netzwerk-ad.de Open in urlscan Pro
144.126.134.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://netzwerk-ad.de/
Submission: On August 02 via manual (August 2nd 2023, 11:46:45 am UTC) from DE — Scanned from DE

Summary HTTP 81 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 20 domains to perform 81 HTTP transactions. The main IP is 144.126.134.105, located in St Louis, United States and belongs to CONTABO, US. The main domain is netzwerk-ad.de.

This is the only time netzwerk-ad.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	144.126.134.105 144.126.134.105	40021 (CONTABO) (CONTABO)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a01:4f8:10b:... 2a01:4f8:10b:ddc::2	24940 (HETZNER-AS) (HETZNER-AS)
6	144.76.28.254 144.76.28.254	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700:303... 2606:4700:3032::ac43:ab44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 12	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:a73c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:8265	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::6815:12c8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
11	2a0d:da00:a:4... 2a0d:da00:a:401c::	205072 (LAYERSHIFT) (LAYERSHIFT)
6	2a0d:da00:a:4... 2a0d:da00:a:4018::	205072 (LAYERSHIFT) (LAYERSHIFT)
6	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
81	23

12 144.126.134.105 (St Louis, United States)

ASN40021 (CONTABO, US)
PTR: h105.hubuhost.com

netzwerk-ad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:10b:ddc::2 (Germany)

ASN24940 (HETZNER-AS, DE)

media.hubuhost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.wrly.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 144.76.28.254 (Freiburg im Breisgau, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.254.28.76.144.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:ab44 (United States)

ASN13335 (CLOUDFLARENET, US)

free-btc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

beycoin.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zcash.one	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

video.onetouch8.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a73c (United States)

ASN13335 (CLOUDFLARENET, US)

yellowstone-btc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8265 (United States)

ASN13335 (CLOUDFLARENET, US)

gobits.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:12c8 (United States)

ASN13335 (CLOUDFLARENET, US)

1dogecoin.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a0d:da00:a:401c:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

appsha-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a0d:da00:a:4018:: (United Kingdom)

ASN205072 (LAYERSHIFT, GB)

apps-pnd.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.ctengine.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	ctengine.io appsha-pnd.ctengine.io — Cisco Umbrella Rank: 197545 apps-pnd.ctengine.io — Cisco Umbrella Rank: 242102 cdn.ctengine.io — Cisco Umbrella Rank: 280256	92 KB
12	netzwerk-ad.de netzwerk-ad.de	178 KB
11	beycoin.xyz 2 redirects beycoin.xyz — Cisco Umbrella Rank: 818086	62 KB
6	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 34906 static.a-ads.com — Cisco Umbrella Rank: 44679	1 MB
4	gstatic.com csi.gstatic.com fonts.gstatic.com	16 KB
4	onetouch8.info video.onetouch8.info — Cisco Umbrella Rank: 182466	15 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 118	743 B
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 497 fonts.googleapis.com — Cisco Umbrella Rank: 79	351 KB
3	hubuhost.com media.hubuhost.com	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	142 KB
2	free-btc.org free-btc.org — Cisco Umbrella Rank: 637456	34 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	7 KB
1	1dogecoin.work 1dogecoin.work	605 B
1	zcash.one www.zcash.one	603 B
1	gobits.me gobits.me
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	21 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130	14 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	17 KB
1	yellowstone-btc.com yellowstone-btc.com	147 KB
1	wrly.de cdn.wrly.de — Cisco Umbrella Rank: 956879
81	20

	Domain	Requested by
12	netzwerk-ad.de	netzwerk-ad.de
11	appsha-pnd.ctengine.io	beycoin.xyz www.zcash.one appsha-pnd.ctengine.io 1dogecoin.work
11	beycoin.xyz	2 redirects netzwerk-ad.de beycoin.xyz
6	cdn.ctengine.io	netzwerk-ad.de cdn.ctengine.io
6	apps-pnd.ctengine.io	appsha-pnd.ctengine.io
4	video.onetouch8.info	free-btc.org imasdk.googleapis.com
3	adservice.google.com	imasdk.googleapis.com
3	static.a-ads.com	ad.a-ads.com
3	ad.a-ads.com	netzwerk-ad.de media.hubuhost.com
3	media.hubuhost.com	netzwerk-ad.de
2	fonts.gstatic.com	fonts.googleapis.com
2	csi.gstatic.com	imasdk.googleapis.com
2	www.googletagmanager.com	beycoin.xyz www.googletagmanager.com
2	imasdk.googleapis.com	video.onetouch8.info imasdk.googleapis.com
2	free-btc.org	netzwerk-ad.de free-btc.org
2	cdnjs.cloudflare.com	netzwerk-ad.de
1	fonts.googleapis.com	cdn.ctengine.io
1	1dogecoin.work	beycoin.xyz
1	www.zcash.one	beycoin.xyz
1	gobits.me	beycoin.xyz
1	www.google-analytics.com	beycoin.xyz
1	pagead2.googlesyndication.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	yellowstone-btc.com	free-btc.org
1	cdn.wrly.de	media.hubuhost.com
81	25

This site contains links to these domains. Also see Links.

Domain
www.netzwerk-ad.de
libertad-ads.de
www.iwebsitetemplate.com
all-free-download.com
hubuhost.com

Subject Issuer	Validity	Valid
media.hubuhost.com R3	`2023-06-24` - `2023-09-22`	3 months	crt.sh
free-btc.org GTS CA 1P5	`2023-06-10` - `2023-09-08`	3 months	crt.sh
beycoin.xyz GTS CA 1P5	`2023-07-22` - `2023-10-20`	3 months	crt.sh
adboomer.net R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
onetouch8.info E1	`2023-07-31` - `2023-10-29`	3 months	crt.sh
yellowstone-btc.com GTS CA 1P5	`2023-07-21` - `2023-10-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-26`	a year	crt.sh
zcash.one GTS CA 1P5	`2023-07-14` - `2023-10-12`	3 months	crt.sh
1dogecoin.work GTS CA 1P5	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.ctengine.io Gandi Standard SSL CA 2	`2023-01-13` - `2024-01-13`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2022-12-21` - `2024-01-21`	a year	crt.sh

This page contains 17 frames:

Primary Page: http://netzwerk-ad.de/
Frame ID: F816991D31D93184DCBB3449ECD6C119
Requests: 17 HTTP requests in this frame

Frame: http://ad.a-ads.com/1551779?size=468x60
Frame ID: 44576DA20D4AB237EF8F9C21DBCFB241
Requests: 3 HTTP requests in this frame

Frame: https://free-btc.org/banner/u=frechdax/size=468x60
Frame ID: 915A8F2C16C434AA561214012D667946
Requests: 9 HTTP requests in this frame

Frame: https://beycoin.xyz/bits-ads.php?type=0&&ids=25
Frame ID: D4FF67F76E3D1653D7E3C13EFE58DC63
Requests: 6 HTTP requests in this frame

Frame: http://ad.a-ads.com/2084432?size=728x90
Frame ID: 0715F9EF42C6548E5D53E9BBD88F68E7
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Frame ID: DFA2F41A2717FE23431126F74A4A68AD
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B67007323BE4A3077B23D7308852E7DE
Requests: 1 HTTP requests in this frame

Frame: https://beycoin.xyz/allads.php
Frame ID: FD502902A175D6EB2DA675737D8EB8A2
Requests: 1 HTTP requests in this frame

Frame: https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
Frame ID: CE90E9458E7C1603062BD15A538DD161
Requests: 2 HTTP requests in this frame

Frame: https://gobits.me/cointraffic.io.php
Frame ID: 93356AECAB3065F63CE1F2B69F6D7BD2
Requests: 1 HTTP requests in this frame

Frame: https://www.zcash.one/cointraffic.io.php
Frame ID: CBD6D13AB70CAD71DE567F2A156CB740
Requests: 6 HTTP requests in this frame

Frame: https://1dogecoin.work/cointraffic.io.php
Frame ID: 7DD4284073E5D83E10A056D4F82EC524
Requests: 6 HTTP requests in this frame

Frame: https://beycoin.xyz/cointraffic.io.php
Frame ID: D2F0FFAF371A521DB2B105A3ED003B6F
Requests: 6 HTTP requests in this frame

Frame: https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
Frame ID: 756B7991A03FB78F134639A33D2F1456
Requests: 2 HTTP requests in this frame

Frame: https://media.hubuhost.com/int/?sess=2d4f1ee5901f6f188c93a00f37e3a13b
Frame ID: BBD8FB8C9E32E934F73C8B9617904599
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1616084?size=300x250
Frame ID: 8E2FD58AD5F310F71B64D2DFD9AA77BD
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ctengine.io/blank/4/2/9/index.html
Frame ID: 01509E77B8B4A7390A227731712C3D34
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

netzwerk-ad.de

Detected technologies

Cufon (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

cufon-yui\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

74 %
HTTPS

91 %
IPv6

20
Domains

25
Subdomains

23
IPs

3
Countries

2559 kB
Transfer

4394 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.netzwerk-ad.de/index.php?content=datenschutz
Title: Datenschutzerklärung

Search URL Search Domain Scan URL

URL: https://libertad-ads.de/
Title: Einloggen

Search URL Search Domain Scan URL

URL: http://www.netzwerk-ad.de/
Title: netzwerk-ad.de

Search URL Search Domain Scan URL

URL: http://www.iwebsitetemplate.com/
Title: Website Templates

Search URL Search Domain Scan URL

URL: http://all-free-download.com/free-website-templates/
Title: free website templates

Search URL Search Domain Scan URL

URL: https://hubuhost.com/
Title: Powered by HubuHost.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Request Chain 8

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Request Chain 36

https://beycoin.xyz/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js

Request Chain 50

https://beycoin.xyz/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js

81 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
netzwerk-ad.de/ 9 KB
4 KB 261ms
120ms Document
text/html 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

de78adc1100b53b2e53cec435464dd0884f7e4808ac7d383d0a98f44d660b2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Aug 2023 11:46:39 GMT
Server: nginx
Strict-Transport-Security: max-age=15768000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK style.css
netzwerk-ad.de/ 6 KB
2 KB 125ms
124ms Stylesheet
text/css 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://netzwerk-ad.de/style.css

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

1e2fa970341b6dc1981473780cc702344215a0a81756ec602ac46557df1c016d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:39 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 22 Dec 2022 14:26:11 GMT
Server: nginx
ETag: W/"63a46903-1674"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-1.3.2.min.js Show response
netzwerk-ad.de/js/ 56 KB
22 KB 226ms
113ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://netzwerk-ad.de/js/jquery-1.3.2.min.js

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:39 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 22 Dec 2022 14:26:36 GMT
Server: nginx
ETag: W/"63a4691c-dfa6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.js Show response
netzwerk-ad.de/js/ 186 B
526 B 229ms
115ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://netzwerk-ad.de/js/script.js

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

250125d7130c6f0d0c53cb4a6adc7d5bea98a9525b07f7b408bf5c90b67b2f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:39 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Thu, 22 Dec 2022 14:26:35 GMT
Server: nginx
ETag: "63a4691b-ba"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 186
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cufon-yui.js Show response
netzwerk-ad.de/js/ 18 KB
8 KB 229ms
114ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://netzwerk-ad.de/js/cufon-yui.js

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

186707c7ae0d45cba1490a5556f59fc371f6ab88cc16c452fef8b70072cb5e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:39 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 22 Dec 2022 14:26:35 GMT
Server: nginx
ETag: W/"63a4691b-4751"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK arial.js Show response
netzwerk-ad.de/js/ 454 KB
126 KB 237ms
122ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://netzwerk-ad.de/js/arial.js

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

3811387a8142cdfbab3592a252f474419107d5df71cbff5c6415d7ef53cda116

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:39 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Thu, 22 Dec 2022 14:26:36 GMT
Server: nginx
ETag: W/"63a4691c-7193f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cuf_run.js Show response
netzwerk-ad.de/js/ 58 B
397 B 244ms
119ms Script
application/javascript 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

http://netzwerk-ad.de/js/cuf_run.js

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

091f183120ebafa52a6fa06a25558ea70f4b7077c88531b91e5d5a1ba2b683af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:39 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Thu, 22 Dec 2022 14:26:35 GMT
Server: nginx
ETag: "63a4691b-3a"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK header_images.jpg
netzwerk-ad.de/images/ 12 KB
12 KB 115ms
115ms Image
image/jpeg 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://netzwerk-ad.de/images/header_images.jpg

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

fc6b008e5dc94f56068b77adce16b3dc0d25b04b9bb3ff275aef11437d0bf101

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:39 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Thu, 22 Dec 2022 14:26:16 GMT
Server: nginx
ETag: "63a46908-2f69"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12137
X-XSS-Protection: 1; mode=block

GET
H2

200

cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

4 KB
2 KB

30ms
13ms

Stylesheet
text/css

2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1173563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 948
last-modified: Thu, 22 Jun 2023 10:57:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942932-3b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsMMDEbhrDpA7%2FsLt6kZpQCXGj%2B4hDsQSojxIp0NurDgoGWqoBOlhh8EQHSa7tIKOOduG%2BfLOKUEO%2BC0A5M2pSRrJhosAtE1sOYIAjRhw7gtnET2Fo0cqrrmQScSW96guHXQWX3BOaXUCyCZuM9W737S"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f0614e66d479268-FRA
expires: Mon, 22 Jul 2024 11:46:39 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

19 KB
6 KB

12ms
12ms

Script
application/javascript

2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4910739
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GEn29jlWnebto9Bu1O%2BFTbTHk5LdbIPWQ80bCUT5ySLmRF4aB4EZDCGzBZCTQCX6ZrC%2F5KMh1CH%2BhPn9gUdK6uIG6KEn3xaYMTCNyCHEZXoosRZaJfY3vNoS8xPs1M0aeKCEwtJBEr7sQzkE4dhQOyk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f0614e67d5e9268-FRA
expires: Mon, 22 Jul 2024 11:46:39 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 / Show response
media.hubuhost.com/ 9 KB
2 KB 87ms
16ms Script
text/html 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://media.hubuhost.com/?key=17A178

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

ad3a0fcad6e1e6f1ed6915e101d2e4b6557f9b10b1dd7c65893824d33ec62bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:39 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: deny
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 1551779 Show response
ad.a-ads.com/ Frame 4457 12 KB
5 KB 56ms
29ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/1551779?size=468x60

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

ea626b97373b72a1299e434965f6d55d985b9981f002338322cde1941e96df96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Wed, 02 Aug 2023 11:46:40 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: http://netzwerk-ad.de/
X-Powered-By: Phusion Passenger(R)
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-XSS-Protection: 1; mode=block

GET
H2 200 size=468x60 Show response
free-btc.org/banner/u=frechdax/ Frame 915A 2 KB
1 KB 248ms
188ms Document
text/html 2606:4700:3032::ac43:ab44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://free-btc.org/banner/u=frechdax/size=468x60
Requested by: Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f870ce5360312c9c00922136cd15b3ff398cbc46976b0d76fecb3b0f9ec6fd97

Request headers

Referer: http://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f0614e828222c36-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 02 Aug 2023 11:46:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3oi0%2FW8QGpQXz9pB0sf0K17si3ufeMYs6hdZ%2FyCmw85XvyFi%2FdUmjLcaNuaDDobSIBXl2K1KsIZgNHFlI9ZIm2RjPUhaflE%2BU7khK0kbCcrw1fVxZE5nskB7vmwLnHb7V8G%2FLyo56%2BRDok%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bits-ads.php Show response
beycoin.xyz/ Frame D4FF 8 KB
3 KB 648ms
584ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=25
Requested by: Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 32d099a88b13ba2efd32d5b3b8bd7f531dd1db1231594ad0596ffbe163402662

Request headers

Referer: http://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7f0614e83fd39bc4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 02 Aug 2023 11:46:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6LLHD9Qz0JYGTvRXWZDbVkX7li7jMkDe93l9oLATWEKoI2ueCCqHo2HhjjzVpq%2FrBm%2BFII1B7IxOJUQadO6B8iW8V63SOd%2Fy6N6uO47lxl%2FW1bR7%2FHZP7C3Y1e2gGS64QY%2FQ2vmXQSyPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 404 jw.js
cdn.wrly.de/ 0
0 79ms
16ms Script
text/html 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wrly.de/jw.js?de=qO5L07WXAl1bJS6C
Requested by: Host: media.hubuhost.com
URL: https://media.hubuhost.com/?key=17A178
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://netzwerk-ad.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET
H/1.1 200
OK main_bg.gif
netzwerk-ad.de/images/ 228 B
555 B 116ms
116ms Image
image/gif 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://netzwerk-ad.de/images/main_bg.gif

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/style.css

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

0427e21f76cab20576d67ecb15f91b151f7919feb4efcffeaf71a66b2e10b580

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:40 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Thu, 22 Dec 2022 14:26:16 GMT
Server: nginx
ETag: "63a46908-e4"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 228
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK menu_link.gif
netzwerk-ad.de/images/ 538 B
866 B 119ms
119ms Image
image/gif 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://netzwerk-ad.de/images/menu_link.gif

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/style.css

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

fe840571f237e1cafcdd9a00c74cdfc513c36fcbeec8e0e04654ef351e891634

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:40 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Thu, 22 Dec 2022 14:26:16 GMT
Server: nginx
ETag: "63a46908-21a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 538
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fbg_bg.gif
netzwerk-ad.de/images/ 464 B
792 B 115ms
115ms Image
image/gif 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://netzwerk-ad.de/images/fbg_bg.gif

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/style.css

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

c1a51b9bbbb05b4e4760ca1dc7430c754adb5747433458f8a09e8c3080d2e4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:40 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Thu, 22 Dec 2022 14:26:15 GMT
Server: nginx
ETag: "63a46907-1d0"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 464
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fbg_line.gif
netzwerk-ad.de/images/ 206 B
533 B 114ms
114ms Image
image/gif 144.126.134.105
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://netzwerk-ad.de/images/fbg_line.gif

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/style.css

Protocol

HTTP/1.1

Server

144.126.134.105 St Louis, United States, ASN40021 (CONTABO, US),

Reverse DNS

h105.hubuhost.com

Software

nginx /

Resource Hash

fc4d686ef94acebe0183830364a331bf31b73b16e83629fc0d9e84e459047a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:40 GMT
Strict-Transport-Security: max-age=15768000; includeSubDomains
Last-Modified: Thu, 22 Dec 2022 14:26:15 GMT
Server: nginx
ETag: "63a46907-ce"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 206
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2084432 Show response
ad.a-ads.com/ Frame 0715 12 KB
5 KB 40ms
26ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.a-ads.com/2084432?size=728x90

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

HTTP/1.1

Server

144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

d472605a818717cdd20b89cd3dbdf3d9a101fbd65ac5ff3276cc398ca4d8bae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Wed, 02 Aug 2023 11:46:40 GMT
Server: nginx
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Content-Type-Options: nosniff
X-Original-Referer: http://netzwerk-ad.de/
X-Powered-By: Phusion Passenger(R)
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/393804/ Frame 0715 674 KB
675 KB 30ms
11ms Image
image/gif 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/393804/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/2084432?size=728x90
Protocol: HTTP/1.1
Server: 144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:40 GMT
x-amz-version-id: QbiY4NoT4ulkvDSEPsy._qf5G5I0yZLz
Last-Modified: Tue, 31 May 2022 13:40:42 GMT
Server: nginx
x-amz-request-id: HGXH3T7GE6P8KATC
ETag: "17ab32789bf26b9a63481f7a9a076d53"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 690666
x-amz-id-2: oshwuUz8oh4O+puUiAWS1voD4+hHdAopPyJp/Ep1LLm3wUIlsw2+wya3aPSGIeWMhYJhfJZy/0Y=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 0715 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 468x60
static.a-ads.com/a-ads-banners/117620/ Frame 4457 156 KB
157 KB 26ms
11ms Image
image/gif 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://static.a-ads.com/a-ads-banners/117620/468x60?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: http://ad.a-ads.com/1551779?size=468x60
Protocol: HTTP/1.1
Server: 144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Wed, 02 Aug 2023 11:46:40 GMT
x-amz-version-id: LKnGuoVSDoJ.bbTuKu8XrVLG1BNZQuT4
Last-Modified: Sun, 19 Apr 2020 16:08:09 GMT
Server: nginx
x-amz-request-id: H252WS20S583THJ0
ETag: "d89cd17d5e22adfb5532615d116d84b8"
Content-Type: image/gif
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 160195
x-amz-id-2: 5i1ilZAfJeIcTwvP3M9FrYwZ9jNjqwmEaX6shSdWzbPih/CRr1NKB+xX2W74TF1/cbSdjHCfdJQ=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 4457 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 d-video.js Show response
video.onetouch8.info/ Frame 915A 91 KB
13 KB 85ms
27ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/d-video.js?b=24
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1825cfe3f18db5a062e4f37b134b6d4a3568c67d557921939e4b5e26ca1ae723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 10:57:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 101
etag: W/"61c1b305-16d04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDJCt9YoLwpGWVLvK7yHcP58NYw6YICpH37n6UyR8nDf%2BJkTZCFXen90JZwsBwBXfB%2FOYzbmz00b%2F1nK6L2l%2F2UAgFwtBeUH%2Bb1XQReIOTmTzlBzm87OIlB7Rt%2FTYDOB1yVxN4lkuIcRGpgNhfx1XVo77A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7f0614e9dbee37e9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bico.gif
free-btc.org/img/ Frame 915A 32 KB
32 KB 22ms
21ms Image
image/gif 2606:4700:3032::ac43:ab44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://free-btc.org/img/bico.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ab44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/banner/u=frechdax/size=468x60
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151301
alt-svc: h3=":443"; ma=86400
content-length: 32521
last-modified: Sat, 19 Feb 2022 15:54:05 GMT
server: cloudflare
etag: "6211129d-7f09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HNnpmLpBlafA3IdvfP%2BeGusMb4OlAA6Mjk6nvf5J%2Fsl%2BUBkY2Fj14fLXChNqEDO9%2FTWAGJgfw19tYyHJr5JaRXZdj%2FmINdXhnnYL16SMG3CC4y63X9eYrGVvGCcj7QJDM4VyiMNc7%2B5M%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7f0614e979ec2c36-FRA
expires: Mon, 07 Aug 2023 17:44:59 GMT

GET
H2 200 468x60.gif
yellowstone-btc.com/p/ Frame 915A 146 KB
147 KB 68ms
15ms Image
image/gif 2606:4700:3035::ac43:a73c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yellowstone-btc.com/p/468x60.gif
Requested by: Host: free-btc.org
URL: https://free-btc.org/banner/u=frechdax/size=468x60
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a73c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c0a7fac698eada89ba313c38e8f40fccec1506d10ad84924e5eaa64ab3ac423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64432
alt-svc: h3=":443"; ma=86400
content-length: 149895
last-modified: Fri, 29 Apr 2022 13:33:19 GMT
server: cloudflare
etag: "626be91f-24987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6R%2FUl4wmzn1%2BRs0VLPEvETdHrODg61k3CQ3F%2BQV6ZEvn%2BBvd1wOl6Jp0vY1CSxfOeKzHlC2WdBQqklsZmndJO7bbZ2eI0PBTuSoZlFN5ghIUUXQwJLqWG%2BQ4TSTG4hOZXkWK0GO%2BlL4O%2Fu2q%2BJYCaMv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 7f0614e9f8c09b49-FRA
expires: Wed, 02 Aug 2023 17:52:47 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 915A 345 KB
120 KB 153ms
44ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: video.onetouch8.info
URL: https://video.onetouch8.info/d-video.js?b=24

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebbe84e55b388c782babbc38e8460a1841ee9fe7d9f871bcc1002476c395c119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121900
x-xss-protection: 0
expires: Wed, 02 Aug 2023 11:46:40 GMT

GET
H2 200 bridge3.583.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame DFA2 718 KB
230 KB 41ms
36ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

233ea4a6b15a4c0190686852b27706807fe2fec270d3c9f3e8167d4dddaa0250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://free-btc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 235726
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Aug 2023 06:15:21 GMT
expires: Thu, 01 Aug 2024 06:15:21 GMT
last-modified: Wed, 26 Jul 2023 19:51:25 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 915A 44 KB
17 KB 166ms
46ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Aug 2023 11:46:40 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B670 39 KB
14 KB 152ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13681
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 22:37:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 02 Aug 2023 12:36:17 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 915A 107 B
456 B 159ms
48ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=free-btc.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D4FF 52 KB
21 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 02 Aug 2023 09:49:45 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7015
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 02 Aug 2023 11:49:45 GMT

GET
H2 200 b-2_468x60_w3wfhtk0ux.png
beycoin.xyz/files/banners/ Frame D4FF 47 KB
47 KB 26ms
25ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beycoin.xyz/files/banners/b-2_468x60_w3wfhtk0ux.png
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de458edb3b76ca22b59a2f20d2c393bd26aa219d26dbaaa8d175deaed973fa76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/bits-ads.php?type=0&&ids=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 201467
alt-svc: h3=":443"; ma=86400
content-length: 47976
last-modified: Sat, 13 May 2023 21:27:37 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gU3Y4yuCc401jVtZFO0p8TD20Tpl4fhHzkHMyTl6z8tlI5TxRozFunHV4uwViih8IBNGXYo55Jfk388RVyVkDbskfg%2BfzBlNpfcv%2BPNpRX4rYzJSyLklEmSuEDbdwyObbpXT%2BdkjIY8NvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f0614ec9e289bc4-FRA
expires: Mon, 07 Aug 2023 03:48:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame D4FF 179 KB
65 KB 162ms
68ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4720fe90a9fd69c8c1887c86a7d80477287c8946d509083ce0c664b8add48b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66543
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Aug 2023 11:46:40 GMT

GET
H3 200 allads.php Show response
beycoin.xyz/ Frame FD50 636 B
630 B 197ms
196ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/allads.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 94896662c8e444c7e701c0a2082c7e5145d5ef4ddeb8a1c9403f932145d24739

Request headers

Referer: https://beycoin.xyz/bits-ads.php?type=0&&ids=25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f0614ecd8d737da-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 02 Aug 2023 11:46:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiLZz%2Fed2l4o6zibsE%2B1tHkddh7Fr3P6t3pjWnB25O2BDerw7I5QG8SLk02t4NGbgyrgWWVIQhW3Yzwmywf12jsJ%2BSt6AGqq8L80tsMtEqAOrZnYF5Xg9ZIgIG7D6ZIX%2BgNIGSQUBZYM7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H3 200 ror.png
beycoin.xyz/files/logo/ Frame D4FF 645 B
1 KB 17ms
17ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beycoin.xyz/files/logo/ror.png
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568e3768feba91a7ff887286c94fd678b82349af9a49d2012160b08dd1ace8e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/bits-ads.php?type=0&&ids=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 204641
alt-svc: h3=":443"; ma=86400
content-length: 645
last-modified: Mon, 29 May 2023 19:30:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqLRyIqLAYvnTD73vsCp5KgITFvb4MkuWzXGBxHmNGDgijF2dsjuciBgBcHyR6UsSzR3nyyxhqcwdBNrAFEE3%2FvQI%2FyjaCEDG1lzMJcKpw%2Bgjg%2FYWmbBkEY1EhECTnaTNojyxuKwgmU9kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7f0614ecd8dd37da-FRA
expires: Mon, 07 Aug 2023 02:55:59 GMT

GET
H3

200

invisible.js Show response
beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/ Frame CE90
Redirect Chain

https://beycoin.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js

7 KB
4 KB

15ms
14ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/bits-ads.php?type=0&&ids=25

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

683a1d2d90c617a3154fb5b6c3c24e8ccc67a740d51de8089d59bd30f1c6c0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:40 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGcOyd56twLk%2FM5lZKRBp24LWlWreeuwcfhPppukaXpZ6I54Y58tK7bc0K6B%2BZWDC%2BLpp8imaRxPSs%2Fi5qyG8a%2B1%2BGOc4KQU%2BE0HTWLUyN5xnclp7B%2B3MRXeEkybHV%2Bv6FGQEcXQ2Rl0dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f0614ed396a37da-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 02 Aug 2023 11:46:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtJn3zYFwSTKTA0p8FVLGJjh79Unirms3YV3Jr3pG%2FHxrVucC7M6PzoNcaLr8S971uqtb%2FsRdMBq%2F5tOJyi9nILZn%2BVmob%2BOBymWrVSy%2B4UN%2BCjHpIfsTDdH0nflJNEkVGnI%2FS2RHUPRqg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
cache-control: max-age=300, public
cf-ray: 7f0614ecf91937da-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 7f0614e83fd39bc4 Show response
beycoin.xyz/cdn-cgi/challenge-platform/h/b/cv/result/ Frame CE90 0
554 B 29ms
28ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/cv/result/7f0614e83fd39bc4
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egZ4rZC0wlQCQhVlrdKOgkPPVDDBD1bRWp9W%2FHAJisp%2F56kO%2BSjkjvT346uKWYVi4D1bieTIVIduWqlwDs7qir5DXDu4HP3MObpeQiObntk0zl6VUwWIzngCMkuxCUlW7PlBwEqQduyStA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f0614eeaba537da-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 403 cointraffic.io.php
gobits.me/ Frame 9335 0
0 50ms
13ms Document
text/html 2606:4700:3030::ac43:8265
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gobits.me/cointraffic.io.php

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/allads.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8265 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://beycoin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7f0614ef0c7e047e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 02 Aug 2023 11:46:41 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnZrCxbFv4LfIsh4ylLWfFi834L1vXcvSsL55NXMVu0uamJ9sCkLInXTOQc3ABeNQ4qnw0%2FuakqymifMExvRD3KpjcMEmtjE8lK8Kkq78xFii6sxz7IyjADnRsJ8NOLcCY1FvJzwu%2Fc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cointraffic.io.php Show response
www.zcash.one/ Frame CBD6 157 B
603 B 210ms
169ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zcash.one/cointraffic.io.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/allads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5c795928556b12979db821b031bb3c828582864b24a3d8ebd784fd314ebbb7fb

Request headers

Referer: https://beycoin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f0614ef1b0c9c00-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 02 Aug 2023 11:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3uyTSniJVOftHf%2BElc8lssXQ7ZtvuF6FZeE7Xsjw0a2mudu%2Bw4DuavHcW%2BYHG4237NKYiUdUy2ry2HVgAkksrwPzHylVXAMyAKapGL%2FFu%2FM99j7xmP2RVE7uTCxBHeZ54yWdMHF2nZy7ePt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 cointraffic.io.php Show response
1dogecoin.work/ Frame 7DD4 123 B
605 B 379ms
339ms Document
text/html 2606:4700:3035::6815:12c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1dogecoin.work/cointraffic.io.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/allads.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 627b71329076b19918cd241db80b9a358e800f05e7fcff15f4930ddf91c887e0

Request headers

Referer: https://beycoin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f0614ef1fb1368c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 02 Aug 2023 11:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNfT8325dbXEnNnqnZ0Zal%2BrYOeTLPt9efFMt3i5DqiXna%2BNRVqAhmhrQb%2B8oSxWt61Zsze770c5k2qMz4nyLx%2BSDnWkW7L0hMn5RfYaJPc4qkd5k%2FEUb3VV%2FEAkqyFT0MFi8cdVCSOjVQXR6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H3 200 cointraffic.io.php Show response
beycoin.xyz/ Frame D2F0 1 KB
1016 B 174ms
174ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/cointraffic.io.php
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/allads.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 1bb106733890f71bcff167b38ae6308c2cd6c0fe9f69328902b77f5a615145cd

Request headers

Referer: https://beycoin.xyz/allads.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f0614eedbdd37da-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 02 Aug 2023 11:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84mhhRUPl9KedwavqUnwc4gFOPA%2BvewW6JFXpkHMAbDzifMBYBe5NbSY1Y1KOZfSQYcl30daSJvrXpdFCWVm1cVexmOUhmE6166SqS%2FSNbuFKgmDctZkRiIxnAmvWCrP%2Bf0YI0SXyaJFvw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 tag Show response
video.onetouch8.info/api/video/ Frame DFA2 42 B
830 B 43ms
42ms XHR
application/xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=47895&tmax=500&video-skipafter=5&count=3&tagId=z9jadio49ej6z4m7
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrfg8IQjzOj%2B1G52jxFKiR0qqxMKNcWsuLl4ZHaLVf4ixUNq3VrDWpUEPIKQ%2FDdzKPHPOWTNZewLPj6JvLo9fJ4T6uUMJb75wNod5g1ll3Po5oFGmo7XFEZs0PIHzH%2BgB2feDnyI2OJDCQutnMacEJr04g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 7f0614eedbe737e9-FRA
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame D4FF 215 KB
76 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RSMRHK8LXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-195030228-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c069bd4cd8dc7ed6222eced19c38ad54e49c8f60919a690f8716ae4227072ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77889
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 02 Aug 2023 11:46:41 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DFA2 0
234 B 303ms
101ms Ping
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=1~lktnxe3j&c=5699240841532&slotId=2849620420766&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 11:46:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 915A 107 B
165 B 49ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=free-btc.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 tag Show response
video.onetouch8.info/api/video/ Frame DFA2 42 B
893 B 39ms
39ms XHR
application/xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=47895&tmax=500&video-skipafter=5&count=3&tagId=z9jadio49ej6z4m7&repeat=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quxXgySaEFyK%2FYwMJINKnj1kMmM8ePOTHV8C5lKU7sPLuBBc0E0WmwoVbiXXxo0kQidfqLzEt09b4PJ0deOsaO7hsHBzUCEWtTBtmT%2BuSEEwbqpWoWPnpGxmQED9%2FH%2BEuhgK8dxnJ7CSJFNs3z6l85b8Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 7f0614ef89d43641-FRA
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

POST
H2 204 csi
csi.gstatic.com/ Frame DFA2 0
54 B 203ms
101ms Ping
image/gif 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&puid=2~lktnxe9i&c=5699240841532&slotId=2849620420766&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 11:46:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 915A 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=free-btc.org

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://free-btc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame D2F0 6 KB
3 KB 175ms
102ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=st6XIa5Xy7
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/cointraffic.io.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 3918269b0de0c0eb9cb33eaf6c9953f2ddbb1af73a225d9c9630ea1d578aa6a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Wed, 02 Aug 2023 11:46:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

GET
H3

200

invisible.js Show response
beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/ Frame 756B
Redirect Chain

https://beycoin.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js

7 KB
4 KB

12ms
12ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js

Requested by

Host: beycoin.xyz
URL: https://beycoin.xyz/cointraffic.io.php

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fb904c0d90b127d6ca117224cf2ed571a57ffcb2a538ae15f7276f4e088e06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPakTEOBdx1N55R%2F2O37uV1N5vUjjeXfZTJi9b83inzG7VkrJEvrZ72l3wTY5fSVbvrFp6JEBS%2FmRanXrhu5lVlC%2Bx5RGmRXd7fa2Zl%2BEnsmC%2Bg2YgzIu2Qr4TWFqGIG2WypeaGlDJTq9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f0614f02dd837da-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 02 Aug 2023 11:46:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORZWHWsnRZpxLDPxZ80e%2BcK%2BEpKR2H340Rx305rM1cP8ImQhb2BfkCbj7AT%2BWHkcXpNXjFt52%2FWIUY0Msl7Ph%2BUX7DqMjqYYZmMM%2FYw4xR0alknemC01pJ7b2CSR7gWMdEl9%2BOlT2hLu4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
cache-control: max-age=300, public
cf-ray: 7f0614f01dbb37da-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tag Show response
video.onetouch8.info/api/video/ Frame DFA2 42 B
856 B 45ms
44ms XHR
application/xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://video.onetouch8.info/api/video/tag?sourceId=47895&tmax=500&video-skipafter=5&count=3&tagId=z9jadio49ej6z4m7&repeat=2
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.583.1_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: -: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVi4X9jtbmKQWw1tQgdQX%2F9QOufmJdik4I7eUEfjhVXNKRrQDQfge2mXurSbs85TizNg0Z8aytcNTvtTwei4kfF7gmSvCe9N7ffqIRTG%2BhRymmzAUharlhHmbXI7%2BfH%2FS5Nn6dDhob5kj5q5QBk5ktIu2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
access-control-expose-headers: *
access-control-allow-credentials: true
cf-ray: 7f0614f01ac63641-FRA
access-control-allow-headers: Content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame CBD6 6 KB
3 KB 140ms
101ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Requested by: Host: www.zcash.one
URL: https://www.zcash.one/cointraffic.io.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4980ff1b5ac2bc713f5b6add0c71c2ca15a076eecd3068b0e2f376821fcfc53d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zcash.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Wed, 02 Aug 2023 11:46:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

POST
H3 200 7f0614eedbdd37da Show response
beycoin.xyz/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 756B 0
550 B 21ms
21ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beycoin.xyz/cdn-cgi/challenge-platform/h/b/cv/result/7f0614eedbdd37da
Requested by: Host: beycoin.xyz
URL: https://beycoin.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIMYZMdWxcVNVOqARHsjE0K3Tinni%2BTnzBssvyDn6tnNtDgbnmiJR1hSs63n8WwzNig35XeQEQ6tC9zKJiVoysnSMwccZpiTk%2Fz0OzLJkGNC3PVisxIgAW7Q0yFCazD2oekxL7ye5Hw37A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f0614f0eedd37da-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame CBD6 697 B
1 KB 75ms
22ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/popunder.js?v=1690809051562
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 87306b8d67ce995cb0676a6b4ad86f7bd0a541a28f076d85261df8e6d760fa20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zcash.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 697

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ Frame CBD6 13 KB
3 KB 76ms
23ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/inpage.js?v=1690809051562
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2d3284a27300a7b48a394c8497286e345b4906f2ba2946999134baa65681374a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zcash.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 sticky.js Show response
appsha-pnd.ctengine.io/static/ Frame CBD6 15 KB
3 KB 107ms
54ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/sticky.js?v=1690809051562
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.zcash.one/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame D2F0 697 B
1 KB 106ms
55ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/popunder.js?v=1690809051562
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=st6XIa5Xy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 87306b8d67ce995cb0676a6b4ad86f7bd0a541a28f076d85261df8e6d760fa20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 697

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ Frame D2F0 13 KB
3 KB 75ms
23ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/inpage.js?v=1690809051562
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=st6XIa5Xy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2d3284a27300a7b48a394c8497286e345b4906f2ba2946999134baa65681374a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 script.js Show response
appsha-pnd.ctengine.io/js/ Frame 7DD4 6 KB
3 KB 117ms
116ms Script
application/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Requested by: Host: 1dogecoin.work
URL: https://1dogecoin.work/cointraffic.io.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 60a6129f0cd76f56655b5a9e7c807a28d6393002c612f9cc99d5deb9fc4541dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1dogecoin.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Wed, 02 Aug 2023 11:46:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
server: nginx
expires: 0

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 102ms
28ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.zcash.one
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.zcash.one
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame CBD6 47 B
500 B 105ms
58ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=sNGraoOxLY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156

Request headers

Referer: https://www.zcash.one/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.zcash.one
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 100ms
28ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://beycoin.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://beycoin.xyz
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame D2F0 1 KB
2 KB 119ms
71ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=st6XIa5Xy7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 03a36f4e9e93db9f8182d0cb568041411b4ccad224d5f44451236f6a03756c92

Request headers

Referer: https://beycoin.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://beycoin.xyz
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

GET
H2 200 sticky.js Show response
appsha-pnd.ctengine.io/static/ Frame 7DD4 15 KB
3 KB 24ms
24ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/sticky.js?v=1690809051562
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1dogecoin.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 inpage.js Show response
appsha-pnd.ctengine.io/static/ Frame 7DD4 13 KB
3 KB 23ms
23ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/inpage.js?v=1690809051562
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2d3284a27300a7b48a394c8497286e345b4906f2ba2946999134baa65681374a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1dogecoin.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 popunder.js Show response
appsha-pnd.ctengine.io/static/ Frame 7DD4 697 B
1 KB 26ms
26ms XHR
text/javascript 2a0d:da00:a:401c::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://appsha-pnd.ctengine.io/static/popunder.js?v=1690809051562
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:401c:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: 87306b8d67ce995cb0676a6b4ad86f7bd0a541a28f076d85261df8e6d760fa20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1dogecoin.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 697

GET
H2 200 / Show response
media.hubuhost.com/int/ Frame BBD8 251 B
392 B 13ms
13ms Document
text/html 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://media.hubuhost.com/int/?sess=2d4f1ee5901f6f188c93a00f37e3a13b

Requested by

Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

1474045037c43c8a4058b73cc46a3a5f9f49bb2f468484c3b0a1f87688bccdfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: http://netzwerk-ad.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 1616084 Show response
ad.a-ads.com/ Frame 8E2F 12 KB
5 KB 45ms
17ms Document
text/html 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1616084?size=300x250

Requested by

Host: media.hubuhost.com
URL: https://media.hubuhost.com/int/?sess=2d4f1ee5901f6f188c93a00f37e3a13b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.254.28.76.144.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

e919517c50bb7b7df09c17b46d28ca8423aa4bcaed90dc34f363bd4634b78226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://media.hubuhost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://media.hubuhost.com/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

POST
H2 200 tmp Show response
apps-pnd.ctengine.io/ Frame 7DD4 47 B
498 B 111ms
64ms XHR
text/javascript 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Requested by: Host: appsha-pnd.ctengine.io
URL: https://appsha-pnd.ctengine.io/js/script.js?wkey=cPtjMI8YOr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156

Request headers

Referer: https://1dogecoin.work/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://1dogecoin.work
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: 0

OPTIONS
H2 204 tmp
apps-pnd.ctengine.io/ Frame 0
0 24ms
24ms Preflight 2a0d:da00:a:4018::
LAYERSHIFT

General

Check archive.org

Show headers Download Go to

Full URL: https://apps-pnd.ctengine.io/tmp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a0d:da00:a:4018:: , United Kingdom, ASN205072 (LAYERSHIFT, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://1dogecoin.work
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://1dogecoin.work
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
date: Wed, 02 Aug 2023 11:46:41 GMT
server: nginx

GET
H2 200 300x250
static.a-ads.com/a-ads-banners/393795/ Frame 8E2F 609 KB
610 KB 23ms
22ms Image
image/gif 144.76.28.254
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393795/300x250?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1616084?size=300x250
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.28.254 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.254.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:41 GMT
x-amz-version-id: FNTy6PSZIujNe9T_DALSYLZHxxf2zICy
last-modified: Tue, 31 May 2022 13:40:41 GMT
server: nginx
x-amz-request-id: D0CMMW409C1H7D46
etag: "022f5a2fb43fb40ba25ebafe6b68c6b2"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 623504
x-amz-id-2: 8IH3XzIBdf9SLiPoc/VhxqU1809qvT4b4p1bVgO2e9zsLR08jXmZMKxDdXP77/29K4XTRFYqkl8=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 8E2F 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 script_v230413.js Show response
cdn.ctengine.io/js/pnd/ Frame D2F0 88 KB
34 KB 71ms
17ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ctengine.io/js/pnd/script_v230413.js
Requested by: Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ccbe0a121632f9259699e929c64bee031273deffd0ff2691e321078fd52741e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beycoin.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 253041
x-accel-date: 1690723760
x-77-nzt: AZySIYgZ0OH/cdwDAA
x-accel-expires: @1691760560
last-modified: Thu, 13 Apr 2023 13:21:26 GMT
server: CDN77-Turbo
etag: W/"643801d6-15e07"
x-77-nzt-ray: f6587a1d5a89d3e52142ca644f9d6a32
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *

GET
H2 200 index.html Show response
cdn.ctengine.io/blank/4/2/9/ Frame 0150 163 KB
23 KB 65ms
12ms Document
text/html 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ctengine.io/blank/4/2/9/index.html
Requested by: Host: netzwerk-ad.de
URL: http://netzwerk-ad.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 5e6e964388636e324a20a268d3de9cf718b179c2668706ef9699550f821049ce

Request headers

Referer: https://beycoin.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
date: Wed, 02 Aug 2023 11:46:41 GMT
etag: W/"64445f10-28ab2"
last-modified: Sat, 22 Apr 2023 22:26:24 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-cache: HIT
x-77-nzt: AZySIYj93SX/McEGAA
x-77-nzt-ray: f6587a1d5a89d3e52142ca64def04232
x-77-pop: frankfurtDE
x-accel-date: 1690534128
x-accel-expires: @1691570928
x-age: 442673
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ Frame 0150 3 KB
913 B 135ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:700,regular,600

Requested by

Host: cdn.ctengine.io
URL: https://cdn.ctengine.io/blank/4/2/9/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12cb7209cd9612bea9202808ff7aa54d8e180d661ca758b124b5d53fec7e91fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ctengine.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 02 Aug 2023 11:46:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:08:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Aug 2023 11:46:41 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 0150 8 KB
8 KB 136ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:700,regular,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.ctengine.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 00:08:32 GMT
x-content-type-options: nosniff
age: 560290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jul 2024 00:08:32 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 0150 8 KB
8 KB 140ms
43ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:700,regular,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cdn.ctengine.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 04:53:10 GMT
x-content-type-options: nosniff
age: 456812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jul 2024 04:53:10 GMT

GET
H2 200 Cointraffic_Dark.svg
cdn.ctengine.io/blank/4/2/9/ Frame 0150 6 KB
3 KB 8ms
7ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ctengine.io/blank/4/2/9/Cointraffic_Dark.svg
Requested by: Host: cdn.ctengine.io
URL: https://cdn.ctengine.io/blank/4/2/9/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8004390a0168effb324ddff819df0074a42f9c1fea9ac74cf607e22dcb9eb240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ctengine.io/blank/4/2/9/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 02 Aug 2023 11:46:42 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 442512
x-accel-date: 1690534290
x-77-nzt: AZySIYhgGWD/kMAGAA
x-accel-expires: @1691571090
last-modified: Sat, 22 Apr 2023 22:26:27 GMT
server: CDN77-Turbo
etag: W/"64445f13-16f6"
x-77-nzt-ray: f6587a1d5a89d3e52242ca64d60c5f03
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *

GET
H2 200 rocket.svg
cdn.ctengine.io/blank/4/2/9/ Frame 0150 6 KB
2 KB 8ms
7ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ctengine.io/blank/4/2/9/rocket.svg
Requested by: Host: cdn.ctengine.io
URL: https://cdn.ctengine.io/blank/4/2/9/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2be6803fc7a9113760abe611c7dd7da8bbe9e0c45f1aaaf05a54e690e68f15df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ctengine.io/blank/4/2/9/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 02 Aug 2023 11:46:42 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 442512
x-accel-date: 1690534290
x-77-nzt: AZySIYjp5J7/kMAGAA
x-accel-expires: @1691571090
last-modified: Sat, 22 Apr 2023 22:26:24 GMT
server: CDN77-Turbo
etag: W/"64445f10-16ae"
x-77-nzt-ray: f6587a1d5a89d3e52242ca64e3336803
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *

GET
H2 200 a_2.svg
cdn.ctengine.io/blank/4/2/9/ Frame 0150 695 B
747 B 8ms
8ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ctengine.io/blank/4/2/9/a_2.svg
Requested by: Host: cdn.ctengine.io
URL: https://cdn.ctengine.io/blank/4/2/9/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 109075c6d549e0002fdad543784c072bf0619e43c57f470bd7c6405dd3605240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ctengine.io/blank/4/2/9/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 02 Aug 2023 11:46:42 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 442512
x-accel-date: 1690534290
x-77-nzt: AZySIYjXLin/kMAGAA
x-accel-expires: @1691571090
last-modified: Sat, 22 Apr 2023 22:26:25 GMT
server: CDN77-Turbo
etag: W/"64445f11-2b7"
x-77-nzt-ray: f6587a1d5a89d3e52242ca645f046e03
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *

GET
H2 200 a_4.svg
cdn.ctengine.io/blank/4/2/9/ Frame 0150 695 B
753 B 9ms
8ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ctengine.io/blank/4/2/9/a_4.svg
Requested by: Host: cdn.ctengine.io
URL: https://cdn.ctengine.io/blank/4/2/9/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 67a2473ec8e8691baac3e496fc0bbd7ea95a1d8bc736ae0dec430137c1b0beb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.ctengine.io/blank/4/2/9/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 02 Aug 2023 11:46:42 GMT
content-encoding: gzip
x-cache: HIT
x-77-cache: HIT
x-age: 442512
x-accel-date: 1690534290
x-77-nzt: AZySIYjtUIX/kMAGAA
x-accel-expires: @1691571090
last-modified: Sat, 22 Apr 2023 22:26:26 GMT
server: CDN77-Turbo
etag: W/"64445f12-2b7"
x-77-nzt-ray: f6587a1d5a89d3e52242ca64ebee7203
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *

GET
H2 200 x.png
media.hubuhost.com/img/ 2 KB
2 KB 11ms
11ms Image
image/png 2a01:4f8:10b:ddc::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.hubuhost.com/img/x.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4f8:10b:ddc::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 5f27fe8b53b3ef458c7d2c329cef01d725b1cffcb966e0e3fb20ee845ecb59ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://netzwerk-ad.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 11:46:42 GMT
last-modified: Fri, 25 Nov 2022 03:17:25 GMT
server: nginx
etag: "638033c5-68a"
content-type: image/png
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 1674
expires: Wed, 09 Aug 2023 11:46:42 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.beycoin.xyz/	1970-01-20 22:28:32	Name: cf_clearance Value: IccGwMjchMvTy0dZgca.F2g2a0zbsFGS1Ne05COeKrY-1690976801-0-1-b3711234.3a094aac.ea9da3b3-0.2.1690976801

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://media.hubuhost.com/?key=17A178 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.wrly.de/jw.js?de=qO5L07WXAl1bJS6C, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://media.hubuhost.com/?key=17A178 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.wrly.de/jw.js?de=qO5L07WXAl1bJS6C, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://cdn.wrly.de/jw.js?de=qO5L07WXAl1bJS6C Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1dogecoin.work
ad.a-ads.com
adservice.google.com
apps-pnd.ctengine.io
appsha-pnd.ctengine.io
beycoin.xyz
cdn.ctengine.io
cdn.wrly.de
cdnjs.cloudflare.com
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
free-btc.org
gobits.me
imasdk.googleapis.com
media.hubuhost.com
netzwerk-ad.de
pagead2.googlesyndication.com
s0.2mdn.net
static.a-ads.com
video.onetouch8.info
www.google-analytics.com
www.googletagmanager.com
www.zcash.one
yellowstone-btc.com
144.126.134.105
144.76.28.254
2606:4700:3030::ac43:8265
2606:4700:3032::ac43:ab44
2606:4700:3035::6815:12c8
2606:4700:3035::ac43:a73c
2606:4700::6811:180e
2607:f8b0:4006:80c::2003
2a00:1450:4001:801::2008
2a00:1450:4001:803::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2002
2a01:4f8:10b:ddc::2
2a02:6ea0:c700::17
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0d:da00:a:4018::
2a0d:da00:a:401c::
03a36f4e9e93db9f8182d0cb568041411b4ccad224d5f44451236f6a03756c92
0427e21f76cab20576d67ecb15f91b151f7919feb4efcffeaf71a66b2e10b580
091f183120ebafa52a6fa06a25558ea70f4b7077c88531b91e5d5a1ba2b683af
102d87fd8f99293a8706f1fef7bc8fc68ca046679aec492e7c4e75516ba3b6e9
109075c6d549e0002fdad543784c072bf0619e43c57f470bd7c6405dd3605240
12cb7209cd9612bea9202808ff7aa54d8e180d661ca758b124b5d53fec7e91fc
1474045037c43c8a4058b73cc46a3a5f9f49bb2f468484c3b0a1f87688bccdfb
1825cfe3f18db5a062e4f37b134b6d4a3568c67d557921939e4b5e26ca1ae723
186707c7ae0d45cba1490a5556f59fc371f6ab88cc16c452fef8b70072cb5e54
1bb106733890f71bcff167b38ae6308c2cd6c0fe9f69328902b77f5a615145cd
1e2fa970341b6dc1981473780cc702344215a0a81756ec602ac46557df1c016d
233ea4a6b15a4c0190686852b27706807fe2fec270d3c9f3e8167d4dddaa0250
250125d7130c6f0d0c53cb4a6adc7d5bea98a9525b07f7b408bf5c90b67b2f74
2be6803fc7a9113760abe611c7dd7da8bbe9e0c45f1aaaf05a54e690e68f15df
2d3284a27300a7b48a394c8497286e345b4906f2ba2946999134baa65681374a
32d099a88b13ba2efd32d5b3b8bd7f531dd1db1231594ad0596ffbe163402662
3811387a8142cdfbab3592a252f474419107d5df71cbff5c6415d7ef53cda116
3918269b0de0c0eb9cb33eaf6c9953f2ddbb1af73a225d9c9630ea1d578aa6a5
3c069bd4cd8dc7ed6222eced19c38ad54e49c8f60919a690f8716ae4227072ef
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
3fb904c0d90b127d6ca117224cf2ed571a57ffcb2a538ae15f7276f4e088e06c
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
4720fe90a9fd69c8c1887c86a7d80477287c8946d509083ce0c664b8add48b04
4980ff1b5ac2bc713f5b6add0c71c2ca15a076eecd3068b0e2f376821fcfc53d
568e3768feba91a7ff887286c94fd678b82349af9a49d2012160b08dd1ace8e8
5c0a7fac698eada89ba313c38e8f40fccec1506d10ad84924e5eaa64ab3ac423
5c795928556b12979db821b031bb3c828582864b24a3d8ebd784fd314ebbb7fb
5e6e964388636e324a20a268d3de9cf718b179c2668706ef9699550f821049ce
5f27fe8b53b3ef458c7d2c329cef01d725b1cffcb966e0e3fb20ee845ecb59ea
60a6129f0cd76f56655b5a9e7c807a28d6393002c612f9cc99d5deb9fc4541dc
627b71329076b19918cd241db80b9a358e800f05e7fcff15f4930ddf91c887e0
67a2473ec8e8691baac3e496fc0bbd7ea95a1d8bc736ae0dec430137c1b0beb6
683a1d2d90c617a3154fb5b6c3c24e8ccc67a740d51de8089d59bd30f1c6c0ff
69bce7f8cb253945351434612e6adfe03a1ee23be5c85b391b2792f9a8a4bb14
7a83dde0ee9f06593519e9556f86281d967a2b64a7c7903b56575b53935ce2a6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f8e41689b540b20ddd27f0af5644326d9bb5c2b5dec9d5c590cd776f6a3c9f4
8004390a0168effb324ddff819df0074a42f9c1fea9ac74cf607e22dcb9eb240
87306b8d67ce995cb0676a6b4ad86f7bd0a541a28f076d85261df8e6d760fa20
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94896662c8e444c7e701c0a2082c7e5145d5ef4ddeb8a1c9403f932145d24739
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad3a0fcad6e1e6f1ed6915e101d2e4b6557f9b10b1dd7c65893824d33ec62bc8
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
c1a51b9bbbb05b4e4760ca1dc7430c754adb5747433458f8a09e8c3080d2e4a9
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
ccbe0a121632f9259699e929c64bee031273deffd0ff2691e321078fd52741e3
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d472605a818717cdd20b89cd3dbdf3d9a101fbd65ac5ff3276cc398ca4d8bae6
d4a8d14f34fb8740b9acb5123e475eaae20d83907e0e14dd267d63e93e7f82da
d8b5a182bc67221d6aca1ae17ae45734e487e51959af519203bbc0b088b94062
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de458edb3b76ca22b59a2f20d2c393bd26aa219d26dbaaa8d175deaed973fa76
de78adc1100b53b2e53cec435464dd0884f7e4808ac7d383d0a98f44d660b2d7
dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e919517c50bb7b7df09c17b46d28ca8423aa4bcaed90dc34f363bd4634b78226
ea626b97373b72a1299e434965f6d55d985b9981f002338322cde1941e96df96
ebbe84e55b388c782babbc38e8460a1841ee9fe7d9f871bcc1002476c395c119
ed2fde238d926d40ed76670daf6bd36654791a9aa1c5d28ebffcfd7aaba6f156
f870ce5360312c9c00922136cd15b3ff398cbc46976b0d76fecb3b0f9ec6fd97
fc4d686ef94acebe0183830364a331bf31b73b16e83629fc0d9e84e459047a18
fc6b008e5dc94f56068b77adce16b3dc0d25b04b9bb3ff275aef11437d0bf101
fe840571f237e1cafcdd9a00c74cdfc513c36fcbeec8e0e04654ef351e891634

netzwerk-ad.de Open in urlscan Pro 144.126.134.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

74 %HTTPS

91 %IPv6

20 Domains

25 Subdomains

23 IPs

3 Countries

2559 kBTransfer

4394 kBSize

1 Cookies

6 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

netzwerk-ad.de Open in urlscan Pro
144.126.134.105 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

74 %
HTTPS

91 %
IPv6

20
Domains

25
Subdomains

23
IPs

3
Countries

2559 kB
Transfer

4394 kB
Size

1
Cookies

81 HTTP transactions
3 data transactions