www.ghosthack.de Open in urlscan Pro
37.228.157.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://trk.klclick.com/ls/click?upn=TvbKweZ3beJRy-2FiBny6SFCVq7FC7Oxj954wpUklOIML4bs-2BsY0YjHdOWzcleRe57VHM2M1T-2BHuc1E...
Effective URL:
https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campa...
Submission: On December 01 via manual (December 1st 2023, 3:01:00 pm UTC) from RO — Scanned from DE

Summary HTTP 88 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 17 domains to perform 88 HTTP transactions. The main IP is 37.228.157.11, located in Germany and belongs to PHH-AS, DE. The main domain is www.ghosthack.de.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 25th 2023. Valid for: a year.

This is the only time www.ghosthack.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:214... 2600:9000:214f:a200:14:c8fd:7700:93a1	16509 (AMAZON-02) (AMAZON-02)
21	37.228.157.11 37.228.157.11	34432 (PHH-AS) (PHH-AS)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.222.236.60 52.222.236.60	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	65.9.66.85 65.9.66.85	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
5	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
9	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6812:2bb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
88	22

1 2600:9000:214f:a200:14:c8fd:7700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 37.228.157.11 (Germany)

ASN34432 (PHH-AS, DE)
PTR: cybercrimeschutz.ph.de

www.ghosthack.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.236.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-60.fra56.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-85.fra56.r.cloudfront.net

cdn1.stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:2bb (United States)

ASN13335 (CLOUDFLARENET, US)

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ghosthack.de www.ghosthack.de	1 MB
14	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1544 ka-p.fontawesome.com — Cisco Umbrella Rank: 3304	37 KB
11	paypal.com www.paypal.com — Cisco Umbrella Rank: 2085 t.paypal.com — Cisco Umbrella Rank: 2568	296 KB
11	klaviyo.com static.klaviyo.com — Cisco Umbrella Rank: 2510 static-tracking.klaviyo.com — Cisco Umbrella Rank: 3203 a.klaviyo.com — Cisco Umbrella Rank: 2925	41 KB
5	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 4867	26 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	139 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1965	33 KB
3	stamped.io cdn1.stamped.io — Cisco Umbrella Rank: 11153	59 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	235 B
2	google.de www.google.de — Cisco Umbrella Rank: 6765	562 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	710 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	179 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	61 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	72 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	klclick.com 1 redirects trk.klclick.com — Cisco Umbrella Rank: 8608	605 B
88	17

	Domain	Requested by
21	www.ghosthack.de	www.ghosthack.de
13	ka-p.fontawesome.com	kit.fontawesome.com www.ghosthack.de
9	www.paypal.com	www.ghosthack.de www.paypal.com www.paypalobjects.com
6	a.klaviyo.com	static-tracking.klaviyo.com
5	widget.trustpilot.com	www.ghosthack.de widget.trustpilot.com
4	connect.facebook.net	www.ghosthack.de connect.facebook.net
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
3	static.klaviyo.com	www.ghosthack.de static.klaviyo.com
3	cdn1.stamped.io	www.ghosthack.de cdn1.stamped.io
2	www.facebook.com	www.ghosthack.de
2	www.google.de	www.ghosthack.de
2	t.paypal.com	www.ghosthack.de
2	static-tracking.klaviyo.com	static.klaviyo.com
2	www.googletagmanager.com	www.ghosthack.de www.googletagmanager.com
2	maxcdn.bootstrapcdn.com	www.ghosthack.de maxcdn.bootstrapcdn.com
1	www.google.com	www.ghosthack.de
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.ghosthack.de
1	fonts.googleapis.com	www.ghosthack.de
1	kit.fontawesome.com	www.ghosthack.de
1	trk.klclick.com	1 redirects
88	24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
soundcloud.com
www.instagram.com
discord.com
ghosthack.idevaffiliate.com

Subject Issuer	Validity	Valid
*.ghosthack.de Sectigo RSA Domain Validation Secure Server CA	`2023-10-25` - `2024-11-14`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M02	`2023-02-02` - `2024-03-02`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
*.stamped.io Amazon RSA 2048 M02	`2023-09-11` - `2024-10-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
static.klaviyo.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-24` - `2024-06-23`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-09` - `2023-12-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Frame ID: 3C858211491D8C535DF30485AC88A8A9
Requests: 73 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5cd702fb0fb4a100010dc160
Frame ID: 0C3C67D8A6CDD963638A8F2A22A7F9C1
Requests: 4 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_hdomhxlviuzhqekismnvtnhvqejrfv&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUllhcVVDR0ZtZWcyMk5UQ09VUmVXa19zQ3kxV29BdVZpOEhHdXR6N2YyOG9lMWloRVBvMkZqRHBCQWxXdjZQSmdta2RicGtPYkdhNVdpbCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZW5fR0ImY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vJm1lcmNoYW50LWlkPUhaQlNSVVFMS1VHMjQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9oZG9taHhsdml1emhxZWtpc21udnRuaHZxZWpyZnYifX0&env=production&scriptUID=uid_hdomhxlviuzhqekismnvtnhvqejrfv&version=1.51.0&integrationType=SDK
Frame ID: EFE978F6D3A892AC54C47BE976987BDD
Requests: 4 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: DF450804813CB087E6BA2E90E0834E8C
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E6004B00EF98E79752FE4F2B0F6171E7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Advent Calendar 2023

Page URL History Show full URLs

http://trk.klclick.com/ls/click?upn=TvbKweZ3beJRy-2FiBny6SFCVq7FC7Oxj954wpUklOIML4bs-2BsY0YjHdOWzcl... HTTP 302
https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_mediu... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

99 %
HTTPS

59 %
IPv6

17
Domains

24
Subdomains

22
IPs

3
Countries

2021 kB
Transfer

5787 kB
Size

13
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Ghosthack2501/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/ghosthack

Search URL Search Domain Scan URL

URL: https://soundcloud.com/ghosthack

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ghosthack_audio/

Search URL Search Domain Scan URL

URL: https://discord.com/invite/gSsGF33Jxe

Search URL Search Domain Scan URL

URL: https://ghosthack.idevaffiliate.com/
Title: Affiliate Program

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://trk.klclick.com/ls/click?upn=TvbKweZ3beJRy-2FiBny6SFCVq7FC7Oxj954wpUklOIML4bs-2BsY0YjHdOWzcleRe57VHM2M1T-2BHuc1EP9IUw3oa5qlzskr5S-2FU4B5tJ3w8XahnAa-2FhIHoJwO8GLTlM-2BWCDNvYRcDOGTqT47eAguDwgVIKN-2BtLYYR2DAOeOg85yUDGOcd6UdHsPNxyrnisdDWm-2BSs4q6xG1s3vj9n5BOX2OK32nu6aXGPEk0PnntkIF0Wh0b6dALKxPf3lkfIErZvnrr5l6fdUKeLNclk5RflLfAPFvDD5Zv20u6IGybOShnIs-3DRVC__jnMEp-2FSt4-2FIprv-2F5wpE3RsxHxv27N61U0xMxGVe5hAfe9s8HftITDbOGIw6oqKMt37UVVXMSYC2yeX8RtqA3QsDYrtyxus-2FXtlXol125cw6Sef6Mltoo81UMWUgoWrKWnlQH-2FaG-2BHqABnqxQhBhYT-2FiRjUSgL9f1z7mo4qP-2BEp8Sxaz9L0uSL-2FwyAxrm1pk97uOvxybuZhBJtL1JXDH3PGxnQ28Iitv-2Byrp-2FxCFu4SC37WBBdqWwhqutCHYGTvQpzjUEH7QP-2BMreo2ZYJIu1xT6n7YqnD3ntD-2FpmArD9OnF5Zr396Xdg7e74XAfbNm5sAcgz8anwMFHesHC5mGWC36pxzJP5eEw4WO2SOClKoYaMSDAFiCoySMwx6XYjJZar-2B-2Ba-2BY8tfzpnuIejXsqiECaK2dGQVWYC0rFVpxbm9BDWjNp4vHihc-2Bak-2BksLU6gUiDlKKlmvK4GQZYqgYHwPs0Q-3D-3D HTTP 302
https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/
Redirect Chain

http://trk.klclick.com/ls/click?upn=TvbKweZ3beJRy-2FiBny6SFCVq7FC7Oxj954wpUklOIML4bs-2BsY0YjHdOWzcleRe57VHM2M1T-2BHuc1EP9IUw3oa5qlzskr5S-2FU4B5tJ3w8XahnAa-2FhIHoJwO8GLTlM-2BWCDNvYRcDOGTqT47eAguDwgV...
https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D...

174 KB
16 KB

568ms
453ms

Document
text/html

37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx / PHP/8.1.21

Resource Hash

de9a4b18543273e7b2405b9ebd88bc34120962a84844e0ce48889410d9ccbd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: no-cache, private
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 15:00:53 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: deny
x-powered-by: PHP/8.1.21

Redirect headers

Connection: keep-alive
Content-Length: 239
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Dec 2023 15:00:52 GMT
Location: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Server: nginx
Via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Q9mX98eoQRbJuth15d32ggv--Qjyd3p7o7GgH7ZKq4QS8LTKz3gjqQ==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Miss from cloudfront
X-Robots-Tag: noindex, nofollow

GET
H2 200 all.css
www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/css/ 513 KB
65 KB 140ms
139ms Stylesheet
text/css 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/css/all.css?1701425443
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: 5153dc06cb358e715bf83260d4136a1a39e894b3255e6e3143872e98a38014ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: br
last-modified: Fri, 01 Dec 2023 10:10:43 GMT
server: nginx
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-type: text/css

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 452ms
52ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1047
age: 1588260
cdn-cachedat: 10/31/2023 18:58:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 636c547408716b12e0429001e52d27d0
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 82ec33cb6baf918f-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.5.1.min.js Show response
www.ghosthack.de/bundles/ghosthackplugin/ 87 KB
30 KB 90ms
90ms Script
application/javascript 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghosthack.de/bundles/ghosthackplugin/jquery-3.5.1.min.js?1701267344
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:15:44 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 30310

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 139ms
44ms Script
application/x-javascript 52.222.236.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 06:43:49 GMT
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 29824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: RlJqopbw6YKKXiX0AAqagAAMyis4Js4MQ2sEFCeH1pbxKzda5btu3A==

GET
H2 200 all.js Show response
www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/js/ 809 KB
183 KB 177ms
176ms Script
application/javascript 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/js/all.js?1701425443
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: 83e85960f7744b703a8e2a8927b36c5aae903d3bc7584abf233f90e081679a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: br
last-modified: Fri, 01 Dec 2023 10:10:43 GMT
server: nginx
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-type: application/javascript

GET
H2 200 gh-logo.webp
www.ghosthack.de/media/8a/af/f5/1667900153/ 6 KB
6 KB 92ms
91ms Image
image/webp 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghosthack.de/media/8a/af/f5/1667900153/gh-logo.webp
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: c4174c47280716744d8467ec955aa41f4f291f6d618b76cfd05b52ca91de2026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
last-modified: Tue, 08 Nov 2022 09:35:53 GMT
server: nginx
accept-ranges: bytes
content-length: 6122
vary: User-Agent
content-type: image/webp

GET
H2 200 swag_paypal_paypal.svg
www.ghosthack.de/media/ae/41/e8/1665145975/ 3 KB
2 KB 101ms
101ms Image
image/svg+xml 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ghosthack.de/media/ae/41/e8/1665145975/swag_paypal_paypal.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx /

Resource Hash

14b6f563744f176df1a746f53ad3a25d9effcb7bf9ffeba3ed534fb83bf905fe

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: gzip
content-security-policy: script-src 'none'
last-modified: Fri, 07 Oct 2022 12:32:55 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1404

GET
H2 200 creditcard-icon.svg
www.ghosthack.de/media/f6/5c/65/1698156805/ 4 KB
1 KB 93ms
93ms Image
image/svg+xml 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ghosthack.de/media/f6/5c/65/1698156805/creditcard-icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx /

Resource Hash

7f4d40304501d047f81350a9bd37f5b9d5d6aad0efc97b633a132bb164eb2393

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: gzip
content-security-policy: script-src 'none'
last-modified: Tue, 24 Oct 2023 14:13:25 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1131

GET
H2 200 applepay-icon.svg
www.ghosthack.de/media/3d/f1/f3/1698156804/ 3 KB
2 KB 81ms
81ms Image
image/svg+xml 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ghosthack.de/media/3d/f1/f3/1698156804/applepay-icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx /

Resource Hash

505ddbc5d0a98c14413bb2effd196195e39b88c028798d2a8e1ec7b6b7052020

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: gzip
content-security-policy: script-src 'none'
last-modified: Tue, 24 Oct 2023 14:13:24 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1435

GET
H2 200 giropay-icon.svg
www.ghosthack.de/media/70/f2/7f/1698156805/ 1 KB
942 B 116ms
115ms Image
image/svg+xml 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ghosthack.de/media/70/f2/7f/1698156805/giropay-icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx /

Resource Hash

86ae263c57a706726f067fc5b0065c881e4b9bce4896bb6413a645e61cca7089

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: gzip
content-security-policy: script-src 'none'
last-modified: Tue, 24 Oct 2023 14:13:25 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 741

GET
H2 200 ideal-icon.svg
www.ghosthack.de/media/b4/45/82/1698156805/ 2 KB
1 KB 118ms
117ms Image
image/svg+xml 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ghosthack.de/media/b4/45/82/1698156805/ideal-icon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx /

Resource Hash

5b14a93ac586971384553276934b97aa11785eabbb636d2a8c29c4f50cb3e6ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: gzip
content-security-policy: script-src 'none'
last-modified: Tue, 24 Oct 2023 14:13:25 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
accept-ranges: bytes
content-length: 916

GET
H2 200 audioplayer.js Show response
www.ghosthack.de/bundles/ghosthackplugin/mp3player/source/audioplayer/ 162 KB
39 KB 64ms
63ms Script
application/javascript 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghosthack.de/bundles/ghosthackplugin/mp3player/source/audioplayer/audioplayer.js?1701267344
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: bf5faec068976dad382e7e353450d50945a0aefb24be237f253e03ceea72044a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:15:44 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 39975

GET
H2 200 dzsap-wave-generator.js Show response
www.ghosthack.de/bundles/ghosthackplugin/mp3player/source/audioplayer/ 40 KB
12 KB 127ms
126ms Script
application/javascript 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghosthack.de/bundles/ghosthackplugin/mp3player/source/audioplayer/dzsap-wave-generator.js?1701267344
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: 07d6acc7ffb2194340187d55281bf165132aeef7d126e4cbb964b35f8566dcb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:15:44 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 11849

GET
H2 200 wavesurfer.js Show response
www.ghosthack.de/bundles/ghosthackplugin/mp3player/source/audioplayer/ 67 KB
15 KB 94ms
93ms Script
application/javascript 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghosthack.de/bundles/ghosthackplugin/mp3player/source/audioplayer/wavesurfer.js?1701267344
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: a8cf1d006773bf1671c077320277aacfe579aea9d2054a52c85feb02e6971e76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:15:44 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 14707

GET
H2 200 jquery.countdown.min.js Show response
www.ghosthack.de/bundles/ghosthackplugin/countdown/ 5 KB
2 KB 93ms
93ms Script
application/javascript 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghosthack.de/bundles/ghosthackplugin/countdown/jquery.countdown.min.js?1701267344
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: 8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:15:44 GMT
server: nginx
vary: Accept-Encoding,User-Agent
content-type: application/javascript
accept-ranges: bytes
content-length: 2240

GET
H2 200 75d80bd354.js Show response
kit.fontawesome.com/ 12 KB
5 KB 312ms
216ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/75d80bd354.js
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61d33fff698fbe7d41ef4ede443449b5c87660f426f526b3f223a3a3a76066c6

Request headers

Referer: https://www.ghosthack.de/
Origin: https://www.ghosthack.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 82ec33cc6829692e-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F5yE-y3KXo7UocYAUhWi

GET
H2 200 widget.min.js Show response
cdn1.stamped.io/files/ 102 KB
31 KB 159ms
46ms Script
application/javascript 65.9.66.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.js
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 680821099ccc3f909e4e7a0bf1ea20b50b34edb28b8259bc10799468192874f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: yiYflH7rOk.yZXEYjN2qPq07lawVr.FU
content-encoding: gzip
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
date: Thu, 30 Nov 2023 19:18:10 GMT
x-amz-cf-pop: FRA56-C1
age: 70965
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 23 Nov 2023 19:11:01 GMT
server: AmazonS3
etag: W/"8022adab2b5aed2c1b168cd899d441ab"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
x-amz-cf-id: H2tLEdWcxHoh0_TGCUBcqpkwcsgEWedLKBa_HBDK1LmTMIIJIHytYA==

GET
DATA 200
OK truncated
/ 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b87e30b4f359fa2fe1621eccb7711c25635ab0b69cc1502516bf52df6af28410

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 gh-2023-black-friday-bg.jpg
www.ghosthack.de/media/bb/87/6f/1700128301/ 40 KB
40 KB 97ms
96ms Image
image/jpeg 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghosthack.de/media/bb/87/6f/1700128301/gh-2023-black-friday-bg.jpg
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/css/all.css?1701425443
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: bc7fdd3a3d48e50358b5929668adc768c130497951b71e094e5e734b7a39051e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/css/all.css?1701425443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
last-modified: Thu, 16 Nov 2023 09:51:41 GMT
server: nginx
accept-ranges: bytes
content-length: 40927
content-type: image/jpeg

GET
H2 200 gh-advent-calendar-2023-bg-1400.jpg
www.ghosthack.de/theme/4b1e70f5e0574ddb8591de4174442b6e/assets/advent-calendar-23/ 336 KB
336 KB 95ms
95ms Image
image/jpeg 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ghosthack.de/theme/4b1e70f5e0574ddb8591de4174442b6e/assets/advent-calendar-23/gh-advent-calendar-2023-bg-1400.jpg
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/css/all.css?1701425443
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: b2e77b0bdcb487395f4773607636fbe94e269ad8b81be8d355cc41f87c935415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/css/all.css?1701425443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
last-modified: Fri, 01 Dec 2023 10:10:43 GMT
server: nginx
accept-ranges: bytes
content-length: 343562
content-type: image/jpeg

GET
H2 200 OpenSans-VariableFont_wdth,wght.ttf
www.ghosthack.de/bundles/ghosthackplugin/fonts/ 517 KB
321 KB 142ms
142ms Font
application/x-font-ttf 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ghosthack.de/bundles/ghosthackplugin/fonts/OpenSans-VariableFont_wdth,wght.ttf
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/css/all.css?1701425443
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),
Reverse DNS: cybercrimeschutz.ph.de
Software: nginx /
Resource Hash: d1b1331ba90e949be8664b073976b4f0369b831f381e13e506d728e50ce29083

Request headers

Referer: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/css/all.css?1701425443
Origin: https://www.ghosthack.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:53 GMT
content-encoding: br
last-modified: Wed, 29 Nov 2023 14:15:44 GMT
server: nginx
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-type: application/x-font-ttf

GET
H2 200 pro-v4-shims.min.js Show response
ka-p.fontawesome.com/releases/v6.5.1/js/ 27 KB
8 KB 76ms
64ms Fetch
application/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/js/pro-v4-shims.min.js?token=75d80bd354
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/75d80bd354.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b06bb41004d7fcd9051c499749c319244ffdacf890af122d1b9be2f413fb43ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:54 GMT
server: cloudflare
age: 61881
etag: "6568c5a2-1df2"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 82ec33cdd9a3692e-FRA
content-length: 7666

GET
H2 200 pro.min.js Show response
ka-p.fontawesome.com/releases/v6.5.1/js/ 60 KB
18 KB 73ms
61ms Fetch
application/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/js/pro.min.js?token=75d80bd354
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/75d80bd354.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e1f1cd3369c758e19b92899eac17de20750b6888d0600673811208162dab08d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:25:54 GMT
server: cloudflare
age: 61881
etag: "6568c5a2-4583"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 82ec33cdd9a5692e-FRA
content-length: 17795

GET
H2 200 widget.min.css
cdn1.stamped.io/files/ 105 KB
18 KB 48ms
47ms Stylesheet
text/css 65.9.66.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.css
Requested by: Host: cdn1.stamped.io
URL: https://cdn1.stamped.io/files/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 621d3307d6abb417c3190b7116359afb5bc6e4523482803b3cd544dfc7f2f3f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: PXVPfhYGgPUPIXHH4NYmY0in0DdLAlIg
content-encoding: gzip
via: 1.1 14b10bd09a0531ef477d0a404ca26900.cloudfront.net (CloudFront)
date: Fri, 01 Dec 2023 13:49:43 GMT
last-modified: Wed, 30 Aug 2023 18:53:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4277
x-amz-server-side-encryption: AES256
etag: W/"d9b8def00576b61976ba25954bcd4115"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: FFI6zRyKFkA-uqHVrYc78b_5KVcvNTwVSMrowtTPWde9bVkZogUv3g==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 145ms
51ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: www.ghosthack.de
URL: https://www.ghosthack.de/bundles/ghosthackplugin/jquery-3.5.1.min.js?1701267344

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a5471e7115bde2b91f8be92a788450b08b18f306ef7a2dce93064bafb3f93d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 13:34:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 15:00:54 GMT

GET
H2 200 hotjar-3568715.js Show response
static.hotjar.com/c/ 9 KB
4 KB 170ms
78ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3568715.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

bc44b1aec756f0363effd616706c0b7439b8aabc46b0915ba3a81a82604413e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 15:00:54 GMT
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/54675cfcad3dca6683a753dcdf9b8626
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Dj9zX3AKNrxzSWuJSezF4nmTFr3-wiwWLKJYu0J6gOSEPFY1Ll3oRQ==

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
2 KB 150ms
42ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W3gERP

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1dbbd9c2c33b5d7f8e634f1db54a101c544386dadfe195473f5bce1ea27e8d1f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 01 Dec 2023 15:00:54 GMT
age: 158
x-cache: HIT, HIT
content-length: 924
x-served-by: cache-lga21929-LGA, cache-fra-eddf8230122-FRA
server: nginx
x-timer: S1701442854.265829,VS0,VE2
etag: W/"bd61c8ea418ce9c8b3d981e4b1bc6021"
allow: OPTIONS, GET
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 5, 1

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 0C3C 6 KB
2 KB 40ms
40ms Document
text/html 52.222.236.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5cd702fb0fb4a100010dc160

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ghosthack.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27663
cache-control: max-age=86400
content-encoding: gzip
content-length: 1930
content-type: text/html
date: Fri, 01 Dec 2023 07:19:52 GMT
etag: "1b1a56d9c9fcf8acab07f238231461df"
last-modified: Mon, 08 May 2023 11:42:34 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-id: G8sY-bZyi-vs2NDyYOaPL_OYXYANYRvkyjetbpLqd0pX-8PWM5a7XA==
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 info Show response
www.ghosthack.de/widgets/checkout/ 0
252 B 495ms
495ms XHR
text/plain 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghosthack.de/widgets/checkout/info

Requested by

Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/js/all.js?1701425443

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx / PHP/8.1.21

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-powered-by: PHP/8.1.21
x-frame-options: deny
vary: User-Agent
cache-control: no-cache, private
expires: Fri, 01 Dec 2023 15:00:54 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 511 KB
142 KB 140ms
46ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARYaqUCGFmeg22NTCOUReWk_sCy1WoAuVi8HGutz7f28oe1ihEPo2FjDpBAlWv6PJgmkdbpkObGa5Wil&commit=true&locale=en_GB&currency=EUR&intent=capture&enable-funding=paylater,venmo&merchant-id=HZBSRUQLKUG24

Requested by

Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/js/all.js?1701425443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e44b57b4db32ef3f69509d3364313ea42deb4f5d86d952fae1d23ab47d03b6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-yvTZnV9Abp9N5T7OI/GIoPXg5/jop/IpPmeL8Hq7WeW4oxGT' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-yvTZnV9Abp9N5T7OI/GIoPXg5/jop/IpPmeL8Hq7WeW4oxGT' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-yvTZnV9Abp9N5T7OI/GIoPXg5/jop/IpPmeL8Hq7WeW4oxGT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-yvTZnV9Abp9N5T7OI/GIoPXg5/jop/IpPmeL8Hq7WeW4oxGT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Fri, 01 Dec 2023 15:00:54 GMT
age: 2100
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f9803908f36f5
server-timing: "traceparent;desc="00-0000000000000000000f9803908f36f5-8035057125756cf8-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 143072
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f9803908f36f5-1378c9d156cdd8eb-01
x-timer: S1701442854.279145,VS0,VE6
etag: W/"22ee0-+KNQ53YSN0SyVAq0g8F6PiGC36I"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 200 customer Show response
www.ghosthack.de/mm-fp/ 2 B
316 B 510ms
509ms XHR
application/json 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghosthack.de/mm-fp/customer

Requested by

Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/js/all.js?1701425443

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx / PHP/8.1.21

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: br
server: nginx
x-powered-by: PHP/8.1.21
x-frame-options: deny
vary: Accept-Encoding,User-Agent
content-type: application/json
cache-control: no-cache, private
expires: Fri, 01 Dec 2023 15:00:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
78 KB 150ms
58ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KLPMW3C

Requested by

Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/js/all.js?1701425443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95f19bd809c9848a2f1355147c3ca6989002df35295945bd269c7a06c837a992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 15:00:54 GMT

GET
H2 200 stamped-font.ttf
cdn1.stamped.io/fonts/ 9 KB
10 KB 126ms
43ms Font
application/octet-stream 65.9.66.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/fonts/stamped-font.ttf?rkevfi
Requested by: Host: cdn1.stamped.io
URL: https://cdn1.stamped.io/files/widget.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-85.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2f365310c35cf84e0ab011e82072fe91bb97f1e7a159fb7806e4f79172bec33

Request headers

Referer: https://cdn1.stamped.io/files/widget.min.css
Origin: https://www.ghosthack.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: _V6WBlqz0lmBWtouLz.12uaxh7Ni128J
date: Fri, 01 Dec 2023 13:49:46 GMT
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 4275
x-cache: Hit from cloudfront
content-length: 9536
last-modified: Tue, 02 Aug 2022 18:16:43 GMT
server: AmazonS3
etag: "65f2d065c065a7b14fc738aefae5e847"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: NTTGFVQcEOEu4tX00G-JGX7nEZeS6glFRXyR0kyNkp4Vy3jrED8zzQ==

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/ Frame 0C3C 50 KB
16 KB 46ms
46ms Script
application/x-javascript 52.222.236.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5cd702fb0fb4a100010dc160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-60.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5cd702fb0fb4a100010dc160
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 09:13:23 GMT
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 20853
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15571
x-xss-protection: 1; mode=block
last-modified: Mon, 08 May 2023 11:42:56 GMT
server: AmazonS3
etag: "f90daf8c8f47c6afab7d4e27466118b5"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 2fqhdnrFQ6ec33CoQ1Kx9p-SA4a1ymN_YPM2nQi3SrQfWVoX6Uk1pQ==

GET
H2 200 cloud-arrow-down.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/ 693 B
524 B 71ms
70ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/cloud-arrow-down.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94cbf967a5e51dd92d9b23f49140c1e6d09ad8588f4c2d47b8372c016bc6db87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:48:07 GMT
server: cloudflare
age: 61880
etag: W/"6568cad7-2b5"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b1d692e-FRA

GET
H2 200 file-certificate.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/ 2 KB
937 B 71ms
71ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/file-certificate.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88275ff5c59ecf7f2f1b4d7b4f0216ac1051ccdcb9847f715e0f457e8846d1a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:48:18 GMT
server: cloudflare
age: 61880
etag: W/"6568cae2-652"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b22692e-FRA

GET
H2 200 badge-check.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/sharp-solid/ 718 B
510 B 68ms
67ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/sharp-solid/badge-check.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2283746d5ee25d4d5a6e85c473ea976d0fb67ad0ba41f67ed20bb492d58e1d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:41:43 GMT
server: cloudflare
age: 61880
etag: W/"6568c957-2ce"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b27692e-FRA

GET
H2 200 rotate-left.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/ 600 B
485 B 62ms
62ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/rotate-left.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01ca8c2e25a3496737208667a5fb89f26d4c360dcfd752db50194a82e58679e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:48:51 GMT
server: cloudflare
age: 61880
etag: W/"6568cb03-258"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b29692e-FRA

GET
H2 200 star.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/ 582 B
474 B 70ms
69ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/star.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d4f30cba18af4e33d0d2f8259e937a09a6fb30079e8009d2d29278fa477cc26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:48:59 GMT
server: cloudflare
age: 61880
etag: W/"6568cb0b-246"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b2c692e-FRA

GET
H2 200 bolt.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/ 489 B
430 B 61ms
59ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/solid/bolt.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93e4adbab6a53d86a378d30db5c74a14006473cb12ad9ea4fe249459025ff0c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:47:54 GMT
server: cloudflare
age: 61880
etag: W/"6568caca-1e9"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b33692e-FRA

GET
H2 200 facebook-square.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/ 515 B
448 B 61ms
60ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/facebook-square.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e868611d567f04f874e3fdd2fc53f140fb8282e9d976014aea30a2b247d247c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:00 GMT
server: cloudflare
age: 61880
etag: W/"6568c5a8-203"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b35692e-FRA

GET
H2 200 youtube-square.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/ 692 B
515 B 63ms
62ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/youtube-square.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45e43ca39428214acebf5c8bdf12aebb461a8e581f12e44140cbc5209535e5f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:20 GMT
server: cloudflare
age: 61880
etag: W/"6568c5bc-2b4"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b36692e-FRA

GET
H2 200 soundcloud.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/ 2 KB
1 KB 62ms
61ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/soundcloud.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acb96efcc4cb76c0d3b65320d65c1c192782f629335f9fe7faea750187e8ae9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:06 GMT
server: cloudflare
age: 61880
etag: W/"6568c5ae-934"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b38692e-FRA

GET
H2 200 instagram.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/ 1 KB
669 B 65ms
64ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/instagram.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec6ad27e3507a24bbcf6d46e5380b558d95c3376bb04bc2e00e0bd5c75a419e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:03 GMT
server: cloudflare
age: 61879
etag: W/"6568c5ab-492"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf5b39692e-FRA

GET
H2 200 discord.svg Show response
ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/ 2 KB
832 B 96ms
96ms Fetch
image/svg+xml 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v6.5.1/svgs/brands/discord.svg?token=75d80bd354
Requested by: Host: www.ghosthack.de
URL: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88680da984897b940d2b500e8021bca741d3d135e17754758ff0234fd331fe78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 17:26:00 GMT
server: cloudflare
age: 28341
etag: W/"6568c5a8-606"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 82ec33cf9b79692e-FRA

GET
H2 200 modules.28e3191d8757c557b4b7.js Show response
script.hotjar.com/ 227 KB
57 KB 153ms
45ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.28e3191d8757c557b4b7.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3568715.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:01:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 694788
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 57395
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "1ab24a53e715dcb189ab626bacc0e88b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: j1cj-tbdKkUpFB_xmQ7buiKjs3Qopw9sxSPnC-GGi-YCCa2bmefv8A==

GET
H2 200 53aa8807dec7e10d38f59f32 Show response
widget.trustpilot.com/trustbox-data/ Frame 0C3C 883 B
810 B 54ms
54ms XHR
application/json 52.222.236.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/53aa8807dec7e10d38f59f32?businessUnitId=5cd702fb0fb4a100010dc160&locale=en-US

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-60.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

3140eeae495540c8be1813600cfa756b3dcbf9bdcf5f34498ccec7f78aaac970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5cd702fb0fb4a100010dc160
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 15:00:54 GMT
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
age: 25
etag: "f47900d4891b8136b5354971cd306b8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
x-amz-cf-id: ok9vMTF9Iya6jmvF8Yu1-imyhvLkyCoLB_UBatjN3dEtksxblefoeA==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame 0C3C 0
321 B 81ms
81ms XHR
text/plain 52.222.236.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=150px&styleWidth=100%25&theme=dark&url=https%3A%2F%2Fwww.ghosthack.de%2FService%2FFree-Sample-Packs%2FAdvent-Calendar-2023%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3Dadvent_calendar_leads%26_kx%3DWlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%253D.W3gERP&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.199%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=5cd702fb0fb4a100010dc160&widgetId=53aa8807dec7e10d38f59f32

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-60.fra56.r.cloudfront.net

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/53aa8807dec7e10d38f59f32/index.html?templateId=53aa8807dec7e10d38f59f32&businessunitId=5cd702fb0fb4a100010dc160
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:00:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: ID0r37gF3L-ErZjVEPLRioofTClacOoo3svYhStsSa2FNYH9vqMqrg==
x-xss-protection: 1; mode=block

GET
H2 200 fender_analytics.89f34df06656c3dc9d28.js Show response
static-tracking.klaviyo.com/onsite/js/ 30 KB
12 KB 139ms
40ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W3gERP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73aafae1eeecc20073d809ed9e267a6e4a02ed205a262e0841ec90c7fb017c7e

Request headers

Referer: https://www.ghosthack.de/
Origin: https://www.ghosthack.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: fPTrWbuKN.iZ3tb8Xlagsf4qSwkCTQLU
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 01 Dec 2023 15:00:54 GMT
x-amz-request-id: AS5JSHBQ4B2AEEV8
age: 162
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 11635
x-amz-id-2: 2ZH3/XjxHpno7wb3JtF2ui7PNyu9QnGqBSKPDdLlSsN3zknkexl5VV0Jc8UXyguhvFjY1LURqOs=
x-served-by: cache-lga13626-LGA, cache-fra-eddf8230048-FRA
last-modified: Mon, 06 Nov 2023 18:18:30 GMT
server: AmazonS3
etag: "bb49f17f755f19e389ff56fdf58385b4"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a957c60a472df3e447f40628303353bdd959aba8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 56, 202

GET
H2 200 static.500134348b1f0969ffe3.js Show response
static-tracking.klaviyo.com/onsite/js/ 2 KB
2 KB 138ms
40ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W3gERP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer: https://www.ghosthack.de/
Origin: https://www.ghosthack.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: a.8vL6w09uHoOx__c8l8Rss._YtP0zbq
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 01 Dec 2023 15:00:54 GMT
x-amz-request-id: AS5HKYSNDWHFWQPJ
age: 162
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 985
x-amz-id-2: lb2mEKN6as878KkhLA8/+6rSwe2GSwSFSq6iDg+a3Gf6YOkZB1bMgWyDkQdIjlUEPhfTP4+Fl00=
x-served-by: cache-lga21976-LGA, cache-fra-eddf8230048-FRA
last-modified: Mon, 06 Nov 2023 18:18:30 GMT
server: AmazonS3
etag: "64de10774c3382fe4adddab07ea17f0d"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a957c60a472df3e447f40628303353bdd959aba8
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 16, 206

GET
H2 200 runtime.d475a4bf5d580151a64e.js Show response
static.klaviyo.com/onsite/js/ 19 KB
9 KB 134ms
39ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/runtime.d475a4bf5d580151a64e.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W3gERP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05e64eb1a41777b3799018608f07170dc4f940c043b1d6bc33e2a0008fe00a22

Request headers

Referer: https://www.ghosthack.de/
Origin: https://www.ghosthack.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: lM839VchcRU1zliOKYV1Zm.1xKoA7YCn
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 01 Dec 2023 15:00:54 GMT
x-amz-request-id: X71V7VPE2GE3TJFG
age: 162
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 8169
x-amz-id-2: 7DueISHxV8ZQ43yLtKHUsHYSDGExolOcMpeMnqjIRS8dYXPm6/RfXjRs0Z0C8Mz4xyoccvSXL8Y=
x-served-by: cache-lga13626-LGA, cache-fra-eddf8230135-FRA
last-modified: Thu, 30 Nov 2023 20:34:36 GMT
server: AmazonS3
etag: "dea007a286991c20af82d8110d3440ce"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: a833e5db385ebff4c67f32203df578fa8f6c54e4
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 20, 184

GET
H2 200 sharedUtils.0c788129d9608099c20f.js Show response
static.klaviyo.com/onsite/js/ 43 KB
17 KB 134ms
40ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.0c788129d9608099c20f.js?cb=1
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=W3gERP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bdf2f8c72b77c5c55f4a1e81a2ad47f61bd229032039847e4b8524cf37ba409

Request headers

Referer: https://www.ghosthack.de/
Origin: https://www.ghosthack.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: kzc2e.TRnzsGRbze_RLkqvyXsDVzZ3a9
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 01 Dec 2023 15:00:54 GMT
x-amz-request-id: 5YJBDEBWDFSVBH33
age: 162
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 16779
x-amz-id-2: BsTTkdcDmEY4KQWDkecDeYkYel/T2i6XNfWBU1R3wWlrTf57l53tYjrONkFtut1F+4Z1BILXdYu4341XhZr59bvxkHIqEA7iUIuYbZlNNMY=
x-served-by: cache-lga21922-LGA, cache-fra-eddf8230135-FRA
last-modified: Thu, 30 Nov 2023 19:20:08 GMT
server: AmazonS3
etag: "ff7ef0581c0c014e4d5b98ed9f704873"
vary: Accept-Encoding
x-amz-meta-entrypoints-hash: bcf113fc86cc941cd04ad749b126dd7ee5ade03b
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
x-cache-hits: 28, 185

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/ 65 KB
66 KB 145ms
54ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Origin: https://www.ghosthack.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 305091
cdn-cachedat: 08/15/2022 13:52:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 66624
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "db812d8a70a4e88e888744c1c9a27e89"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 853300bcb40c3a7fc10b5e24065bb753
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 82ec33d038765d9e-FRA
cdn-requestpullsuccess: True

GET
H2 200 local Show response
www.paypal.com/credit-presentment/experiments/ Frame EFE9 5 KB
2 KB 47ms
47ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_hdomhxlviuzhqekismnvtnhvqejrfv&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUllhcVVDR0ZtZWcyMk5UQ09VUmVXa19zQ3kxV29BdVZpOEhHdXR6N2YyOG9lMWloRVBvMkZqRHBCQWxXdjZQSmdta2RicGtPYkdhNVdpbCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZW5fR0ImY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vJm1lcmNoYW50LWlkPUhaQlNSVVFMS1VHMjQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9oZG9taHhsdml1emhxZWtpc21udnRuaHZxZWpyZnYifX0&env=production&scriptUID=uid_hdomhxlviuzhqekismnvtnhvqejrfv&version=1.51.0&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons,messages,hosted-fields,funding-eligibility&client-id=ARYaqUCGFmeg22NTCOUReWk_sCy1WoAuVi8HGutz7f28oe1ihEPo2FjDpBAlWv6PJgmkdbpkObGa5Wil&commit=true&locale=en_GB&currency=EUR&intent=capture&enable-funding=paylater,venmo&merchant-id=HZBSRUQLKUG24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4d3b9232acef7c212bbce114d8e0d30eeaad20ab9a2d341aa370ea715d550c2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ghosthack.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 26238
cache-control: s-maxage=86400, max-age=0
content-encoding: gzip
content-length: 1524
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 15:00:54 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-treatments-zoid
etag: W/"1479-mdqw9uchI9Vg4Jnu4QdOaywpVks"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f951699c15dc8
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f951699c15dc8-9f19020b22c7d3c9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f951699c15dc8-e946a7d51bf5afb7-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 17848, 0
x-served-by: cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
x-timer: S1701442855.558858,VS0,VE7
x-xss-protection: 1; mode=block

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
6 KB 51ms
51ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.ghosthack.de&t=xo&v=5.0.410&source=payments_sdk&mrid=HZBSRUQLKUG24&client_id=ARYaqUCGFmeg22NTCOUReWk_sCy1WoAuVi8HGutz7f28oe1ihEPo2FjDpBAlWv6PJgmkdbpkObGa5Wil&comp=buttons,messages,hosted-fields,funding-eligibility&disableSetCookie=true&vault=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fa8540149f7d64410cd5220fb7eb9ee9bd37044ca7962c086445130a00864f50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qnyYtgM6/+nRJhpO870KWPDl/GpeJCRsOtNYBUTvq8Ug2sPQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qnyYtgM6/+nRJhpO870KWPDl/GpeJCRsOtNYBUTvq8Ug2sPQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Dec 2023 15:00:54 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67963
x-cache: HIT, MISS
paypal-debug-id: f538310abd8ce
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4817
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f538310abd8ce-3e110da2e3633d6b-01
x-timer: S1701442855.559418,VS0,VE8
etag: W/"36ae-1jze2mLGypdvks89r2PbYUKbgBQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 204 payment-method-eligibility Show response
www.ghosthack.de/paypal/ 0
252 B 175ms
175ms XHR
text/plain 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghosthack.de/paypal/payment-method-eligibility

Requested by

Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/js/all.js?1701425443

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx / PHP/8.1.21

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-powered-by: PHP/8.1.21
x-frame-options: deny
vary: User-Agent
cache-control: no-cache, private
expires: Fri, 01 Dec 2023 15:00:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 304 KB
101 KB 67ms
66ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-50HGY2B7GB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLPMW3C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

473d973ebbde781f35d880b99137b4560dffd3548b667de2d45d272cd60d7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 15:00:54 GMT

POST
H2 200 identify Show response
a.klaviyo.com/api/onsite/ 100 B
724 B 307ms
184ms XHR
application/json 2606:4700::6812:2bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/api/onsite/identify?c=W3gERP

Requested by

Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12082c02605df2e707b03cbe8b6798a64f3cfd5aaa521e11ec2347ec2da743e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ghosthack.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
cid: W3gERP
server: cloudflare
vary: Cookie, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.ghosthack.de
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 82ec33d21ac5372d-FRA
access-control-allow-headers
x-robots-tag: noindex, nofollow

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame EFE9 511 KB
141 KB 47ms
46ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_hdomhxlviuzhqekismnvtnhvqejrfv&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUllhcVVDR0ZtZWcyMk5UQ09VUmVXa19zQ3kxV29BdVZpOEhHdXR6N2YyOG9lMWloRVBvMkZqRHBCQWxXdjZQSmdta2RicGtPYkdhNVdpbCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZW5fR0ImY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vJm1lcmNoYW50LWlkPUhaQlNSVVFMS1VHMjQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9oZG9taHhsdml1emhxZWtpc21udnRuaHZxZWpyZnYifX0&env=production&scriptUID=uid_hdomhxlviuzhqekismnvtnhvqejrfv&version=1.51.0&integrationType=SDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e44b57b4db32ef3f69509d3364313ea42deb4f5d86d952fae1d23ab47d03b6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-yvTZnV9Abp9N5T7OI/GIoPXg5/jop/IpPmeL8Hq7WeW4oxGT' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-yvTZnV9Abp9N5T7OI/GIoPXg5/jop/IpPmeL8Hq7WeW4oxGT' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_hdomhxlviuzhqekismnvtnhvqejrfv&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUllhcVVDR0ZtZWcyMk5UQ09VUmVXa19zQ3kxV29BdVZpOEhHdXR6N2YyOG9lMWloRVBvMkZqRHBCQWxXdjZQSmdta2RicGtPYkdhNVdpbCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZW5fR0ImY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vJm1lcmNoYW50LWlkPUhaQlNSVVFMS1VHMjQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9oZG9taHhsdml1emhxZWtpc21udnRuaHZxZWpyZnYifX0&env=production&scriptUID=uid_hdomhxlviuzhqekismnvtnhvqejrfv&version=1.51.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-yvTZnV9Abp9N5T7OI/GIoPXg5/jop/IpPmeL8Hq7WeW4oxGT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-yvTZnV9Abp9N5T7OI/GIoPXg5/jop/IpPmeL8Hq7WeW4oxGT' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Fri, 01 Dec 2023 15:00:54 GMT
age: 2100
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f9803908f36f5
server-timing: "traceparent;desc="00-0000000000000000000f9803908f36f5-8035057125756cf8-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 143072
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f9803908f36f5-1378c9d156cdd8eb-01
x-timer: S1701442855.664062,VS0,VE5
etag: W/"22ee0-+KNQ53YSN0SyVAq0g8F6PiGC36I"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 182ms
40ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.ghosthack.de&t=xo&v=5.0.410&source=payments_sdk&mrid=HZBSRUQLKUG24&client_id=ARYaqUCGFmeg22NTCOUReWk_sCy1WoAuVi8HGutz7f28oe1ihEPo2FjDpBAlWv6PJgmkdbpkObGa5Wil&comp=buttons,messages,hosted-fields,funding-eligibility&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 3198ac7a9e724
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-00000000000000000003198ac7a9e724-24bf2bc9d2cd7ccb-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 01 Dec 2023 16:00:54 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
510 B 288ms
186ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AHZBSRUQLKUG24-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AHZBSRUQLKUG24-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0e726f98-0f01-4d6d-9a63-bd54909c6191&fltp=analytics&mrid=HZBSRUQLKUG24&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Advent%20Calendar%202023&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1701442854648&g=-60&completeurl=https%3A%2F%2Fwww.ghosthack.de%2FService%2FFree-Sample-Packs%2FAdvent-Calendar-2023%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3Dadvent_calendar_leads%26_kx%3DWlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%253D.W3gERP&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 01 Dec 2023 15:00:54 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 764a8a2fc351c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230092-FRA
pragma: no-cache
correlation-id: 764a8a2fc351c
traceparent: 00-0000000000000000000764a8a2fc351c-9c60704181008655-01
x-timer: S1701442855.770648,VS0,VE147
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:00:54 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 124ms
43ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/js/all.js?1701425443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 15:00:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7UxI95rJl/4NtCsfGDB+m/C1rVgkyudPJKQJuwTcTWlExLEzjtXcifmuWn8pevCipv9HyXVBd8xfVNFgCIGhTw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 mmfbpcapi Show response
www.ghosthack.de/ 4 B
327 B 278ms
277ms XHR
application/json 37.228.157.11
PHH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ghosthack.de/mmfbpcapi

Requested by

Host: www.ghosthack.de
URL: https://www.ghosthack.de/theme/010d10db25fc791ef7399ea736156ee9/js/all.js?1701425443

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.228.157.11 , Germany, ASN34432 (PHH-AS, DE),

Reverse DNS

cybercrimeschutz.ph.de

Software

nginx / PHP/8.1.21

Resource Hash

b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Referer: https://www.ghosthack.de/Service/Free-Sample-Packs/Advent-Calendar-2023/?utm_source=Klaviyo&utm_medium=campaign&utm_campaign=advent_calendar_leads&_kx=WlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%3D.W3gERP
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/json

Response headers

date: Fri, 01 Dec 2023 15:00:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: br
server: nginx
x-powered-by: PHP/8.1.21
x-frame-options: deny
vary: Accept-Encoding,User-Agent
content-type: application/json
cache-control: no-cache, private
expires: Fri, 01 Dec 2023 15:00:54 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 137ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-50HGY2B7GB&gtm=45je3bt0v875497590z89118938379&_p=1701442854168&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=122347685.1701442855&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701442854&sct=1&seg=0&dl=https%3A%2F%2Fwww.ghosthack.de%2FService%2FFree-Sample-Packs%2FAdvent-Calendar-2023%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3Dadvent_calendar_leads%26_kx%3DWlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%253D.W3gERP&dt=Advent%20Calendar%202023&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2352
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50HGY2B7GB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:00:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ghosthack.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 155ms
48ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-50HGY2B7GB&cid=122347685.1701442855&gtm=45je3bt0v875497590z89118938379&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50HGY2B7GB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:00:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ghosthack.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/958779327/ 3 KB
2 KB 172ms
78ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/958779327/?random=1701442854740&cv=11&fst=1701442854740&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v875497590z89118938379&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ghosthack.de%2FService%2FFree-Sample-Packs%2FAdvent-Calendar-2023%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3Dadvent_calendar_leads%26_kx%3DWlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%253D.W3gERP&hn=www.googleadservices.com&frm=0&tiba=Advent%20Calendar%202023&auid=57350529.1701442855&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-50HGY2B7GB&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa15ca23d698a01dab0180c1b25317995dd98f978e904469199a6abe3ea899f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:00:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 155ms
65ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-50HGY2B7GB&cid=122347685.1701442855&gtm=45je3bt0v875497590z89118938379&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1438299807

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:00:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hash Show response
www.paypal.com/credit-presentment/experiments/ Frame EFE9 40 B
2 KB 261ms
259ms Fetch
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_610a409234_mtu6mda6ntq&disableSetCookie=true&features=disable-set-cookie

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_hdomhxlviuzhqekismnvtnhvqejrfv&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMsaG9zdGVkLWZpZWxkcyxmdW5kaW5nLWVsaWdpYmlsaXR5JmNsaWVudC1pZD1BUllhcVVDR0ZtZWcyMk5UQ09VUmVXa19zQ3kxV29BdVZpOEhHdXR6N2YyOG9lMWloRVBvMkZqRHBCQWxXdjZQSmdta2RicGtPYkdhNVdpbCZjb21taXQ9dHJ1ZSZsb2NhbGU9ZW5fR0ImY3VycmVuY3k9RVVSJmludGVudD1jYXB0dXJlJmVuYWJsZS1mdW5kaW5nPXBheWxhdGVyLHZlbm1vJm1lcmNoYW50LWlkPUhaQlNSVVFMS1VHMjQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9oZG9taHhsdml1emhxZWtpc21udnRuaHZxZWpyZnYifX0&env=production&scriptUID=uid_hdomhxlviuzhqekismnvtnhvqejrfv&version=1.51.0&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 01 Dec 2023 15:00:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
edge-cache-tag: up-treatments-hash
x-cache: MISS, MISS
paypal-debug-id: f993798f18477
server-timing: "traceparent;desc="00-0000000000000000000f993798f18477-dc57de564ee9bceb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 56
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f993798f18477-cb193c4cd1d0beb7-01
x-timer: S1701442855.831544,VS0,VE219
etag: W/"28-xz7oeWVj/8B52QKKulWR9ZDQlKU"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: s-maxage=86400, max-age=0
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame DF45 55 KB
17 KB 55ms
54ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ghosthack.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Fri, 01 Dec 2023 15:00:54 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Fri, 01 Dec 2023 16:00:54 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: d9c94fc380718
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000d9c94fc380718-a1dbea8972790947-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

POST logger
www.paypal.com/xoplatform/logger/api/ Frame EFE9 0
0

GET
H2 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 92 KB
26 KB 53ms
50ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.138

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc0bdf251f8e4e109f5006d37606a0fe3c5f79461cac4c57c9046b702d19f679

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 15:00:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26908
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 6XUtmyaJAISf5mgcUISGIuOn+GYIT5zu7ISXvrL04cr8pDcfCdilnIJTVjFHanMRkwOenEwuIdwYTY7sAhuXjQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 microdata.js Show response
connect.facebook.net/signals/plugins/ 78 KB
24 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/microdata.js?v=2.9.138

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6cc15ef8e33579532b085066f2eb8d0db0741ec52b75f2f3c2cdc23fe6ff214

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 15:00:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 24227
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 97WAW9MkFOu+ubDSOomGkLtZ4Ioxf3GAvazp+WTFVoE+21MwF+EaYpLQT1L+maSx3XR795+8omLjlCG/HUZJnA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 identify Show response
a.klaviyo.com/api/onsite/ 101 B
407 B 203ms
202ms XHR
application/json 2606:4700::6812:2bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/api/onsite/identify?c=W3gERP

Requested by

Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f00c9b588d2939e7dacbae559140018d5d7469d6261c5e7d0c5d56395eab5a25

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ghosthack.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 01 Dec 2023 15:00:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
content-security-policy: base-uri 'none'; object-src 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
cid: W3gERP
server: cloudflare
vary: Cookie, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.ghosthack.de
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 82ec33d36c53372d-FRA
access-control-allow-headers
x-robots-tag: noindex, nofollow

POST
H2 202 / Show response
a.klaviyo.com/client/events/ 0
275 B 217ms
217ms XHR
text/plain 2606:4700::6812:2bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/events/?company_id=W3gERP

Requested by

Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
revision: 2023-02-22
Referer: https://www.ghosthack.de/
X-Klaviyo-Onsite: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 15:00:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-klaviyo-api-revision: 2022-10-17
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; object-src 'none'; report-uri /csp/
server: cloudflare
allow: GET, POST, HEAD, OPTIONS
vary: Cookie, Accept-Encoding
access-control-allow-origin: *
cf-ray: 82ec33d48e10372d-FRA
x-robots-tag: noindex, nofollow
content-length: 0
cid: W3gERP

OPTIONS
H2 200 /
a.klaviyo.com/client/events/ Frame 0
0 185ms
185ms Preflight
text/html 2606:4700::6812:2bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/events/?company_id=W3gERP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,revision,x-klaviyo-onsite
Access-Control-Request-Method: POST
Origin: https://www.ghosthack.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, revision, x-klaviyo-onsite
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, POST, HEAD, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82ec33d36c55372d-FRA
cid: W3gERP
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; object-src 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 15:00:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame DF45 18 B
234 B 191ms
190ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7D8C) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 15:00:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: 79f3e966afc96
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7D8C)
traceparent: 00-000000000000000000079f3e966afc96-7f2c54d4151f2ea7-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 01 Dec 2023 15:00:54 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
212 B 201ms
200ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AHZBSRUQLKUG24-1&page=muse%3Aoffer%3A%3A%3AHZBSRUQLKUG24-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=0e726f98-0f01-4d6d-9a63-bd54909c6191&es=visitorInfoFlowStarted&mrid=HZBSRUQLKUG24&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Advent%20Calendar%202023&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1701442854949&g=-60&completeurl=https%3A%2F%2Fwww.ghosthack.de%2FService%2FFree-Sample-Packs%2FAdvent-Calendar-2023%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3Dadvent_calendar_leads%26_kx%3DWlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%253D.W3gERP&disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 01 Dec 2023 15:00:55 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 6252b28c6650d
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230092-FRA
pragma: no-cache
correlation-id: 6252b28c6650d
traceparent: 00-00000000000000000006252b28c6650d-a12983be07c0e0de-01
x-timer: S1701442855.970063,VS0,VE161
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 15:00:55 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/958779327/ 42 B
455 B 150ms
55ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/958779327/?random=1701442854740&cv=11&fst=1701442800000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v875497590z89118938379&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ghosthack.de%2FService%2FFree-Sample-Packs%2FAdvent-Calendar-2023%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3Dadvent_calendar_leads%26_kx%3DWlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%253D.W3gERP&frm=0&tiba=Advent%20Calendar%202023&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNBISvDiKB11ZwTXaF_0Ge5iqQrXhUYg&random=3107692111&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:00:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/958779327/ 42 B
154 B 58ms
57ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/958779327/?random=1701442854740&cv=11&fst=1701442800000&bg=ffffff&guid=ON&async=1&gtm=45je3bt0v875497590z89118938379&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.ghosthack.de%2FService%2FFree-Sample-Packs%2FAdvent-Calendar-2023%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3Dadvent_calendar_leads%26_kx%3DWlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%253D.W3gERP&frm=0&tiba=Advent%20Calendar%202023&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNBISvDiKB11ZwTXaF_0Ge5iqQrXhUYg&random=3107692111&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 15:00:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1119918124740274 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 197ms
196ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1119918124740274?v=2.9.138&r=stable&domain=www.ghosthack.de

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

edb668e3acbe03090a3639f0f7e0a382b90a5b9853b06d08ab4f6627cad40633

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 01 Dec 2023 15:00:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vJgrAtEi8PJXkihxkYSf7J2wluSft4440KekAx658rIIbX/dgBe89m+gt5ExZT3rWIXl4NvtudzzvnSqyghGhQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 202 / Show response
a.klaviyo.com/client/events/ 0
245 B 218ms
218ms XHR
text/plain 2606:4700::6812:2bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/events/?company_id=W3gERP

Requested by

Host: static-tracking.klaviyo.com
URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.89f34df06656c3dc9d28.js?cb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
revision: 2023-02-22
Referer: https://www.ghosthack.de/
X-Klaviyo-Onsite: 1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 15:00:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-klaviyo-api-revision: 2022-10-17
content-security-policy: object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
server: cloudflare
allow: GET, POST, HEAD, OPTIONS
vary: Cookie, Accept-Encoding
access-control-allow-origin: *
cf-ray: 82ec33d5df87372d-FRA
x-robots-tag: noindex, nofollow
content-length: 0
cid: W3gERP

OPTIONS
H2 200 /
a.klaviyo.com/client/events/ Frame 0
0 190ms
190ms Preflight
text/html 2606:4700::6812:2bb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://a.klaviyo.com/client/events/?company_id=W3gERP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:2bb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; report-uri /csp/
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,revision,x-klaviyo-onsite
Access-Control-Request-Method: POST
Origin: https://www.ghosthack.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, revision, x-klaviyo-onsite
access-control-allow-methods: OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
allow: GET, POST, HEAD, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 82ec33d4ae2b372d-FRA
cid: W3gERP
content-encoding: gzip
content-security-policy: frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; report-uri /csp/
content-type: text/html; charset=utf-8
date: Fri, 01 Dec 2023 15:00:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-robots-tag: noindex, nofollow

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame DF45 435 B
2 KB 283ms
282ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bd3c2d57fe7154cf95a3622dfe21e61434eb0f4675b5c36013b805f6c57f615d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-TUXE2eML6ASkz0o7QEIT9EItLT0Zvku9qQLKIbswxBDs8K/s' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-TUXE2eML6ASkz0o7QEIT9EItLT0Zvku9qQLKIbswxBDs8K/s' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 01 Dec 2023 15:00:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f9937988260e0
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230089-FRA, cache-fra-eddf8230089-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f9937988260e0-7df1dc5e52fec530-01
x-timer: S1701442855.487768,VS0,VE243
etag: W/"1b3-y/VS0/Nwe/tfdjIFwmXrnbghtEY"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 322ms
241ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 01 Dec 2023 15:00:55 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f9937985d245c
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f9937985d245c-9337c39ebec2b517-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
x-timer: S1701442855.245650,VS0,VE202

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 122ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1119918124740274&ev=PageView&dl=https%3A%2F%2Fwww.ghosthack.de%2FService%2FFree-Sample-Packs%2FAdvent-Calendar-2023%2F%3Futm_source%3DKlaviyo%26utm_medium%3Dcampaign%26utm_campaign%3Dadvent_calendar_leads%26_kx%3DWlBBrYmBkLxwccVgodvceJUrEHi6_hNe_OKsaapliLA%253D.W3gERP&rl=&if=false&ts=1701442855220&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701442855219.99321201&ler=empty&it=1701442854974&coo=false&eid=7bb5b334-e0f7-4e30-8a50-40030e892aef&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ghosthack.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 01 Dec 2023 15:00:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 / Show response
www.facebook.com/tr/ Frame E600 0
204 B 118ms
40ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.ghosthack.de
Referer: https://www.ghosthack.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.ghosthack.de
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 15:00:55 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1013 B
865 B 233ms
233ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a8bc6fed459d36be347fdf9037beba468922ee2f91d1f8a74665047ec732be95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.ghosthack.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Dec 2023 15:00:55 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f5277324271f2
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f5277324271f2-0ea1d3b043f4c982-01
x-timer: S1701442856.661038,VS0,VE193
etag: W/"3f5-Kdec57uouS1BD0Jrn6LTYpnjXQ0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ghosthack.de
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 228ms
227ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ghosthack.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ghosthack.de
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 01 Dec 2023 15:00:55 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f9937980af9d6
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f9937980af9d6-0e929ef3ff7ea3f7-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230134-FRA, cache-fra-eddf8230134-FRA
x-timer: S1701442855.432656,VS0,VE188

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.ghosthack.de/	1970-01-20 16:40:15	Name: session- Value: gmfhianhsmuposc103bqmkrbcl
www.ghosthack.de/	1970-01-20 17:20:34	Name: timezone Value: Europe/Berlin
.ghosthack.de/	1970-01-20 18:46:58	Name: _gcl_au Value: 1.1.57350529.1701442855
.ghosthack.de/	1970-01-21 01:22:58	Name: _hjSessionUser_3568715 Value: eyJpZCI6IjY2ODZjNzA4LThjNTQtNWMwZC04ZWEwLTQzZWEzYWJmZTFmOCIsImNyZWF0ZWQiOjE3MDE0NDI4NTQ2MjYsImV4aXN0aW5nIjpmYWxzZX0=
.ghosthack.de/	1970-01-20 16:37:24	Name: _hjFirstSeen Value: 1
.ghosthack.de/	1970-01-20 16:37:24	Name: _hjIncludedInSessionSample_3568715 Value: 0
.ghosthack.de/	1970-01-20 16:37:24	Name: _hjSession_3568715 Value: eyJpZCI6ImY1ZmY4OGQ1LTkxMTItNGEwZS1hZDg0LTRhMjQyYzZmMGRmOCIsImNyZWF0ZWQiOjE3MDE0NDI4NTQ2MjcsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.ghosthack.de/	1970-01-20 16:37:24	Name: _hjAbsoluteSessionInProgress Value: 0
.ghosthack.de/	1970-01-21 02:13:22	Name: _ga_50HGY2B7GB Value: GS1.1.1701442854.1.0.1701442854.60.0.0
.ghosthack.de/	1970-01-21 02:13:22	Name: _ga Value: GA1.1.122347685.1701442855
www.ghosthack.de/	1970-01-21 02:13:22	Name: __kla_id Value: eyJjaWQiOiJPREUxWldZNE1EZ3RNelEyTVMwMFltWmpMV0l3WVRrdFpXVTJOV1l5T0RneU9UQXoiLCIkZXhjaGFuZ2VfaWQiOiJXbEJCclltQmtMeHdjY1Znb2R2Y2VKVXJFSGk2X2hOZV9PS3NhYXBsaUxBPS5XM2dFUlAiLCIkcmVmZXJyZXIiOnsidHMiOjE3MDE0NDI4NTUsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3Lmdob3N0aGFjay5kZS9TZXJ2aWNlL0ZyZWUtU2FtcGxlLVBhY2tzL0FkdmVudC1DYWxlbmRhci0yMDIzLz91dG1fc291cmNlPUtsYXZpeW8mdXRtX21lZGl1bT1jYW1wYWlnbiZ1dG1fY2FtcGFpZ249YWR2ZW50X2NhbGVuZGFyX2xlYWRzJl9reD1XbEJCclltQmtMeHdjY1Znb2R2Y2VKVXJFSGk2X2hOZV9PS3NhYXBsaUxBJTNELlczZ0VSUCJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTcwMTQ0Mjg1NSwidmFsdWUiOiIiLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly93d3cuZ2hvc3RoYWNrLmRlL1NlcnZpY2UvRnJlZS1TYW1wbGUtUGFja3MvQWR2ZW50LUNhbGVuZGFyLTIwMjMvP3V0bV9zb3VyY2U9S2xhdml5byZ1dG1fbWVkaXVtPWNhbXBhaWduJnV0bV9jYW1wYWlnbj1hZHZlbnRfY2FsZW5kYXJfbGVhZHMmX2t4PVdsQkJyWW1Ca0x4d2NjVmdvZHZjZUpVckVIaTZfaE5lX09Lc2FhcGxpTEElM0QuVzNnRVJQIn19
.doubleclick.net/	1970-01-20 16:37:23	Name: test_cookie Value: CheckForPermission
.ghosthack.de/	1970-01-20 18:46:58	Name: _fbp Value: fb.1.1701442855219.99321201

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
cdn1.stamped.io
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
ka-p.fontawesome.com
kit.fontawesome.com
maxcdn.bootstrapcdn.com
region1.analytics.google.com
script.hotjar.com
static-tracking.klaviyo.com
static.hotjar.com
static.klaviyo.com
stats.g.doubleclick.net
t.paypal.com
trk.klclick.com
widget.trustpilot.com
www.facebook.com
www.ghosthack.de
www.google.com
www.google.de
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.paypal.com
13.32.27.21
151.101.193.35
151.101.194.133
151.101.65.21
18.66.97.53
192.229.221.25
2001:4860:4802:32::36
2600:9000:214f:a200:14:c8fd:7700:93a1
2606:4700:4400::6812:2844
2606:4700::6812:2bb
2606:4700::6812:bcf
2a00:1450:4001:808::200a
2a00:1450:4001:812::2003
2a00:1450:4001:813::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c00::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
37.228.157.11
52.222.236.60
65.9.66.85
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
05e64eb1a41777b3799018608f07170dc4f940c043b1d6bc33e2a0008fe00a22
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
07d6acc7ffb2194340187d55281bf165132aeef7d126e4cbb964b35f8566dcb1
12082c02605df2e707b03cbe8b6798a64f3cfd5aaa521e11ec2347ec2da743e6
124f0540b0a531107030a6cd746f2c7b84acfe4469ba08b6792bb68da7edb984
14b6f563744f176df1a746f53ad3a25d9effcb7bf9ffeba3ed534fb83bf905fe
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1dbbd9c2c33b5d7f8e634f1db54a101c544386dadfe195473f5bce1ea27e8d1f
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
2283746d5ee25d4d5a6e85c473ea976d0fb67ad0ba41f67ed20bb492d58e1d79
3140eeae495540c8be1813600cfa756b3dcbf9bdcf5f34498ccec7f78aaac970
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e43ca39428214acebf5c8bdf12aebb461a8e581f12e44140cbc5209535e5f7
473d973ebbde781f35d880b99137b4560dffd3548b667de2d45d272cd60d7395
49f5900d74ef78a3c5c1a737f1c851cd20c9fd6cc814783cdb19b3b24ba4bdfc
4d3b9232acef7c212bbce114d8e0d30eeaad20ab9a2d341aa370ea715d550c2d
505ddbc5d0a98c14413bb2effd196195e39b88c028798d2a8e1ec7b6b7052020
5153dc06cb358e715bf83260d4136a1a39e894b3255e6e3143872e98a38014ae
5b14a93ac586971384553276934b97aa11785eabbb636d2a8c29c4f50cb3e6ee
5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1
61d33fff698fbe7d41ef4ede443449b5c87660f426f526b3f223a3a3a76066c6
621d3307d6abb417c3190b7116359afb5bc6e4523482803b3cd544dfc7f2f3f8
680821099ccc3f909e4e7a0bf1ea20b50b34edb28b8259bc10799468192874f7
6bdf2f8c72b77c5c55f4a1e81a2ad47f61bd229032039847e4b8524cf37ba409
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e44b57b4db32ef3f69509d3364313ea42deb4f5d86d952fae1d23ab47d03b6b
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
73aafae1eeecc20073d809ed9e267a6e4a02ed205a262e0841ec90c7fb017c7e
77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1
7d4f30cba18af4e33d0d2f8259e937a09a6fb30079e8009d2d29278fa477cc26
7f4d40304501d047f81350a9bd37f5b9d5d6aad0efc97b633a132bb164eb2393
83e85960f7744b703a8e2a8927b36c5aae903d3bc7584abf233f90e081679a0a
86ae263c57a706726f067fc5b0065c881e4b9bce4896bb6413a645e61cca7089
88275ff5c59ecf7f2f1b4d7b4f0216ac1051ccdcb9847f715e0f457e8846d1a8
88680da984897b940d2b500e8021bca741d3d135e17754758ff0234fd331fe78
8a5471e7115bde2b91f8be92a788450b08b18f306ef7a2dce93064bafb3f93d6
8f195573d6fa06641814b476fea2b92579c983cac46d683f356238207692c9f5
93e4adbab6a53d86a378d30db5c74a14006473cb12ad9ea4fe249459025ff0c4
94cbf967a5e51dd92d9b23f49140c1e6d09ad8588f4c2d47b8372c016bc6db87
95f19bd809c9848a2f1355147c3ca6989002df35295945bd269c7a06c837a992
9e1f1cd3369c758e19b92899eac17de20750b6888d0600673811208162dab08d
a6cc15ef8e33579532b085066f2eb8d0db0741ec52b75f2f3c2cdc23fe6ff214
a8bc6fed459d36be347fdf9037beba468922ee2f91d1f8a74665047ec732be95
a8cf1d006773bf1671c077320277aacfe579aea9d2054a52c85feb02e6971e76
acb96efcc4cb76c0d3b65320d65c1c192782f629335f9fe7faea750187e8ae9c
b06bb41004d7fcd9051c499749c319244ffdacf890af122d1b9be2f413fb43ea
b2e77b0bdcb487395f4773607636fbe94e269ad8b81be8d355cc41f87c935415
b2f365310c35cf84e0ab011e82072fe91bb97f1e7a159fb7806e4f79172bec33
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b87e30b4f359fa2fe1621eccb7711c25635ab0b69cc1502516bf52df6af28410
bc44b1aec756f0363effd616706c0b7439b8aabc46b0915ba3a81a82604413e3
bc7fdd3a3d48e50358b5929668adc768c130497951b71e094e5e734b7a39051e
bd3c2d57fe7154cf95a3622dfe21e61434eb0f4675b5c36013b805f6c57f615d
bf5faec068976dad382e7e353450d50945a0aefb24be237f253e03ceea72044a
c4174c47280716744d8467ec955aa41f4f291f6d618b76cfd05b52ca91de2026
d01ca8c2e25a3496737208667a5fb89f26d4c360dcfd752db50194a82e58679e
d1b1331ba90e949be8664b073976b4f0369b831f381e13e506d728e50ce29083
dc0bdf251f8e4e109f5006d37606a0fe3c5f79461cac4c57c9046b702d19f679
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de9a4b18543273e7b2405b9ebd88bc34120962a84844e0ce48889410d9ccbd7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e868611d567f04f874e3fdd2fc53f140fb8282e9d976014aea30a2b247d247c0
ec6ad27e3507a24bbcf6d46e5380b558d95c3376bb04bc2e00e0bd5c75a419e6
edb668e3acbe03090a3639f0f7e0a382b90a5b9853b06d08ab4f6627cad40633
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00c9b588d2939e7dacbae559140018d5d7469d6261c5e7d0c5d56395eab5a25
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
fa15ca23d698a01dab0180c1b25317995dd98f978e904469199a6abe3ea899f7
fa8540149f7d64410cd5220fb7eb9ee9bd37044ca7962c086445130a00864f50
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.ghosthack.de Open in urlscan Pro 37.228.157.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

99 %HTTPS

59 %IPv6

17 Domains

24 Subdomains

22 IPs

3 Countries

2021 kBTransfer

5787 kBSize

13 Cookies

6 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ghosthack.de Open in urlscan Pro
37.228.157.11 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

99 %
HTTPS

59 %
IPv6

17
Domains

24
Subdomains

22
IPs

3
Countries

2021 kB
Transfer

5787 kB
Size

13
Cookies

88 HTTP transactions
1 data transactions