files/ Frame FC91	8 KB 8 KB	18ms 9ms	Image image/png	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/logobt.png Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 1f418c444a9efe0567ec74f94202d33d0e462f3debc5b88eb18c15c732d474fd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 21:38:53 GMT server nginx etag "6376a9ed-1e21" content-type image/png accept-ranges bytes content-length 7713 x-xss-protection 1; mode=block
GET H2	200	us.png bitporno.de/Bitporno_files/ Frame FC91	609 B 806 B	18ms 9ms	Image image/png	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/us.png Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 21:38:54 GMT server nginx etag "6376a9ee-261" content-type image/png accept-ranges bytes content-length 609 x-xss-protection 1; mode=block
GET H2	200	detail_list_icon_grey.png bitporno.de/Bitporno_files/ Frame FC91	220 B 417 B	18ms 9ms	Image image/png	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/detail_list_icon_grey.png Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 30f1478485f21c28becc24064c4c611cc546d93dc273edf818a834ec5a8bc765 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 21:38:54 GMT server nginx etag "6376a9ee-dc" content-type image/png accept-ranges bytes content-length 220 x-xss-protection 1; mode=block
GET H2	200	short_list_icon.png bitporno.de/Bitporno_files/ Frame FC91	296 B 493 B	18ms 10ms	Image image/png	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/short_list_icon.png Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 3356bfa621dcadda9484a7ac6a9d702ee41301abe74951602177b91f85883f37 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 21:38:54 GMT server nginx etag "6376a9ee-128" content-type image/png accept-ranges bytes content-length 296 x-xss-protection 1; mode=block
GET H2	200	bitporno_thumbgjon1.png bitporno.de/Bitporno_files/ Frame FC91	4 KB 5 KB	18ms 10ms	Image image/png	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/bitporno_thumbgjon1.png Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash ce3b643de5b0c06a7ff3125a5e563b1bc7c47d4f4839820eaf5ad117d20f89d8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 21:38:53 GMT server nginx etag "6376a9ed-11cf" content-type image/png accept-ranges bytes content-length 4559 x-xss-protection 1; mode=block
GET H2	200	h88qmn2apqu2lfh5krriulacposm5ruzov.jpg bitporno.de/Bitporno_files/ Frame FC91	15 KB 15 KB	19ms 11ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88qmn2apqu2lfh5krriulacposm5ruzov.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 0105923f3b93c6b1f6c6582e89c29b0087be3e2a0b69cfb99f63ce27d4220318 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:19:59 GMT server nginx etag "6376b38f-3acb" content-type image/jpeg accept-ranges bytes content-length 15051 x-xss-protection 1; mode=block
GET H2	200	h88qkif82spffv7zxohm3tmwauch9o8quo.jpg bitporno.de/Bitporno_files/ Frame FC91	18 KB 18 KB	19ms 11ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88qkif82spffv7zxohm3tmwauch9o8quo.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash f257a6e5cea223685386d912730de29f4188ef669100cd228b8175256d88bb97 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:19:59 GMT server nginx etag "6376b38f-491c" content-type image/jpeg accept-ranges bytes content-length 18716 x-xss-protection 1; mode=block
GET H2	200	h88qe77vcfyfhbzq2ornfg2g3oumgpzu4w.jpg bitporno.de/Bitporno_files/ Frame FC91	23 KB 23 KB	19ms 11ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88qe77vcfyfhbzq2ornfg2g3oumgpzu4w.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash f864b73835436c6a72184c6689da744f45b073d96e7fb578fe35449c0f120fe0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:19:59 GMT server nginx etag "6376b38f-5cee" content-type image/jpeg accept-ranges bytes content-length 23790 x-xss-protection 1; mode=block
GET H2	200	h88qd5i070zuf7o3cqvprh1xwdliauvahm.jpg bitporno.de/Bitporno_files/ Frame FC91	17 KB 17 KB	20ms 11ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88qd5i070zuf7o3cqvprh1xwdliauvahm.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash f48a9a59e43f29cd04b213b009420f665daf65f3265d833e197241c08fea7021 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:19:59 GMT server nginx etag "6376b38f-43ef" content-type image/jpeg accept-ranges bytes content-length 17391 x-xss-protection 1; mode=block
GET H2	200	h88q9069k9up40ywzhiu5f4yw2kwnarqvw.jpg bitporno.de/Bitporno_files/ Frame FC91	20 KB 20 KB	20ms 12ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88q9069k9up40ywzhiu5f4yw2kwnarqvw.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 5b42b3a12145045a6863a735d8f75335b2cf1e971f9c7c67342b4f64b681a4ad Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:02 GMT server nginx etag "6376b392-4f94" content-type image/jpeg accept-ranges bytes content-length 20372 x-xss-protection 1; mode=block
GET H2	200	h88q2qtij0uztahrckg0avrnl8l529kzso.jpg bitporno.de/Bitporno_files/ Frame FC91	17 KB 17 KB	26ms 18ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88q2qtij0uztahrckg0avrnl8l529kzso.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 6b4019a21270c43c57a452aff6784977f0a8e6b80264aea83372e61a396f7205 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:00 GMT server nginx etag "6376b390-44cd" content-type image/jpeg accept-ranges bytes content-length 17613 x-xss-protection 1; mode=block
GET H2	200	h88pzn8r7apmcxbdwy6tybwsc4wdi1iyqc.jpg bitporno.de/Bitporno_files/ Frame FC91	18 KB 18 KB	30ms 22ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88pzn8r7apmcxbdwy6tybwsc4wdi1iyqc.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 529ed29148578341a072bd3286243bdd5c34900effadce7cbb32b2a435a2590d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:19:59 GMT server nginx etag "6376b38f-461f" content-type image/jpeg accept-ranges bytes content-length 17951 x-xss-protection 1; mode=block
GET H2	200	h88pqaxcbycc1pqhaymez8ouzeznwaqp2z.jpg bitporno.de/Bitporno_files/ Frame FC91	14 KB 14 KB	30ms 22ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88pqaxcbycc1pqhaymez8ouzeznwaqp2z.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 33122d6ec853c27ae4fa86323516e571a6c574192f62aa5a50ad264a2bb81877 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:19:59 GMT server nginx etag "6376b38f-3901" content-type image/jpeg accept-ranges bytes content-length 14593 x-xss-protection 1; mode=block
GET H2	200	h88pfv0ukrx47dhg66mgnvreiaevoyh1cf.jpg bitporno.de/Bitporno_files/ Frame FC91	26 KB 26 KB	30ms 22ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88pfv0ukrx47dhg66mgnvreiaevoyh1cf.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 7cbd886cfa79c7f027b66faeaab1a7e5ca461a8777f027145722f86ed5115f6a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:19:59 GMT server nginx etag "6376b38f-6913" content-type image/jpeg accept-ranges bytes content-length 26899 x-xss-protection 1; mode=block
GET H2	200	h88p6hidb9qaa8olkkhemczna4iyzzzzlq.jpg bitporno.de/Bitporno_files/ Frame FC91	21 KB 21 KB	30ms 23ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88p6hidb9qaa8olkkhemczna4iyzzzzlq.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 89aaad1d0532db014206b50b287361885143f6f37d9e579a12099656d14b3542 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:19:59 GMT server nginx etag "6376b38f-54bd" content-type image/jpeg accept-ranges bytes content-length 21693 x-xss-protection 1; mode=block
GET H2	200	h83r52ib0iio4ulm0h08rgcpf5oglkon9e.jpg bitporno.de/Bitporno_files/ Frame FC91	26 KB 26 KB	30ms 23ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h83r52ib0iio4ulm0h08rgcpf5oglkon9e.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 6844464c75e6932a1e0ee4d55a9be40a489f5751411c774333dcac212a28b9b2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:00 GMT server nginx etag "6376b390-6722" content-type image/jpeg accept-ranges bytes content-length 26402 x-xss-protection 1; mode=block
GET H2	200	h88p3hdjrsvlnub7fyc5uuq6loockbfgot.jpg bitporno.de/Bitporno_files/ Frame FC91	23 KB 23 KB	31ms 23ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88p3hdjrsvlnub7fyc5uuq6loockbfgot.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 838476c67cd9937bfde3f9030e7215ddc4606c71c3683e0a98dd48dee08bd160 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:00 GMT server nginx etag "6376b390-5a4a" content-type image/jpeg accept-ranges bytes content-length 23114 x-xss-protection 1; mode=block
GET H2	200	h88p3ecsw8tkfxdurnjp8h4xcdwpmbr2f3.jpg bitporno.de/Bitporno_files/ Frame FC91	14 KB 15 KB	31ms 24ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88p3ecsw8tkfxdurnjp8h4xcdwpmbr2f3.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash baa60433cdd46fa02b819c76332f4dfc693bcf80e8bc689a91bfe22e2ea071b0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:00 GMT server nginx etag "6376b390-39b9" content-type image/jpeg accept-ranges bytes content-length 14777 x-xss-protection 1; mode=block
GET H2	200	h88a19wu1ytmubegrp2bvi8zyperxsbbca.jpg bitporno.de/Bitporno_files/ Frame FC91	13 KB 13 KB	31ms 24ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88a19wu1ytmubegrp2bvi8zyperxsbbca.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 0d31d1b308613540b2b533c69a0498b60985f130c8295c3e350f0a4cd4b46506 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:01 GMT server nginx etag "6376b391-34ae" content-type image/jpeg accept-ranges bytes content-length 13486 x-xss-protection 1; mode=block
GET H2	200	h88p1k2dusewbxrmi6xco6dm6sq4bywyf6.jpg bitporno.de/Bitporno_files/ Frame FC91	24 KB 24 KB	31ms 24ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88p1k2dusewbxrmi6xco6dm6sq4bywyf6.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash d2449212cb8ac4c2d8763dec1bde6a36ef6d26cb8eed7f0e509637ec8d7b3ef2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:01 GMT server nginx etag "6376b391-5fbe" content-type image/jpeg accept-ranges bytes content-length 24510 x-xss-protection 1; mode=block
GET H2	200	h88p1hrk7jh1vqd2qvcbonpwxyut6mvsgd.jpg bitporno.de/Bitporno_files/ Frame FC91	26 KB 26 KB	31ms 24ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88p1hrk7jh1vqd2qvcbonpwxyut6mvsgd.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash d1154b622015a5587909711581050bc1f111c41ed2105c579d2880f4078bb907 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:00 GMT server nginx etag "6376b390-6744" content-type image/jpeg accept-ranges bytes content-length 26436 x-xss-protection 1; mode=block
GET H2	200	h88kl1oh6xsstq2xoafuwiwjlvr3ptvlsa.jpg bitporno.de/Bitporno_files/ Frame FC91	25 KB 25 KB	31ms 25ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88kl1oh6xsstq2xoafuwiwjlvr3ptvlsa.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash c205f7c9151f57a641b28857209c4310f3080bbff3f50be519fea2854f3bbc8f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:00 GMT server nginx etag "6376b390-6214" content-type image/jpeg accept-ranges bytes content-length 25108 x-xss-protection 1; mode=block
GET H2	200	h88nj72tzclydwlkahfhvejgecsz6fqnaj.jpg bitporno.de/Bitporno_files/ Frame FC91	14 KB 14 KB	32ms 25ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88nj72tzclydwlkahfhvejgecsz6fqnaj.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 376fd8e5137c4cd4cc907d20d2874f83073e5e847695bf0a86818abae9e20c7e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:00 GMT server nginx etag "6376b390-37a9" content-type image/jpeg accept-ranges bytes content-length 14249 x-xss-protection 1; mode=block
GET H2	200	h88mydf7p8tqosdinn83anwerdmicenuer.jpg bitporno.de/Bitporno_files/ Frame FC91	16 KB 16 KB	32ms 26ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88mydf7p8tqosdinn83anwerdmicenuer.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash 8f44d207aced88e1e6a42f4d437fde77761f4a74dcdaff5fd1f7852a1499ca81 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:00 GMT server nginx etag "6376b390-3fa8" content-type image/jpeg accept-ranges bytes content-length 16296 x-xss-protection 1; mode=block
GET H2	200	h88n1kfgj1bz02ceqb98ydhbdwpnddckz3.jpg bitporno.de/Bitporno_files/ Frame FC91	14 KB 15 KB	32ms 26ms	Image image/jpeg	94.130.9.175 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bitporno.de/Bitporno_files/h88n1kfgj1bz02ceqb98ydhbdwpnddckz3.jpg Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.130.9.175 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS h109.hubuhost.com Software nginx / Resource Hash bb8aaf72f91660bf36f7131177861794a7d9e80ac9a87c05d9d37b3fd25d4543 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT strict-transport-security max-age=63072000; includeSubdomains; preload last-modified Thu, 17 Nov 2022 22:20:00 GMT server nginx etag "6376b390-3930" content-type image/jpeg accept-ranges bytes content-length 14640 x-xss-protection 1; mode=block
GET H2	200	vs.js Show response cdn.tubecorp.com/vs/ Frame FC91	45 KB 15 KB	63ms 12ms	Script application/javascript	45.133.44.25 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://cdn.tubecorp.com/vs/vs.js Requested by Host: bitporno.de URL: https://bitporno.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 50d520806d55eb54fff829764da81ef097da6d8f789a8cb1a516bf8cb7c0dd79 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers expires Wed, 07 Dec 2022 11:20:24 GMT date Wed, 07 Dec 2022 10:20:24 GMT content-encoding gzip last-modified Fri, 26 Feb 2021 08:59:15 GMT server nginx/1.20.1 etag W/"6038b863-b46b" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=3600 x-request-id eb3c8f8a465e330757ccdfac6978bb84 x-proxy-cache HIT
GET H/1.1	200 OK	style.css www.jefffm.de/ Frame C0AB	2 KB 1004 B	19ms 18ms	Stylesheet text/css	188.165.203.71 OVH
General Check archive.org Show headers Download Go to Full URL https://www.jefffm.de/style.css Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 188.165.203.71 , France, ASN16276 (OVH, FR), Reverse DNS klick4bier.de Software nginx / Resource Hash 1ebd484ba31b9baa99927a85e0d885d9969e6a390faff9abd7644b7bfdb90c92 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:24 GMT Content-Encoding gzip Last-Modified Mon, 28 Feb 2022 22:26:09 GMT Server nginx ETag W/"621d4c01-845" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	logo.gif www.jefffm.de/images/ Frame C0AB	2 KB 2 KB	37ms 17ms	Image image/gif	188.165.203.71 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.jefffm.de/images/logo.gif Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 188.165.203.71 , France, ASN16276 (OVH, FR), Reverse DNS klick4bier.de Software nginx / Resource Hash b58d7f06bae5f9dfccec0c9b53a77640694a38b068bc53687052ddc125b5eb1f Request headers accept-language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:24 GMT Last-Modified Mon, 28 Feb 2022 22:26:06 GMT Server nginx ETag "621d4bfe-63f" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 1599
GET H/1.1	200 OK	welcome.gif www.jefffm.de/images/ Frame C0AB	13 KB 14 KB	35ms 35ms	Image image/gif	188.165.203.71 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://www.jefffm.de/images/welcome.gif Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 188.165.203.71 , France, ASN16276 (OVH, FR), Reverse DNS klick4bier.de Software nginx / Resource Hash 9b5eb1d12ee14b27244e1846d6539989615a4714b96c9cc663fa05997dc00ba0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:24 GMT Last-Modified Mon, 28 Feb 2022 22:26:07 GMT Server nginx ETag "621d4bff-35ea" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 13802
GET H2	200	hads.php Show response hads.adcocktail.com/ Frame C0AB	300 B 443 B	106ms 48ms	Script text/html	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hads.adcocktail.com/hads.php?uid=101162&wsid=219521 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25a99be70cd27e69e169dc74712ffb4ad2150204579dcbb2694773d0dddbaf57 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Wed, 07 Dec 2022 10:20:24 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 07 Dec 2022 10:20:24 GMT server cloudflare vary Accept-Encoding content-type text/html; charset=utf-8 cache-control max-age=0, no-cache, no-store, must-revalidate note CACHING IS DISABLED cf-ray 775c874ddfd2bbb3-FRA content-length 174 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	frame.html Show response ad4m.at/ Frame E50C	2 KB 1 KB	34ms 33ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/wgpizbdq.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab Request headers Referer https://deli.misaglam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 915310 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status HIT cf-ray 775c874d7e019b3d-FRA content-encoding br content-language en content-type text/html; charset=utf-8 date Wed, 07 Dec 2022 10:20:24 GMT expires Wed, 26 Oct 2022 23:22:52 GMT last-modified Thu, 25 Aug 2022 14:12:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQZObj2bt7eDmzT4voRPOesVgKSkynWGvc1XFl3wjibCQ9dScxz%2BRitSd4hL4Iul3jUFSaQD1%2FODaW0dDwxbNANflnQPJc0dh0JkoVfmpyDG5CiJK9MaTL4dsll3SRgNss%2FMg3o%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	403 Forbidden	invoke.js www.highconvertingformats.com/cabd0dde796700b1dde42a47ad54b9a9/ Frame C0AB	0 0	633ms 282ms	Script application/javascript	192.243.59.12 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://www.highconvertingformats.com/cabd0dde796700b1dde42a47ad54b9a9/invoke.js Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.17.6 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:25 GMT Server nginx/1.17.6 Accept-CH Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin * Content-Type application/javascript Connection keep-alive Content-Length 0
GET H2	200	/ Show response vast.yomeno.xyz/ Frame FC91	2 KB 899 B	73ms 28ms	XHR text/xml	2a02:128:7:4957::2 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://vast.yomeno.xyz/?tcid=16279 Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/vs/vs.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:128:7:4957::2 , Czech Republic, ASN50245 (SERVEREL-AS, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 017d9edba43fcd6f0085703c4d3b6bff421753fbc61d9305e032c5acbad225f3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT content-encoding gzip server nginx/1.20.1 vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/xml;charset=UTF-8 access-control-allow-origin https://bitporno.de access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
POST H3	200	rs Show response ad4m.at/ Frame C1C2	475 B 858 B	50ms 48ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/wgpizbdq.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7415d0ebd574559410531875e98bf7c78df2e06fcd40906139c0d8eabc382b7 Request headers Referer https://deli.misaglam.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/json Response headers date Wed, 07 Dec 2022 10:20:24 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ypa40mSpYkORUkkPvovwtBaU8Ohy3AWWNZsB5Nmk6%2FvSi2C1ViG6jK8klZJeXA%2BdQ9%2BdKMIsoJv6DtewKQDoBIeBj8u9f6YCG%2FhLFh08oup58xL0NeEpj9pwT40YwSmA2mUNxCY%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://deli.misaglam.com access-control-allow-credentials true cf-ray 775c874e2cf19bce-FRA x-backend-server aa-reachservice-group-europe-west1-ktgt alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	59ms 48ms	Preflight text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://deli.misaglam.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://deli.misaglam.com access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 775c874ddc269bce-FRA content-length 24 content-type text/plain date Wed, 07 Dec 2022 10:20:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfii5SCeAq05yLxBglwKe4WYdAscz4nFXN20SshrMZ6eFj6aptN3hoy3rddTK2z2MmiC82bGpRTBqfuP%2Fi8RY0wZKxUg37xVunJ%2FQTUuhNTsmIQFHmJCNRAHzhGWd4OXGkcXOgE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-ktgt
GET H/1.1	200 OK	splash.php Show response syndication.realsrv.com/ Frame FC91	5 KB 3 KB	63ms 23ms	XHR text/xml	95.211.229.246 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://syndication.realsrv.com/splash.php?idzone=3918598&sub=999044201 Requested by Host: cdn.tubecorp.com URL: https://cdn.tubecorp.com/vs/vs.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash 8f5640a3e71f42de1e6ddc3f32c77181d987c2276b992dcbaa5af0dee9d9ef4e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:24 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin https://bitporno.de Content-Type text/xml;charset=UTF-8 Cache-Control no-store Access-Control-Allow-Credentials true Connection keep-alive X-Robots-Tag noindex, follow
GET H2	200	rar Show response as.ad4m.at/ad/ Frame 2E36	8 KB 3 KB	66ms 56ms	Document text/html	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/wgpizbdq.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0b2be3a9aed588e3b20514cf4c5bd57203529a2d2ac741f70e99a0e1f592ba5 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://deli.misaglam.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 775c874e883f9b3d-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Wed, 07 Dec 2022 10:20:24 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	vast Show response go.xlivrdr.com/api/models/ Frame FC91 Redirect Chain https://go.xlivrdr.com/smartpop/165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af?userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&memberId=ooc7bc7qLprarrXVXU3... https://go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=b1e02e2720203f684f246d97afe36747c347d0383f37e8577...	2 KB 1 KB	112ms 100ms	XHR text/xml	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=b1e02e2720203f684f246d97afe36747c347d0383f37e85772df9f975015b451&duration=00%3A00%3A30&endpoint=room&iterationId=257107&masterSmartpopId=2683&memberId=ooc7bc7qLprarrXVXU3UWWTulc6qW11U7p3UyuldK6V1FM801Vdjp7qpZqrHT3VSzVXOldM6V0rpXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSulcH2A&p1=4581542&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3918598&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=29475&videosList=oil-show11 Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H3 Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce0ffc94507412c5876b870ce5de941a69af11e0ce8d6bc9c8872a78d6497c2f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type text/xml; charset=utf-8 access-control-allow-origin https://bitporno.de access-control-allow-credentials true cf-ray 775c874f3a12bb89-FRA access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers date Wed, 07 Dec 2022 10:20:24 GMT cf-cache-status DYNAMIC server cloudflare location https://go.xlivrdr.com/api/models/vast?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=b1e02e2720203f684f246d97afe36747c347d0383f37e85772df9f975015b451&duration=00%3A00%3A30&endpoint=room&iterationId=257107&masterSmartpopId=2683&memberId=ooc7bc7qLprarrXVXU3UWWTulc6qW11U7p3UyuldK6V1FM801Vdjp7qpZqrHT3VSzVXOldM6V0rpXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSulcH2A&p1=4581542&ruleId=157&skipOffset=00%3A00%3A05&smartpopId=3564&sourceId=3918598&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=29475&videosList=oil-show11 access-control-allow-origin https://bitporno.de access-control-allow-credentials true cf-ray 775c874ecadf9944-FRA access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with content-length 0 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	default.css as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 2E36	89 KB 12 KB	28ms 27ms	Stylesheet text/css	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358 Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1669909960 age 497272 cf-polished origSize=91628 x-guploader-uploadid ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Thu, 01 Dec 2022 15:53:06 GMT server cloudflare etag W/"575def06e70febb0cbd25403e37880bf" vary Accept-Encoding x-goog-generation 1669909986917312 content-type text/css x-goog-hash crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FBAkpNrDmtqY%2BfONFd4N8N%2Bls9yTd1trTB0Z4gdeSyRWew%2FnLPCKqoGbxepPfboxyWeRP55y1fbrqkSvcNqU1wHikTBG1XnYSlKY618geIAxZULOHNKk9qWFDscr3ytvzolJFWhN0k%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 91628 cf-ray 775c874eea91bbef-FRA expires Wed, 07 Dec 2022 11:20:24 GMT
GET H2	200	32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC assets.ad4m.at/logo/ Frame 2E36	53 KB 53 KB	48ms 37ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 489527 cf-polished origFmt=png, origSize=85233 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 54280 cf-bgj imgq:85,h2pri last-modified Wed, 16 Nov 2022 17:18:26 GMT server cloudflare etag "0bc184d99872986e7c36d6945f607e59" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBm6WHwVJ6cBzVhTdtP%2BJpqdLpO6itAjM75O2vSb5xqCF5fmNyC3DdiCGxRwU2yfiEfNCOjNy5n5uCUB9t%2BcLMUrKBjbtVw5fxYD1m4z2zcSXnkbfD0aDy6UUlx4GZbfMYue4ShU8z1eQJH%2F"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 775c874ef9439b3d-FRA expires Thu, 08 Dec 2022 10:20:24 GMT
GET H2	200	831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095 assets.ad4m.at/product_image/ Frame 2E36	193 KB 193 KB	81ms 71ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1254165 cf-polished origFmt=png, origSize=311499 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 197460 cf-bgj imgq:85,h2pri last-modified Wed, 16 Nov 2022 17:45:43 GMT server cloudflare etag "3e47fe2e828ecba46fd7e6ae452966ae" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64T4H4mLgJ6tpNc5t9xgMCO13fHd7Je0d4vjcNsiIjnulvEUgnTxkSrsc3471Y9tuNPxryerLvnF66W10lseOeWEjKnXdSEKk5aVe0V5m7sNIcM0H84OKs5aNkPQvBspQmxnf%2BzGAUpmTsvA"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 775c874ef93d9b3d-FRA expires Thu, 08 Dec 2022 10:20:24 GMT
GET H2	200	F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772 assets.ad4m.at/logo/ Frame 2E36	3 KB 4 KB	47ms 37ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/F2696AE884D1EB814BAC836D7ECEB3E3842C890A7F3525161F7565B21132CACC0AD310A864434D76C9D56FE1B71A52BBF7870DA7440A2E17DF2B23750AE47772 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6151c6cb78b2f0ced663b5e32e13658236477225b4416c52e57142f3d610f058 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 486465 cf-polished origFmt=png, origSize=11554 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3224 cf-bgj imgq:85,h2pri last-modified Wed, 09 Nov 2022 07:30:35 GMT server cloudflare etag "1ca6a79380ae53c080c2e12b38bdb5eb" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8qsUNyejpw6sPw0DSEd3yhnkB4a8RoWL6uJyPIboV7hc7RBkCLmBvLKrzg6lpF9RmVTbRv2DnTZze4nAkeRQNLmQkkHreHDWTmWpf%2FbxrTqfp71lUbQYFQRHWX%2F7TGdKmXKB1ECSghptz1w"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 775c874f09489b3d-FRA expires Thu, 08 Dec 2022 10:20:24 GMT
GET H2	200	43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9 assets.ad4m.at/product_image/ Frame 2E36	296 KB 296 KB	48ms 38ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/43EB8D27EDF06982A1CDF7B120851C41F9AE11B7D734EE12251DEFFB51C17BC6EAEB7A2F2E7C750E0DD6FDA73367D0F20B75F513B858755E76942F713443F3B9 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 262be405d24e2c19dc4e3ecce75466f864fd5959649e39b8b97fd1c83c54087f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 490282 cf-polished origFmt=png, origSize=466926 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 302728 cf-bgj imgq:85,h2pri last-modified Wed, 09 Nov 2022 12:39:43 GMT server cloudflare etag "45f5fed59fc1f13fbebb41146459eb81" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRptJwa7er1fS9hVRk3AJ07%2FSkhJK5Uxh7yRkob5UrflkK0MGYqZoZrCD890Q2VI59t4ZDiw8KqQKI6M3eGuKuXWUIe0MYlcKbzgyg6m4ixPJAbPDf0MWt6hGYolKYl9Bowptgck6qRdbwcO"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 775c874ef9429b3d-FRA expires Thu, 08 Dec 2022 10:20:24 GMT
GET H2	200	822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995 assets.ad4m.at/logo/ Frame 2E36	33 KB 33 KB	52ms 43ms	Image image/webp	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/822734168B827B1A0E57FF53EC6CBFBBD002FC8D7460BA6B8DE6F46F0023BD74E50D9FBBA049A063AB16B30699CAF8E6582A3DFB3481ACA57EB03EB039D10995 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5b58613de02a2628489f5253cbf992b173ce8a399697cb943ccf415375a9f4e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 54944 cf-polished origFmt=png, origSize=48887 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 33666 cf-bgj imgq:85,h2pri last-modified Mon, 19 Oct 2020 12:32:26 GMT server cloudflare etag "4fe1ecb98ff38283cdb2ae157e399ba2" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvakfM8N0DqBAICbhuydgeI12BRgGshJRuKxFrCmePfFz474ZfZE9xiMq85itjfoRS6hnqfblaWWf03a5SkqbiukmncmlxyOE39gJqyPlNLZwfxGUFjjFgDwxeQFyi5lDSgXH0V4sB3xmCaq"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 775c874ef9409b3d-FRA expires Thu, 08 Dec 2022 10:20:24 GMT
GET H2	200	2CA06AF1A81515C4E9307DCBF950929C62F2A529DF1C94D6E251E62852FCFE855D42BB38017E1ABEF52BA00D7931B6B646FA2AF1CB7B54143803889AA04418FB assets.ad4m.at/product_image/ Frame 2E36	80 KB 81 KB	38ms 28ms	Image image/jpeg	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/2CA06AF1A81515C4E9307DCBF950929C62F2A529DF1C94D6E251E62852FCFE855D42BB38017E1ABEF52BA00D7931B6B646FA2AF1CB7B54143803889AA04418FB Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 395c6de3fb54977957c59ea9d8c16ebfe704ff24176dde2ae6b3e53c59a229d4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 318829 cf-polished origSize=86481, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 82178 cf-bgj imgq:85,h2pri last-modified Wed, 27 Jul 2022 12:28:34 GMT server cloudflare etag "c1b05d9c62f70498e47ebcd45386c70b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2KYDyWlr4YIorHZe7OZMojATnR29VNBc19fCyK29U16hQfCrOHtmjJ16Pi3zAMmE0V1kWKoFg7%2Ft94wJK8Jo6WsZiZocJBvcaU6T3D%2FnFGvzsz%2B5YxcIFKkmT%2B4WOQSzwceJSX0ikty%2FI3U"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=86400 accept-ranges bytes cf-ray 775c874ef9449b3d-FRA expires Thu, 08 Dec 2022 10:20:24 GMT
GET H2	200	link.html Show response track.webgains.com/ Frame 2E36	2 KB 2 KB	144ms 81ms	Script text/html	18.133.50.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k4g4en7vxjwt4y2p5gdrc11hhd12gsa91xvyh7rwxwkdphrs6q6kx847tffp8g5xyx7rgvq8evh7cbzwpqdp2vyf2c80m9wp0bf5n2c9v3x6bytrk6s9q9z5dp49cw6s62zk8zskgw44gnv8s5p034vpc0vpsjcsdjpmccgxthr9q8ra6ad25mk1rd7tj278mbjwbg1kjn87ryg4229r5q7hnng81wdy5yee21j7f4mvaxx4ak4zzy4g737b6gvvwe6gbg%26a%3D&clickref=oneidP2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcponeid__Influencer_advancedad_728x90&viewref=oneidr5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtdoneid__Influencer_advancedad_728x90 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-133-50-153.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash 14262ba9284c63b3ba932e2849038e311759bf4fd04180d999a4eb770ca5d492 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT last-modified Wed, 07 Dec 2022 10:20:24 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Wed, 07 Dec 2022 10:21:24 GMT
GET H2	200	link.html Show response track.webgains.com/ Frame 2E36	2 KB 2 KB	146ms 83ms	Script text/html	18.133.50.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=4366768&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h6bd4da8ydenjs4errsxrax72drg4546pdv0gh70mx59hya332v7nqryn7gfqge24vkcvydsdxgxzwmnsgznq95n9q482h4nyw2dqnagvvk82vpqvjxb57tbjkph431zd0kc5amj7aa99jeetrqnasjbzefmysww7q5d2csagdn8yf8trqve13jcbec5k0vfkk2pmex819depdb1xv5c2j62ysvjxmdep3afa0805a3rna634vn6rgxzx06dycpy5cy9m8%26a%3D&clickref=oneidmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHAoneid__Influencer_advancedad_728x90&viewref=oneidVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQoneid__Influencer_advancedad_728x90 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-133-50-153.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash eb200c64d48080b3b2398a6139953b67200a390361d6e73807fb81014c340b0b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT last-modified Wed, 07 Dec 2022 10:20:24 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Wed, 07 Dec 2022 10:21:24 GMT
GET H2	200	link.html Show response track.webgains.com/ Frame 2E36	2 KB 2 KB	132ms 72ms	Script text/html	18.133.50.153 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=3400931&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jj1p58mg6h3krvxp0y5w9hj4w7kny1g61p8y61s7gh1c1664efvrhhf0t2h4hm9zxrv3s2d8katv4a1p37wywpdwpez1j65xhy8dmghww7qxkz4kp4r72pb4bdsmmby1jaepcantgkcdt39q0vz36t843tf6f0k4asc9082wvnmtfv7rwy55wq4sgr73fx6pk0m3g7zp3mcnan5sqskmkasqd9tk0f1xcp2xcs7w3cnvze4d98pveswkaab5eac55ar0%26a%3D&clickref=oneidjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9oneid__Influencer_advancedad_728x90&viewref=oneidBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFMoneid__Influencer_advancedad_728x90 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.133.50.153 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-133-50-153.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash a747972507d5209fa623714ffbc2900da0dcdcd447f386682cd63a30091cf158 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:24 GMT last-modified Wed, 07 Dec 2022 10:20:24 GMT server nginx x-powered-by PHP/7.4.26 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=60 access-control-allow-headers Authorization expires Wed, 07 Dec 2022 10:21:24 GMT
GET H2	206	oil-show11.mp4 video.xlivrdr.com/production/prerolls/ Frame FC91	35 KB 0	58ms 20ms	Media video/mp4	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.xlivrdr.com/production/prerolls/oil-show11.mp4 Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Range bytes=0- Response headers date Wed, 07 Dec 2022 10:20:24 GMT x-amz-version-id LwsZmeLdGgtr33KabmVd9lRycLcA3vWm cf-cache-status HIT x-amz-request-id 79NPF11A5871XKAA age 230 Content-Range bytes 0-1135763/1135764 content-disposition attachment alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1135764 x-amz-id-2 RfrSAHIpMv9N4pSnqdglwbUSTUKG55hkT7D2aDadk8xL65VFB3yhRk27r1QJc/jAVgDFHzhK28s= last-modified Thu, 13 Oct 2022 12:46:41 GMT server cloudflare etag "3fd7d6fdd4263070a471f9b24ce4eb48" vary Accept-Encoding content-type video/mp4 cache-control public, max-age=14400 access-control-allow-credentials true cf-ray 775c87502bff9237-FRA access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with expires Wed, 07 Dec 2022 14:20:24 GMT
GET H2	200	pvClk.min.js Show response analytics.webgains.io/ Frame 2E36	85 KB 31 KB	52ms 8ms	Script application/javascript	65.9.95.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://analytics.webgains.io/pvClk.min.js Requested by Host: track.webgains.com URL: https://track.webgains.com/link.html?wglinkid=3400931&wgcampaignid=205795&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jj1p58mg6h3krvxp0y5w9hj4w7kny1g61p8y61s7gh1c1664efvrhhf0t2h4hm9zxrv3s2d8katv4a1p37wywpdwpez1j65xhy8dmghww7qxkz4kp4r72pb4bdsmmby1jaepcantgkcdt39q0vz36t843tf6f0k4asc9082wvnmtfv7rwy55wq4sgr73fx6pk0m3g7zp3mcnan5sqskmkasqd9tk0f1xcp2xcs7w3cnvze4d98pveswkaab5eac55ar0%26a%3D&clickref=oneidjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9oneid__Influencer_advancedad_728x90&viewref=oneidBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFMoneid__Influencer_advancedad_728x90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-127.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Tue, 06 Dec 2022 20:21:54 GMT content-encoding gzip via 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront) last-modified Mon, 31 Oct 2022 15:47:19 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 50312 etag W/"faa933973c404f8cfedacd4b67a60b85" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id Q9cYCZxqFc_FiFc3FXlugiXEyB_8pxSF3J8ioHr73ItEyPg11F9uUA==
GET H2	200	2022-07-25_paninicomics-banner-2022-627x627-entwurf.jpeg cdn.track.production.webgains.team/268155/ Frame 2E36	84 KB 85 KB	63ms 20ms	Image image/jpeg	18.65.39.111 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/268155/2022-07-25_paninicomics-banner-2022-627x627-entwurf.jpeg?Expires=1670408724&Signature=e8AoixJZk6VwxSvt9h6Z2qmMv5s2FQqPVkE65fKtUYsYECNh1TetK8WikSueEj4zPRA8Z4Kqi3j5p7oWtIok1D6-VBrbHXgukTk8vqLqEFT6j1sXR2cS2ZGJ9~Ua4~RcDlpLtl37z~e-R6M7Z7IcwR9mWhY0Isuch3~YmBP4X6BGyOeTfiw4MsYl62ewPZmBEEl1zr-94eVViK5at~LFUEs-MdBfTuPU~6v6jUEw8AodMZX6cZlqjXZ3zG45S61gSMG2BHI0ZWHInZxusW3ap3880aw64uQwGvqMnkheH7g7FYOXxxis4RE7IkNx4~1la116VtH5rIq2xMmvRX989Q__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-111.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 7a05f250beda391951b9635bece2cd6563416c45139f92d0e93df1dab4dace3a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-amz-version-id null date Wed, 07 Dec 2022 00:26:50 GMT via 1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront) last-modified Mon, 25 Jul 2022 11:43:39 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 35616 etag "c1b05d9c62f70498e47ebcd45386c70b" vary Accept-Encoding x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY accept-ranges bytes content-length 86481 x-amz-cf-id KiZEQKw2LsRDz1g-Sb3pGYVYRZtZDPpa-FQ2OzBaaYiHq0xicaDdww==
GET H2	200	Logo120x90.jpg cdn.track.production.webgains.team/294690/ Frame 2E36	2 KB 3 KB	77ms 37ms	Image image/jpeg	18.65.39.111 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1670408724&Signature=iPG9kv0EIub19jGQeRIA7o0AMEoTG8a~BuDcj5X-IgCunpgxKIROJbCmcygjYpM1UcVVonykXYfPtwarDZqN0vLmcC6qFL~E5keP35k6bj~TiyfYGFevTlWuG3FKEUYJpmOkBhEd6hApAU2xEdiasbnvgVjCmIRr7LQExRNujTOoTUPzcuBNzyJSasmkWOIRKlE6g1nsuDIolu8Wi3QmSKCJyhRYEX7DgKsQkrm156yFu3vHN2aCsg2qNno-f5Cw1q9cUbLbl~sabAFoPahjqbpneNOiEmHQZgb2BAz8u9~PtfVbEKkrwx~LZP1y2Nui8KhekeU9~QzJU5uFMVUEmQ__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-111.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-amz-version-id null date Tue, 06 Dec 2022 17:10:49 GMT via 1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront) last-modified Thu, 04 Aug 2022 13:56:07 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 61777 etag "66da632e2658ba90a2b4863be372b9cf" vary Accept-Encoding x-cache Hit from cloudfront content-type image/jpeg x-amz-storage-class REDUCED_REDUNDANCY accept-ranges bytes content-length 2298 x-amz-cf-id fXBo-lBBTtG0j4MRnKvtBsm9oXrxu57PCK41tzlOVama90n1aZbvtQ==
GET H2	200	1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif cdn.track.production.webgains.team/295140/ Frame 2E36	19 KB 19 KB	79ms 40ms	Image image/gif	18.65.39.111 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.track.production.webgains.team/295140/1659354586_efWwgs1Qb28CJ2gn5syWw4lgeBNhVHiH.gif?Expires=1670408724&Signature=XXfFmwqIrDKMDEgLqgEuF85VItlUTZnanVDz-SXO8o4tIXTjUwHXv3v2arHIUfv8J227JVFqO0bQmx3E0OCGM3ZOxLhx4lE1rJdtQXScPWfJ-M2r9Nt04iNorSRgiq0N-gRXt294n7FnpUIbBRSqib9MZdUKxmeEWts-SCwlrnnlA17lhuG8tj-ROaANt69PwtbXWk11ZWPv-DIXo1rloo8F~vtEgaBvof1U0F~aT7dpvi6raKHRay9o8Z4MK1wjWZ6futGPwydJCbdUteMSgWAwEFInq4TfrZPfgpYadBe-bYZSbclB3689895M2MpD6LtdF0bpuYb-65shmYaW9g__&Key-Pair-Id=K28VXAGA7VWE0O Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=321735%2C321034%2C200039&b=r5K3UQf9fqG9KCAH7HjtqtEPD6tYSJtgQDtd%2CVQ2zFwfmfB5dRsVHbHAtRtPM2jfBSDtgbBtQ%2CBdGDtgfPfx7B6CxH6H3t9tKeGujSdt89jFM&f=P2PXSBfbfYeZqF9HjHbtgCk9q8cJSgtDbBcp%2CmQXGFefGfm7p2tmHZHZtQCWkX4CKSJte3mHA%2CjeK7hEfGfqr35tYHEH2tWCqdBhZSDt1Bwa9&c=728&d=90&e=&g=4708fecff0938fd94ecdf544d1bc6d22%2F3849324281227810071&i=110819%2C111584%2C22499&j=21%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=Influencer_advancedad_728x90&r=1670408424695&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-111.ams1.r.cloudfront.net Software AmazonS3 / Resource Hash 86e52a6ab6d9a83f40ddc2a09084df0a0d291ca4194b5ce17de122001adf46fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-amz-version-id null date Tue, 06 Dec 2022 20:10:37 GMT via 1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront) last-modified Mon, 01 Aug 2022 11:49:48 GMT server AmazonS3 x-amz-cf-pop AMS1-P1 age 50989 etag "c8717f93a87217b1c114134b189e2ca0" vary Accept-Encoding x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 19052 x-amz-cf-id lZIT7N53zp67e_s7FtJHoKt3tqG2SuQN7VSTTcTcgIMrmgmv7uvbtg==
GET H3	206	oil-show11.mp4 video.xlivrdr.com/production/prerolls/ Frame FC91	21 KB 22 KB	71ms 59ms	Media video/mp4	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.xlivrdr.com/production/prerolls/oil-show11.mp4 Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e00b02a96f4b484a56d47bb66ccf240dd3421976280ec635cf214aa1470a1502 Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Range bytes=1114112- Response headers date Wed, 07 Dec 2022 10:20:25 GMT x-amz-version-id LwsZmeLdGgtr33KabmVd9lRycLcA3vWm cf-cache-status HIT x-amz-request-id 79NPF11A5871XKAA age 231 Content-Range bytes 1114112-1135763/1135764 content-disposition attachment alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 21652 x-amz-id-2 RfrSAHIpMv9N4pSnqdglwbUSTUKG55hkT7D2aDadk8xL65VFB3yhRk27r1QJc/jAVgDFHzhK28s= last-modified Thu, 13 Oct 2022 12:46:41 GMT server cloudflare etag "3fd7d6fdd4263070a471f9b24ce4eb48" vary Accept-Encoding content-type video/mp4 cache-control public, max-age=14400 access-control-allow-credentials true cf-ray 775c87505a1292a8-FRA access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with expires Wed, 07 Dec 2022 14:20:25 GMT
GET H3	206	oil-show11.mp4 video.xlivrdr.com/production/prerolls/ Frame FC91	1 MB 0	30ms 30ms	Media video/mp4	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://video.xlivrdr.com/production/prerolls/oil-show11.mp4 Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Range bytes=32768- Response headers date Wed, 07 Dec 2022 10:20:25 GMT x-amz-version-id LwsZmeLdGgtr33KabmVd9lRycLcA3vWm cf-cache-status HIT x-amz-request-id 79NPF11A5871XKAA age 231 Content-Range bytes 32768-1135763/1135764 content-disposition attachment alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1102996 x-amz-id-2 RfrSAHIpMv9N4pSnqdglwbUSTUKG55hkT7D2aDadk8xL65VFB3yhRk27r1QJc/jAVgDFHzhK28s= last-modified Thu, 13 Oct 2022 12:46:41 GMT server cloudflare etag "3fd7d6fdd4263070a471f9b24ce4eb48" vary Accept-Encoding content-type video/mp4 cache-control public, max-age=14400 access-control-allow-credentials true cf-ray 775c8750caee92a8-FRA access-control-allow-headers Content-Type, Content-Length, Accept-Encoding, x-requested-with expires Wed, 07 Dec 2022 14:20:25 GMT
GET H2	200	/ kts.cvastico.com/in/vtcevents/ Frame FC91	0 174 B	60ms 21ms	Image text/xml	2a02:128:7:5241::2 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kts.cvastico.com/in/vtcevents/?e_type=impression&source=999044201&tcid=16279&iab=IAB25&cap=15&p=&ccid=&ctype=slider&uid=bfd6b1d77174cac76464a77be85a188c&endpoint=&other=https://syndication.realsrv.com/splash.php?idzone=3918598&sub=999044201 Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:128:7:5241::2 , Czech Republic, ASN50245 (SERVEREL-AS, US), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers access-control-allow-origin date Wed, 07 Dec 2022 10:20:25 GMT access-control-allow-credentials true server nginx/1.20.1 content-length 0 content-type text/xml
GET H2	200	event vast.yomeno.xyz/ Frame FC91	0 269 B	68ms 37ms	Image text/plain	2a02:128:7:4957::2 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://vast.yomeno.xyz/event?tcid=16279&uid=bfd6b1d77174cac76464a77be85a188c Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:128:7:4957::2 , Czech Republic, ASN50245 (SERVEREL-AS, US), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT server nginx/1.20.1 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range access-control-allow-credentials true access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range, content-length 0
GET H/1.1	200 OK	vregister.php syndication.realsrv.com/ Frame FC91	0 463 B	47ms 18ms	Image text/html	95.211.229.246 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://syndication.realsrv.com/vregister.php?a=vimp&tracking_event=impression&idzone=3918598&d5f17aa428f139bff1504e0eae2ab4c1=tsVuZ8uHLlt48tvDvq4dfXLh65dNdlTlK8E.fjhu5deu7jw3cuHTW1NZLXThmACjrgbjYlesYecz68tdUFbi781VcrEjmcEmMz25qaTXA2w3a5TXBU5Tn148evjprgbnsZjgqfcpz48.PDt01wN1QVuZ9OXTn25a4G8ZpXM.fnj46.fGuBtpitx6anDPrw8a4G2mJJ2IHpc.nXxx69OWuBu1imBiuCaXPr56eeffvy1wNzVZ9OGuBtmma6pynPlrgbbctgacz4a4G2mKaYHKc.GuBuCqfPn05cePXt311WM5.fPnh06cuHHXaxHY5nw3cOPLjrnsZjgqfcpXpYrcz7ddc9jMcFT7lK7VlNLkrWGYKJ2tpiSdiB6VdqymlyVrDNE8DW5e0.xK84vXMvPYzHBU.5Tnw3ee3PrrcvafYlecXrmXlcrumpiz462G168J3M.fHW7NTIxXnrgblcrumpiz462prJa6cF5qYHoJWI8wAUdb9dc6967s1NzFLbja7s1OeuBuemZuxqtdpitx6anDPj21z0wNQSvLyTNuR59Nb9dc9WfHXU1S45KvS5VNHZXBNLnrsqcpXgbz4a7KY132Kn82.nFvw0358O8ODPLh0c8.OHDz58ONO.OnLu5rgknpcqqgmlXqrYrsqz464JJ6XKqoJpV4JbWI4G16XGKppc.Gulx1ylyleqCtxd.aquViRzPWw2zHM1Fnw1wNzOuuU58NcDcbErcEry87DzmfDW5e41ZXBNKvXBI5nw3cOOuBttithpyWtynPlrgbaYppgcpXqmspacz4a5ZqmqYJ68.GuCVqZ6WCuZeSZtzPhrrcqrXkmbcz4a6XHoJpV3nJpWJHF4G8.Xnrw49e.uema_BeqtiuyrPbx1wNzsU1yuU58NbUFeC7zk0rEji8DefLz14cevnXK5Ww1ZBXgvPTNfgvXhO5m_NVXBK9rlcrYasgrwXnpmvwXbcqapgnrgmlz1sNsxzNRL2uU564JJ6XKqoJpV2I414JbWI4G16XGKppas.Guqxnlnw11WM88.GupqmCetevCdzPXU1TBPWvKxI5nrqapgnrXtcpz1s0zXVOUr2uU58NdtOfDXBLW5TKxHnw1yzLu2St1Z8NcDdLlU80tUFri8bGE1lefDXA3JZHXBjNK5nw12VOUrtMTzwSvZ8ddlTlK7TE88Ery7tLlFjkrWGfHp04a3JGII14Kp8.GupqmCetdtytiCPPtrqapgnrXtcpqgmlz462bKY89dtlkDefHt34dOHjpy6de_bn36cOHDtz88O3hzww534.ddcEjlVbEk.fHt34dOHjpy6a2ppooHGppanJa8.M Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:25 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin Access-Control-Allow-Credentials true Connection keep-alive X-Robots-Tag noindex, follow
GET H3	200	abc.gif go.xlivrdr.com/ Frame FC91	103 B 103 B	68ms 68ms	Image image/gif	2606:4700:3110::6812:336a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://go.xlivrdr.com/abc.gif?campaignId=165aea9bcdd7aabac45f72d02f58fd24b8416bc57cfc540b1b4409ac823564af&campaignType=smartpop&creativeId=b1e02e2720203f684f246d97afe36747c347d0383f37e85772df9f975015b451&iterationId=257107&landing=landingVAST&masterSmartpopId=2683&memberId=ooc7bc7qLprarrXVXU3UWWTulc6qW11U7p3UyuldK6V1FM801Vdjp7qpZqrHT3VSzVXOldM6V0rpXSumdK6V0znOuuulppnlmc5zpXSuldK6V0rpXSulcH2A&p1=4581542&ruleId=157&segment=oil-show11-1&smartpopId=3564&sourceId=3918598&stripcashR=1&tag=-girls%2Findian&userId=1f2ad638bb163e0f21b19d6cbbcd5805b56eb7b1ef21117b6157eaf2a11915c9&variationId=29475&videosList=oil-show11 Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3110::6812:336a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif access-control-allow-origin * cf-ray 775c87512b8492a8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 103
GET H2	200	tt_maa.php Show response tt.adcocktail.com/ Frame 2B7A Redirect Chain https://tt.adcocktail.com/tt_rota.php?uid=101162&wsid=219521 https://tt.adcocktail.com/tt.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1 https://tt.adcocktail.com/tt_ma.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de/	527 B 423 B	24ms 24ms	Document text/html	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de/ Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0bda49da9f0591594f84f97dea5c6b4bcd772ad756b1ab81ba2851b83157ed6b Request headers Referer https://www.jefffm.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 775c87525a96bbb3-FRA content-encoding gzip content-length 362 content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT expires Wed, 11 Jan 1984 05:00:00 GMT note CACHING IS DISABLED pragma no-cache server cloudflare vary Accept-Encoding Redirect headers cache-control max-age=0, no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 775c87521a0ebbb3-FRA content-encoding gzip content-length 20 content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT expires Wed, 11 Jan 1984 05:00:00 GMT location https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de/ note CACHING IS DISABLED pragma no-cache server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	rota.php Show response www.ads4allweb.de/api/kamp/ Frame 4E7C	141 B 408 B	29ms 5ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash fe270a588e6d2591f512895cfd87e45d5399d150c831ba74b8983b2420319695 Request headers Referer https://www.jefffm.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-control no-cache Connection Keep-Alive Content-Encoding gzip Content-Length 147 Content-Type text/html; charset=UTF-8 Date Wed, 07 Dec 2022 10:20:25 GMT Keep-Alive timeout=5, max=100 Server Apache Vary Accept-Encoding
GET H2	200	hads.js Show response hads.adcocktail.com/ Frame C0AB	2 KB 946 B	27ms 26ms	Script application/javascript	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hads.adcocktail.com/hads.js?id=5 Requested by Host: hads.adcocktail.com URL: https://hads.adcocktail.com/hads.php?uid=101162&wsid=219521 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfb5a8fbc114168fb6dd7ff8bf5cc5252911de90ec45745de6ab123d0f6173f8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 13 Feb 2018 09:29:06 GMT server cloudflare etag "858-56514a04f23c9-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes cf-ray 775c875178bfbbb3-FRA content-length 798
GET H2	200	hads.css hads.adcocktail.com/ Frame C0AB	1 KB 559 B	30ms 29ms	Stylesheet text/css	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hads.adcocktail.com/hads.css?id=5 Requested by Host: hads.adcocktail.com URL: https://hads.adcocktail.com/hads.php?uid=101162&wsid=219521 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06fdaa80f5368e415d98230f5b8e8af9bb9b82baccecef5cb6e79273233af959 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Tue, 13 Feb 2018 09:32:08 GMT server cloudflare etag "4a6-56514ab1eb9c8-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes cf-ray 775c875178bebbb3-FRA content-length 449
GET H2	200	hads_body.php Show response hads.adcocktail.com/ Frame C0AB	0 104 B	29ms 28ms	Script text/html	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hads.adcocktail.com/hads_body.php?uid=101162&wsid=219521 Requested by Host: hads.adcocktail.com URL: https://hads.adcocktail.com/hads.php?uid=101162&wsid=219521 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.jefffm.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Wed, 07 Dec 2022 10:20:25 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Wed, 07 Dec 2022 10:20:25 GMT server cloudflare vary Accept-Encoding content-type text/html; charset=utf-8 cache-control max-age=0, no-cache, no-store, must-revalidate note CACHING IS DISABLED cf-ray 775c875178c1bbb3-FRA content-length 20 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	206	audio.mp3 listen.openstream.co/4379/ Frame C0AB	0 0	154ms 34ms	Media text/html	52.215.107.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://listen.openstream.co/4379/audio.mp3 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.107.50 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-107-50.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.jefffm.de/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Range bytes=0- Response headers
GET H/1.1	200 OK	count.php Show response www.ads4allweb.de/api/ Frame 4E7C	4 KB 1 KB	5ms 5ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 9d054a5ec09d48fd0dda3f48d3eeeb150addf3f068f86e81e6fa80a0ac245387 Request headers Referer https://www.ads4allweb.de/api/kamp/rota.php?sid=97&uid=1055&art=traffic Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-control no-cache Connection Keep-Alive Content-Encoding gzip Content-Length 1246 Content-Type text/html; charset=UTF-8 Date Wed, 07 Dec 2022 10:20:25 GMT Keep-Alive timeout=5, max=99 Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	jquery-3.3.1.min.js Show response www.ads4allweb.de/js/ Frame 4E7C	85 KB 30 KB	8ms 8ms	Script application/javascript	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/js/jquery-3.3.1.min.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:25 GMT Content-Encoding gzip Last-Modified Thu, 03 Nov 2022 07:57:55 GMT Server Apache ETag "1538f-5ec8c5093e6c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 30309
GET H/1.1	200 OK	adframe.js Show response www.ads4allweb.de/api/ad/ Frame 4E7C	18 B 298 B	12ms 4ms	Script application/javascript	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/api/ad/adframe.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash fb1de05487cbd9748085d35910b6f9877706b2a63c3cd64e2fadb9c318cb0505 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 10:20:25 GMT Last-Modified Fri, 16 Aug 2019 11:59:04 GMT Server Apache ETag "12-5903ab775b200" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 18
GET H2	200	ads4allweb.de.1298509.js Show response jsc.mgid.com/a/d/ Frame 4E7C	2 KB 1 KB	280ms 230ms	Script text/javascript	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/a/d/ads4allweb.de.1298509.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af591382e3cddd1386d6d266c4916c2a0c4d5d2a1ff28e741e67b445f945ee28 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT x-amz-version-id h5QiCXOU9il5gTiBTNL1mngIe1DF6Lvh content-encoding br cf-cache-status HIT x-amz-request-id NC8KAD6HAXQFEJ1F cf-polished origSize=2344 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 2INuNIz/2juk+jpQGAyfT1v9dHMKJY4C1GWInXkx4m4xpDkPSoIVTUQ0X8oRpTA/rKhQp1xtj7g= cf-bgj minify last-modified Wed, 23 Nov 2022 11:54:41 GMT server cloudflare etag W/"3cbe37ce4fcdd14ffbe6cc41ef31d898" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 775c87524b0871a8-LHR expires Wed, 07 Dec 2022 13:20:25 GMT
GET H2	200	ads4allweb.de.1366229.js Show response jsc.mgid.com/a/d/ Frame 4E7C	2 KB 1 KB	246ms 198ms	Script text/javascript	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/a/d/ads4allweb.de.1366229.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9136a17423c8deb6eb906bdb24fca4977e34a129c135d26485c2a414df73247b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT x-amz-version-id ckn8qxZ8.vj1Es0cmvk6bJtafK8VKXqf content-encoding br cf-cache-status HIT x-amz-request-id 7CAZW8XNDYBFTVXW cf-polished origSize=2344 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 AvHJ7wYbvwxaGTVFJcUH2HSU9byiNDVyFffdSUAd1ATB7vTMcAO/bDpZMnzK2NCTBWAHrV21Uck= cf-bgj minify last-modified Wed, 23 Nov 2022 12:02:06 GMT server cloudflare etag W/"362a1c803379b418701309ebc14b5655" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 775c87524b0971a8-LHR expires Wed, 07 Dec 2022 13:20:25 GMT
GET H/1.1	200 OK	textlinks.php Show response www.ads4allweb.de/ads/ Frame 7ABD	565 B 570 B	6ms 6ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/ads/textlinks.php Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash db847bfd3f03a0e10da9eeb39d4687c13e359feaf9e70f62f96352c2e606ca07 Request headers Referer https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 335 Content-Type text/html; charset=UTF-8 Date Wed, 07 Dec 2022 10:20:25 GMT Keep-Alive timeout=5, max=99 Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	tt_wflcm.php Show response www.ads4allweb.de/ads/ Frame 157A	359 B 495 B	4ms 4ms	Document text/html	116.203.68.201 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.ads4allweb.de/ads/tt_wflcm.php?bid=4841553 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.68.201 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS ads4allweb.de Software Apache / Resource Hash 851ee8e88179d3f77f8aaa899434a1d116cfaf4202c6c4b9ecf6a3751984c1db Request headers Referer https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Length 260 Content-Type text/html; charset=UTF-8 Date Wed, 07 Dec 2022 10:20:25 GMT Keep-Alive timeout=5, max=97 Server Apache Vary Accept-Encoding
GET H2	200	reklamstore.js Show response adserver.reklamstore.com/ Frame 7ABD	96 KB 29 KB	80ms 17ms	Script application/javascript	2600:9000:2453:7200:1c:4bbb:9180:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adserver.reklamstore.com/reklamstore.js Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/textlinks.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2453:7200:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92e83fdf1ed8bb4a50fb72331cb20f536a1159ce55d523ebfca3441ce8e30294 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 07:39:20 GMT content-encoding gzip via 1.1 ebfd02322356b60fe506d9cd1ca49956.cloudfront.net (CloudFront) last-modified Mon, 28 Jun 2021 18:35:51 GMT server AmazonS3 x-amz-cf-pop HAM50-P1 age 9685 etag "78cf0f1f296c61b336db981022359dbc" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript content-length 29778 x-amz-cf-id zF4r837hQPG6iRaL6A89R20VCVn0Xl5emBgh6rkcDowPL9Jxs8jj-Q==
GET H/1.1	200 OK	ziel.php Show response www.werbeflut.net/kamp/ Frame C74D	806 B 716 B	64ms 19ms	Document text/html	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.werbeflut.net/kamp/ziel.php?uid=1403&bid=4841553&sid=1521 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/tt_wflcm.php?bid=4841553 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.ab-webservice.de Software Apache / Resource Hash 3f465af47780e1d26869b1cd449f0d07b45895afd6f5b2f712b77761b594f8c0 Request headers Referer https://www.ads4allweb.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 517 Content-Type text/html; charset=UTF-8 Date Wed, 07 Dec 2022 10:20:25 GMT Server Apache Vary Accept-Encoding
GET H2	200	ziel.php Show response www.lcmmedia.de/kamp/ Frame 3ABC Redirect Chain https://www.lcmmedia.de/kamp/rot.php?art=ztraffic&uid=5638&sid=5686 https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1	1 KB 923 B	26ms 25ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/tt_wflcm.php?bid=4841553 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Andernach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash c2e083ecf9c7551bef890197122d63bd6223d5273fb50412c20292e316f1a610 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.ads4allweb.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 684 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin Redirect headers content-length 0 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT location https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1 server nginx x-powered-by PHP/7.4.30 PleskLin
GET H2	200	tt_maaa.php Show response tt.adcocktail.com/ Frame 3EF8	184 B 242 B	33ms 33ms	Document text/html	104.20.45.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tt.adcocktail.com/tt_maaa.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de/ Requested by Host: tt.adcocktail.com URL: https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.45.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b80231b8159ce5a1669a19237f15fc940c595ea357973490443de862f378b8f Request headers Referer https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=0, no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 775c87529b1abbb3-FRA content-encoding gzip content-length 182 content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT expires Wed, 11 Jan 1984 05:00:00 GMT note CACHING IS DISABLED pragma no-cache server cloudflare vary Accept-Encoding
GET H2	200	distribution.php Show response turbopreise.de/b/b-c1/de/ Frame 0155	308 B 1 KB	67ms 13ms	Document text/html	3.66.53.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://turbopreise.de/b/b-c1/de/distribution.php?t=direct&s=6661&pub=101162&sub=219521&c=0.000500 Requested by Host: tt.adcocktail.com URL: https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.66.53.110 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS portal-cockpit.noctemque.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 677303ae5fe9e1693f89c09093904fe59835e0aa339d8707adfd0bdacec5e382 Request headers Referer https://tt.adcocktail.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, private content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT server nginx/1.18.0 (Ubuntu)
GET H/1.1	200 OK	frame_forced.php Show response www.werbeflut.net/kamp/ Frame 2361	207 B 404 B	32ms 19ms	Document text/html	88.99.66.132 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://www.werbeflut.net/kamp/frame_forced.php?code=dWlkPTE0MDMmYmlkPTQ4NDE1NTMmc2lkPTE1MjEmdjE9JnYyPSZyZWZlcmVyPWh0dHBzOi8vd3d3LmFkczRhbGx3ZWIuZGUv Requested by Host: www.werbeflut.net URL: https://www.werbeflut.net/kamp/ziel.php?uid=1403&bid=4841553&sid=1521 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.99.66.132 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS serv.ab-webservice.de Software Apache / Resource Hash d55006cc9dfc5227be0b8749c940ec927cc56239225c45b126ab604b4b4be94e Request headers Referer https://www.werbeflut.net/kamp/ziel.php?uid=1403&bid=4841553&sid=1521 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 205 Content-Type text/html; charset=UTF-8 Date Wed, 07 Dec 2022 10:20:25 GMT Server Apache Vary Accept-Encoding
GET H2	200	register flirtclub24.de/ Frame 7081	0 0	208ms 171ms	Document text/html	2606:4700:3033::6815:4a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://flirtclub24.de/register?tid=018 Requested by Host: www.werbeflut.net URL: https://www.werbeflut.net/kamp/ziel.php?uid=1403&bid=4841553&sid=1521 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:4a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.werbeflut.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 775c8752deec1621-DUS content-encoding br content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GE1RPjaZoIjHNyxidlBVlJOWR3Q2V9ymlgas72TVHcf%2BVE6aPV45YaFR7wCNS7bctmy2DrlTbKDyYXvu64pdT13aEtXidKpboDvkI6eNqxIXJ4aE5A49LRAOKwgTw0BTobXQpWo1ng6BAFVbDQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	/ kts.cvastico.com/in/vtcevents/ Frame FC91	0 173 B	21ms 20ms	Image text/xml	2a02:128:7:5241::2 SERVEREL-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kts.cvastico.com/in/vtcevents/?e_type=start&source=999044201&tcid=16279&ctype=slider&iab=IAB25&cap=15&uid=bfd6b1d77174cac76464a77be85a188c&ccid=&endpoint= Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:128:7:5241::2 , Czech Republic, ASN50245 (SERVEREL-AS, US), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers access-control-allow-origin date Wed, 07 Dec 2022 10:20:25 GMT access-control-allow-credentials true server nginx/1.20.1 content-length 0 content-type text/xml
GET H2	200	publishertag.js Show response static.criteo.net/js/ld/ Frame 7ABD	121 KB 40 KB	142ms 16ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Mon, 24 Oct 2022 11:21:19 GMT server nginx etag W/"6356752f-1e444" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Thu, 08 Dec 2022 10:20:25 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/ Frame 4E7C	371 KB 125 KB	55ms 18ms	Script text/javascript	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2944a6b0e2a059a1bdf177d3298f32059b8fbc2bbea7b8ed604a511a50f6c12a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126815 x-xss-protection 0 expires Wed, 07 Dec 2022 10:20:25 GMT
GET H/1.1	200 OK	/ Show response ads.rekmob.com/m/props/ Frame 7ABD	295 B 610 B	144ms 19ms	XHR application/json	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/props/?regionId=1108319 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 423e26541ddd5a1d601894fd7ad9cc4628940ebef42342422917bed1330f7652 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 08:26:41 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Transfer-Encoding chunked Access-Control-Allow-Methods * Content-Type application/json;charset=UTF-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Code Vary Accept-Encoding Connection keep-alive Access-Control-Allow-Headers Content-Type,X-Code
GET H2	200	gtm.js Show response www.googletagmanager.com/ Frame 7ABD	102 KB 41 KB	39ms 16ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash db3d1de427b1d14b5d66bc1ab92c829666ea0aa79132adef0f19ae9985e69613 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41162 x-xss-protection 0 last-modified Wed, 07 Dec 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 07 Dec 2022 10:20:25 GMT
GET H2	200	sync odr.mookie1.com/t/v2/ Frame 7ABD Redirect Chain https://x.bidswitch.net/sync?ssp=reklamstore https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0210daa9-6c16-470e-9acc-e273566bd73c&ssp=reklamstore&gdpr=&gdpr_consent=	43 B 356 B	48ms 18ms	Image image/gif	34.98.67.61 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0210daa9-6c16-470e-9acc-e273566bd73c&ssp=reklamstore&gdpr=&gdpr_consent= Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/textlinks.php Protocol H2 Server 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Wed, 07 Dec 2022 10:20:25 GMT via 1.1 google server Apache content-type image/gif;charset=UTF-8 p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=0210daa9-6c16-470e-9acc-e273566bd73c&ssp=reklamstore&gdpr=&gdpr_consent= date Wed, 07 Dec 2022 10:20:25 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	frame_forced.php Show response www.lcmmedia.de/kamp/ Frame 8358	205 B 439 B	25ms 22ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTU2MzgmYmlkPTI1ODAmc2lkPTU2ODYmdjE9JnYyPSZyZWZlcmVyPWh0dHBzOi8vd3d3LmFkczRhbGx3ZWIuZGUv Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Andernach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 02976e973dcbf04e826598773637b233617e1e6cccebad4e9b4ddebda43afcac Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 200 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H2	200	go.php Show response www.croxy.de/ Frame E993	951 B 620 B	70ms 30ms	Document text/html	89.163.128.225 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.croxy.de/go.php?id=2580&sid=aHR0cHM6Ly93d3cuZWJheS5kZS9zdHIvc3Bpcml0dWVsbGVlbmVyZ2llbmZ1cmRpY2g/bWtjaWQ9MTYmbWtldnQ9MSZta3JpZD03MDctMTI3NjM0LTIzNTctMCZzc3Nwbz1YcHR6enZvZFNiYSZzc3NyYz0zNDE4MDY1JnNzdWlkPXEzNHBmNXJGUnBDJndpZGdldF92ZXI9YXJ0ZW1pcyZtZWRpYT1DT1BZ Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.163.128.225 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.croxy.de Software nginx / PHP/8.0.26 PleskLin Resource Hash 613356af23e1cd57ff6d83a88b4293038dfe20a39cddcc5ad550c149da9471dd Request headers Referer https://www.lcmmedia.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 472 content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:21:42 GMT server nginx vary Accept-Encoding x-powered-by PHP/8.0.26 PleskLin
GET H2	200	kamp_m_lcm.php Show response www.lcmmedia.de/kamp/ Frame FB2C	1 KB 798 B	21ms 21ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=2580&sid=5686 Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Andernach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 024e0da3603f17238365b579fa8ea89dca386892c60075d5ca80000271050e34 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 559 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H2	200	red.php Show response dealsrazor.com/bc_d/ Frame 0155 Redirect Chain https://turbopreise.de/b/b-c1/de/distribution.php?c=0.000500&pub=101162&s=6661&sub=219521&t=direct&&m=1 https://dealsrazor.com/bc_d/red.php?c=0.000500&pub=101162&s=6661&sub=219521&t=direct	294 B 471 B	42ms 13ms	Document text/html	3.68.5.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dealsrazor.com/bc_d/red.php?c=0.000500&pub=101162&s=6661&sub=219521&t=direct Requested by Host: tt.adcocktail.com URL: https://tt.adcocktail.com/tt_maa.php?adc_tan=MzUxOTB8MTAxMTYyfDIxOTUyMXwxNjcwNDA4NDI1&ref=jefffm.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.68.5.1 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS portal.noctemque.com Software nginx / Resource Hash b78761d66e69b4d9d394120000fc5018ee85fd2fff318bfe6cc2c4a5729b5578 Request headers Referer https://turbopreise.de/b/b-c1/de/distribution.php?t=direct&s=6661&pub=101162&sub=219521&c=0.000500 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers 0 Referrer-Policy 1 origin cache-control no-cache, private max-age=0, no-cache, no-store, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT expires Thu, 1 Jan 1970 00:00:00 GMT pragma no-cache server nginx vary Accept-Encoding Redirect headers cache-control no-cache, private content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT location https://dealsrazor.com/bc_d/red.php?c=0.000500&pub=101162&s=6661&sub=219521&t=direct server nginx/1.18.0 (Ubuntu)
GET H2	200	style.css www.lcmmedia.de/kamp/ Frame FB2C	486 B 565 B	17ms 17ms	Stylesheet text/css	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/style.css Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=2580&sid=5686 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Andernach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PleskLin Resource Hash f0c1e0b291b81ea4aa9f55579f2592a0978e15080b3277369b88fbc407d27a0b Security Headers Name Value Content-Security-Policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; Request headers accept-language de-DE,de;q=0.9 Referer https://www.lcmmedia.de/kamp/kamp_m_lcm.php?bid=2580&sid=5686 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT content-security-policy upgrade-insecure-requests;, default-src * 'unsafe-eval' 'unsafe-inline'; content-encoding gzip last-modified Thu, 03 Jun 2021 16:02:32 GMT server nginx x-accel-version 0.01 etag "1e6-5c3deb3e84805-gzip" x-powered-by PleskLin vary Accept-Encoding content-type text/css; charset=utf-8 accept-ranges bytes content-length 255
GET H2	200	frame_forced.php Show response www.lcmmedia.de/kamp/ Frame 8358	32 B 277 B	111ms 111ms	Document text/html	213.202.218.154 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://www.lcmmedia.de/kamp/frame_forced.php?step=1&code=dWlkPTU2MzgmYmlkPTI1ODAmc2lkPTU2ODYmdjE9JnYyPSZyZWZlcmVyPWh0dHBzOi8vd3d3LmFkczRhbGx3ZWIuZGUv Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.202.218.154 Andernach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS mail.lcmmedia.de Software nginx / PHP/7.4.30 PleskLin Resource Hash 7d13caf22fc19e5ef89f910d1d6c26962549bc446bec9452bb11a50d6f933e32 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; Request headers Referer https://www.lcmmedia.de/kamp/frame_forced.php?code=dWlkPTU2MzgmYmlkPTI1ODAmc2lkPTU2ODYmdjE9JnYyPSZyZWZlcmVyPWh0dHBzOi8vd3d3LmFkczRhbGx3ZWIuZGUv Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-length 39 content-security-policy upgrade-insecure-requests; default-src * 'unsafe-eval' 'unsafe-inline'; content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT server nginx vary Accept-Encoding x-powered-by PHP/7.4.30 PleskLin
GET H3	200	ads4allweb.de.1366229.es6.js Show response jsc.mgid.com/a/d/ Frame 4E7C	259 KB 76 KB	68ms 47ms	Script text/javascript	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/a/d/ads4allweb.de.1366229.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/a/d/ads4allweb.de.1366229.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3e551d3ed07de42d84172f2fa6fbf574813967353a48f0cfbfa182fe255dc5d Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:25 GMT x-amz-version-id _o2ye0x0ldTUvaDnIyR_GjpY4xU3CeUA content-encoding br cf-cache-status HIT x-amz-request-id F17SGQ8DX8VADXS1 age 612 cf-polished origSize=264949 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 LgBI8ORB+R8ywvWIv3nXVz35IeOOTBEHoWcDbDQXBqY7irhr8Dt1Nm2F/URn/L7/Y6ZB3n/F3cg= cf-bgj minify last-modified Mon, 05 Dec 2022 10:52:52 GMT server cloudflare etag W/"558fb9b62e23fbb0bac9302a18c8c626" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 775c8753a937dce3-LHR expires Wed, 07 Dec 2022 13:20:25 GMT
GET H/1.1	200 OK	/ Show response takebest-prizes.life/ Frame 0155 Redirect Chain https://dealsrazor.com/bc_d/red.php?c=0.000500&pub=101162&s=6661&sub=219521&t=direct&&m=1 https://takebest-prizes.life/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2	88 KB 88 KB	288ms 97ms	Document text/html	198.244.155.26 OVH
General Check archive.org Show headers Download Go to Full URL https://takebest-prizes.life/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 198.244.155.26 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash 074d7c24d8ea2c800244cc958d7fc5e3f60cd66c57e08397b8fc80bdfe749e62 Request headers Referer https://dealsrazor.com/bc_d/red.php?c=0.000500&pub=101162&s=6661&sub=219521&t=direct Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-transform Connection keep-alive Content-Length 89833 Content-Type text/html Date Wed, 07 Dec 2022 10:20:25 GMT Server nginx cache-control private Redirect headers cache-control no-cache, private max-age=0, no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:20:25 GMT expires Thu, 1 Jan 1970 00:00:00 GMT location https://takebest-prizes.life/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2 pragma no-cache server nginx
GET H2	200	/ Show response adx.adform.net/adx/ Frame 7ABD Redirect Chain https://adx.adform.net/adx/?rp=4&bWlkPTE1ODAxMTY%3D&callback=adf__DZitWyzfvQy2BX10VGHM https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTE1ODAxMTY%3D&callback=adf__DZitWyzfvQy2BX10VGHM	33 B 587 B	136ms 136ms	Script text/javascript	37.157.4.28 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTE1ODAxMTY%3D&callback=adf__DZitWyzfvQy2BX10VGHM Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/textlinks.php Protocol H2 Server 37.157.4.28 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 200d145fddb79bb0465de1155a70b58aa758f2950f0160efdb78af150bcc0c75 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Wed, 07 Dec 2022 10:20:26 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip server nginx vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/javascript access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-max-age 86400 access-control-allow-credentials true cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1 Redirect headers pragma no-cache date Wed, 07 Dec 2022 10:20:25 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx access-control-max-age 86400 access-control-allow-methods GET,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" location https://adx.adform.net/adx/?CC=1&rp=4&bWlkPTE1ODAxMTY%3D&callback=adf__DZitWyzfvQy2BX10VGHM access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H/1.1	200 OK	adp Show response ads.rekmob.com/m/ Frame 7ABD	4 KB 2 KB	299ms 240ms	Script text/plain	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://ads.rekmob.com/m/adp?uid=313d75c2d9c241758ec863bf244b16c4&ufid=DZitWyzfvQy2BX10VGHM&mobile_web=1&dt=3&os=3&jsonp=1&callback=rmb__DZitWyzfvQy2BX10VGHM&ref=www.ads4allweb.de&_=1670408425915&crtg=-1 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash 6af8c68537d8104b07467f0f8d2ce66cafb3bbe549aae38a65cd309d46dcd9df Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 08:26:42 GMT Content-Encoding gzip Server nginx/1.9.6 X-Code DE Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/plain;charset=ISO-8859-1 Connection keep-alive
POST H2	204	/ Show response prebid-eu.creativecdn.com/bidder/prebid/bids/ Frame 7ABD	0 180 B	56ms 15ms	XHR text/plain	185.184.8.90 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids/ Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-90.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.ads4allweb.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.ads4allweb.de date Wed, 07 Dec 2022 10:20:25 GMT access-control-allow-credentials true vary Origin access-control-max-age 3600 access-control-allow-methods POST
GET H3	200	ads4allweb.de.1298509.es6.js Show response jsc.mgid.com/a/d/ Frame 4E7C	259 KB 74 KB	33ms 33ms	Script text/javascript	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/a/d/ads4allweb.de.1298509.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/a/d/ads4allweb.de.1298509.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5c35a073a359a534e542a222583313271a8a68cc7cc4e854732b188f6a44ade Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT x-amz-version-id MuxqW6gDsK_jmGf1DWJD5jw2g_1pwcTi content-encoding br cf-cache-status HIT x-amz-request-id ABYC9PB3C281Y97P age 613 cf-polished origSize=265253 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 4K4+dlvHqUpoaebGohu6/MW2xZxbWVB7jpiyxFLMG70IszHjLKDMrVJF1bOyUHjCIGCAZ1z2De4= cf-bgj minify last-modified Wed, 23 Nov 2022 11:54:41 GMT server cloudflare etag W/"e38ec2ce3b2251a4f11841f658f995da" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 775c8756adc4dce3-LHR expires Wed, 07 Dec 2022 13:20:26 GMT
GET H/1.1	200 OK	frame.html Show response takebest-prizes.life/media/mainstream/ Frame 33B7	39 B 320 B	20ms 20ms	Document text/html	198.244.155.26 OVH
General Check archive.org Show headers Download Go to Full URL https://takebest-prizes.life/media/mainstream/frame.html Requested by Host: takebest-prizes.life URL: https://takebest-prizes.life/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 198.244.155.26 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e Request headers Referer https://takebest-prizes.life/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-transform Connection keep-alive Content-Length 39 Content-Type text/html Date Wed, 07 Dec 2022 10:20:26 GMT ETag "60a50ff7-27" Last-Modified Wed, 19 May 2021 13:17:43 GMT Server nginx Vary Accept-Encoding
GET BLOB	200 OK	9caf3b13-053d-4ff4-9ef0-d26872b31b55 https://www.ads4allweb.de/ Frame 4E7C	0 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ads4allweb.de/9caf3b13-053d-4ff4-9ef0-d26872b31b55 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Length 0 Content-Type text/javascript
GET BLOB	200 OK	a1c4929e-9dea-4acd-9005-5e7624305ec5 https://www.ads4allweb.de/ Frame 4E7C	250 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ads4allweb.de/a1c4929e-9dea-4acd-9005-5e7624305ec5 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Length 250 Content-Type text/javascript
POST H2	200	tracking-event Show response api.webgains.io/ Frame 2E36	16 B 232 B	81ms 80ms	Fetch application/json	18.132.178.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-178-175.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/json Response headers date Wed, 07 Dec 2022 10:20:26 GMT x-content-type-options nosniff server nginx x-powered-by PHP/7.4.26 x-frame-options SAMEORIGIN content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	82ms 20ms	Preflight	18.132.178.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-178-175.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Wed, 07 Dec 2022 10:20:26 GMT server nginx
POST H2	200	tracking-event Show response api.webgains.io/ Frame 2E36	16 B 232 B	68ms 68ms	Fetch application/json	18.132.178.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-178-175.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/json Response headers date Wed, 07 Dec 2022 10:20:26 GMT x-content-type-options nosniff server nginx x-powered-by PHP/7.4.26 x-frame-options SAMEORIGIN content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	64ms 21ms	Preflight	18.132.178.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-178-175.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Wed, 07 Dec 2022 10:20:26 GMT server nginx
POST H2	200	tracking-event Show response api.webgains.io/ Frame 2E36	16 B 232 B	77ms 77ms	Fetch application/json	18.132.178.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Requested by Host: analytics.webgains.io URL: https://analytics.webgains.io/pvClk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-178-175.eu-west-2.compute.amazonaws.com Software nginx / PHP/7.4.26 Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/json Response headers date Wed, 07 Dec 2022 10:20:26 GMT x-content-type-options nosniff server nginx x-powered-by PHP/7.4.26 x-frame-options SAMEORIGIN content-type application/json access-control-allow-origin * cache-control no-cache, private x-xss-protection 1; mode=block
OPTIONS H2	204	tracking-event api.webgains.io/ Frame	0 0	60ms 21ms	Preflight	18.132.178.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.webgains.io/tracking-event Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-178-175.eu-west-2.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers access-control-allow-headers Content-Type access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-allow-origin * date Wed, 07 Dec 2022 10:20:26 GMT server nginx
GET BLOB	200 OK	78bd111e-47ba-47d9-b31a-dba02cfd1ebc https://www.ads4allweb.de/ Frame 4E7C	0 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ads4allweb.de/78bd111e-47ba-47d9-b31a-dba02cfd1ebc Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Length 0 Content-Type text/javascript
GET BLOB	200 OK	90776e33-191f-402e-97e1-11e7fe1ef785 https://www.ads4allweb.de/ Frame 4E7C	250 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.ads4allweb.de/90776e33-191f-402e-97e1-11e7fe1ef785 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Content-Length 250 Content-Type text/javascript
GET H/1.1	200 OK	/ Show response 710.taxsaddim.live/lcyvquhh/ Frame 0155	2 KB 2 KB	226ms 134ms	Document text/html	54.37.5.34 OVH
General Check archive.org Show headers Download Go to Full URL https://710.taxsaddim.live/lcyvquhh/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2&f=1&sid=t4~is5st4knwcfxlw1hhrk32vjk&fp=RrYpH3CAs0iqhjMap3eXQoc6nYc%2Fl9zLnK7L7JO1SwdsmbutNxbOoLmhKUz3EYeX46Nx53hV9ZOGeYgX7SAkFNdxVrwhFfvv4Ttfy9dM3sToy54Wm1QR03Hw5NpuvPQPekz9WjkvCEQb0UeJGBpheOyfhfnWLGRnDHZiPiUEHtpBhUp0CGn7%2BTjB1rNB%2BlkFizKCvWxo07RAPh1o1gzKOoyV8X%2B%2B%2Bu3gxw6VYFEnMk6ftyl2JJHqtp7AG91HHYCFX7iJyIJIzUDqyAuKdLxU0nzRfwRAm2EaNWT%2BAR6om%2FFJSN2lUfiQVYvkfr4mkn3N%2BM8sn0%2FNabtIzLHcs6XMzxjJx9ad%2BjWN8TY7pUQCwWGCEf0iRiGFyTGI5Ry30exUx8UbVTtO%2BtN7jFlmQtxtRomk1v0fCAqwWc7KdD0pBOcFvCQN97btrn99H2btykVSvQttqKGo8TPl2NX0237h4JYoQlda20UCyTW%2B8NyJEZdBwmgsyWViF%2FNVIbbAYgwH1cqOylldV3r2u3YxFxV%2BaWZpTrHrYp%2B35HEUkCM%2BNF20l2fkI5NLZC7l7%2BjDir6gJ5UCsNg9kiI8sEwVh4hPoCp8tWOdsr8vnz84pBY%2BXyQjTrFV5%2BP810tpQHDppXWF0vT19proMcnGgHEeGS1dph05O39gS1bw7XLVXO%2BxtTqWRwKFA1ywYSiJ5zy6BkimZlmKiiL8ro2SJ%2FmjGTFHwcKlx2TH1JpkFg%2Fywu8eDrPxwFoLp045cKKwCjMthy%2FqA3bOsi%2FhbR3ZvqCx5AjGZlHSx%2BeX6e6VinM5PhZTKtODGjP%2BVU973ORXYeF%2FZnk0gKQxHbIuLK3ZpdUsVcHEB%2FWL7%2FmhhmtARj1VDbjH4NOuyeCdx21rpbCGH9TLGDUgGiefHtIY1kOIadP3V6Dj9ooMWprIFMkBnsLti2TlTGY%2Fa%2Fy7W8YNrmZ3piZBLDfMQf24s2W%2FzX4GxDQkaYZWJeB3yKsq6xcR0o0eOMBhBEs6pVqynaDoDxjiQt8vj4O1R3XAAjJaPAavfxvc%2FxZEX11Ogakd%2Bd2QzvKP%2FsO%2FdVDX6bKBm78BhBLp5SQn2gNK%2F3VTsLC16HIITIfXRJ001JvgzJfECaYaJ6EbczHUG35%2FvEGOUzOh1G%2Fs0hRXGOPTi0H4JJCihYOtP%2Foeh7baBedJD%2BqbXHnlq7%2BsJJebut4XnRcKGwMRbREcp8gSu6TZu8GnjAaywJrBhYItqhReMesdUmS3qoUz6Vn4%2BVrBWDAWWIBWiFCGDkrSBe%2BZntQM1VUMjVj8toRIm1pMwOzzgIYtaAhLGSALwiG4unCQPpWssFWNLqhOpHrMkhk5E%2FgzZ9IpPbsgjYv3hjjPebxZ%2FmnW3i7NQp2aZWfelJ1%2BLuLXvEjtO1GJY%2BqTYsT3UwaarrF0HyVYJ94VcnaZIX0Iv3KunC4BH3ql485h2j0sE93qk7NhObsJnWuDT9Bji%2F2H5tBRVpNW1ob7qX2CxjNq6N0%2B0utvyRJWd62PeXw2mWzgpHNb1X%2FZ%2F08Q7MwiLr%2B4Y80tWvFfki9IAZZy%2BaHIuzXDs6cSpoGMwSPz9hUOVwq4nkm4CGvkuj8dnOVrwqWLQoaosg6bDBX%2FhRHNblNmVen0aAs1S1APwQL9n3Id1Iy%2B5LxQogUzpplgrN%2Ba4bNj1tVg7fiaevzSRczm8DirK5E6v6FM89UY75f6D7N35NE8Qv22wjFHP6WizPfFFwflxXSfysGYGYPTfK5iHLkVeclHvMD9BJsdds%2FWbavGY4HTKU62EUHo%2BLffTGup0ggSFon8ZCEalkXJZ5rm3F2YHGXPTNPPbCHzBvw3ObBDo%2BWOuc%2BVExhEp39tnC25dtZXTXJfa9e4Wfzxb6bTaS4oCknSAfR1mTHLqjW12zfi%2B8AQ6TpgQIp1jdcqXypgOfGpDzUWtgPFEOmMogdRBx8BCE5KCru1T999zwDbdxOL8dANmneR3k7dKFX%2FcDJOKGxwIlJ6d5euhFrL2Low%2Fk2iGJnnr69W10J%2BL2c7KS7MEMc%3D Requested by Host: takebest-prizes.life URL: https://takebest-prizes.life/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.37.5.34 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash ab2fe46c8739b04d17d3c7ed2947e7f772bfeb667ca29169cb35259d7df51f5e Request headers Referer https://takebest-prizes.life/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-transform Connection keep-alive Content-Length 1560 Content-Type text/html Date Wed, 07 Dec 2022 10:20:26 GMT Server nginx cache-control private
GET H2	200	fltiu.js Show response pixel.yabidos.com/ Frame 7ABD	2 KB 1 KB	61ms 22ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=52939&s=www.ads4allweb.de&x=rekmob&nci=&adtg=313d75c2d9c241758ec863bf244b16c4&nai=&si=45575&pn=&h=60&w=468&bp=&pp=&ci=&ip=80.255.10.204&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36 Requested by Host: adserver.reklamstore.com URL: https://adserver.reklamstore.com/reklamstore.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 30 Nov 2022 23:32:03 GMT server cloudflare age 4168 vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 775c8759abd48fec-FRA content-length 1168 expires Wed, 07 Dec 2022 12:20:26 GMT
GET H2	200	spirituelleenergienfurdich Show response www.ebay.de/str/ Frame E993 Redirect Chain https://www.croxy.de/goo.php?ip=aHR0cHM6Ly93d3cuZWJheS5kZS9zdHIvc3Bpcml0dWVsbGVlbmVyZ2llbmZ1cmRpY2g/bWtjaWQ9MTYmbWtldnQ9MSZta3JpZD03MDctMTI3NjM0LTIzNTctMCZzc3Nwbz1YcHR6enZvZFNiYSZzc3NyYz0zNDE4MDY1J... https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY	612 KB 115 KB	828ms 774ms	Document text/html	2.23.193.99 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Requested by Host: www.lcmmedia.de URL: https://www.lcmmedia.de/kamp/ziel.php?uid=5638&bid=2580&sid=5686&ns=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.193.99 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-23-193-99.deploy.static.akamaitechnologies.com Software ebay-proxy-server / Resource Hash 4f73725e2e011bd100750352ec249a34837fd756b65033ceae49c65a28469709 Security Headers Name Value Content-Security-Policy media-src 'self' *.ebay.com *.ebaycdn.net blob:; font-src 'self' *.ebaystatic.com https://fonts.gstatic.com Strict-Transport-Security max-age=31536000 max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.croxy.de/go.php?id=2580&sid=aHR0cHM6Ly93d3cuZWJheS5kZS9zdHIvc3Bpcml0dWVsbGVlbmVyZ2llbmZ1cmRpY2g/bWtjaWQ9MTYmbWtldnQ9MSZta3JpZD03MDctMTI3NjM0LTIzNTctMCZzc3Nwbz1YcHR6enZvZFNiYSZzc3NyYz0zNDE4MDY1JnNzdWlkPXEzNHBmNXJGUnBDJndpZGdldF92ZXI9YXJ0ZW1pcyZtZWRpYT1DT1BZ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version content-encoding gzip content-security-policy media-src 'self' *.ebay.com *.ebaycdn.net blob:; font-src 'self' *.ebaystatic.com https://fonts.gstatic.com content-security-policy-report-only style-src 'self' 'unsafe-inline' data: *.ebay.com *.ebay.de *.ebaystatic.com *.ebaystatic.de *.ebay.com *.googleapis.com; connect-src 'self' *.ebay.com *.ebay.de *.ebaystatic.com *.ebaystatic.de data: *.ebaycdn.net *.glance.net *.googleapis.com *.google.com ebay-prd.rest-ar.com cas.avalon.perfdrive.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.ebay.com *.ebay.de *.ebaystatic.com *.ebaystatic.de blob: data: *.ebaystatic.com *.googletagmanager.com *.googleadservices.com connect.facebook.net googleads.g.doubleclick.net *.ebayrtm.com *.ebaystatic.cn *.paypal.com; frame-ancestors 'self' *.ebay.com *.ebay.de *.ebaystatic.com *.ebaystatic.de; default-src 'self' blob: data: wss: mediastream: *.ebay.com *.ebay.de *.ebaystatic.com *.ebaystatic.de *.ebayimg.com sslwidget.criteo.com *.doubleclick.com www.facebook.com *.google.com *.ebayrtm.com ebay-prd.rest-ar.com sp.analytics.yahoo.com *.ebaycdn.net *.gstatic.com use.fontawesome.com *.paypal.com googleads.g.doubleclick.net pics.ebaystatic.com www.google.co.in www.google.com.br; report-uri https://monitor.ebay.com/csp-report/storenode/storesweb?id=4097665012768785080&rid=t6pqiufkicf%3F%3Ctofuslwcilac*o%3D%7C3%3B(rbpv6770-184ec19d4e1-0x1303#pd content-type text/html; charset=utf-8 date Wed, 07 Dec 2022 10:20:27 GMT rlogid t6pqiufkicf%3F%3Ctofuslwcilac*o%3D%7C3%3B(rbpv6770-184ec19d4e1-0x1303 server ebay-proxy-server strict-transport-security max-age=31536000 max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-edgeconnect-midmile-rtt 3 x-edgeconnect-origin-mex-latency 749 x-envoy-upstream-service-time 747 Redirect headers content-length 0 content-type text/html; charset=UTF-8 date Wed, 07 Dec 2022 10:21:43 GMT location https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY server nginx x-powered-by PHP/8.0.26 PleskLin
GET H2	200	/ Show response c.mgid.com/pv/ Frame 4E7C	0 43 B	130ms 115ms	Script text/plain	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/pv/?pv=5&cbuster=1670408426543181634139&uniqId=016e8&lct=1669161600&niet=4g&nisd=false&jsv=es6&iframe=2&ref=https%3A%2F%2Fwww.ads4allweb.de%2Fapi%2Fkamp%2Frota.php%3Fsid%3D97%26uid%3D1055%26art%3Dtraffic&cxurl=https%3A%2F%2Fwww.ads4allweb.de%2Fapi%2Fkamp%2Frota.php%3Fsid%3D97%26uid%3D1055%26art%3Dtraffic&pr=www.ads4allweb.de&lu=https%3A%2F%2Fwww.ads4allweb.de%2Fapi%2Fcount.php%3Fkid%3D25693%26sid%3D97%26uid%3D1055%26ref%3Dhttps%253A%252F%252Fjefffm.de%252F&sessionId=639068eb-13b23&pageView=1&pvid=184ec19d42f919ce463&site=797848&implVersion=11&dpr=1&tfre=1298 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/a/d/ads4allweb.de.1298509.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 775c875a0c6971a8-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET BLOB	206 Partial Content	dc742df5-ffff-41a1-bc4d-e51befc26226 https://www.ads4allweb.de/ Frame 4E7C	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://www.ads4allweb.de/dc742df5-ffff-41a1-bc4d-e51befc26226 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET H2	200	flimpobj.js Show response pixel.yabidos.com/ Frame 7ABD	31 KB 24 KB	18ms 18ms	Script application/javascript	104.16.201.58 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pixel.yabidos.com/flimpobj.js?cb=1670408426542&ver1=2.2.3&qid=230383f5530383f5434353&rnd=23u3p5z52wa4&cid=544 Requested by Host: pixel.yabidos.com URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=52939&s=www.ads4allweb.de&x=rekmob&nci=&adtg=313d75c2d9c241758ec863bf244b16c4&nai=&si=45575&pn=&h=60&w=468&bp=&pp=&ci=&ip=80.255.10.204&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02d5267190e72466ca3a4ce018b4d9dcbb65839812f366f22dbacaf2d3ef5ae7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 30 Nov 2022 23:32:03 GMT server cloudflare age 3547 vary Accept-Encoding content-type application/javascript cache-control public, max-age=7200 accept-ranges bytes cf-ray 775c8759fc6c8fec-FRA content-length 24223 expires Wed, 07 Dec 2022 12:20:26 GMT
GET BLOB	206 Partial Content	5b7355a2-573b-4908-a111-4a6f8d581095 https://www.ads4allweb.de/ Frame 4E7C	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://www.ads4allweb.de/5b7355a2-573b-4908-a111-4a6f8d581095 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET H2	200	mgid_ua.svg cdn.mgid.com/images/mgid/ Frame 4E7C	2 KB 1 KB	37ms 29ms	Image image/svg+xml	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/mgid/mgid_ua.svg Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id BQQZ016TJQM3CQAQ age 4294 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE= last-modified Tue, 08 Mar 2022 17:05:01 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root etag W/"617c205137825561208ef7c1a2d8f319" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 775c875a1c8771a8-LHR expires Thu, 08 Dec 2022 10:20:26 GMT
GET H2	200	Adchoices.svg cdn.mgid.com/images/logos/ Frame 4E7C	836 B 813 B	40ms 33ms	Image image/svg+xml	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id BQQP2P0ZGAY0CMXJ age 4465 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 775c875a1c8a71a8-LHR expires Thu, 08 Dec 2022 10:20:26 GMT
GET H2	200	vbl.gif pre.glotgrx.com/ Frame 7ABD	26 B 231 B	84ms 47ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/vbl.gif?cb=1670408426598&rnd=23u3p5z52wa4&ifm=2&uai=2&cid=544&s=www.ads4allweb.de&p=52939&x=rekmob&adtg=313d75c2d9c241758ec863bf244b16c4&ats=0&atf=&nsi=&si=45575&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh= Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT cf-cache-status HIT last-modified Wed, 30 Nov 2022 23:31:54 GMT server cloudflare age 5457 vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 775c875a8e229211-FRA content-length 26 expires Wed, 07 Dec 2022 12:20:26 GMT
GET H2	200	nflrc.gif pre.glotgrx.com/ Frame 7ABD	26 B 87 B	99ms 63ms	Image image/gif	2606:4700::6810:79c3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pre.glotgrx.com/nflrc.gif?cb=1670408426585624&ver=1.2r81&qid=230383f5530383f5434353&p=52939&s=www.ads4allweb.de&x=rekmob&cid=544&od1=&od2=&adtg=313d75c2d9c241758ec863bf244b16c4&nci=&nai=&si=45575&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=23u3p5z52wa4&impid=&idl=&ttduid=&id5=&emh=&tps=8&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.94%20Safari/537.36&os=&mm=&di=&ip=80.255.10.204&ci=&pp=&bp=&w=468&h=60&pn=&1=4dfedfdac32a791dfd7cd3097853cd01&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%221380%22}&ats=0&atf=&dbgcid=544&ifm=2&penv=b&pt=&ptbp=&tw=0&ldp=4&icpl=23&icp=http%253A//www.siceu.de&irfl=114&irf=https%253A//www.ads4allweb.de/api/kamp/rota.php%253Fsidfl_eq54497fl_np544uidfl_eq5441055fl_np544artfl_eq544traffic&cty=4&fcs=0&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-17-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-137-os-fl-0-mm-fl-0-di-fl-0-ip-fl-13-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9.5_undefined_null_0_undefined_false&chua=&fli=&flerr=0&trim=&fio=23 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT cf-cache-status HIT last-modified Wed, 30 Nov 2022 23:31:54 GMT server cloudflare age 5872 vary Accept-Encoding content-type image/gif cache-control public, max-age=7200 accept-ranges bytes cf-ray 775c875a8e249211-FRA content-length 26 expires Wed, 07 Dec 2022 12:20:26 GMT
GET H2	200	7 Show response servicer.mgid.com/1298509/ Frame 4E7C	1 KB 921 B	138ms 128ms	Script application/x-javascript	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1298509/7?pv=5&cbuster=167040842661777897214&uniqId=016e8&lct=1669161600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=0&h=-1&wrongImageSize=1&cols=1&iframe=2&ref=https%3A%2F%2Fwww.ads4allweb.de%2Fapi%2Fkamp%2Frota.php%3Fsid%3D97%26uid%3D1055%26art%3Dtraffic&cxurl=https%3A%2F%2Fwww.ads4allweb.de%2Fapi%2Fkamp%2Frota.php%3Fsid%3D97%26uid%3D1055%26art%3Dtraffic&pr=www.ads4allweb.de&lu=https%3A%2F%2Fwww.ads4allweb.de%2Fapi%2Fcount.php%3Fkid%3D25693%26sid%3D97%26uid%3D1055%26ref%3Dhttps%253A%252F%252Fjefffm.de%252F&sessionId=639068eb-13b23&pageView=1&pvid=184ec19d42f919ce463&implVersion=11&dpr=1&tfre=1371 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/a/d/ads4allweb.de.1298509.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b46740dfec1c4eb8667f025e4248f0716e538855017b252fe2e8b8b109fe448b Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 775c875a7ce171a8-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	7 Show response servicer.mgid.com/1366229/ Frame 4E7C	1 KB 1017 B	58ms 52ms	Script application/x-javascript	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1366229/7?mp4=1&ap=1&w=0&h=-1&wrongImageSize=1&cols=1&pv=5&cbuster=1670408426618874904439&uniqId=09f87&lct=1670198400&niet=4g&nisd=false&jsv=es6&iframe=2&ref=https%3A%2F%2Fwww.ads4allweb.de%2Fapi%2Fkamp%2Frota.php%3Fsid%3D97%26uid%3D1055%26art%3Dtraffic&cxurl=https%3A%2F%2Fwww.ads4allweb.de%2Fapi%2Fkamp%2Frota.php%3Fsid%3D97%26uid%3D1055%26art%3Dtraffic&pr=www.ads4allweb.de&lu=https%3A%2F%2Fwww.ads4allweb.de%2Fapi%2Fcount.php%3Fkid%3D25693%26sid%3D97%26uid%3D1055%26ref%3Dhttps%253A%252F%252Fjefffm.de%252F&sessionId=639068eb-13b23&pageView=0&pvid=184ec19d42f919ce463&implVersion=11&dpr=1&tfre=1373 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/a/d/ads4allweb.de.1366229.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edc4adcfd4703b73034d0bbe447f9d9ec6dcd22730e008eb2f8a63ef1fc6c1e1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 775c875a7ce671a8-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	away.php Show response appcloudgoal.com/ Frame 0155 Redirect Chain https://710.taxsaddim.live/web/?sid=t4~is5st4knwcfxlw1hhrk32vjk https://appcloudgoal.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D https://appcloudgoal.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D	283 B 432 B	18ms 18ms	Document text/html	45.77.230.212 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://appcloudgoal.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D Requested by Host: 710.taxsaddim.live URL: https://710.taxsaddim.live/lcyvquhh/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2&f=1&sid=t4~is5st4knwcfxlw1hhrk32vjk&fp=RrYpH3CAs0iqhjMap3eXQoc6nYc%2Fl9zLnK7L7JO1SwdsmbutNxbOoLmhKUz3EYeX46Nx53hV9ZOGeYgX7SAkFNdxVrwhFfvv4Ttfy9dM3sToy54Wm1QR03Hw5NpuvPQPekz9WjkvCEQb0UeJGBpheOyfhfnWLGRnDHZiPiUEHtpBhUp0CGn7%2BTjB1rNB%2BlkFizKCvWxo07RAPh1o1gzKOoyV8X%2B%2B%2Bu3gxw6VYFEnMk6ftyl2JJHqtp7AG91HHYCFX7iJyIJIzUDqyAuKdLxU0nzRfwRAm2EaNWT%2BAR6om%2FFJSN2lUfiQVYvkfr4mkn3N%2BM8sn0%2FNabtIzLHcs6XMzxjJx9ad%2BjWN8TY7pUQCwWGCEf0iRiGFyTGI5Ry30exUx8UbVTtO%2BtN7jFlmQtxtRomk1v0fCAqwWc7KdD0pBOcFvCQN97btrn99H2btykVSvQttqKGo8TPl2NX0237h4JYoQlda20UCyTW%2B8NyJEZdBwmgsyWViF%2FNVIbbAYgwH1cqOylldV3r2u3YxFxV%2BaWZpTrHrYp%2B35HEUkCM%2BNF20l2fkI5NLZC7l7%2BjDir6gJ5UCsNg9kiI8sEwVh4hPoCp8tWOdsr8vnz84pBY%2BXyQjTrFV5%2BP810tpQHDppXWF0vT19proMcnGgHEeGS1dph05O39gS1bw7XLVXO%2BxtTqWRwKFA1ywYSiJ5zy6BkimZlmKiiL8ro2SJ%2FmjGTFHwcKlx2TH1JpkFg%2Fywu8eDrPxwFoLp045cKKwCjMthy%2FqA3bOsi%2FhbR3ZvqCx5AjGZlHSx%2BeX6e6VinM5PhZTKtODGjP%2BVU973ORXYeF%2FZnk0gKQxHbIuLK3ZpdUsVcHEB%2FWL7%2FmhhmtARj1VDbjH4NOuyeCdx21rpbCGH9TLGDUgGiefHtIY1kOIadP3V6Dj9ooMWprIFMkBnsLti2TlTGY%2Fa%2Fy7W8YNrmZ3piZBLDfMQf24s2W%2FzX4GxDQkaYZWJeB3yKsq6xcR0o0eOMBhBEs6pVqynaDoDxjiQt8vj4O1R3XAAjJaPAavfxvc%2FxZEX11Ogakd%2Bd2QzvKP%2FsO%2FdVDX6bKBm78BhBLp5SQn2gNK%2F3VTsLC16HIITIfXRJ001JvgzJfECaYaJ6EbczHUG35%2FvEGOUzOh1G%2Fs0hRXGOPTi0H4JJCihYOtP%2Foeh7baBedJD%2BqbXHnlq7%2BsJJebut4XnRcKGwMRbREcp8gSu6TZu8GnjAaywJrBhYItqhReMesdUmS3qoUz6Vn4%2BVrBWDAWWIBWiFCGDkrSBe%2BZntQM1VUMjVj8toRIm1pMwOzzgIYtaAhLGSALwiG4unCQPpWssFWNLqhOpHrMkhk5E%2FgzZ9IpPbsgjYv3hjjPebxZ%2FmnW3i7NQp2aZWfelJ1%2BLuLXvEjtO1GJY%2BqTYsT3UwaarrF0HyVYJ94VcnaZIX0Iv3KunC4BH3ql485h2j0sE93qk7NhObsJnWuDT9Bji%2F2H5tBRVpNW1ob7qX2CxjNq6N0%2B0utvyRJWd62PeXw2mWzgpHNb1X%2FZ%2F08Q7MwiLr%2B4Y80tWvFfki9IAZZy%2BaHIuzXDs6cSpoGMwSPz9hUOVwq4nkm4CGvkuj8dnOVrwqWLQoaosg6bDBX%2FhRHNblNmVen0aAs1S1APwQL9n3Id1Iy%2B5LxQogUzpplgrN%2Ba4bNj1tVg7fiaevzSRczm8DirK5E6v6FM89UY75f6D7N35NE8Qv22wjFHP6WizPfFFwflxXSfysGYGYPTfK5iHLkVeclHvMD9BJsdds%2FWbavGY4HTKU62EUHo%2BLffTGup0ggSFon8ZCEalkXJZ5rm3F2YHGXPTNPPbCHzBvw3ObBDo%2BWOuc%2BVExhEp39tnC25dtZXTXJfa9e4Wfzxb6bTaS4oCknSAfR1mTHLqjW12zfi%2B8AQ6TpgQIp1jdcqXypgOfGpDzUWtgPFEOmMogdRBx8BCE5KCru1T999zwDbdxOL8dANmneR3k7dKFX%2FcDJOKGxwIlJ6d5euhFrL2Low%2Fk2iGJnnr69W10J%2BL2c7KS7MEMc%3D Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.77.230.212 London, United Kingdom, ASN20473 (AS-CHOOPA, US), Reverse DNS 45.77.230.212.vultrusercontent.com Software openresty / Resource Hash 03ca2af6185143f6d7090408d133bdae215cb3a518834fdb91fb1abee7b3a198 Request headers Referer https://710.taxsaddim.live/lcyvquhh/?u=y85k60t&o=2fupueh&cid=7b2dcf2884cdb1a04110a9d18e3a06c2&f=1&sid=t4~is5st4knwcfxlw1hhrk32vjk&fp=RrYpH3CAs0iqhjMap3eXQoc6nYc%2Fl9zLnK7L7JO1SwdsmbutNxbOoLmhKUz3EYeX46Nx53hV9ZOGeYgX7SAkFNdxVrwhFfvv4Ttfy9dM3sToy54Wm1QR03Hw5NpuvPQPekz9WjkvCEQb0UeJGBpheOyfhfnWLGRnDHZiPiUEHtpBhUp0CGn7%2BTjB1rNB%2BlkFizKCvWxo07RAPh1o1gzKOoyV8X%2B%2B%2Bu3gxw6VYFEnMk6ftyl2JJHqtp7AG91HHYCFX7iJyIJIzUDqyAuKdLxU0nzRfwRAm2EaNWT%2BAR6om%2FFJSN2lUfiQVYvkfr4mkn3N%2BM8sn0%2FNabtIzLHcs6XMzxjJx9ad%2BjWN8TY7pUQCwWGCEf0iRiGFyTGI5Ry30exUx8UbVTtO%2BtN7jFlmQtxtRomk1v0fCAqwWc7KdD0pBOcFvCQN97btrn99H2btykVSvQttqKGo8TPl2NX0237h4JYoQlda20UCyTW%2B8NyJEZdBwmgsyWViF%2FNVIbbAYgwH1cqOylldV3r2u3YxFxV%2BaWZpTrHrYp%2B35HEUkCM%2BNF20l2fkI5NLZC7l7%2BjDir6gJ5UCsNg9kiI8sEwVh4hPoCp8tWOdsr8vnz84pBY%2BXyQjTrFV5%2BP810tpQHDppXWF0vT19proMcnGgHEeGS1dph05O39gS1bw7XLVXO%2BxtTqWRwKFA1ywYSiJ5zy6BkimZlmKiiL8ro2SJ%2FmjGTFHwcKlx2TH1JpkFg%2Fywu8eDrPxwFoLp045cKKwCjMthy%2FqA3bOsi%2FhbR3ZvqCx5AjGZlHSx%2BeX6e6VinM5PhZTKtODGjP%2BVU973ORXYeF%2FZnk0gKQxHbIuLK3ZpdUsVcHEB%2FWL7%2FmhhmtARj1VDbjH4NOuyeCdx21rpbCGH9TLGDUgGiefHtIY1kOIadP3V6Dj9ooMWprIFMkBnsLti2TlTGY%2Fa%2Fy7W8YNrmZ3piZBLDfMQf24s2W%2FzX4GxDQkaYZWJeB3yKsq6xcR0o0eOMBhBEs6pVqynaDoDxjiQt8vj4O1R3XAAjJaPAavfxvc%2FxZEX11Ogakd%2Bd2QzvKP%2FsO%2FdVDX6bKBm78BhBLp5SQn2gNK%2F3VTsLC16HIITIfXRJ001JvgzJfECaYaJ6EbczHUG35%2FvEGOUzOh1G%2Fs0hRXGOPTi0H4JJCihYOtP%2Foeh7baBedJD%2BqbXHnlq7%2BsJJebut4XnRcKGwMRbREcp8gSu6TZu8GnjAaywJrBhYItqhReMesdUmS3qoUz6Vn4%2BVrBWDAWWIBWiFCGDkrSBe%2BZntQM1VUMjVj8toRIm1pMwOzzgIYtaAhLGSALwiG4unCQPpWssFWNLqhOpHrMkhk5E%2FgzZ9IpPbsgjYv3hjjPebxZ%2FmnW3i7NQp2aZWfelJ1%2BLuLXvEjtO1GJY%2BqTYsT3UwaarrF0HyVYJ94VcnaZIX0Iv3KunC4BH3ql485h2j0sE93qk7NhObsJnWuDT9Bji%2F2H5tBRVpNW1ob7qX2CxjNq6N0%2B0utvyRJWd62PeXw2mWzgpHNb1X%2FZ%2F08Q7MwiLr%2B4Y80tWvFfki9IAZZy%2BaHIuzXDs6cSpoGMwSPz9hUOVwq4nkm4CGvkuj8dnOVrwqWLQoaosg6bDBX%2FhRHNblNmVen0aAs1S1APwQL9n3Id1Iy%2B5LxQogUzpplgrN%2Ba4bNj1tVg7fiaevzSRczm8DirK5E6v6FM89UY75f6D7N35NE8Qv22wjFHP6WizPfFFwflxXSfysGYGYPTfK5iHLkVeclHvMD9BJsdds%2FWbavGY4HTKU62EUHo%2BLffTGup0ggSFon8ZCEalkXJZ5rm3F2YHGXPTNPPbCHzBvw3ObBDo%2BWOuc%2BVExhEp39tnC25dtZXTXJfa9e4Wfzxb6bTaS4oCknSAfR1mTHLqjW12zfi%2B8AQ6TpgQIp1jdcqXypgOfGpDzUWtgPFEOmMogdRBx8BCE5KCru1T999zwDbdxOL8dANmneR3k7dKFX%2FcDJOKGxwIlJ6d5euhFrL2Low%2Fk2iGJnnr69W10J%2BL2c7KS7MEMc%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 07 Dec 2022 10:20:26 GMT Server openresty Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Wed, 07 Dec 2022 10:20:26 GMT Location /away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D Server openresty Transfer-Encoding chunked
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvMzg4MTU4LzM0NmFhM... s-img.mgid.com/g/14771120/200x200/-/ Frame 4E7C	4 KB 4 KB	258ms 203ms	Image image/webp	2606:4700:1::6813:864e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/14771120/200x200/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDkvMzg4MTU4LzM0NmFhMjU0ZTUzN2Y0ZTI2NWRkMzNmYTZhZWZkYjFjLmpwZWc.webp?v=1670408426-bH8Ytj3Ngu1WSFhsMm5trR7b52cGq4mVP6VibD-IU4w Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc2e1a50d937575b1686372e89f81ee1c8a910aedd287011813521564f20c74e Request headers Referer https://www.ads4allweb.de/ Origin https://www.ads4allweb.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT cf-cache-status HIT last-modified Wed, 30 Nov 2022 11:13:32 GMT x-mg-request-uuid dc8b2b53-378c-4385-b84b-44fcc242260b server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 775c875b2bc9dcff-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4196
GET H2	200	i.js Show response cm.mgid.com/ Frame 4E7C	0 101 B	117ms 107ms	Script application/javascript	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i.js?&cbuster=167040842669011198797 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/a/d/ads4allweb.de.1366229.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Wed, 07 Dec 2022 10:20:26 GMT cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 775c875aed6271a8-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	i-noref.js Show response cm.mgid.com/ Frame 4C6C	0 37 B	110ms 108ms	Script application/javascript	2606:4700:1::6813:854e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i-noref.js?cbuster=1670408426698931233422 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/a/d/ads4allweb.de.1366229.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Wed, 07 Dec 2022 10:20:26 GMT cf-cache-status DYNAMIC server cloudflare content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 775c875aed6471a8-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/ Frame 4E7C	57 KB 17 KB	63ms 23ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/a/d/ads4allweb.de.1366229.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 24 Nov 2022 12:48:29 GMT server cloudflare x-amz-request-id AS6079NF7R64H2CK age 3371 etag W/"9ee82d693d1e83b3a37ee20226716f78" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 775c875b1dc59142-FRA x-amz-id-2 2mxyvxkHDv8YVtTpVImJWzSJ6t9LE3MMZGFNY9vGEvXz3eTx52Vj7bVgYIduyNqIsbtyyLaxBsg=
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/161673/7165/ Frame 4E7C	227 KB 72 KB	330ms 12ms	Script application/javascript	23.35.236.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/a/d/ads4allweb.de.1366229.es6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-201.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip last-modified Fri, 23 Sep 2022 12:15:31 GMT server Apache vary Accept-Encoding content-type application/javascript p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=93559 accept-ranges bytes content-length 73257 expires Thu, 08 Dec 2022 12:19:46 GMT
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvZWM2M... s-img.mgid.com/g/14594108/492x277/-/ Frame 4E7C	15 KB 16 KB	42ms 41ms	Image image/webp	2606:4700:1::6813:864e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/14594108/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMS8yMjAxODUvZWM2MGJlN2NiYTNmOTRiOGQ1ZmU2ZTU1N2ZlZDU4Y2YucG5n.webp?v=1670408426-DvrPCeAbC5dywNenLgITziYZeRO-l0f2_tGQ9d50Alg Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9047ab649135eb522cbf5988742b96d79257149074b5c423059ca9ed874170c5 Request headers Referer https://www.ads4allweb.de/ Origin https://www.ads4allweb.de accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:26 GMT cf-cache-status HIT last-modified Fri, 11 Nov 2022 01:15:03 GMT x-mg-request-uuid 09b81c7d-7958-4a99-99f3-d2663cc47777 server cloudflare age 762334 vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 775c875b4c27dcff-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15658
GET H/1.1	200	v1 Show response lb.eu-1-id5-sync.com/lb/ Frame 4E7C	33 B 404 B	34ms 8ms	XHR application/json	162.19.138.119 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.119 , France, ASN16276 (OVH, FR), Reverse DNS ns31533570.ip-162-19-138.eu Software / Resource Hash 24366324478a14c7ed2cd22e383f8e6b5e2c281a1c7bd04e0466376a32db2f70 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.ads4allweb.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.ads4allweb.de date Wed, 07 Dec 2022 10:20:25 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H/1.1	200 OK	v1 Show response lbs.eu-1-id5-sync.com/lbs/ Frame 4E7C	34 B 211 B	42ms 8ms	XHR application/json	2001:41d0:701:1000::2fb3 OVH
General Check archive.org Show headers Download Go to Full URL https://lbs.eu-1-id5-sync.com/lbs/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash d1583d520023c47c9dc2c8f8986543560f5951370f8d3ac290407bbfd34df9d2 Request headers Referer https://www.ads4allweb.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.ads4allweb.de date Wed, 7 Dec 2022 10:20:26 GMT content-length 34 vary Origin content-type application/json
POST H/1.1	200	231.json Show response id5-sync.com/g/v2/ Frame 4E7C	216 B 627 B	39ms 8ms	XHR application/json	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/231.json Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.82 , France, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash a35e169eb4eebe90203d3e53b545457cbdb469f44bc0d79cf0653b0cb31ae601 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.ads4allweb.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.ads4allweb.de date Wed, 07 Dec 2022 10:20:26 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H/1.1	200	v1 Show response lb.eu-1-id5-sync.com/lb/ Frame 4E7C	33 B 404 B	8ms 8ms	XHR application/json	162.19.138.119 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.119 , France, ASN16276 (OVH, FR), Reverse DNS ns31533570.ip-162-19-138.eu Software / Resource Hash 68d31c8d2ce022ab0bd3e7c3bf65f4b151a604cc059f031b4f555c7e978abf7a Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.ads4allweb.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.ads4allweb.de date Wed, 07 Dec 2022 10:20:25 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H/1.1	200 OK	v1 Show response lbs.eu-1-id5-sync.com/lbs/ Frame 4E7C	34 B 211 B	10ms 10ms	XHR application/json	2001:41d0:701:1000::2fb3 OVH
General Check archive.org Show headers Download Go to Full URL https://lbs.eu-1-id5-sync.com/lbs/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:41d0:701:1000::2fb3 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash ce752e9e0c3672b3164b28b9ff7922a3025ba9718ec652491137d1304aed689f Request headers Referer https://www.ads4allweb.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.ads4allweb.de date Wed, 7 Dec 2022 10:20:26 GMT content-length 34 vary Origin content-type application/json
POST H/1.1	200	231.json Show response id5-sync.com/g/v2/ Frame 4E7C	215 B 626 B	17ms 8ms	XHR application/json	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/231.json Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.82 , France, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash 8375815c802bba384a8e911d3dabf8ec17ae5a35184d737f7eaf8fb07ac91632 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://www.ads4allweb.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.ads4allweb.de date Wed, 07 Dec 2022 10:20:26 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H2	200	details play.google.com/store/apps/ Frame 0155	0 0	106ms 80ms	Document text/html	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically&hl=en&gl=US Requested by Host: appcloudgoal.com URL: https://appcloudgoal.com/away.php?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport script-src 'report-sample' 'nonce-D-k5jyiFGtxosKIoVhBiWg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://www.googletagmanager.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /_/PlayStoreUi/cspreport script-src 'report-sample' 'nonce-D-k5jyiFGtxosKIoVhBiWg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/PlayStoreUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://market.android.com https://clients2.google.com https://payments.sandbox.google.com https://payments.google.com https://maps.googleapis.com https://translate.googleapis.com https://translate.google.com https://support.google.com https://www.gstatic.cn https://families.google.com https://clients1.google.com https://myaccount.google.com https://accounts.google.com https://www.googletagmanager.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlayStoreUi/cspreport/allowlist content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy same-site date Wed, 07 Dec 2022 10:20:27 GMT expires Mon, 01 Jan 1990 00:00:00 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache server ESF strict-transport-security max-age=31536000 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-content-type-options nosniff x-frame-options SAMEORIGIN x-ua-compatible IE=edge x-xss-protection 0
POST H/1.1	200 OK	storesweb monitor.ebay.com/csp-report/storenode/ Frame 3ABC	0 982 B	570ms 225ms	Other text/plain	209.140.129.59
General Check archive.org Show headers Download Go to Full URL https://monitor.ebay.com/csp-report/storenode/storesweb?id=4097665012768785080&rid=t6pqiufkicf%3F%3Ctofuslwcilac*o%3D%7C3%3B(rbpv6770-184ec19d4e1-0x1303 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.140.129.59 -, , ASN (), Reverse DNS Software ebay-proxy-server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.lcmmedia.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 07 Dec 2022 10:20:27 GMT x-content-type-options nosniff accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-ebay-pop-id SLBRNOAZ03 x-frame-options SAMEORIGIN transfer-encoding chunked x-envoy-upstream-service-time 64 rlogid t6dlure%60uwjuckjkc51%3F%3Cumjanpp%60bpuowfioif74*go1o6(rbpv6702-184ec19d942-0x1303 x-xss-protection 1; mode=block
POST H/1.1	200 OK	storesweb monitor.ebay.com/csp-report/storenode/ Frame 157A	0 987 B	568ms 223ms	Other text/plain	209.140.129.59
General Check archive.org Show headers Download Go to Full URL https://monitor.ebay.com/csp-report/storenode/storesweb?id=4097665012768785080&rid=t6pqiufkicf%3F%3Ctofuslwcilac*o%3D%7C3%3B(rbpv6770-184ec19d4e1-0x1303 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.140.129.59 -, , ASN (), Reverse DNS Software ebay-proxy-server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.ads4allweb.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 07 Dec 2022 10:20:27 GMT x-content-type-options nosniff accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-ebay-pop-id SLBRNOAZ03 x-frame-options SAMEORIGIN transfer-encoding chunked x-envoy-upstream-service-time 64 rlogid t6dlure%60uwjuckjkc51%3F%3Ckuvanpp%60bpuowfioif74*%7B%3Dji6(rbpv670%3D-184ec19d93f-0x303 x-xss-protection 1; mode=block
POST H/1.1	200 OK	storesweb monitor.ebay.com/csp-report/storenode/ Frame 4E7C	0 984 B	559ms 214ms	Other text/plain	209.140.129.59
General Check archive.org Show headers Download Go to Full URL https://monitor.ebay.com/csp-report/storenode/storesweb?id=4097665012768785080&rid=t6pqiufkicf%3F%3Ctofuslwcilac*o%3D%7C3%3B(rbpv6770-184ec19d4e1-0x1303 Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/api/count.php?kid=25693&sid=97&uid=1055&ref=https%3A%2F%2Fjefffm.de%2F Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.140.129.59 -, , ASN (), Reverse DNS Software ebay-proxy-server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.ads4allweb.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 07 Dec 2022 10:20:27 GMT x-content-type-options nosniff accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-ebay-pop-id SLBRNOAZ03 x-frame-options SAMEORIGIN transfer-encoding chunked x-envoy-upstream-service-time 55 rlogid t6dlure%60uwjuckjkc51%3F%3Cumjanpp%60bpuowfioif74*r1%6056(rbpv6713-184ec19d940-0x1302 x-xss-protection 1; mode=block
POST H/1.1	200 OK	storesweb monitor.ebay.com/csp-report/storenode/ Frame C0AB	0 982 B	570ms 225ms	Other text/plain	209.140.129.59
General Check archive.org Show headers Download Go to Full URL https://monitor.ebay.com/csp-report/storenode/storesweb?id=4097665012768785080&rid=t6pqiufkicf%3F%3Ctofuslwcilac*o%3D%7C3%3B(rbpv6770-184ec19d4e1-0x1303 Requested by Host: www.jefffm.de URL: https://www.jefffm.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.140.129.59 -, , ASN (), Reverse DNS Software ebay-proxy-server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.jefffm.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 07 Dec 2022 10:20:27 GMT x-content-type-options nosniff accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-ebay-pop-id SLBRNOAZ03 x-frame-options SAMEORIGIN transfer-encoding chunked x-envoy-upstream-service-time 63 rlogid t6dlure%60uwjuckjkc51%3F%3Ckuvanpp%60bpuowfioif74*ii3mi(rbpv6712-184ec19d940-0x2303 x-xss-protection 1; mode=block
POST H/1.1	200 OK	storesweb monitor.ebay.com/csp-report/storenode/ Frame 875B	0 982 B	557ms 213ms	Other text/plain	209.140.129.59
General Check archive.org Show headers Download Go to Full URL https://monitor.ebay.com/csp-report/storenode/storesweb?id=4097665012768785080&rid=t6pqiufkicf%3F%3Ctofuslwcilac*o%3D%7C3%3B(rbpv6770-184ec19d4e1-0x1303 Requested by Host: www.fastcounter.de URL: https://www.fastcounter.de/b.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.140.129.59 -, , ASN (), Reverse DNS Software ebay-proxy-server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 07 Dec 2022 10:20:27 GMT x-content-type-options nosniff accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-ebay-pop-id SLBRNOAZ03 x-frame-options SAMEORIGIN transfer-encoding chunked x-envoy-upstream-service-time 53 rlogid t6dlure%60uwjuckjkc51%3F%3Ctofanpp%60bpuowfioif74*7vqmt(rbpv6612-184ec19d93c-0x2302 x-xss-protection 1; mode=block
POST H/1.1	200 OK	storesweb monitor.ebay.com/csp-report/storenode/	0 985 B	570ms 225ms	Other text/plain	209.140.129.59
General Check archive.org Show headers Download Go to Full URL https://monitor.ebay.com/csp-report/storenode/storesweb?id=4097665012768785080&rid=t6pqiufkicf%3F%3Ctofuslwcilac*o%3D%7C3%3B(rbpv6770-184ec19d4e1-0x1303 Requested by Host: www.siceu.de URL: http://www.siceu.de/kontakt.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 209.140.129.59 -, , ASN (), Reverse DNS Software ebay-proxy-server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://www.siceu.de/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type application/csp-report Response headers date Wed, 07 Dec 2022 10:20:27 GMT x-content-type-options nosniff accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-ebay-pop-id SLBRNOAZ03 x-frame-options SAMEORIGIN transfer-encoding chunked x-envoy-upstream-service-time 63 rlogid t6dlure%60uwjuckjkc51%3F%3Ctofanpp%60bpuowfioif74*%60kmj%7B(rbpv6770-184ec19d93e-0x302 x-xss-protection 1; mode=block
GET H2	200	npm.ebayui-core.dc387db6.js Show response ir.ebaystatic.com/rs/c/-ebay/resource-client/ Frame E993	232 KB 43 KB	60ms 14ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/-ebay/resource-client/npm.ebayui-core.dc387db6.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 8d4c88d292866ee23000b5ce1314284c8e912c9102ea252bb24d35ec570540b8 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 1180 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-4 (squid), 1.1 varnish x-cache-lookup MISS from include-cache-4:80 x-cdn Fastly strict-transport-security max-age=31557600 age 1734839 x-cache MISS from include-cache-4, HIT x-ebay-c-version 1.0.0 content-length 43895 x-served-by cache-hhn4032-HHN last-modified Tue, 15 Nov 2022 20:04:09 GMT server ebay server x-timer S1670408427.454966,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dqkiufvuq%60%28d%3Ey2%7C*w%60ut3541-18484b24fa4-0xe4 accept-ranges bytes access-control-allow-headers * expires Fri, 17 Nov 2023 08:26:29 GMT
GET H2	200	npm.presence-ui.f68296dc.js Show response ir.ebaystatic.com/rs/c/-ebay/resource-client/ Frame E993	134 KB 35 KB	54ms 8ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/-ebay/resource-client/npm.presence-ui.f68296dc.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 21c78ad1170b37a90ea6fce264a04facebcb82c9bd5e3c8a31761505ba0feaea Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 1186 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-2 (squid), 1.1 varnish x-cache-lookup MISS from include-cache-2:80 x-cdn Fastly strict-transport-security max-age=31557600 age 2802271 x-cache MISS from include-cache-2, HIT x-ebay-c-version 1.0.0 content-length 35030 x-served-by cache-hhn4032-HHN last-modified Fri, 04 Nov 2022 23:54:50 GMT server ebay server x-timer S1670408427.454935,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dqkiufvuq%60%28ev1s0*w%60ut3550-1844512929e-0xdb accept-ranges bytes access-control-allow-headers * expires Sat, 04 Nov 2023 23:55:55 GMT
GET H2	200	195.ffe2279b.js Show response ir.ebaystatic.com/rs/c/-ebay/resource-client/ Frame E993	30 KB 11 KB	18ms 16ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/-ebay/resource-client/195.ffe2279b.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash d34b7d65371ccc530d5bf680349fc2cab1336fdfec2f7935954884bf0d2f5aed Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 1171 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-2 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-2:80 x-cdn Fastly strict-transport-security max-age=31557600 age 8861307 x-cache MISS from include-cache-2, HIT x-ebay-c-version 1.0.0 content-length 11160 x-served-by cache-hhn4032-HHN last-modified Tue, 12 Jul 2022 18:00:39 GMT server ebay server x-timer S1670408427.487523,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%28%3Fuwrh*w%60ut3522-182dbed092d-0xdd accept-ranges bytes access-control-allow-headers * expires Sat, 26 Aug 2023 20:52:00 GMT
GET H2	200	691.8438786c.js Show response ir.ebaystatic.com/rs/c/-ebay/resource-client/ Frame E993	120 KB 33 KB	17ms 15ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/-ebay/resource-client/691.8438786c.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 4310164b53cfa1bb7f92cc05a22180600743194befa2c7edacee2dde4b304a06 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 1159 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-2 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-2:80 x-cdn Fastly strict-transport-security max-age=31557600 age 4117630 x-cache HIT from include-cache-2, HIT x-ebay-c-version 1.0.0 content-length 33169 x-served-by cache-hhn4032-HHN last-modified Fri, 14 Oct 2022 01:10:34 GMT server ebay server x-timer S1670408427.487502,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dqkiufvuq%60%28%3Edk7q*w%60ut3542-183f6abcf27-0xe4 accept-ranges bytes access-control-allow-headers * expires Fri, 20 Oct 2023 18:33:18 GMT
GET H2	200	pages_RUeH.49cd67e7.js Show response ir.ebaystatic.com/rs/c/-ebay/resource-client/ Frame E993	59 KB 17 KB	18ms 17ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/-ebay/resource-client/pages_RUeH.49cd67e7.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 981feb9ce8673b261c4620b56468717dbd8ff3548e513b80f273d6633119e86b Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 1212 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-0 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-0:80 x-cdn Fastly strict-transport-security max-age=31557600 age 639190 x-cache HIT from include-cache-0, HIT x-ebay-c-version 1.0.0 content-length 17075 x-served-by cache-hhn4032-HHN last-modified Tue, 29 Nov 2022 22:32:27 GMT server ebay server x-timer S1670408427.487483,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%284ctg%3F*w%60ut3527-184c60095e2-0xd9 accept-ranges bytes access-control-allow-headers * expires Thu, 30 Nov 2023 00:47:17 GMT
GET H2	200	npm.skin.a435624e.css ir.ebaystatic.com/rs/c/-ebay/resource-client/ Frame E993	106 KB 16 KB	51ms 7ms	Stylesheet text/css	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/-ebay/resource-client/npm.skin.a435624e.css Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 1bc6d5bbef2e868ea0ee28dcd32476a05149ec135f7a7f295b40557fb5ab5e6b Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 1214 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-3 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-3:80 x-cdn Fastly strict-transport-security max-age=31557600 age 546097 x-cache HIT from include-cache-3, HIT x-ebay-c-version 1.0.0 content-length 15953 x-served-by cache-hhn4032-HHN last-modified Tue, 15 Nov 2022 20:04:09 GMT server ebay server x-timer S1670408427.454478,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%282k721*w%60ut3527-184cb8d14d4-0xd7 accept-ranges bytes access-control-allow-headers * expires Fri, 01 Dec 2023 02:38:51 GMT
GET H2	200	npm.presence-ui.80ec88bc.css ir.ebaystatic.com/rs/c/-ebay/resource-client/ Frame E993	64 KB 10 KB	61ms 17ms	Stylesheet text/css	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/-ebay/resource-client/npm.presence-ui.80ec88bc.css Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash ebc3cbdf8685855ddc0b2120b0d61ec5fc53b587d39dad788c9410710c70d126 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers expires Tue, 07 Nov 2023 23:42:05 GMT x-ebay-client-tls-version TLSv1.2, 23.235.43.21 content-encoding gzip via 1.1 include-cache-0 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-0:80 x-cdn Fastly date Wed, 07 Dec 2022 10:20:27 GMT age 2543904 strict-transport-security max-age=31557600 x-cache HIT from include-cache-0, HIT x-ebay-c-version 1.0.0 content-length 9733 x-served-by cache-hhn4032-HHN last-modified Fri, 04 Nov 2022 23:54:50 GMT server ebay server x-timer S1670408427.455041,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dosuufvuq%60%28vktuj*w%60ut3530-1845478fa87-0xe2 accept-ranges bytes access-control-allow-headers * x-cache-hits 1212
GET H2	200	pages_RUeH.5234d18b.css ir.ebaystatic.com/rs/c/-ebay/resource-client/ Frame E993	40 KB 7 KB	58ms 15ms	Stylesheet text/css	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/-ebay/resource-client/pages_RUeH.5234d18b.css Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash a538e6a1d400249b47940edd212e13c86ddc6397607b69316eed2cda12f474f1 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 1201 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-4 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-4:80 x-cdn Fastly strict-transport-security max-age=31557600 age 555294 x-cache HIT from include-cache-4, HIT x-ebay-c-version 1.0.0 content-length 7217 x-served-by cache-hhn4032-HHN last-modified Thu, 13 Oct 2022 20:49:08 GMT server ebay server x-timer S1670408427.455008,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%28%7Cdubk*w%60ut3522-184cb00be3d-0xda accept-ranges bytes access-control-allow-headers * expires Fri, 01 Dec 2023 00:05:34 GMT
GET H2	200	i1slwldg1iyqrhx2ybcnmcws3at.css ir.ebaystatic.com/rs/v/ Frame E993	67 KB 16 KB	61ms 17ms	Stylesheet text/css	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/v/i1slwldg1iyqrhx2ybcnmcws3at.css?proc=DU:N Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash a5f8552b27b6e4ef7a924d4d0117a78f9462501baffe82390a45197c854c52b0 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers expires Wed, 29 Nov 2023 23:14:37 GMT x-ebay-client-tls-version TLSv1.2, 157.52.105.77 content-encoding gzip via 1.1 include-cache-2 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-2:80 x-cdn Fastly date Wed, 07 Dec 2022 10:20:27 GMT age 644750 strict-transport-security max-age=31557600 x-cache HIT from include-cache-2, HIT x-ebay-c-version 1.0.0 content-length 15773 x-served-by cache-hhn4032-HHN last-modified Fri, 18 Nov 2022 06:46:23 GMT server ebay server x-timer S1670408427.454997,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type text/css;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dosuufvuq%60%282%3Eoc1*w%60ut355%3F-184c5abbcb7-0xd7 accept-ranges bytes access-control-allow-headers * x-cache-hits 9260
GET H2	200	fxxj3ttftm5ltcqnto1o4baovyl.png ir.ebaystatic.com/rs/v/ Frame E993	5 KB 5 KB	18ms 16ms	Image image/png	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ir.ebaystatic.com/rs/v/fxxj3ttftm5ltcqnto1o4baovyl.png Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 15446 date Wed, 07 Dec 2022 10:20:27 GMT via 1.1 include-cache-3 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-3:80 x-cdn Fastly strict-transport-security max-age=31557600 age 1646914 x-cache HIT from include-cache-3, HIT x-ebay-c-version 1.0.0 content-length 4820 x-served-by cache-hhn4032-HHN last-modified Wed, 29 Oct 2014 18:09:24 GMT server ebay server x-timer S1670408427.487494,VS0,VE0 warning 113 squid "This cache hit is still fresh and more than 1 day old" content-type image/png access-control-allow-origin * access-control-allow-methods GET cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%283%7Fw1h*w%60ut3522-18489f04d19-0xde accept-ranges bytes access-control-allow-headers * expires Sat, 18 Nov 2023 08:52:17 GMT
GET H2	200	ebayPlus-Logo-58x15.svg ir.ebaystatic.com/cr/v/c1/eBayPlus/ Frame E993	3 KB 1 KB	19ms 17ms	Image image/svg+xml	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ir.ebaystatic.com/cr/v/c1/eBayPlus/ebayPlus-Logo-58x15.svg Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash c6c8a690e07f0aab250301b3784f10110d640f5a8bf5a938e126be68b8697e9d Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip x-content-type-options nosniff x-cache-lookup HIT from include-cache-0:80 via 1.1 include-cache-0 (squid), 1.1 varnish x-cdn Fastly strict-transport-security max-age=31557600 age 9033271 x-cache HIT from include-cache-0, HIT content-length 1071 x-xss-protection 1; mode=block x-served-by cache-hhn4032-HHN server ebay server x-timer S1670408427.487442,VS0,VE0 x-frame-options SAMEORIGIN warning 113 squid "This cache hit is still fresh and more than 1 day old" content-type image/svg+xml vary Accept-Encoding access-control-allow-methods GET cache-control public, max-age=31536000, immutable rlogid t6q%60uebwh%3D9vjdq%60uebwh*%3A7qws%28rbpv6775-182d1ad0b3e-0xda access-control-allow-origin * accept-ranges bytes access-control-allow-headers * x-cache-hits 10431
GET H2	200	eb-13867_de_retail_q4_22_20pc_gifting_coupon_Doodle_150x30.gif ir.ebaystatic.com/cr/v/c01/ Frame E993	1 KB 2 KB	18ms 17ms	Image image/gif	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ir.ebaystatic.com/cr/v/c01/eb-13867_de_retail_q4_22_20pc_gifting_coupon_Doodle_150x30.gif Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 7de70576ec5ee2b62fb8c3e8d4235615e8fa5629a0dc96e8ddff0853aa77d9f6 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip x-content-type-options nosniff x-cache-lookup HIT from include-cache-0:80 via 1.1 include-cache-0 (squid), 1.1 varnish x-cdn Fastly strict-transport-security max-age=31557600 age 643747 x-cache HIT from include-cache-0, HIT content-length 1370 x-xss-protection 1; mode=block x-served-by cache-hhn4032-HHN server ebay server x-timer S1670408427.487416,VS0,VE0 x-frame-options SAMEORIGIN warning 113 squid "This cache hit is still fresh and more than 1 day old" content-type image/gif access-control-allow-origin * access-control-allow-methods GET cache-control public, max-age=31536000, immutable rlogid t6q%60uebwh%3D9iptq%60uebwh*qt0a5%28rbpv670%3D-184c5bb0ba0-0xd7 accept-ranges bytes access-control-allow-headers * x-cache-hits 3153
GET H2	200	s-l140.webp i.ebayimg.com/images/g/7W0AAOSwePFjV89l/ Frame E993	4 KB 4 KB	116ms 31ms	Image image/webp	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.ebayimg.com/images/g/7W0AAOSwePFjV89l/s-l140.webp Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a77ca0a43863006b5d164abe04ff53d52f687e2f0e1c8b023744db67adac6cb5 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:27 GMT strict-transport-security max-age=31557600 last-modified Tue, 25 Oct 2022 11:58:27 GMT x-cdn Fastly x-ebay-pop-id UFES2-FRA-zoe-anycast age 3590015 content-type image/webp access-control-allow-origin * cache-control public,max-age=31536000,immutable x-envoy-upstream-service-time 36 rlogid t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*g0wlq%28rbpv6612-184161e936f-0x114 x-ebay-c-version 1.0.0 accept-ranges bytes content-length 4096 expires Thu, 26 Oct 2023 21:06:53 GMT
GET H2	200	s-l1600.webp i.ebayimg.com/images/g/KeYAAOSwl5RjV88q/ Frame E993	30 KB 31 KB	93ms 8ms	Image image/webp	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.ebayimg.com/images/g/KeYAAOSwl5RjV88q/s-l1600.webp Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7cc809c0fa3cc02b39622774d42bd679c3b29ba4b4d5b5fb07070896cabefbd4 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:27 GMT strict-transport-security max-age=31557600 last-modified Tue, 25 Oct 2022 11:57:30 GMT x-cdn Fastly x-ebay-pop-id UFES2-FRA-zoe-anycast age 3702190 content-type image/webp access-control-allow-origin * cache-control public,max-age=31536000,immutable x-envoy-upstream-service-time 40 rlogid t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*o%7Dvj6%28rbpv6770-1840f6eee3b-0x113 x-ebay-c-version 1.0.0 accept-ranges bytes content-length 31212 expires Wed, 25 Oct 2023 13:57:19 GMT
GET H2	200	survey-modal--WKJ4YVh.js Show response ir.ebaystatic.com/rs/c/ Frame E993 Redirect Chain https://www.ebay.de/srv/app/v2/plugin/survey-modal.js https://ir.ebaystatic.com/rs/c/survey-modal--WKJ4YVh.js	613 KB 88 KB	7ms 7ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/survey-modal--WKJ4YVh.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 9be92beae23b37dff738d4d3bd1e0d3e434e3f0327125749797c0ed37fc24209 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 1659 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-0 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-0:80 x-cdn Fastly strict-transport-security max-age=31557600 age 2560134 x-cache HIT from include-cache-0, HIT x-ebay-c-version 1.0.0 content-length 90169 x-served-by cache-hhn4032-HHN last-modified Mon, 07 Nov 2022 17:38:38 GMT server ebay server x-timer S1670408428.673479,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%28wie%7F3*w%60ut3522-18453814e1b-0xd6 accept-ranges bytes access-control-allow-headers * expires Tue, 07 Nov 2023 19:11:33 GMT Redirect headers x-edgeconnect-origin-mex-latency 172 strict-transport-security max-age=31536000 date Wed, 07 Dec 2022 10:20:27 GMT x-content-type-options nosniff accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-edgeconnect-midmile-rtt 3 location https://ir.ebaystatic.com/rs/c/survey-modal--WKJ4YVh.js x-envoy-upstream-service-time 171 rlogid t6jkundmr%3D9whhjkundmr*6o1%7Dn(rbpv6710-184ec19d82b-0x2306 content-length 0
GET H2	200	jquery-3.3.1.min.js Show response ir.ebaystatic.com/cr/v/c1/ Frame E993	85 KB 30 KB	14ms 11ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/cr/v/c1/jquery-3.3.1.min.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip x-content-type-options nosniff x-cache-lookup HIT from include-cache-0:80 via 1.1 include-cache-0 (squid), 1.1 varnish x-cdn Fastly strict-transport-security max-age=31557600 age 2095201 x-cache HIT from include-cache-0, HIT content-length 30351 x-xss-protection 1; mode=block x-served-by cache-hhn4032-HHN server ebay server x-timer S1670408427.485942,VS0,VE0 x-frame-options SAMEORIGIN warning 113 squid "This cache hit is still fresh and more than 1 day old" content-type application/x-javascript;charset=UTF-8 access-control-allow-origin * access-control-allow-methods GET cache-control public, max-age=31536000, immutable rlogid t6q%60uebwh%3D9whhq%60uebwh*yb%7Epu%28rbpv6710-1846f379c4a-0xdf accept-ranges bytes access-control-allow-headers * x-cache-hits 1583
GET H2	200	50hzu3qkqu5bbez50atvscljuef.js Show response ir.ebaystatic.com/rs/v/ Frame E993	141 KB 46 KB	15ms 12ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/v/50hzu3qkqu5bbez50atvscljuef.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 4eea8c3bff0bd67fbc2969d99a5a47e9bce6324bf8dbfda52b3e82c8f19d02f8 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 8484 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-4 (squid), 1.1 varnish x-cache-lookup MISS from include-cache-4:80 x-cdn Fastly strict-transport-security max-age=31557600 age 647977 x-cache MISS from include-cache-4, HIT x-ebay-c-version 1.0.0 content-length 46402 x-served-by cache-hhn4032-HHN last-modified Tue, 29 Nov 2022 18:56:49 GMT server ebay server x-timer S1670408427.486580,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dqkiufvuq%60%28%3F2qm%60*w%60ut3542-184c57a7efc-0xd7 accept-ranges bytes access-control-allow-headers * expires Wed, 29 Nov 2023 22:20:50 GMT
GET H2	200	makeebayfasterscript-src-scripts-body-78a2168a.js Show response ir.ebaystatic.com/rs/c/ Frame E993	4 KB 2 KB	15ms 13ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/makeebayfasterscript-src-scripts-body-78a2168a.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 81b9056bc784a4ac2299cb454ba74cc8f1b7732e3a7bfd4f65aec9ba9822686a Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 21580 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-0 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-0:80 x-cdn Fastly strict-transport-security max-age=31557600 age 1396641 x-cache MISS from include-cache-0, HIT x-ebay-c-version 1.0.0 content-length 1917 x-served-by cache-hhn4032-HHN last-modified Thu, 09 Aug 2018 18:44:15 GMT server ebay server x-timer S1670408427.486527,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%28%3Fuwrh*w%60ut3522-18498dacab1-0xe1 accept-ranges bytes access-control-allow-headers * expires Tue, 21 Nov 2023 06:23:06 GMT
GET H2	200	1.js Show response ir.ebaystatic.com/cr/v/c1/ebay-cookies/ Frame E993	6 KB 3 KB	15ms 12ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/cr/v/c1/ebay-cookies/1.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 368e472222dae2283fc3a5bef29754d7399490e826d1874db20fb08943e8307f Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip x-content-type-options nosniff x-cache-lookup HIT from include-cache-4:80 via 1.1 include-cache-4 (squid), 1.1 varnish x-cdn Fastly strict-transport-security max-age=31557600 age 591676 x-cache HIT from include-cache-4, HIT content-length 2416 x-xss-protection 1; mode=block x-served-by cache-hhn4032-HHN server ebay server x-timer S1670408427.486585,VS0,VE0 etag 825378b4b9bdc5e97061d15327913676 x-frame-options SAMEORIGIN access-control-allow-methods GET content-type application/x-javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60uebwh%3D9vjdq%60uebwh*%60qlwa%28rbpv6775-184c8d59619-0xd5 accept-ranges bytes access-control-allow-headers * x-cache-hits 14580
GET H2	200	10341xh50yz21mhhydueu4m5wad.js Show response ir.ebaystatic.com/rs/v/ Frame E993	8 KB 4 KB	14ms 12ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/v/10341xh50yz21mhhydueu4m5wad.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash e123f0c91db61c7420316106e7233facfb16217f90c30cbfa837b66a4d4c8ae3 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 13994 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-1 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-1:80 x-cdn Fastly strict-transport-security max-age=31557600 age 3061691 x-cache MISS from include-cache-1, HIT x-ebay-c-version 1.0.0 content-length 3255 x-served-by cache-hhn4032-HHN last-modified Sat, 03 Mar 2018 03:10:07 GMT server ebay server x-timer S1670408427.486618,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dqkiufvuq%60%28nm%3Agt*w%60ut3541-184359c23a6-0xdf accept-ranges bytes access-control-allow-headers * expires Wed, 01 Nov 2023 23:52:16 GMT
GET H2	200	s0hteylevy4bpkd12dvkd4yi5ms.js Show response ir.ebaystatic.com/rs/v/ Frame E993	22 KB 9 KB	14ms 11ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/v/s0hteylevy4bpkd12dvkd4yi5ms.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash d1d6596db247ccc2f44ee8e12e07b4289ac682f855ae75e6c52cb2c1109614dd Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 20716 date Wed, 07 Dec 2022 10:20:27 GMT content-encoding gzip via 1.1 include-cache-0 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-0:80 x-cdn Fastly strict-transport-security max-age=31557600 age 1396636 x-cache MISS from include-cache-0, HIT x-ebay-c-version 1.0.0 content-length 7952 x-served-by cache-hhn4032-HHN last-modified Wed, 18 Mar 2020 18:45:21 GMT server ebay server x-timer S1670408427.486610,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%283%7Fw1h*w%60ut3522-18498dadd3b-0xd5 accept-ranges bytes access-control-allow-headers * expires Tue, 21 Nov 2023 06:23:11 GMT
GET H/1.1	200 OK	425ed8a5b36d4914aa298c1aa1835fdc adimg.rekmob.com/ Frame 391F	23 KB 23 KB	69ms 17ms	Image image/jpeg	13.224.189.34 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adimg.rekmob.com/425ed8a5b36d4914aa298c1aa1835fdc Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/textlinks.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.189.34 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-34.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 9e5eaec74a8d2c88fd80c34040c61e97f366402c2fe8dc8ef6a1b3fd2e9a3c5d Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 06:51:37 GMT Via 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront) Last-Modified Wed, 20 May 2020 15:52:55 GMT Server AmazonS3 X-Amz-Cf-Pop FRA2-C1 Age 12530 ETag "373bb0579268fdc61771542229bc3701" X-Cache Hit from cloudfront Content-Type image/jpeg Connection keep-alive Content-Length 23144 X-Amz-Cf-Id PlGOg0ODBT9q7IheokALKRROyGD6M2lZlyALXaehMxBMRfx5nrAjVg==
GET H/1.1	200 OK	imp ads.rekmob.com/m/ Frame 391F	2 B 179 B	25ms 25ms	Image image/avif	146.185.142.91 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://ads.rekmob.com/m/imp?uid=313d75c2d9c241758ec863bf244b16c4&udid=85b8838f7e63485cae64eccd1f18cec9&rid=NjM5MDY4ZWEwY2YyYjhiZjFjMTA0OWRk&adId=MTM1OQ== Requested by Host: www.ads4allweb.de URL: https://www.ads4allweb.de/ads/textlinks.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.9.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ads4allweb.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Wed, 07 Dec 2022 08:26:43 GMT Server nginx/1.9.6 Connection keep-alive X-Code DE Content-Length 2 Content-Type image/avif;charset=ISO-8859-1
GET H2	200	dxtuvtkk2q3hpkc1xveeo13iaek.js Show response ir.ebaystatic.com/rs/v/ Frame E993	42 KB 12 KB	18ms 17ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/v/dxtuvtkk2q3hpkc1xveeo13iaek.js Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash eddf295ab4daae95e6bc90656d7f1b2e1a0e82cd54e18d424ed746d550d0bfa3 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers expires Wed, 01 Nov 2023 01:16:16 GMT x-ebay-client-tls-version TLSv1.2, 167.82.164.36 content-encoding gzip via 1.1 include-cache-2 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-2:80 x-cdn Fastly date Wed, 07 Dec 2022 10:20:27 GMT age 3143050 strict-transport-security max-age=31557600 x-cache MISS from include-cache-2, HIT x-ebay-c-version 1.0.0 content-length 11447 x-served-by cache-hhn4032-HHN last-modified Tue, 13 Oct 2020 02:56:59 GMT server ebay server x-timer S1670408427.487378,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dqkiufvuq%60%28pv%3A%7D4*w%60ut3542-18430c2b26e-0xe3 accept-ranges bytes access-control-allow-headers * x-cache-hits 9805
POST H2	200	jsdata Show response cas.avalon.perfdrive.com/ Frame E993	228 B 381 B	39ms 10ms	XHR text/plain	35.241.15.240 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cas.avalon.perfdrive.com/jsdata? Requested by Host: ir.ebaystatic.com URL: https://ir.ebaystatic.com/rs/v/dxtuvtkk2q3hpkc1xveeo13iaek.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 240.15.241.35.bc.googleusercontent.com Software / Resource Hash 05c6da83e08dd3f5913a9529d3f1398e8e09646d5ca26dd73525ac3cb9834577 Request headers Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * x-response-time 0ms date Wed, 07 Dec 2022 10:20:27 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 228 content-type text/plain; charset=UTF-8
GET H2	200	autocomplete Show response www.ebay.de/sch/ajax/ Frame E993	78 B 1 KB	199ms 199ms	XHR application/json	2.23.193.99 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.ebay.de/sch/ajax/autocomplete Requested by Host: ir.ebaystatic.com URL: https://ir.ebaystatic.com/cr/v/c1/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.193.99 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-23-193-99.deploy.static.akamaitechnologies.com Software ebay-proxy-server / Resource Hash 89cd9f574ace74e9a00f01dd426d0d2cb14a78d8f460ee22fcfb4cf1345981c9 Security Headers Name Value Strict-Transport-Security max-age=31536000, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept */* Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 177 strict-transport-security max-age=31536000, max-age=31536000 content-encoding gzip x-content-type-options nosniff date Wed, 07 Dec 2022 10:20:28 GMT accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-edgeconnect-midmile-rtt 8 etag W/"4e-A+CkAgJEzIQCcVOLg7Uyj5558/I" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 x-envoy-upstream-service-time 176 rlogid t6pwvit%60d%3D9whhpwvit%60d*5umpw(rbpv6710-184ec19d99f-0x1302 content-length 103
GET H2	200	9 rover.ebay.de/roverimp/0/0/ Frame E993	42 B 726 B	372ms 189ms	Image image/gif	104.75.89.51
General Check archive.org Show headers Download Go to Show image Full URL https://rover.ebay.de/roverimp/0/0/9?imp=2046301&trknvp=cp%3D3671980%26ghi%3D98&1670408427839 Requested by Host: www.ebay.de URL: https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.75.89.51 -, , ASN (), Reverse DNS Software ebay-proxy-server / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 31 strict-transport-security max-age=31536000 date Wed, 07 Dec 2022 10:20:28 GMT x-content-type-options nosniff accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-ebay-pop-id SLBLVSAZ01 x-edgeconnect-midmile-rtt 148 etag W/"2a-Mo5HJyGpM0WAHtVTMkDqwtH4SYw" x-frame-options SAMEORIGIN content-type image/gif x-envoy-upstream-service-time 21 rlogid t6bkbbp%3F%3Cumjgig%60u*5uklu(rbpv67%3A1-184ec19da54-0x2303 content-length 42 x-xss-protection 1; mode=block
GET H2	200	desktop_ac_1024.js Show response ir.ebaystatic.com/rs/c/ Frame E993	89 KB 27 KB	8ms 8ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/desktop_ac_1024.js Requested by Host: ir.ebaystatic.com URL: https://ir.ebaystatic.com/cr/v/c1/jquery-3.3.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 321e4fcc4ffc364d59789b80ea5121ae9efd03cfe5b738a1db871b6c37772c9e Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 18730 date Wed, 07 Dec 2022 10:20:28 GMT content-encoding gzip via 1.1 include-cache-4 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-4:80 x-cdn Fastly strict-transport-security max-age=31557600 age 3141069 x-cache MISS from include-cache-4, HIT x-ebay-c-version 1.0.0 content-length 27707 x-served-by cache-hhn4032-HHN last-modified Mon, 24 Oct 2022 20:16:21 GMT server ebay server x-timer S1670408428.043458,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%28%7Cdubk*w%60ut3522-18430e0f1ac-0xdd accept-ranges bytes access-control-allow-headers * expires Wed, 01 Nov 2023 01:49:19 GMT
GET H2	200	stores.feedback Show response www.ebay.de/srv/app/v2/plugin/survey/a/ Frame E993	227 B 870 B	201ms 201ms	Script text/javascript	2.23.193.99 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.ebay.de/srv/app/v2/plugin/survey/a/stores.feedback?callback=jsonp_callback_15773 Requested by Host: www.ebay.de URL: https://www.ebay.de/srv/app/v2/plugin/survey-modal.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.23.193.99 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-23-193-99.deploy.static.akamaitechnologies.com Software ebay-proxy-server / Resource Hash a62e8c0f554a6c518b2c9860eace8201a0784e9540cc28d5819d8c41bdd722a4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 179 strict-transport-security max-age=31536000 date Wed, 07 Dec 2022 10:20:28 GMT x-content-type-options nosniff accept-ch sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua-full-version server ebay-proxy-server x-edgeconnect-midmile-rtt 3 etag W/"e3-68NKmSZP+CkBLBuzQBZagEiKJL4" content-type text/javascript; charset=utf-8 cache-control max-age=120 x-envoy-upstream-service-time 177 rlogid t6jkundmr%3D9vjdjkundmr*4i%7C%3Fe(rbpv6775-184ec19db16-0x305 content-length 227
GET H2	200	syncframe Show response gum.criteo.com/ Frame D285	15 KB 6 KB	58ms 20ms	Document text/html	2a02:2638::1c
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.siceu.de Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c -, , ASN (), Reverse DNS Software Kestrel / Resource Hash aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.ads4allweb.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 07 Dec 2022 10:20:28 GMT server Kestrel server-processing-duration-in-ticks 722240 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	klminxoj1uyzvo0p0qu4nhpg0qo.js Show response ir.ebaystatic.com/rs/v/ Frame E993	55 KB 18 KB	14ms 13ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/v/klminxoj1uyzvo0p0qu4nhpg0qo.js Requested by Host: ir.ebaystatic.com URL: https://ir.ebaystatic.com/rs/v/50hzu3qkqu5bbez50atvscljuef.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash 43bb3e596185248e041f83f55ffc1d7a2b341ff9bfeec32718218a4154ac988e Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 22810 date Wed, 07 Dec 2022 10:20:28 GMT content-encoding gzip via 1.1 include-cache-1 (squid), 1.1 varnish x-cache-lookup HIT from include-cache-1:80 x-cdn Fastly strict-transport-security max-age=31557600 age 555594 x-cache MISS from include-cache-1, HIT x-ebay-c-version 1.0.0 content-length 18295 x-served-by cache-hhn4032-HHN last-modified Thu, 29 Sep 2022 05:59:09 GMT server ebay server x-timer S1670408428.263636,VS0,VE0 vary Accept-Encoding access-control-allow-methods GET content-type application/x-javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60utuf%3C%3Dpieufvuq%60%28e5%3B%3Ce*w%60ut3522-184cafc2640-0xce accept-ranges bytes access-control-allow-headers * expires Fri, 01 Dec 2023 00:00:33 GMT
GET H2	200	globalheader_widget_platform__v2-b70676194b.js Show response ir.ebaystatic.com/cr/v/c1/ Frame E993	12 KB 5 KB	14ms 14ms	Script application/x-javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/cr/v/c1/globalheader_widget_platform__v2-b70676194b.js Requested by Host: ir.ebaystatic.com URL: https://ir.ebaystatic.com/rs/v/50hzu3qkqu5bbez50atvscljuef.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ebay server / Resource Hash bf2517c67357297de7c1aedc1eefda23335e72f43d5eda9b70156e423b110a6e Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Wed, 07 Dec 2022 10:20:28 GMT content-encoding gzip x-content-type-options nosniff x-cache-lookup HIT from include-cache-2:80 via 1.1 include-cache-2 (squid), 1.1 varnish x-cdn Fastly strict-transport-security max-age=31557600 age 3197822 x-cache HIT from include-cache-2, HIT content-length 4611 x-xss-protection 1; mode=block x-served-by cache-hhn4032-HHN server ebay server x-timer S1670408428.265641,VS0,VE0 x-frame-options SAMEORIGIN access-control-allow-methods GET content-type application/x-javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, immutable rlogid t6q%60uebwh%3D9iptq%60uebwh*5u2kr%28rbpv670%3D-1842d7ef264-0xdf accept-ranges bytes access-control-allow-headers * x-cache-hits 16833
GET		useracquisition www.ebay.de/gh/ Frame E993	0 0
GET H2	200	configuration.js Show response ir.ebaystatic.com/rs/c/9527tracking/ Frame E993	3 KB 845 B	15ms 15ms	Script text/javascript	2a04:4e42:400::718 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ir.ebaystatic.com/rs/c/9527tracking/configuration.js?ts=5568028 Requested by Host: ir.ebaystatic.com URL: https://ir.ebaystatic.com/rs/v/klminxoj1uyzvo0p0qu4nhpg0qo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::718 , United States, ASN54113 (FASTLY, US), Reverse DNS Software ECAcc (frc/4CE9) / Resource Hash 29794491060bbd61fecb9febd42f2ab2ae1e70febadaed0f7c615e44bcf3466c Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://www.ebay.de/str/spirituelleenergienfurdich?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-cache-hits 36 date Wed, 07 Dec 2022 10:20:28 GMT content-encoding gzip via 1.1 varnish strict-transport-security max-age=31557600 x-cdn Fastly age 38929 x-cache HIT, HIT content-length 612 x-served-by cache-hhn4032-HHN last-modified Wed, 17 Aug 2022 04:04:58 GMT server ECAcc (frc/4CE9) x-timer S1670408428.283467,VS0,VE0 etag "2200075070" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, immutable accept-ranges bytes access-control-allow-headers * expires Wed, 14 Dec 2022 07:20:27 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame D285 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=www.ads4allweb.de&sn=ChromeSyncframe&so=0&topUrl=www.siceu.de&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=KAEen3xOUkV5SHY1eHR3QTNBS3NuQ2c1SlpFdnQzN3NvbXplaVpQb2E4cDE1S0ZsMHRncnhYcjdoeXJpS3NVeHNTdFUxVFhwYVVVVDNWamFodWxVRVgxUmVXKzg3Sk9FQU1YRm01VGR1ekpxdDFyRHA2dzRGR2ZQVWp3SW...	428 B 657 B	70ms 16ms	Fetch application/json	178.250.2.146
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=KAEen3xOUkV5SHY1eHR3QTNBS3NuQ2c1SlpFdnQzN3NvbXplaVpQb2E4cDE1S0ZsMHRncnhYcjdoeXJpS3NVeHNTdFUxVFhwYVVVVDNWamFodWxVRVgxUmVXKzg3Sk9FQU1YRm01VGR1ekpxdDFyRHA2dzRGR2ZQVWp3SW5IeHZ6NkozM3h4cWF4UFB6bEREalF6WVFza3NzY1cxNjFtT1V1TnAwNE82S3Y0SEJxWHJNTU1uS1hhZnhxcjRub3VJN2pyNjU2cjJuTFZ6cENlQmRZNGhVL2NqS3JYcjd0S0hHdlgwaHE5K3IydEFCUG5WdUpPSThCTVZ4U1ZPM3FoeStuR25yR0I0elVsMnhyL0NZcStVeDRmWFgyRjE3cHAremdlR3E4cnN6eW9GcS9lUT18&cppv=2 Protocol H2 Server 178.250.2.146 -, , ASN (), Reverse DNS Software Kestrel / Resource Hash 66d749bb3e9e813876204387ab3c5b40e85f66358b54afde2062e8caf20135b4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Wed, 07 Dec 2022 10:20:27 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 2269447 expires 0 Redirect headers pragma no-cache date Wed, 07 Dec 2022 10:20:27 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=KAEen3xOUkV5SHY1eHR3QTNBS3NuQ2c1SlpFdnQzN3NvbXplaVpQb2E4cDE1S0ZsMHRncnhYcjdoeXJpS3NVeHNTdFUxVFhwYVVVVDNWamFodWxVRVgxUmVXKzg3Sk9FQU1YRm01VGR1ekpxdDFyRHA2dzRGR2ZQVWp3SW5IeHZ6NkozM3h4cWF4UFB6bEREalF6WVFza3NzY1cxNjFtT1V1TnAwNE82S3Y0SEJxWHJNTU1uS1hhZnhxcjRub3VJN2pyNjU2cjJuTFZ6cENlQmRZNGhVL2NqS3JYcjd0S0hHdlgwaHE5K3IydEFCUG5WdUpPSThCTVZ4U1ZPM3FoeStuR25yR0I0elVsMnhyL0NZcStVeDRmWFgyRjE3cHAremdlR3E4cnN6eW9GcS9lUT18&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 452888 content-length 0 expires 0
GET		bs_img_service backstory.ebay.de/customer/v1/ Frame E993	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.ebay.de

URL

https://www.ebay.de/gh/useracquisition?mkcid=16&mkevt=1&mkrid=707-127634-2357-0&ssspo=XptzzvodSba&sssrc=3418065&ssuid=q34pf5rFRpC&widget_ver=artemis&media=COPY&correlation=si%3Dec19d4ec1840a1be7238808bffffb693%2Cc%3D1%2CoperationId%3D3418065%2Ctrk-gflgs%3DQA**&v=2

Domain

backstory.ebay.de

URL

https://backstory.ebay.de/customer/v1/bs_img_service?pld=%5B%7B%22guid%22%3A%22ec19d4ec1840a1be7238808bffffb693%22%2C%22eventFamily%22%3A%22AUTO_TRACKING%22%2C%22agentVersion%22%3A%222.1.1%22%2C%22trackable%22%3A%7B%22trackableId%22%3A%22f8d4890c-5ed1-41ab-8e64-ee42c8602dc7%22%2C%22instanceId%22%3A%22https%3A%2F%2Fwww.ebay.de%2Fstr%2Fspirituelleenergienfurdich%3Fmkcid%3D16%26mkevt%3D1%26mkrid%3D707-127634-2357-0%26ssspo%3DXptzzvodSba%26sssrc%3D3418065%26ssuid%3Dq34pf5rFRpC%26widget_ver%3Dartemis%26media%3DCOPY%22%2C%22description%22%3A%22Spirituelle%20Energien%20by%20HeLena%20%7C%20eBay%20Shops%22%2C%22entityId%22%3A%223418065%22%2C%22entityType%22%3A%22Page%22%7D%2C%22activity%22%3A%7B%22timestamp%22%3A1670408428301%2C%22category%22%3A%22Impression%22%2C%22type%22%3A%22VIEW.PAGE_LOAD%22%2C%22referer%22%3A%22https%3A%2F%2Fwww.croxy.de%2F%22%2C%22details%22%3A%7B%22source%22%3A%22IFRAME%22%2C%22openTime%22%3A%221670408426594%22%2C%22history%22%3A%223%22%2C%22ePageId%22%3A%223418065%22%2C%22nPageId%22%3A%223671980%22%2C%22ciid%22%3A%22AGdUgy1k*%22%7D%2C%22viewportWidth%22%3A0%2C%22viewportHeight%22%3A0%7D%2C%22context%22%3A%7B%22utcOffset%22%3A0%2C%22userLang%22%3A%22en-US%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.94%20Safari%2F537.36%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22others%22%3A%7B%7D%7D%7D%5D&ct=1670408428303