charexempire.com Open in urlscan Pro
2606:4700:3035::ac43:b467 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://charexempire.com/z5LyS
Effective URL:
https://charexempire.com/z5LyS
Submission Tags: falconsandbox
Submission: On July 11 via api (July 11th 2022, 11:59:47 am UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 26 domains to perform 104 HTTP transactions. The main IP is 2606:4700:3035::ac43:b467, located in United States and belongs to CLOUDFLARENET, US. The main domain is charexempire.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2022. Valid for: a year.

This is the only time charexempire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:303... 2606:4700:3035::ac43:b467	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.89.128 143.204.89.128	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
4	2600:9000:215... 2600:9000:2156:6e00:1d:bf0d:abc0:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	139.45.197.248 139.45.197.248	9002 (RETN-AS) (RETN-AS)
17	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
8	2606:4700:303... 2606:4700:3030::ac43:dadd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	108.138.17.114 108.138.17.114	16509 (AMAZON-02) (AMAZON-02)
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82f::200d	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:c76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
6	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
5	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3034::ac43:cdf0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	37.48.68.71 37.48.68.71	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	162.252.213.208 162.252.213.208	53334 (TUT-AS) (TUT-AS)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.223.141.84 18.223.141.84	16509 (AMAZON-02) (AMAZON-02)
1	54.38.159.160 54.38.159.160	16276 (OVH) (OVH)
1	2600:1f14:50b... 2600:1f14:50b:9a03:93ff:7a4a:c21c:cc44	16509 (AMAZON-02) (AMAZON-02)
104	34

10 2606:4700:3035::ac43:b467 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

charexempire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-128.fra50.r.cloudfront.net

arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:6e00:1d:bf0d:abc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2sbzwmcg5amr3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.248 (United Kingdom)

ASN9002 (RETN-AS, GB)

zunsoach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

static.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
core.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3030::ac43:dadd (United States)

ASN13335 (CLOUDFLARENET, US)

freychang.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.17.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-114.fra56.r.cloudfront.net

nedassiu.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

nedukeratio.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ptaimpeerte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.betteradsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:cdf0 (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

padqxauefmyp.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

padqxauefmyp.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

padqxauefmyp.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.48.68.71 (Arnhem, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

datatechonert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.252.213.208 (United States)

ASN53334 (TUT-AS, US)

betteradsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.223.141.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-141-84.us-east-2.compute.amazonaws.com

warden.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.38.159.160 (Germany)

ASN16276 (OVH, FR)
PTR: vps-dbe3e859.vps.ovh.net

strn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f14:50b:9a03:93ff:7a4a:c21c:cc44 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dzmpfyg2xpxnawizu35tubolxy0uwxyj.lambda-url.us-west-2.on.aws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	arc.io arc.io — Cisco Umbrella Rank: 35150 static.arc.io — Cisco Umbrella Rank: 57380 core.arc.io — Cisco Umbrella Rank: 68766 tracker.arc.io Failed warden.arc.io — Cisco Umbrella Rank: 58385	625 KB
12	adsco.re c.adsco.re — Cisco Umbrella Rank: 18603 6.adsco.re — Cisco Umbrella Rank: 19168 4.adsco.re — Cisco Umbrella Rank: 20454 padqxauefmyp.l4.adsco.re padqxauefmyp.n4.adsco.re padqxauefmyp.s4.adsco.re adsco.re — Cisco Umbrella Rank: 16065	49 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	567 KB
10	charexempire.com 1 redirects charexempire.com	320 KB
8	freychang.fun freychang.fun — Cisco Umbrella Rank: 25689	403 KB
6	nedassiu.buzz nedassiu.buzz	5 KB
4	recaptcha.net www.recaptcha.net — Cisco Umbrella Rank: 1898	25 KB
4	cloudfront.net d2sbzwmcg5amr3.cloudfront.net	200 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
3	nedukeratio.lol nedukeratio.lol	1 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	2 KB
2	ptaimpeerte.com ptaimpeerte.com — Cisco Umbrella Rank: 207018
2	onmarshtompor.com onmarshtompor.com — Cisco Umbrella Rank: 63982	4 KB
2	betteradsystem.com www.betteradsystem.com — Cisco Umbrella Rank: 323359 betteradsystem.com — Cisco Umbrella Rank: 246178	10 KB
2	google.com accounts.google.com — Cisco Umbrella Rank: 116
2	zunsoach.com zunsoach.com — Cisco Umbrella Rank: 206872	25 KB
1	on.aws dzmpfyg2xpxnawizu35tubolxy0uwxyj.lambda-url.us-west-2.on.aws — Cisco Umbrella Rank: 350828
1	strn.pl strn.pl — Cisco Umbrella Rank: 339487	160 KB
1	datatechonert.com datatechonert.com — Cisco Umbrella Rank: 46513	486 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 22998	18 KB
1	bedrapiona.com bedrapiona.com — Cisco Umbrella Rank: 45978	2 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11393	544 B
1	iclickcdn.com iclickcdn.com — Cisco Umbrella Rank: 87210	25 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	933 B
104	26

	Domain	Requested by
16	static.arc.io	arc.io core.arc.io static.arc.io
10	charexempire.com	1 redirects charexempire.com
8	freychang.fun	d2sbzwmcg5amr3.cloudfront.net
6	www.gstatic.com	www.recaptcha.net www.gstatic.com
6	nedassiu.buzz	d2sbzwmcg5amr3.cloudfront.net
4	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
4	www.recaptcha.net	charexempire.com www.gstatic.com www.recaptcha.net
4	d2sbzwmcg5amr3.cloudfront.net	charexempire.com nedassiu.buzz
3	4.adsco.re	charexempire.com c.adsco.re
3	c.adsco.re	www.betteradsystem.com c.adsco.re
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com static.arc.io
3	nedukeratio.lol	charexempire.com
2	warden.arc.io	static.arc.io
2	cdnjs.cloudflare.com	static.arc.io
2	ptaimpeerte.com	zunsoach.com iclickcdn.com
2	6.adsco.re	charexempire.com c.adsco.re
2	onmarshtompor.com	zunsoach.com iclickcdn.com
2	accounts.google.com	charexempire.com
2	zunsoach.com	charexempire.com
1	dzmpfyg2xpxnawizu35tubolxy0uwxyj.lambda-url.us-west-2.on.aws	static.arc.io
1	strn.pl	static.arc.io
1	betteradsystem.com	www.betteradsystem.com
1	adsco.re	c.adsco.re
1	datatechonert.com	tzegilo.com
1	padqxauefmyp.s4.adsco.re	c.adsco.re
1	padqxauefmyp.n4.adsco.re	c.adsco.re
1	padqxauefmyp.l4.adsco.re	c.adsco.re
1	tzegilo.com	iclickcdn.com
1	bedrapiona.com	iclickcdn.com
1	my.rtmark.net	zunsoach.com
1	www.betteradsystem.com	charexempire.com
1	iclickcdn.com	charexempire.com
1	www.facebook.com	charexempire.com
1	core.arc.io	arc.io
1	www.googletagmanager.com	charexempire.com
1	arc.io	charexempire.com
1	fonts.googleapis.com	charexempire.com
0	tracker.arc.io Failed	static.arc.io
104	38

This site contains links to these domains. Also see Links.

Domain
adsco.re
zshort.net
www.example.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-11` - `2023-06-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
arc.io Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
zunsoach.com R3	`2022-06-06` - `2022-09-04`	3 months	crt.sh
static.arc.io R3	`2022-06-15` - `2022-09-13`	3 months	crt.sh
core.arc.io R3	`2022-06-15` - `2022-09-13`	3 months	crt.sh
nedassiu.buzz Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-19` - `2022-07-18`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
1285643437.rsc.cdn77.org R3	`2022-05-29` - `2022-08-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
bedrapiona.com R3	`2022-05-28` - `2022-08-26`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-28`	a year	crt.sh
onmarshtompor.com R3	`2022-05-30` - `2022-08-28`	3 months	crt.sh
*.l4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.n4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.s4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
datatechonert.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
betteradsystem.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh
strn.pl ZeroSSL RSA Domain Secure Site CA	`2022-06-08` - `2022-09-06`	3 months	crt.sh
*.lambda-url.us-west-2.on.aws Amazon	`2022-02-24` - `2023-03-25`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://charexempire.com/z5LyS
Frame ID: 97B93ACFAFDE5C6DB01BD952AEEEC56E
Requests: 76 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?215718c
Frame ID: 778D8FCAD294421173D3630912460200
Requests: 7 HTTP requests in this frame

Frame: https://nedassiu.buzz/Qzd6cjEiVRkfDiIKGFREMVtHVwMFEkg0VXFEGAhGLlQdR1AuRUlcUi9YDxZXMVgUBh8tUg5XAwVkGR9FG3kyI2MBcxYhYjRuOT9GL3krQ0Uqcz84ZAJkKBB2JH0tMwAWeCoFQS92Pyh5CXVDOmQkbig/Ri9yLDNScWASPGEXYzATd3MOGxFnFmY/NGspch0zcgFzDThwK1QcPV0WVjggViliSzt5AFoKKHY0UDk9ACRhLENaEXYsAnIXWi83aQJiOT1nAlU4IFk6dREjUgsEMzVjBnkYF2ARZSshXTp1ESN3Al0RMWAFUyM0YwVwKxp/K3Y8Q2kUYFcWZwF2Mzp8KHooN3ACEkgwYAVxOz5mCn8rQ0kabig0dhJcN0ppAnYcMAIKcDRDVRltSxVVBGZPC3MoZiw2WxFRPUNFDG0rI2kEXxFGZhFxIiVjBnEoN3cFbQICcxJbSxx2KHE4JlwWcjgKfA15EStVFQYRIHAWUzwgZhJ0LxVVFG0dVFswWBQCDBdWAD9QcQNIR34LRA
Frame ID: 20DC1BAE3F8FDCD7E12E597219BEBB48
Requests: 2 HTTP requests in this frame

Frame: https://nedassiu.buzz/NDdONnhVVS1bR1UKLBANRltzE0pyEnxwHAZELEwPWVQpAxlZRX0YG1hYO1IeRlggQlZaUjoTSnJYAFsQXGIJUi52QHYEL3F+DHQvBVIMBxBhVhhnKXVfBxNKcnQbbC53WhtlG1xQOHAPfl4GcjIGcn5BNWxwDHQvU1weeElbZgpnQE5gKVI3dXMfcDsFTwZ8OlBtDwcPWXYlfz51c3pnKmZACVIQfm8YZw8RBQh+LgxyCmI+d3UNAy1SWy1iL1hxenM+DHAMYkBlZRsHLG12InUsYnkpYB9ucBtuLmFTCwcsbXUMUDpYUyVnH2FGHHEybGMiAy5RYgdzL3UaD1E+BVgAcBJhcRZnPWJTGGAPbGEEWCtlYStkP35vBlE1fn0PRhlgYQNiKVNlF3IsX3obBklgbg90LHdAIRNKcmMmeBlhYwNmKnVUA3gtfXICWjpTYQxeIWAFGG45cl8ebC5lYxlaPV51IncycU0idTp3AhtvSXVuGQccBnIpQiISXT1ZFkQKJQMNcEcAcR1gQx0
Frame ID: 666BA8D85F961AD3AEBF0D7774897A38
Requests: 2 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 21D87852F6FA4A2B1875D9163108DEC4
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdKcgQaAAAAAKHPpPxITQGdDG-Bdp9b3Avzu8Na&co=aHR0cHM6Ly9jaGFyZXhlbXBpcmUuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=pb2ejvjm5waq
Frame ID: 282EDDE03188B4CDDEA7889D0CC6D090
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LdKcgQaAAAAAKHPpPxITQGdDG-Bdp9b3Avzu8Na
Frame ID: 4A74FAF8EFC35687E7070BB620DE45F5
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?215718c
Frame ID: 14E157CCE25409CB546A93ACA4359DA7
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?215718c
Frame ID: 8104A6A611D3615EA33D324B211EAFAB
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ZSHORT

Page URL History Show full URLs

http://charexempire.com/z5LyS HTTP 301
https://charexempire.com/z5LyS Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

104
Requests

97 %
HTTPS

55 %
IPv6

26
Domains

38
Subdomains

34
IPs

5
Countries

2502 kB
Transfer

5324 kB
Size

21
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v

Search URL Search Domain Scan URL

URL: https://zshort.net/
Title: ZSHORT

Search URL Search Domain Scan URL

URL: https://zshort.net/payout-rates
Title: Publisher Rates

Search URL Search Domain Scan URL

URL: https://zshort.net/blog
Title: Blog

Search URL Search Domain Scan URL

URL: https://zshort.net/auth/signin
Title: Login

Search URL Search Domain Scan URL

URL: https://zshort.net/auth/signup
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://zshort.net/pages/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://zshort.net/pages/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.example.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://charexempire.com/z5LyS HTTP 301
https://charexempire.com/z5LyS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

104 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request z5LyS Show response
charexempire.com/
Redirect Chain

http://charexempire.com/z5LyS
https://charexempire.com/z5LyS

71 KB
24 KB

838ms
498ms

Document
text/html

2606:4700:3035::ac43:b467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charexempire.com/z5LyS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.26

Resource Hash

eb44d3eabf2f56b948f9fbcecb68077cd4c8c7499388e8e89c75dbffe72c89e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 72915fd3ad67912e-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Mon, 11 Jul 2022 11:59:40 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CesqQSCLQwU6KQ5K36%2BsbK%2FrFIyyzGN%2Fh4fH8ufwAVXvLsq9jQuIQiksjdEnxZR%2Fy3kD%2FwZe6WQ7jXJ0pPLyw%2Fgz%2F3cAMl6O65aH2l49osyPY%2FngOzvh%2FLVJNXOG8ceS8u7Q0iYWL5dzJ9yCxddV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN,SAMEORIGIN
x-powered-by: PHP/7.4.26
x-robots-tag: noindex, nofollow
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 72915fd12db99bd1-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 11 Jul 2022 11:59:39 GMT
Expires: Mon, 11 Jul 2022 12:59:39 GMT
Location: https://charexempire.com/z5LyS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoCmDui8OL8X8TMKhiRrvwpT0pajOKMvrm87YwZ7eYHmWYaWyjOr0k2tRebS39kb%2B32UkzIHSGv8wL1PLYn%2FL7e%2FqnIXwHN3ertMecFj5qQNuPpQR0JySs8SoI8CCTonql%2F9IDuksGsc6oaPw5mY"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Z5GfqlCTfMH7Ms41ZxJO8CRiKEo.js Show response
charexempire.com/cdn-cgi/apps/head/ 5 KB
2 KB 54ms
51ms Script
application/javascript 2606:4700:3035::ac43:b467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://charexempire.com/cdn-cgi/apps/head/Z5GfqlCTfMH7Ms41ZxJO8CRiKEo.js
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:b467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae00ed362c2b07290e51d408e25fd8c4f61578a4696f2f9700e642cb2056a99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/z5LyS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11472976
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7A5PJKT1PTC1EMW1
x-amz-id-2: lRK+z140jSABFafJe9gWEsR+vYdUoCsJr0busLJ/4c7Ekiq5c/nHvzngYPyjGseOYVzL5cgnAqs=
last-modified: Sat, 11 Sep 2021 04:35:58 GMT
server: cloudflare
etag: W/"89b087b3c5c64582efd09779f30b06a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q05R8q1Bzfj35G4Btjpi5A740v2jiHfEOfZ6L%2Fi%2BAqxNKKbc92pI%2BtZlVOIfsTYpmNDGeKMFXWirWpzUZGiJJshGUcvYcTPUu%2Fk3pioVsfwmUmC8K8Yp8dif6wpLkP7z8rSnM%2BA%2BvwR9FdxnyMip"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: X_ufgYyKYkHMh5_WnxLth9Vdy7w1tVeV
cf-ray: 72915fd6ec6c912e-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
933 B 148ms
47ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: charexempire.com
URL: https://charexempire.com/z5LyS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 11:31:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Jul 2022 11:59:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Jul 2022 11:59:40 GMT

GET
H2 200 styles.min.css
charexempire.com/cloud_theme/build/css/ 189 KB
34 KB 56ms
53ms Stylesheet
text/css 2606:4700:3035::ac43:b467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charexempire.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Requested by

Host: charexempire.com
URL: https://charexempire.com/z5LyS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/z5LyS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1097947
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Mar 2021 08:15:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2f202-6041e89a-9d57f818b6415b57;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FgyCgCXzUe68XyJKYRYbcvSUYgN%2FFurScG4oeJsHLi%2Bvo8Uoz6dyCVLGRl6D%2FP4VJX94%2BhEUdVJF5v7omwWOWGmooD83U1Bi4XxPC2A3ZBTiWCkE0%2FEaHYOV45zQRd1v%2BqDRsjxb0GSJ9tLLIcJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 72915fd6ec68912e-FRA
expires: Thu, 28 Jul 2022 19:00:33 GMT

GET
H2 200 widget.min.js Show response
arc.io/ 7 KB
3 KB 143ms
53ms Script
application/javascript 143.204.89.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: charexempire.com
URL: https://charexempire.com/z5LyS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.89.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-89-128.fra50.r.cloudfront.net

Software

Resource Hash

b4d029261e0c0d05a7d76da6dda8661650be157905d03d1f5de6bf647a0578fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Fri, 08 Jul 2022 21:19:04 GMT
age: 1189
etag: "62c89f48-b75"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
date: Mon, 11 Jul 2022 11:39:51 GMT
x-amz-cf-pop: FRA50-C1
content-length: 2933
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: S9DXE5rcWjKwMHLqYRvT1dR7kK_fwtFOaNn_Q9MAzQ5jjV3d5sVSIA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 138ms
50ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-203449028-1

Requested by

Host: charexempire.com
URL: https://charexempire.com/z5LyS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46abf30e96c726906c715f32a1759b8cec412baaadac6f7b8adef77787bb9035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40355
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Jul 2022 11:59:41 GMT

GET
H2 200 / Show response
d2sbzwmcg5amr3.cloudfront.net/ 309 KB
99 KB 310ms
216ms Script
text/plain 2600:9000:2156:6e00:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca1455b5f1a34c18e32d4de3027fb5fd0b954c69d63d86c64c8079b7b437202b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 11:59:40 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 101223
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 2G-JmD4GOwYgXRkQg5SbFtTezVZzU5E0QKnC4JeR_GIwC-GescBaEQ==

GET
H2 200 ads.js Show response
charexempire.com/js/ 191 B
545 B 54ms
52ms Script
application/x-javascript 2606:4700:3035::ac43:b467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charexempire.com/js/ads.js

Requested by

Host: charexempire.com
URL: https://charexempire.com/z5LyS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/z5LyS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 550420
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Mar 2021 08:15:23 GMT
server: cloudflare
etag: W/"bf-6041e89b-6af46b8b8f354433;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylTPbTYbZ3LBL4afY3%2FAUfy12aLg5%2FKc34eCMxP71A8albGe9OzcWdo5avC93nPt2DdY3VbIRafUAWL7tuZckp2elYT82WltfUe%2B2t%2BJZJHiduGof79WeUUlQBVg3eM7dVqjBBxDyxWIdtuoW3NE"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 72915fd6ec70912e-FRA
expires: Tue, 12 Jul 2022 03:06:00 GMT

GET
H2 200 script.min.js Show response
charexempire.com/cloud_theme/build/js/ 202 KB
61 KB 67ms
65ms Script
application/x-javascript 2606:4700:3035::ac43:b467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charexempire.com/cloud_theme/build/js/script.min.js?ver=6.4.0

Requested by

Host: charexempire.com
URL: https://charexempire.com/z5LyS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/z5LyS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 445876
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Mar 2021 08:15:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"32956-6041e89a-20bbf3a58c1b5c49;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMEsEg2WLuZtUBF2NxY1EhoL3ny5N7o1RlSJ2BZKSVQItvD%2ByiD88V7q8b0Z8q1mPTl6N1b%2BDAuUxp9rvwTtn5WkgSB39lRmsa2tcKhFWz8cDN3L8s0BJMSdonzU1NTTEgnjcToDEFX8VdUAq3Kk"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
cf-ray: 72915fd6ec72912e-FRA
expires: Wed, 13 Jul 2022 08:08:24 GMT

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
995 B 144ms
50ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: charexempire.com
URL: https://charexempire.com/z5LyS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

651022474c16d796d15a0e13c3a2ea340168a555a76023bd2af85542869c550a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Mon, 11 Jul 2022 11:59:41 GMT

GET
H3 200 -q5N4FY2hkrbOh7oHhGtoNiF5_s.js Show response
charexempire.com/cdn-cgi/apps/body/ 5 KB
3 KB 51ms
48ms Script
application/javascript 2606:4700:3035::ac43:b467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://charexempire.com/cdn-cgi/apps/body/-q5N4FY2hkrbOh7oHhGtoNiF5_s.js
Requested by: Host: charexempire.com
URL: https://charexempire.com/cdn-cgi/apps/head/Z5GfqlCTfMH7Ms41ZxJO8CRiKEo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c740b75efc6f2ddff507a4d3ddd364f9c825d30d61da464fe5ff109e42cd93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/z5LyS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14425751
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5WXHANTVKG2V3TAC
x-amz-id-2: f8eiaWBkjtOY8a5UMgLc0VFQ9S7OTCD0XT00CVoRSmfcwsPt45vzyx/521tWGYwlpPxZZYqJbMU=
last-modified: Sat, 11 Sep 2021 04:35:57 GMT
server: cloudflare
etag: W/"1e59e2c72218bc7fb5d8a74c349e051c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eOscrNVDZkKSFHLraMNltVTITaPBS5xMQFsEkjLRCUrLWD4hfLthEgHl5h428m5ZLbCwvw889p7lyAxzMV9Zs%2Fi3sdGzyk9%2BTGdQHuNKzbwbEne0AinzDx6ctokTVhe0NEu8GzgEuqSsGRtXmlu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 5qYn1hc7Bh2uEE4FxhdKoKSZ87uKXU1S
cf-ray: 72915fd96afc9107-FRA

GET
H2 200 / Show response
zunsoach.com/5/4166442/ 3 KB
2 KB 176ms
45ms XHR
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zunsoach.com/5/4166442/?oo=1
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: d22743932d07a966df50a56efff4022556c1ad9f6d73f6f130bfe84e9599dcbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 67592044658a27b3857f1dcddd82d998
pragma: no-cache, no-cache
date: Mon, 11 Jul 2022 11:59:40 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://charexempire.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
zunsoach.com/ 70 KB
23 KB 90ms
85ms Script
text/javascript 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zunsoach.com/tag.min.js

Requested by

Host: charexempire.com
URL: https://charexempire.com/z5LyS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

9f2812d14878506b997cf3f5085a6c0a752455059575762e39853569487808c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 22842
x-trace-id: 53bb76b2ae62b816a91953fb69214689
pragma: no-cache
last-modified: Fri, 08 Jul 2022 11:35:21 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 core.js Show response
static.arc.io/widget/js/ 310 KB
104 KB 141ms
37ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/core.js?215718c
Requested by: Host: arc.io
URL: https://arc.io/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 1970a5e7ea5e953e1dad5467121c161df0e8ba1b88f88c7bee593a8120b873aa

Request headers

Referer
Origin: https://charexempire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1XJGWEC3AATFNKRY
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 07/08/2022 21:23:08
cdn-pullzone: 786569
x-amz-id-2: ZwEu1r8GW6JA54q/Lv3m8OOrguQtAZyaSJ3hdf35wPFaWuPpnFNxli0MKmxVHxwTDhNlN9OHpG4=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 21:19:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"2eea5f164ba6230a237de271c3f39c84"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 123a42f71d47fafd1fab411eead13bc9
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 broker.html Show response
core.arc.io/ Frame 778D 2 KB
1 KB 139ms
38ms Document
text/html 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?215718c

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-138-199-37-226.datapacket.com

Software

BunnyCDN-DE-832 /

Resource Hash

0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://charexempire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 07/08/2022 21:20:30
cdn-edgestorageid: 832
cdn-proxyver: 1.02
cdn-pullzone: 786568
cdn-requestcountrycode: DE
cdn-requestid: 3dbcf31a5ce4c6d3ecd25fb09c1ec9e6
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
content-encoding: br
content-type: text/html
date: Mon, 11 Jul 2022 11:59:41 GMT
etag: W/"61e89f9d-612"
expires: Sun, 07 Aug 2022 21:20:30 GMT
last-modified: Wed, 19 Jan 2022 23:32:45 GMT
server: BunnyCDN-DE-832
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
101 KB 140ms
49ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Jul 2022 10:18:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dtsUw7niLknx%2BgB9pT9hEUh560yPl5nhuwglmL5TNXEO5prP3H2YtfBNoicEL6Bg2ktHmeRhNOVjzRj%2FU5s8L6cfherFowX1Fcnw7hpku2PTP4RHeqK82%2B3n0jr8HxpsI9tX7SDdvgakRFS"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://charexempire.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 72915fd9de91922c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
368 B 253ms
162ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de55c44c772643001da683c8e498aa174490e6e8b6dcd441dbb4f3094ddf3803

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://charexempire.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1OwTHunmh%2FXE2UXu2FTEWE%2BbY12njMKEKN20Aut0Oa3cDcrDNLFeCDypgjsjYHY3w3vkgEA8vVuHa%2B%2FOROGhUEAvsMoiT1rP9k5BZRglMbMgpCIWAaQYYXTXzb2ah%2B%2BzQuu93wi8VmYInOI"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 72915fd9de93922c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
nedassiu.buzz/ 0
490 B 294ms
203ms XHR
text/plain 108.138.17.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedassiu.buzz/utx?cb=U2qOkoefXr3j&top=charexempire.com&tid=910586
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-114.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 11:59:41 GMT
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://charexempire.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: ZL3WmnbPhd7XgcQXPGiwadzcVmM_7LVAyreVSwOappD1VF9r_nFcZQ==

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 174ms
90ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Jul 2022 10:18:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62i9vXvUoH01d%2F0f3lUluLC6fmwb06ToDk3735vVlacUUZsVDNyoQj00%2F2b1WV2sg9RR9ITGc%2BAL9dc%2FzHpS4my7x%2BAg4MWXlUr8NzkbotIP1gY9Cx5jk%2FqOa5bz9AXE0%2Ba2DsLh9Tdp2lkR"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://charexempire.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 72915fd9de95922c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 26 B
383 B 245ms
161ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 317bf29ea1b3a734c0cc5043739fdd837c582d4797b9b55f5dd63987dfb2646b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://charexempire.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kgs8NDr8WNH52%2BW8%2BFHonDAicKASlCJuQ6wfWLUTH54GrzkuyxTuikBHvlOS7IYkYgZKTymicrdbjsQJBD8qFeY6P%2BcKg7IyF6JSJJa4OVdhywA1RPafgYZMIkvMCqf34NwvwmSmZp54XeZ0"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 72915fd9de96922c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
nedassiu.buzz/ 0
490 B 214ms
131ms XHR
text/plain 108.138.17.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedassiu.buzz/utx?cb=OHuTaqgAkzu0&top=charexempire.com&tid=910593
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-114.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 11:59:41 GMT
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://charexempire.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: AtbJ7FEUrZsXfipdNSu5tR1wrJzC5zbNoyVtdcCmw0z9R89iZMDIig==

GET
H2 204 b1Z3R0VAaRQ0eDw4LQEgAjoOE3Y1EiB0Dyw1RysmCQMtPxE5OVEzLAtrTnZ1Wm5BYTUGMkp2YxwiFjMwHGtGYSwBMBh6YxlrRml2W3hFcGtecAJ6dEkiByYiUmdRNzEbOkp2c1phQnN1WG5Hfnxe
nedukeratio.lol/ 0
266 B 350ms
257ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/b1Z3R0VAaRQ0eDw4LQEgAjoOE3Y1EiB0Dyw1RysmCQMtPxE5OVEzLAtrTnZ1Wm5BYTUGMkp2YxwiFjMwHGtGYSwBMBh6YxlrRml2W3hFcGtecAJ6dEkiByYiUmdRNzEbOkp2c1phQnN1WG5Hfnxe
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSM8XQy2ifiem38JP1s0w%2FQjwPOK7hiO0zChYOCd8ScqmWKwWt%2BHV2vVKoxXrAnvGZm2eaJz0hTgq9iPr2dhrNytMetEpdrn74hQUC5KE6LKIJzPD717KhaglrBIsTRxyy%2BuqaurLx27p7kdhuw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 72915fd9f8a891e4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 200ms
107ms Image
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 176ms
83ms Image
text/html 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 ServiceLogin
accounts.google.com/ 0
0 312ms
220ms Image
text/html 2a00:1450:4001:82f::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 popunder.gif
nedukeratio.lol/ 35 B
633 B 140ms
47ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/popunder.gif
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: public
date: Mon, 11 Jul 2022 11:59:41 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 17:37:52 GMT
server: cloudflare
age: 498109
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xh8oah5mSbiBKCjn6orIMWtWP5n3plG13Z8H1hNV1roSWrfbp8WW1w1MId7mqDw0WM%2BjnbHpWb7FgWDPADg4ApTfGCCneIRVGVr1UD9RkpozRxIxbRNRboCI9xhlgQnGd3S7q01pTw%2BuIEBO67U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 72915fd9f8ab91e4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 TyY5dQMdPSEcCDI8HB4SSRcCeTMmdhwBM0F0Hy07NWM+ITRNfHt4ZUl2bDg5FHh7biMEJD49I010bCE+Fip3biZNdGR7ZF53fWZhVjB3eXYENSsvbUFjOjwkHHh7fmVHcH54Z0h1c3Fp
nedukeratio.lol/UHBFSkh/ 0
257 B 350ms
257ms Image
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nedukeratio.lol/UHBFSkh/TyY5dQMdPSEcCDI8HB4SSRcCeTMmdhwBM0F0Hy07NWM+ITRNfHt4ZUl2bDg5FHh7biMEJD49I010bCE+Fip3biZNdGR7ZF53fWZhVjB3eXYENSsvbUFjOjwkHHh7fmVHcH54Z0h1c3Fp
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfhfOIJRbd24WdNRPmaZ3hoSqLkG3IHhnH1QPRo6StUGd3fkGFdAtNYmhpJWzeXUn6NX7v242q7Gh8tOywgl7HMe87%2BJ80wvv9uayRioYRTp14vYRRTlWpWFDVOnTJBvfyiHjMxYiMr1FmfwEoQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 72915fd9f8ad91e4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tag.min.js Show response
iclickcdn.com/ 70 KB
25 KB 152ms
52ms Script
text/javascript 2606:4700:20::681a:c76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f2812d14878506b997cf3f5085a6c0a752455059575762e39853569487808c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 29062
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: 2547089a80b34e0b402cfd0255e0fec3
pragma: no-cache
last-modified: Fri, 08 Jul 2022 11:36:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0g6wpvbBxvtuNYTuEuxVRf5wtcd1KEDYeYFPoisuR8b6upNeTm%2FEo9%2BWW7g%2FSE6i1oR5Ydy1QyXP%2FuvgeiTkwnMCpQ0yXUJdiL5IHIQAor9HipbG27%2FBupoyFBow8hMOhvuw6ZUbIVPl%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 72915fda088c91dd-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 12 Jul 2022 03:55:19 GMT

GET
H2 200 Wallop.min.js Show response
www.betteradsystem.com/ 31 KB
10 KB 153ms
47ms Script
application/x-javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betteradsystem.com/Wallop.min.js
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8c16bd3981deb868d795250af30e9edc46cb0e688a03275625e9bc3811d598a7

Request headers

Referer: https://charexempire.com/
Origin: https://charexempire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
x-77-cache: HIT
x-cache: HIT
x-age: 45675
alt-svc: quic="156.146.33.25:443"; ma=2592000; v="44,43,39"
x-77-nzt: AZySIRnvvun/a7IAAA
x-accel-expires: @1658099906
server: CDN77-Turbo
x-77-nzt-ray: qaBzs60Prm8
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://betteradsystem.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Sun, 17 Jul 2022 23:18:26 GMT

GET
H2 200 / Show response
d2sbzwmcg5amr3.cloudfront.net/ 309 KB
99 KB 54ms
52ms Script
text/plain 2600:9000:2156:6e00:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca1455b5f1a34c18e32d4de3027fb5fd0b954c69d63d86c64c8079b7b437202b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 11:59:40 GMT
content-encoding: gzip
age: 1
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop: FRA50-C1
content-length: 101223
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: a8lT7sq-UHxyv8tBt8sDhewTf9ipSgt1zyzd0FBVhwhiU-6LUDhphQ==

GET
H3 200 header.jpg
charexempire.com/cloud_theme/build/img/ 110 KB
111 KB 53ms
52ms Image
image/jpeg 2606:4700:3035::ac43:b467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charexempire.com/cloud_theme/build/img/header.jpg

Requested by

Host: charexempire.com
URL: https://charexempire.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de64b3a393f109bb7d59b836c7cb1b690b031e1da1bf442181cef25487296629

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11468726
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 113002
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Mar 2021 08:15:22 GMT
server: cloudflare
etag: "1b96a-6041e89a-825ad7a469f2cc2b;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b51aBbx%2BGA9fmFPQsPHTRdnkT9zavYrHi6UKYzzoPb%2BG3NAm7fVHaMC6Tqlx%2FzaLmm82lrq1fX301Xm%2FLKhj%2BhHJX%2Feihdm0f%2FlOkG8KY19hKXAb5059BvvRE0KgpIHvd2mteA3r4Ya3Ve9Itjoc"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 72915fd96afd9107-FRA
expires: Tue, 28 Feb 2023 18:14:15 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 136ms
43ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://charexempire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 499892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:08:09 GMT

GET
H2 200 broker.b281d075.js Show response
static.arc.io/broker/js/ Frame 778D 24 KB
10 KB 72ms
72ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/broker.b281d075.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: DAQJ9NZX4CYYJQK9
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 07/10/2022 22:37:03
cdn-pullzone: 786569
x-amz-id-2: +1tsWUnQtBWoN+dwrNXhbyOwX1v39JCUO+CPdsgfFQpImBGjWFwwfGtzocW0U+pMOmMsJ6aak+4=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"8c5f6da1d62d33cc4c32a8ce63be2bf6"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: de4732517682f178aee906cf524759fe
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-vendors.5e1d8045.js Show response
static.arc.io/broker/js/ Frame 778D 49 KB
20 KB 73ms
72ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: D2KV3C9587N9V41E
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 06/29/2022 12:45:36
cdn-pullzone: 786569
x-amz-id-2: EcfzgkBYMGERxXm8fQWFGHHb6dFaHgP/11URKAyr/J/7qUHJdmbffdzu7TT/ZGYCl6LoqMk+QvE=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: 2adac0566e56790c4b94957e13a4ce5d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 778D 0
5 KB 126ms
39ms Other
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GYEMKQPGE5ZWWQX
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: X25XNylBVcqLvXXmT7Zo+EC4edW0UfpEAFmDf3ZZG1AseatZE29txJKwJ+Vb2Y6nPs9132SOWA8=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: 535070f2d3a56e8d724fbc01494d6140
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 778D 0
16 KB 137ms
49ms Other
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GY7JH4K1MGVS138
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: 90h1aW/GSZT/wRAu769jfrRyldDTmyY6FRcAwiHnFC35A29iunct99jxluZnRCJ+ieBa5vq7IA0=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: 80d576884275309af6fcd015722c23dc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 854 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 76ms
74ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Jul 2022 10:18:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJMWZYr4QUR2zJouKkvvMhGMosWdVcfiTRLmX3AfATtZtK33RZaTNI2GLrVW%2BroZPPfHAlgrexeQQx%2FOEyEeISRaOn7%2F09T9XMGFKAic%2F%2FeyJnKZjNCtcRbce2CXTr%2F3KqO3ful2RGF6UVtW"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://charexempire.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 72915fd9feb6922c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
363 B 148ms
146ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 401d91f211651ebfc248e4331a679cb741f598007fe2cf6fb327827385a285fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://charexempire.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asVzA6f8YJSKeMJEmxBrtofiaxhA5FQi9CjMhiAH3h6mGKWHmPIvZyBacp2fzCUvPBzVe9YTXasi2KtyLRvpf9peG1ksbhge%2FNFGwgLR8Abk%2B15BlojHlHabU%2BtXaDkejlgkS%2BOKkiwpoV2l"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 72915fd9feb8922c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
nedassiu.buzz/ 0
490 B 143ms
141ms XHR
text/plain 108.138.17.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedassiu.buzz/utx?cb=h6kHLAqrTeZj&top=charexempire.com&tid=910586
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-114.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 11:59:41 GMT
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://charexempire.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: VYtlkLykm_42QV1KKpT891fLCtbWfXy2fsUVE9ULPY6pA_oXGPRaeA==

GET
H2 200 asd100.bin Show response
freychang.fun/ 100 KB
100 KB 76ms
74ms Fetch
binary/octet-stream 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/asd100.bin
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
access-control-allow-methods: GET
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 11 Jul 2022 10:18:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIKvQyvameexLutNxzgcFGVBEysQhnuIeaBb0qzCBxzs6Vvuzh7MlpHK3A9VXKGBTzT4WZO0HNL0w4eMb3irU0s9kD%2F5wk2RI6QTm4K2C1GbME8FPZfKpiADRpoEi1r1zR5mZuzuhpzC00yh"}],"group":"cf-nel","max_age":604800}
content-type: binary/octet-stream
access-control-allow-origin: https://charexempire.com
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 72915fd9feba922c-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
freychang.fun/ 27 B
364 B 153ms
151ms Fetch
text/plain 2606:4700:3030::ac43:dadd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freychang.fun/
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:dadd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acae4a20981807810d17d8a3113f1069e61ec854531a5641ce8c853e5dffeebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://charexempire.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGtC0XfjrfeRNrIz4Il6Vk5%2FXwq92lNw%2FAKVmYGBE10ViQ1j4VozLHFwqH3PwSmrjnZ7PN8BCyGcFpsEGJS0VZWOo5mK9KcSqInPBN5j1vtgkKHxfBuMhsvrv%2BcUmJukL7lloy6pGfiJVrGh"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 72915fd9febb922c-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 utx Show response
nedassiu.buzz/ 0
491 B 188ms
186ms XHR
text/plain 108.138.17.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedassiu.buzz/utx?cb=QOZZJ15VdLGN&top=charexempire.com&tid=910593
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-114.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 11:59:41 GMT
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://charexempire.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id: hFWXS-xV7VriziS1OrDMvPO6bK3wgF1jEynadIH3WdXwwAEBAt7cuQ==

GET
H3 200 footer.jpg
charexempire.com/cloud_theme/build/img/ 6 KB
7 KB 76ms
75ms Image
image/jpeg 2606:4700:3035::ac43:b467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charexempire.com/cloud_theme/build/img/footer.jpg

Requested by

Host: charexempire.com
URL: https://charexempire.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14412884
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6152
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Mar 2021 08:15:22 GMT
server: cloudflare
etag: "1808-6041e89a-3b3f8c8040854ce4;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCOTvTJPDm5dbfqWvZCHolUaipRsxCQIVJm9eh3MUIk5wsR9NMQ6gTBtA%2BxHxwWUhJxIy5KZGeNm3zuOpPYDRTRnVePFG0%2Fl58V1DKrTu9ZrYRBE44%2BtHQZC1jsJIFRq69tgl7XSYqlvrgQba3s0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 72915fda0bc89107-FRA
expires: Wed, 25 Jan 2023 16:24:57 GMT

GET
H3 200 fontawesome-webfont.woff2
charexempire.com/cloud_theme/build/fonts/ 75 KB
76 KB 76ms
75ms Font
font/woff2 2606:4700:3035::ac43:b467
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://charexempire.com/cloud_theme/build/fonts/fontawesome-webfont.woff2

Requested by

Host: charexempire.com
URL: https://charexempire.com/cloud_theme/build/css/styles.min.css?ver=6.4.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b467 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://charexempire.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Origin: https://charexempire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 519509
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Mar 2021 08:15:22 GMT
server: cloudflare
etag: "12d68-6041e89a-37961c953cfc68e6;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1G8DeGWu893f%2ByG5xoM40Mkk%2BfQnUcrNrUUhz%2FdtRVFZWLuwJp1QU7P24gs5nD%2B027Ryn7oqGGiSjEFo7pBn5ZDul4X6%2BIw%2Fp%2F3sij5g390R3eYvOqY7bOkv6ICQK0JXUlD%2B9CZ9Tc6s6Zcd30kQ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: User-Agent, Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
cf-ray: 72915fda0bca9107-FRA
expires: Tue, 12 Jul 2022 11:41:12 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 72ms
71ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://charexempire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 499642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:12:19 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 89ms
89ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://charexempire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 499892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:08:09 GMT

GET
H2 200 K3Y8Q2kUYFcWZwF2Mzp8KHooN3ACEkgwYAVxOz5mCn8rQ0kabig0dhJcN0ppAnYcMAIKcDRDVRltSxVVBGZPC3MoZiw2WxFRPUNFDG0rI2kEXxFGZhFxIiVjBnEoN3cFbQICcxJbSxx2KHE4JlwWcjgKfA15EStVFQYRIHAWUzwgZhJ0LxVVFG0dVFswWBQCDBdWA... Show response
nedassiu.buzz/Qzd6cjEiVRkfDiIKGFREMVtHVwMFEkg0VXFEGAhGLlQdR1AuRUlcUi9YDxZXMVgUBh8tUg5XAwVkGR9FG3kyI2MBcxYhYjRuOT9GL3krQ0Uqcz84ZAJkKBB2JH0tMwAWeCoFQS92Pyh5CXVDOmQkbig/Ri9yLDNScWASPGEXYzATd3MOGxFnFmY... Frame 20DC 3 KB
2 KB 138ms
134ms Document
text/html 108.138.17.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedassiu.buzz/Qzd6cjEiVRkfDiIKGFREMVtHVwMFEkg0VXFEGAhGLlQdR1AuRUlcUi9YDxZXMVgUBh8tUg5XAwVkGR9FG3kyI2MBcxYhYjRuOT9GL3krQ0Uqcz84ZAJkKBB2JH0tMwAWeCoFQS92Pyh5CXVDOmQkbig/Ri9yLDNScWASPGEXYzATd3MOGxFnFmY/NGspch0zcgFzDThwK1QcPV0WVjggViliSzt5AFoKKHY0UDk9ACRhLENaEXYsAnIXWi83aQJiOT1nAlU4IFk6dREjUgsEMzVjBnkYF2ARZSshXTp1ESN3Al0RMWAFUyM0YwVwKxp/K3Y8Q2kUYFcWZwF2Mzp8KHooN3ACEkgwYAVxOz5mCn8rQ0kabig0dhJcN0ppAnYcMAIKcDRDVRltSxVVBGZPC3MoZiw2WxFRPUNFDG0rI2kEXxFGZhFxIiVjBnEoN3cFbQICcxJbSxx2KHE4JlwWcjgKfA15EStVFQYRIHAWUzwgZhJ0LxVVFG0dVFswWBQCDBdWAD9QcQNIR34LRA
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-114.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 0a979a15e042f72e191ebfee38b64bc0706a680f28178b474ea5345614088432

Request headers

Referer: https://charexempire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1230
content-type: text/html
date: Mon, 11 Jul 2022 11:59:41 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
x-amz-cf-id: kOTmDphzPJ16Ntw6XSR8y16fC7qQaia5bzcAeA1mcGZ1jyhAQ4pRlw==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront

GET
H2 200 NDdONnhVVS1bR1UKLBANRltzE0pyEnxwHAZELEwPWVQpAxlZRX0YG1hYO1IeRlggQlZaUjoTSnJYAFsQXGIJUi52QHYEL3F+DHQvBVIMBxBhVhhnKXVfBxNKcnQbbC53WhtlG1xQOHAPfl4GcjIGcn5BNWxwDHQvU1weeElbZgpnQE5gKVI3dXMfcDsFTwZ8OlBtD... Show response
nedassiu.buzz/ Frame 666B 3 KB
2 KB 135ms
133ms Document
text/html 108.138.17.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nedassiu.buzz/NDdONnhVVS1bR1UKLBANRltzE0pyEnxwHAZELEwPWVQpAxlZRX0YG1hYO1IeRlggQlZaUjoTSnJYAFsQXGIJUi52QHYEL3F+DHQvBVIMBxBhVhhnKXVfBxNKcnQbbC53WhtlG1xQOHAPfl4GcjIGcn5BNWxwDHQvU1weeElbZgpnQE5gKVI3dXMfcDsFTwZ8OlBtDwcPWXYlfz51c3pnKmZACVIQfm8YZw8RBQh+LgxyCmI+d3UNAy1SWy1iL1hxenM+DHAMYkBlZRsHLG12InUsYnkpYB9ucBtuLmFTCwcsbXUMUDpYUyVnH2FGHHEybGMiAy5RYgdzL3UaD1E+BVgAcBJhcRZnPWJTGGAPbGEEWCtlYStkP35vBlE1fn0PRhlgYQNiKVNlF3IsX3obBklgbg90LHdAIRNKcmMmeBlhYwNmKnVUA3gtfXICWjpTYQxeIWAFGG45cl8ebC5lYxlaPV51IncycU0idTp3AhtvSXVuGQccBnIpQiISXT1ZFkQKJQMNcEcAcR1gQx0
Requested by: Host: d2sbzwmcg5amr3.cloudfront.net
URL: https://d2sbzwmcg5amr3.cloudfront.net/?wzbsd=910586
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-114.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 2d9976250c3ba81f1d8cc82add20288678919d24bbec97cf71784e3e9acbd13e

Request headers

Referer: https://charexempire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1230
content-type: text/html
date: Mon, 11 Jul 2022 11:59:41 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 cd937c6e1754c3fced5b911c722ff31a.cloudfront.net (CloudFront)
x-amz-cf-id: 1hGNONkKo71b7tdNlc7kklOV2H7UF7XjMc9A52j714QJ-4-_racuqg==
x-amz-cf-pop: FRA56-P7
x-cache: Miss from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
40ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-203449028-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3290
date: Mon, 11 Jul 2022 11:04:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 11 Jul 2022 13:04:51 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
544 B 160ms
43ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=8ea95cfa23ad4152ba6c177bd46b55f1

Requested by

Host: zunsoach.com
URL: https://zunsoach.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

a32f9a853fcc1ee90b4d27d9d85d2e7df1fe2fa2921b701d453ebeb00f86fea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://charexempire.com
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://charexempire.com/
Origin: https://charexempire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 11:53:36 GMT

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ 94 KB
34 KB 56ms
55ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GY6S001T357QB3G
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: iP/RSL85XHclcpcrRrLq8hDCh9Xkr+hKxAg2ey8jC22KyRaF7rG4Duvz6BVtYr3GR5GbAfYsqjY=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Mon, 16 May 2022 23:42:11 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"5f5181a44cab6b9ccdc03f0d9f46e177"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 0d8b82c891f918ef80d4296126087601
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget.css
static.arc.io/widget/css/ 85 KB
9 KB 43ms
42ms Stylesheet
text/css 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?215718c
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: CP63VWFCT7PGZA9K
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 07/08/2022 21:27:05
cdn-pullzone: 786569
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Q9gJmYaobXc2IcsQ4YN4TrOMUDKHHbgsf+mJ+QXcW64Y6x010aRIlZs2GfBJDctrYJXfTGVh1s4=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 21:19:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 6ef135dd52c2cbeb043a7ca6fdc841e8
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ 40 KB
14 KB 89ms
88ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-ui.js?cc907373
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: d39b20c4ec809111a1551d5dcaa8acc0787be61a2ca1cff96e82d62ea08ce568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: MHBM0NJ9DMXVYAR3
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 07/06/2022 02:29:56
cdn-pullzone: 786569
x-amz-id-2: qUSFOrMhfdceGWeQCKkNW/X+IkjuONCYCUfrH37n51bYT1q8Km/fqO7HV7cttk/edV7uSQguTz4=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 06 Jul 2022 02:18:21 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"00427f6aa4b467b03fc1c15d03f7617f"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 2b819ff485f43104aec25515046ab59f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
bedrapiona.com/5/3868175/ 3 KB
2 KB 143ms
46ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3868175/?oo=1&js_build=iclick-v1.401.0
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 97cd394a16438caec1b127190c322c5d6592da8b13e76128be661c50d19fad1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id: 609e5dcb2a72f9bdc0a4e403b2181d6e
pragma: no-cache, no-cache
date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://e2ertt.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://charexempire.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 / Show response
c.adsco.re/ 61 KB
22 KB 144ms
52ms Script
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.betteradsystem.com
URL: https://www.betteradsystem.com/Wallop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 1288335
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 72915fdbaef19b1b-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 11 Aug 2022 11:59:41 GMT

GET
H2 200 ThNaUTMPRAcMNUIELlBgVBhYT2VXAFhPZVQTWlEjBlAJEzlCBC5UY1AYW1d2EgtZ Show response
d2sbzwmcg5amr3.cloudfront.net/oNmhhUGdVBw82WEIBBW1eB1hUaVQQAhI/CUZVCmUSchgvFwJiHDJ2E0wMXGBBWgkPN1oQDQ8zWgdOADQFC1xHJBdZA1wmAkIFAD4QRRwGdhJXVQw/HV8EDTFCBC5UflcTWlF4EF8GBT8QRU1TYAlCTVNgVgZGUXVUdE1TYB... Frame 666B 867 B
895 B 191ms
189ms Script
text/plain 2600:9000:2156:6e00:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2sbzwmcg5amr3.cloudfront.net/oNmhhUGdVBw82WEIBBW1eB1hUaVQQAhI/CUZVCmUSchgvFwJiHDJ2E0wMXGBBWgkPN1oQDQ8zWgdOADQFC1xHJBdZA1wmAkIFAD4QRRwGdhJXVQw/HV8EDTFCBC5UflcTWlF4EF8GBT8QRU1TYAlCTVNgVgZGUXVUdE1TYBBfBldkQgUqRGJXTl5VeUIEWA-AgF1oNFjUFXQEVdVVwXVJnSQVeRGJXHgMJJApaTVMTQgRYDTkMU01TYABTCwo/ThNaUTMPRAcMNUIELlBgVBhYT2VXAFhPZVQTWlEjBlAJEzlCBC5UY1AYW1d2EgtZ
Requested by: Host: nedassiu.buzz
URL: https://nedassiu.buzz/NDdONnhVVS1bR1UKLBANRltzE0pyEnxwHAZELEwPWVQpAxlZRX0YG1hYO1IeRlggQlZaUjoTSnJYAFsQXGIJUi52QHYEL3F+DHQvBVIMBxBhVhhnKXVfBxNKcnQbbC53WhtlG1xQOHAPfl4GcjIGcn5BNWxwDHQvU1weeElbZgpnQE5gKVI3dXMfcDsFTwZ8OlBtDwcPWXYlfz51c3pnKmZACVIQfm8YZw8RBQh+LgxyCmI+d3UNAy1SWy1iL1hxenM+DHAMYkBlZRsHLG12InUsYnkpYB9ucBtuLmFTCwcsbXUMUDpYUyVnH2FGHHEybGMiAy5RYgdzL3UaD1E+BVgAcBJhcRZnPWJTGGAPbGEEWCtlYStkP35vBlE1fn0PRhlgYQNiKVNlF3IsX3obBklgbg90LHdAIRNKcmMmeBlhYwNmKnVUA3gtfXICWjpTYQxeIWAFGG45cl8ebC5lYxlaPV51IncycU0idTp3AhtvSXVuGQccBnIpQiISXT1ZFkQKJQMNcEcAcR1gQx0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e1449dabc78c250e18fca39705e39f27a9ad17cc6e865b72f35ce60da3c75632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedassiu.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 620
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: _zfassxF093aWjICeAIx_nkanUuXA0FBIiaYcOUGkIbXrtmUn0PGMA==

GET
H2 200 ScmtXNHQRBDlSSwYCMwlNQ1tiDEJUASRbGgJWA1UOPwplAEZHJB9HUgYRMwlEVAc2WhNPTTJaF09acVUQEFZjEgACBDwJAhcfOlUaBRgjU1IHCmpZGwgCO1gVV1kRAVpCTmUEXAUCOVAbBRhyBkQcH3IGRENbeQRRQSlyBkQFAjkCQFdYFRFGQhNhAF1XWW-dVBAI... Show response
d2sbzwmcg5amr3.cloudfront.net/ Frame 20DC 740 B
812 B 198ms
197ms Script
text/plain 2600:9000:2156:6e00:1d:bf0d:abc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2sbzwmcg5amr3.cloudfront.net/ScmtXNHQRBDlSSwYCMwlNQ1tiDEJUASRbGgJWA1UOPwplAEZHJB9HUgYRMwlEVAc2WhNPTTJaF09acVUQEFZjEgACBDwJAhcfOlUaBRgjU1IHCmpZGwgCO1gVV1kRAVpCTmUEXAUCOVAbBRhyBkQcH3IGRENbeQRRQSlyBkQFAjkCQFdYFRFGQhNhAF1XWW-dVBAIHMkMREAA+QFFALWIHQ1xYYRFGQkM8XAAfB3IGN1dZZ1gdGQ5yBkQVDjRfG1tOZQQXGhk4WRFXWREFREFFZxpBQl1nGkFBTmUEBxMNNkYdV1kRAUdFRWQCUgdWZg
Requested by: Host: nedassiu.buzz
URL: https://nedassiu.buzz/Qzd6cjEiVRkfDiIKGFREMVtHVwMFEkg0VXFEGAhGLlQdR1AuRUlcUi9YDxZXMVgUBh8tUg5XAwVkGR9FG3kyI2MBcxYhYjRuOT9GL3krQ0Uqcz84ZAJkKBB2JH0tMwAWeCoFQS92Pyh5CXVDOmQkbig/Ri9yLDNScWASPGEXYzATd3MOGxFnFmY/NGspch0zcgFzDThwK1QcPV0WVjggViliSzt5AFoKKHY0UDk9ACRhLENaEXYsAnIXWi83aQJiOT1nAlU4IFk6dREjUgsEMzVjBnkYF2ARZSshXTp1ESN3Al0RMWAFUyM0YwVwKxp/K3Y8Q2kUYFcWZwF2Mzp8KHooN3ACEkgwYAVxOz5mCn8rQ0kabig0dhJcN0ppAnYcMAIKcDRDVRltSxVVBGZPC3MoZiw2WxFRPUNFDG0rI2kEXxFGZhFxIiVjBnEoN3cFbQICcxJbSxx2KHE4JlwWcjgKfA15EStVFQYRIHAWUzwgZhJ0LxVVFG0dVFswWBQCDBdWAD9QcQNIR34LRA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6e00:1d:bf0d:abc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bb4c2a434fb8aabac0f1a39da8a41ab83df4c569b346d44f42f3f90d01e5f0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nedassiu.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 536
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: 5E9RFph2dy5ouUOd1-xbz0nHj8E2V89wRcI1IOxpBXX2BF4LKZ-epw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 120ms
44ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2109462870&t=pageview&_s=1&dl=https%3A%2F%2Fcharexempire.com%2Fz5LyS&ul=en-us&de=UTF-8&dt=ZSHORT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=621035343&gjid=1283429929&cid=2125012357.1657540781&tid=UA-203449028-1&_gid=2142500170.1657540781&_r=1&gtm=2ou760&z=1425351908

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charexempire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 11:59:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://charexempire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onmarshtompor.com/ 2 KB
2 KB 146ms
45ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/?rb=_mA93JXv-m8apKGV0OGib9LmbV0tN4C15twvkCbfMNNtyaQqpTycRCimWh3C1zT9Hhzs84Nk_NYEA5LV-w-HbODXBgeOqmbg883RtnxkVrU_Wwtqx8V3SMgk309fowtt6li4ZK8TpIM-hASYYmmqz5vyyEfehOdtUm9MPhXvoVE8vAdThxshziZh4-N4LnJ8FMX6jqsYvqab5YM0YxRaWrS6qDLCpKR17yXKCXZ_enfFjDukjymCOZxWUJNVywHLfZ91Yho6Od-N2-pOhKSQb2tE4DwqnT_C&request_ab2=82001&zoneid=4166442&js_build=iclick-v1.401.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=https%3A%2F%2Fcharexempire.com%2Fz5LyS&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.401.0&bs=51746ce6-405f-48e2-be22-64610ec4b4ec&userId=8ea95cfa23ad4152ba6c177bd46b55f1&m=link

Requested by

Host: zunsoach.com
URL: https://zunsoach.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

268af2d1269e4eeea0040039882ed58a73f302d384a5e03220fd3831b05148af

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-trace-id: aa9de4c4da07245f408796d046219c06
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://charexempire.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 lazy-modules.a169b1ec.js Show response
static.arc.io/broker/js/ Frame 778D 45 KB
16 KB 39ms
39ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GY7JH4K1MGVS138
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: 90h1aW/GSZT/wRAu769jfrRyldDTmyY6FRcAwiHnFC35A29iunct99jxluZnRCJ+ieBa5vq7IA0=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: 34bc6b90a5d451bb5c3bf4f75f505483
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
onmarshtompor.com/ 2 KB
2 KB 90ms
46ms Fetch
application/json 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/?rb=IMY12p1AEZU_C8YCm2Gi_EDu0476fBQclqyd6K2pX9s6hJooMqfrJnEj2VEfuklGgHy7gzmDqobmpR0HA1A3Yr3QqEUUNnFLKJuYy-r7CQXqSxID0BkDnxlDv8n7L7KefV7Y0BO6CV9jBEDnW-6IXlSuct_u8VDW12CMIsThuPAKWMFvPvS1992TT9OQqLWLEXq05f7hh7cCl2FYzDCA-04Xc9-fOZ3s5B8NTTMaEJnSld1pg2zLFo_YR5cd7cNVv7MR1xRD4tDdCiq8oohqXnKNDEIc_yS4&request_ab2=82003&zoneid=3868175&js_build=iclick-v1.401.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=https%3A%2F%2Fcharexempire.com%2Fz5LyS&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.401.0&os=other&os_version=other&bs=12c7e602-8de0-4a62-9ab0-6b511d953220&userId=8ea95cfa23ad4152ba6c177bd46b55f1&m=link

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3a9ec8628f00ea382da58061221a32141740b00d2f0da1f4d434ccc0b53647fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-max-age: 86400
x-trace-id: 358aa9e91fefb91a39cbae2fa24ef565
pragma: no-cache
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://charexempire.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ 49 KB
18 KB 138ms
48ms Script
application/javascript 2606:4700:3034::ac43:cdf0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:cdf0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 769
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 09:20:35 GMT
server: cloudflare
etag: W/"62a1bb63-c24f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WkgQcUfvp3zPIzQlo28d2fhRLXqU2HBFWGU67dwps%2FAFcoli8IsLVhKJlfESFm3l1rcNmaaH%2BxQ%2BLneYSS8MtbXtwXd7Kkp5js4k6yKQF60LEyhkPu33%2FZDaBK0ScT7lKNG62LOzre8z2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 72915fdc7ef89189-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin

GET
H2 200 /
6.adsco.re/ 0
103 B 145ms
52ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://charexempire.com/
Origin: https://charexempire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://charexempire.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 72915fdc9d2f9b3a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
462 B 216ms
67ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://charexempire.com/
Origin: https://charexempire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 11:59:41 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://charexempire.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H/1.1 200
OK / Show response
4.adsco.re/ 45 B
462 B 183ms
52ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 79592c44add4f87a4f065cff7424387e54450bc5af5ef65018313ab96009f3f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 11:59:41 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://charexempire.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 52 B
414 B 129ms
51ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d3384d877fd1dafeea8432ed7ebae097f515147d74b091a12c5cadf16420e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://charexempire.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 72915fdc9d2e9b3a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK /
padqxauefmyp.l4.adsco.re/ 0
464 B 164ms
47ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://padqxauefmyp.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://charexempire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 11 Jul 2022 11:59:41 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
padqxauefmyp.n4.adsco.re/ 0
464 B 536ms
113ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://padqxauefmyp.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://charexempire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 11 Jul 2022 11:59:41 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
padqxauefmyp.s4.adsco.re/ 0
464 B 1446ms
283ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://padqxauefmyp.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://charexempire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 11 Jul 2022 11:59:42 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H3 200 / Show response
c.adsco.re/ Frame 21D8 61 KB
22 KB 123ms
44ms Document
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

Referer: https://charexempire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age: 1288334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 72915fdca9a7916b-FRA
content-encoding: br
content-type: text/html
date: Mon, 11 Jul 2022 11:59:41 GMT
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 11 Aug 2022 11:59:41 GMT
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server: cloudflare
vary: Accept-Encoding

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 282E 43 KB
22 KB 141ms
60ms Document
text/html 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdKcgQaAAAAAKHPpPxITQGdDG-Bdp9b3Avzu8Na&co=aHR0cHM6Ly9jaGFyZXhlbXBpcmUuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=pb2ejvjm5waq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fa7b3e35da2a71abfc95d79864d8b2e23b812657656873452edcf87fe237d452

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KIdOnBKYxVXynx-vLHzggg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://charexempire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22836
content-security-policy: script-src 'report-sample' 'nonce-KIdOnBKYxVXynx-vLHzggg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Jul 2022 11:59:41 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET /
6.adsco.re/ Frame 21D8 0
0

GET
H/1.1 200
OK /
4.adsco.re/ Frame 21D8 0
456 B 78ms
53ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: charexempire.com
URL: https://charexempire.com/z5LyS
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Jul 2022 11:59:41 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 204 favicon.ico
ptaimpeerte.com/ 0
0 135ms
45ms Fetch 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ptaimpeerte.com/favicon.ico

Requested by

Host: zunsoach.com
URL: https://zunsoach.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2653
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2sZv4D%2F0YbE7JKkPET94yHbgAjLKQanEhos2QeJM9jEuI%2F4%2FyasYhZXJLQ6en1RIEPMgYWKJrZeDy%2BsJY8Dq2tkULTODaWzEXQ%2FyTfoxyTjVwoCIyTdrlVlTqtI05Zb4WoH0emh%2BhJjX4aRxqI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 72915fddbba08fef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 204 favicon.ico
ptaimpeerte.com/ 0
0 135ms
46ms Fetch 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ptaimpeerte.com/favicon.ico

Requested by

Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2653
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MU4s%2Ft6tIUsU10ZWaKGpuApAZZNWFO8j7PixCtteLDimrVZbpdmSIV04VgxIysJjFXuM7PeKncojPhQQuUUCoAq9sp65QxhEddB%2BB8C2qIatHe8RmH3E8pcIcl6KIK9S9tUcpBzaMJIi6%2BQZNeE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 72915fddbba28fef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 /
c.adsco.re/ Frame 21D8 21 KB
0 45ms
45ms XHR
text/html 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 1288334
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 72915fdd8b3a916b-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Thu, 11 Aug 2022 11:59:41 GMT

POST
H/1.1 200
OK add Show response
datatechonert.com/log/ 12 B
486 B 146ms
43ms Fetch
application/json 37.48.68.71
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.48.68.71 Arnhem, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Request headers

Referer: https://charexempire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 11 Jul 2022 11:59:41 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://charexempire.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET /
4.adsco.re/ Frame 21D8 0
0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 282E 51 KB
24 KB 121ms
42ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdKcgQaAAAAAKHPpPxITQGdDG-Bdp9b3Avzu8Na&co=aHR0cHM6Ly9jaGFyZXhlbXBpcmUuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=pb2ejvjm5waq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 11:21:06 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 282E 366 KB
145 KB 120ms
41ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 11:53:36 GMT

POST
H/1.1 200
OK p Show response
adsco.re/ 363 B
865 B 239ms
85ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 1aba7340457f14922d49358f8c50bc193f905c58c97f50a0f383245ccb638fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

AS-P-G: OK
Date: Mon, 11 Jul 2022 11:59:42 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK lon124
Access-Control-Allow-Origin: https://charexempire.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
DATA 200
OK truncated
/ Frame 282E 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 282E 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 282E 2 KB
2 KB 41ms
41ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 317973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 14 Jul 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 282E 15 KB
15 KB 120ms
39ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 520897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Jul 2023 11:18:05 GMT

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 282E 102 B
132 B 47ms
46ms Other
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdKcgQaAAAAAKHPpPxITQGdDG-Bdp9b3Avzu8Na&co=aHR0cHM6Ly9jaGFyZXhlbXBpcmUuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=pb2ejvjm5waq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Mon, 11 Jul 2022 11:59:42 GMT

GET
H3 200 bframe Show response
www.recaptcha.net/recaptcha/api2/ Frame 4A74 7 KB
1 KB 51ms
50ms Document
text/html 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LdKcgQaAAAAAKHPpPxITQGdDG-Bdp9b3Avzu8Na

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7cf6e529d3a60d61d3d74b2e6d8011ec86e3d1db43037e161523dd6829b76a33

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UMKeul6UJncbAep72JHjig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://charexempire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1112
content-security-policy: script-src 'report-sample' 'nonce-UMKeul6UJncbAep72JHjig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Jul 2022 11:59:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 4A74 51 KB
24 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LdKcgQaAAAAAKHPpPxITQGdDG-Bdp9b3Avzu8Na

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 11:21:06 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 4A74 366 KB
145 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LdKcgQaAAAAAKHPpPxITQGdDG-Bdp9b3Avzu8Na

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:53:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 11:53:36 GMT

GET
H2 200 eJR.asp Show response
betteradsystem.com/ 44 B
140 B 305ms
162ms Script
text/javascript 162.252.213.208
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://betteradsystem.com/eJR.asp?_=BAoAYswQrgFizBCugAGBAsAAIFbvXajfOCL56H4V1C_lQ8gdJfZoYXrbojBMAN4KsvdbwQBHMEUCIG-zxXRXiO2ag_tBtR9s_ZaKtKXmlIH6zrtpD2IqX8aRAiEA3F_OWCEZJiRcYWQA1oI1Z0NDUfZJDC5EPL67qlzGetXCACABOFQISgWvqbBaCTsdFmq7EvSCf30t-62InHe7qes4N8QAECoBBKATOACSAAAAAAAAAAjFABDYDnPq_h0nWZjzf_lj_ADNwwBHMEUCIDubJJ3AyKpxkfejU3LKImg9nCg8Uzem7fv3fi3E9wZIAiEAxYi_Pbuf8CTfO1oFfWaW0aVC_jJl6fVtmq3N2bG1EN8&v=4&EhwKtNFl=4525769&ktZoTaMp=0.0001&ZRwOMoIW=0:1,0&QxpYGSlz=&ZYgSrHGC=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.betteradsystem.com
URL: https://www.betteradsystem.com/Wallop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.252.213.208 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/z5LyS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 11 Jul 2022 11:59:42 GMT
popads-ec: ASB
asf: 9
content-length: 44
content-type: text/javascript;charset=UTF-8

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 14E1 85 KB
9 KB 41ms
40ms Stylesheet
text/css 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?215718c
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?cc907373
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: CP63VWFCT7PGZA9K
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 07/08/2022 21:27:05
cdn-pullzone: 786569
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Q9gJmYaobXc2IcsQ4YN4TrOMUDKHHbgsf+mJ+QXcW64Y6x010aRIlZs2GfBJDctrYJXfTGVh1s4=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 21:19:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: d8445c01c036dfe2502b22fae10c12a6
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 14E1 2 KB
1 KB 124ms
43ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?cc907373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1753915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGPqSo%2BEouPPrzhnq3dChFHN%2Fvvh7FwUAH2IkG37aNvsJHgT0NnA6kjUQR22Wb3qb543a6NkHxNKOexXG16zsIjhwSUNTXOKcz8c1vUs7kbJhFbaqOEBjOEha112MyIBsw%2BOzvHUMdkKCZbb8UB1CC%2BO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72915fe33a769237-FRA
expires: Sat, 01 Jul 2023 11:59:42 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 8104 85 KB
9 KB 41ms
40ms Stylesheet
text/css 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?215718c
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?cc907373
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: CP63VWFCT7PGZA9K
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 07/08/2022 21:27:05
cdn-pullzone: 786569
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Q9gJmYaobXc2IcsQ4YN4TrOMUDKHHbgsf+mJ+QXcW64Y6x010aRIlZs2GfBJDctrYJXfTGVh1s4=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 21:19:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: f834d938835c6fee053a7ebb2e63b734
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 8104 2 KB
927 B 120ms
46ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?cc907373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1753915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EagOZNZ%2Fsb0IJwNfiEJ6yECyqF2mUYDZeyzRD0sRwT859APcCwVmiKS8Ta6qQ5Rx%2FZirFAJ2Nh%2BHV1LkZPMhDp0CMI0Yh4dDGT4jwfwrOBtYTSKRDeF6VhFyZv6g8zMTcD8jUpvO9ipX7UvdsplVbIrZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72915fe33a789237-FRA
expires: Sat, 01 Jul 2023 11:59:42 GMT

GET
DATA 200
OK truncated
/ Frame 14E1 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8104 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8104 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8104 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8104 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8104 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8104 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8104 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET /
tracker.arc.io/ 0
0

POST
H2 204 RLzEWojUkeZ5N4PBcLxJV3
warden.arc.io/mailbox/nodes/ 0
0 402ms
128ms Fetch 18.223.141.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://warden.arc.io/mailbox/nodes/RLzEWojUkeZ5N4PBcLxJV3

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?215718c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-223-141-84.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://charexempire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 11 Jul 2022 11:59:42 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 lazy-iwc.9b430e25.js Show response
static.arc.io/broker/js/ Frame 778D 14 KB
5 KB 40ms
40ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 1GYEMKQPGE5ZWWQX
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 05/18/2022 20:53:32
cdn-pullzone: 786569
x-amz-id-2: X25XNylBVcqLvXXmT7Zo+EC4edW0UfpEAFmDf3ZZG1AseatZE29txJKwJ+Vb2Y6nPs9132SOWA8=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000
cdn-requestid: fa41ef4c8c5d3c097bfd14a87bb07d5d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 vendors~widget-sc-client.js Show response
static.arc.io/widget/js/ 60 KB
17 KB 38ms
37ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 3DZ1T9YKQJ2029B2
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 07/05/2022 18:29:49
cdn-pullzone: 786569
x-amz-id-2: ZZqz5riq7VF1AAcAUUs86xFRgITOTUxNYxce5aEZtN7W8o96XnMGf4Q4FjcEOyzsKNqqzidoMLI=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Sat, 02 Jul 2022 00:03:29 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"fa12476f8ee3c92b8369e0c9d3b915f9"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: c530098d0f047c2a069bbc583e5bbe99
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-sc-client.js Show response
static.arc.io/widget/js/ 3 KB
2 KB 44ms
44ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: XPBP66JNKNB3TED7
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 07/04/2022 22:47:57
cdn-pullzone: 786569
x-amz-id-2: WJ/SYm5uhvul5J9Y3HEFyFYu5bgo1O8lbiltHR3NYCTzjdEceFMdFZ1Ag0sTC8sRdmTcf2mZh7c=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Sat, 02 Jul 2022 00:03:29 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"14884d9e881791d580471ec30f89f22a"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: ddda23af28805bceaad522e2203c7310
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-2d2088b3.js Show response
static.arc.io/widget/js/ 2 KB
2 KB 41ms
41ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/chunk-2d2088b3.js?87cf5e7d
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: ab9b2b1aae78b171789a117d8cab6c888040dc8b5e1e4172755bbb534757ad8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: NA2A4RQRKJRPP3R4
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 07/08/2022 21:27:19
cdn-pullzone: 786569
x-amz-id-2: e18VQjGgcIQczI88dCcgKYausw6aq9dkiHHmDgzOl6CwtWCYVsrMqalvgEXEQ16poH52k7Z+sUw=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Fri, 08 Jul 2022 21:19:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"e05fbe0951c09c0f9d72b18f50f7a75a"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 7f1e0202555450cbd0e1cbfb823d63a6
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-2d0cf2b3.js Show response
static.arc.io/widget/js/ 678 KB
346 KB 44ms
43ms Script
application/javascript 138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/chunk-2d0cf2b3.js?4c8adf50
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?215718c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE-832 /
Resource Hash: 6220aab27b013f0eb7d29526583072d91fe6d8c79092625d3860cb0e49be0cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:42 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
cdn-edgestorageid: 832
x-amz-request-id: 8V770Z5TDDZPXJPC
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cdn-cachedat: 07/05/2022 18:40:13
cdn-pullzone: 786569
x-amz-id-2: qwXOTpftt9Vu6yejqoStSaeyPYZFj5RdGtDX8B/6m9+GWljhJ+aJ2IJlpfn00dohpJgGyN9yNAU=
server: BunnyCDN-DE-832
access-control-allow-origin: *
last-modified: Tue, 05 Jul 2022 18:36:45 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"ca35aa45a2c24b9d17eea1639b5ef6a2"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cache-control: public, max-age=2592000, stale-while-revalidate=864000
cdn-requestid: 9565a2b7fd578d477cf7c50ad05c0ffb
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 QmT1dbD9piyzSCLEyqNiKLv3AnaBXCRrmfGFhthy74S1r6 Show response
strn.pl/cid/ 159 KB
160 KB 149ms
40ms Fetch
application/vnd.ipld.car 54.38.159.160
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://strn.pl/cid/QmT1dbD9piyzSCLEyqNiKLv3AnaBXCRrmfGFhthy74S1r6?clientId=3b456b0f-6cdd-4342-a04f-6e00b0fd262d

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/chunk-2d2088b3.js?87cf5e7d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.38.159.160 , Germany, ASN16276 (OVH, FR),

Reverse DNS

vps-dbe3e859.vps.ovh.net

Software

nginx /

Resource Hash

f3b315144d3321a9ba3686b5bc6a75a5a94a801b31d52d795eac10917181a5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://charexempire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 11:59:43 GMT
server: nginx
saturn-node-version: 188_4a40f45
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.ipld.car
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, immutable
saturn-transfer-id: ed347437a3c74f1e5e48fcfb96bdc229
saturn-node-id: b7ba54e8-0b7e-40de-8f5f-2fe59a694659
timing-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
saturn-cache-status: HIT

POST
H/1.1 200
OK /
dzmpfyg2xpxnawizu35tubolxy0uwxyj.lambda-url.us-west-2.on.aws/ 0
0 597ms
197ms Fetch
application/json 2600:1f14:50b:9a03:93ff:7a4a:c21c:cc44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dzmpfyg2xpxnawizu35tubolxy0uwxyj.lambda-url.us-west-2.on.aws/
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/chunk-2d2088b3.js?87cf5e7d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f14:50b:9a03:93ff:7a4a:c21c:cc44 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://charexempire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 11 Jul 2022 11:59:43 GMT
x-amzn-RequestId: b9443489-e520-4649-b786-6bc1e7fc5f9c
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://charexempire.com
X-Amzn-Trace-Id: root=1-62cc10af-36173dbb26fa615712e2acf0;sampled=0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 0

POST
H2 204 statusReport
warden.arc.io/mailbox/ 0
0 129ms
129ms Fetch 18.223.141.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://warden.arc.io/mailbox/statusReport

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-223-141-84.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://charexempire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 11 Jul 2022 11:59:46 GMT
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
strict-transport-security: max-age=15724800; includeSubDomains

POST
H3 200 batch
www.google-analytics.com/ 35 B
0 124ms
45ms Fetch
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/batch

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?215718c

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://charexempire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 11:59:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://charexempire.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6.adsco.re
URL: https://6.adsco.re/

Domain: 4.adsco.re
URL: https://4.adsco.re/

Domain: tracker.arc.io
URL: https://tracker.arc.io/

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
charexempire.com/	1969-12-31 23:59:59	Name: AppSession Value: c1d0749675f274b812eee7609a219d18
charexempire.com/	1969-12-31 23:59:59	Name: csrfToken Value: 049b0a4c656fec38ec79bf231893a4d227e2bdd230d80bb7abc5b9cb37d137527c2a499071c51aa5878e3ade1a5715c31b7386b6d050419292ce9642d2b38697
zunsoach.com/	1970-01-20 13:11:16	Name: OAID Value: 8ea95cfa23ad4152ba6c177bd46b55f1
zunsoach.com/	1970-01-20 13:11:16	Name: oaidts Value: 1657540780
charexempire.com/	1969-12-31 23:59:59	Name: ab Value: 2
freychang.fun/	1970-01-20 13:04:04	Name: csu Value: 1858824251068119@1@1657540781
my.rtmark.net/	1970-01-20 13:11:16	Name: ID Value: 8ea95cfa23ad4152ba6c177bd46b55f1
.charexempire.com/	1970-01-20 21:56:52	Name: _ga Value: GA1.2.2125012357.1657540781
.charexempire.com/	1970-01-20 04:27:07	Name: _gid Value: GA1.2.2142500170.1657540781
.charexempire.com/	1970-01-20 04:25:40	Name: _gat_gtag_UA_203449028_1 Value: 1
charexempire.com/	1970-01-20 04:25:40	Name: prefetchAd_4166442 Value: true
bedrapiona.com/	1970-01-20 13:11:16	Name: OAID Value: a28cf398c1e74e8aa2fb86811f385bb6
bedrapiona.com/	1970-01-20 13:11:16	Name: oaidts Value: 1657540781
charexempire.com/	1970-01-20 04:25:40	Name: prefetchAd_3868175 Value: true
core.arc.io/	1970-01-20 13:11:16	Name: _immortal\|Arc_nodeId Value: RLzEWojUkeZ5N4PBcLxJV3
charexempire.com/	1970-01-20 04:26:05	Name: a Value: bCHbdlLI393x6bvFnwuQWMaciy1zKCgV
onmarshtompor.com/	1970-01-20 13:11:16	Name: OAID Value: 8ea95cfa23ad4152ba6c177bd46b55f1
onmarshtompor.com/	1970-01-20 13:11:16	Name: oaidts Value: 1657540781
onmarshtompor.com/	1970-01-20 04:35:45	Name: syncedCookie Value: true
charexempire.com/	1970-01-20 04:26:02	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYswQrgFizBCugAGBAsAAIFbvXajfOCL56H4V1C_lQ8gdJfZoYXrbojBMAN4KsvdbwQBHMEUCIG-zxXRXiO2ag_tBtR9s_ZaKtKXmlIH6zrtpD2IqX8aRAiEA3F_OWCEZJiRcYWQA1oI1Z0NDUfZJDC5EPL67qlzGetXCACABOFQISgWvqbBaCTsdFmq7EvSCf30t-62InHe7qes4N8QAECoBBKATOACSAAAAAAAAAAjFABDYDnPq_h0nWZjzf_lj_ADNwwBHMEUCIDubJJ3AyKpxkfejU3LKImg9nCg8Uzem7fv3fi3E9wZIAiEAxYi_Pbuf8CTfO1oFfWaW0aVC_jJl6fVtmq3N2bG1EN8
.arc.io/	1970-01-25 02:32:38	Name: widgetOptState Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222022-07-11T11:59:41.185Z%22%2C%22dismissedAt%22:null}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN,SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
accounts.google.com
adsco.re
arc.io
bedrapiona.com
betteradsystem.com
c.adsco.re
cdnjs.cloudflare.com
charexempire.com
core.arc.io
d2sbzwmcg5amr3.cloudfront.net
datatechonert.com
dzmpfyg2xpxnawizu35tubolxy0uwxyj.lambda-url.us-west-2.on.aws
fonts.googleapis.com
fonts.gstatic.com
freychang.fun
iclickcdn.com
my.rtmark.net
nedassiu.buzz
nedukeratio.lol
onmarshtompor.com
padqxauefmyp.l4.adsco.re
padqxauefmyp.n4.adsco.re
padqxauefmyp.s4.adsco.re
ptaimpeerte.com
static.arc.io
strn.pl
tracker.arc.io
tzegilo.com
warden.arc.io
www.betteradsystem.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
zunsoach.com
4.adsco.re
6.adsco.re
tracker.arc.io
108.138.17.114
138.199.37.226
139.45.195.8
139.45.197.234
139.45.197.243
139.45.197.248
143.204.89.128
162.252.213.208
162.252.214.5
18.223.141.84
185.200.116.90
185.200.118.90
2001:4860:4802:32::178
2600:1f14:50b:9a03:93ff:7a4a:c21c:cc44
2600:9000:2156:6e00:1d:bf0d:abc0:21
2606:4700:20::681a:c76
2606:4700:3030::ac43:dadd
2606:4700:3034::ac43:cdf0
2606:4700:3035::ac43:b467
2606:4700::6811:180e
2606:4700::6811:a6ba
2a00:1450:4001:808::2008
2a00:1450:4001:809::2003
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:82f::200d
2a00:1450:4001:830::2003
2a02:6ea0:c700::18
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3121::3
37.48.68.71
38.132.109.186
54.38.159.160
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a979a15e042f72e191ebfee38b64bc0706a680f28178b474ea5345614088432
0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39
187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
1970a5e7ea5e953e1dad5467121c161df0e8ba1b88f88c7bee593a8120b873aa
1aba7340457f14922d49358f8c50bc193f905c58c97f50a0f383245ccb638fcc
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
268af2d1269e4eeea0040039882ed58a73f302d384a5e03220fd3831b05148af
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d9976250c3ba81f1d8cc82add20288678919d24bbec97cf71784e3e9acbd13e
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0
317bf29ea1b3a734c0cc5043739fdd837c582d4797b9b55f5dd63987dfb2646b
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
3676e16a1358628756bda4274db53b7a9f299e3dfa82ec22301c83ba142ad774
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
36d3384d877fd1dafeea8432ed7ebae097f515147d74b091a12c5cadf16420e5
3a9ec8628f00ea382da58061221a32141740b00d2f0da1f4d434ccc0b53647fa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
401d91f211651ebfc248e4331a679cb741f598007fe2cf6fb327827385a285fe
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
46abf30e96c726906c715f32a1759b8cec412baaadac6f7b8adef77787bb9035
4d9018c96cf959a5b64d9df4dedd97b52e6078ac75d0771e34cbeea89ef19ce0
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b
6220aab27b013f0eb7d29526583072d91fe6d8c79092625d3860cb0e49be0cce
651022474c16d796d15a0e13c3a2ea340168a555a76023bd2af85542869c550a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79592c44add4f87a4f065cff7424387e54450bc5af5ef65018313ab96009f3f2
7cf6e529d3a60d61d3d74b2e6d8011ec86e3d1db43037e161523dd6829b76a33
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca
8c16bd3981deb868d795250af30e9edc46cb0e688a03275625e9bc3811d598a7
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
90fd6d1b7fceb3e8dcc7b33b449be3b22ecd534a30970c0986f557878e6294a8
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
97cd394a16438caec1b127190c322c5d6592da8b13e76128be661c50d19fad1a
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9f2812d14878506b997cf3f5085a6c0a752455059575762e39853569487808c3
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a32f9a853fcc1ee90b4d27d9d85d2e7df1fe2fa2921b701d453ebeb00f86fea2
ab9b2b1aae78b171789a117d8cab6c888040dc8b5e1e4172755bbb534757ad8d
acae4a20981807810d17d8a3113f1069e61ec854531a5641ce8c853e5dffeebe
ae00ed362c2b07290e51d408e25fd8c4f61578a4696f2f9700e642cb2056a99a
b4d029261e0c0d05a7d76da6dda8661650be157905d03d1f5de6bf647a0578fb
bb4c2a434fb8aabac0f1a39da8a41ab83df4c569b346d44f42f3f90d01e5f0b6
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d
ca1455b5f1a34c18e32d4de3027fb5fd0b954c69d63d86c64c8079b7b437202b
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d22743932d07a966df50a56efff4022556c1ad9f6d73f6f130bfe84e9599dcbd
d39b20c4ec809111a1551d5dcaa8acc0787be61a2ca1cff96e82d62ea08ce568
d7c740b75efc6f2ddff507a4d3ddd364f9c825d30d61da464fe5ff109e42cd93
de55c44c772643001da683c8e498aa174490e6e8b6dcd441dbb4f3094ddf3803
de64b3a393f109bb7d59b836c7cb1b690b031e1da1bf442181cef25487296629
e1449dabc78c250e18fca39705e39f27a9ad17cc6e865b72f35ce60da3c75632
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb44d3eabf2f56b948f9fbcecb68077cd4c8c7499388e8e89c75dbffe72c89e1
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1
f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b
f3b315144d3321a9ba3686b5bc6a75a5a94a801b31d52d795eac10917181a5f3
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7
fa7b3e35da2a71abfc95d79864d8b2e23b812657656873452edcf87fe237d452
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

charexempire.com Open in urlscan Pro 2606:4700:3035::ac43:b467 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

97 %HTTPS

55 %IPv6

26 Domains

38 Subdomains

34 IPs

5 Countries

2502 kBTransfer

5324 kBSize

21 Cookies

9 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

charexempire.com Open in urlscan Pro
2606:4700:3035::ac43:b467 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

97 %
HTTPS

55 %
IPv6

26
Domains

38
Subdomains

34
IPs

5
Countries

2502 kB
Transfer

5324 kB
Size

21
Cookies

104 HTTP transactions
11 data transactions