puretheweb.com Open in urlscan Pro
2606:4700:3032::ac43:ae41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://youwantmylife.info/
Effective URL:
https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0a...
Submission Tags: falconsandbox
Submission: On January 02 via api (January 2nd 2022, 4:12:46 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 11 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3032::ac43:ae41, located in United States and belongs to CLOUDFLARENET, US. The main domain is puretheweb.com.
TLS certificate: Issued by R3 on December 1st 2021. Valid for: 3 months.

This is the only time puretheweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	2606:4700:303... 2606:4700:3037::6815:3bf6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700:303... 2606:4700:3032::ac43:dac0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:a9b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	35.190.38.40 35.190.38.40	15169 (GOOGLE) (GOOGLE)
1 1	18.184.38.55 18.184.38.55	16509 (AMAZON-02) (AMAZON-02)
31	2606:4700:303... 2606:4700:3032::ac43:ae41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
53	7

12 2606:4700:3037::6815:3bf6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

youwantmylife.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:dac0 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

wait5sec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a9b0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onetouch7.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.38.40 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 40.38.190.35.bc.googleusercontent.com

www.adspredictiv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.38.55 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-38-55.eu-central-1.compute.amazonaws.com

bional-dested.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700:3032::ac43:ae41 (United States)

ASN13335 (CLOUDFLARENET, US)

puretheweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	puretheweb.com puretheweb.com	747 KB
12	youwantmylife.info 2 redirects youwantmylife.info	135 KB
5	yandex.com 2 redirects mc.yandex.com	3 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	adspredictiv.com 2 redirects www.adspredictiv.com	3 KB
2	yandex.ru 1 redirects mc.yandex.ru	66 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	wait5sec.com 2 redirects wait5sec.com	2 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	bional-dested.icu 1 redirects bional-dested.icu	2 KB
1	onetouch7.info 1 redirects onetouch7.info	971 B
53	11

	Domain	Requested by
31	puretheweb.com	www.adspredictiv.com puretheweb.com
12	youwantmylife.info	2 redirects youwantmylife.info
5	mc.yandex.com	2 redirects
4	fonts.googleapis.com	puretheweb.com
3	www.adspredictiv.com	2 redirects youwantmylife.info
2	mc.yandex.ru	1 redirects youwantmylife.info
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	wait5sec.com	2 redirects
1	www.googletagmanager.com	puretheweb.com
1	bional-dested.icu	1 redirects
1	onetouch7.info	1 redirects
53	11

This site contains no links.

Subject Issuer	Validity	Valid
adspredictiv.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2022-07-04`	2 years	crt.sh
*.puretheweb.com R3	`2021-12-01` - `2022-03-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
Frame ID: 57A640DEFEF9BD133530ED13E591BF27
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pureweb

Page URL History Show full URLs

http://youwantmylife.info/ HTTP 302
http://youwantmylife.info/landing/default/redirect Page URL
http://youwantmylife.info/landing/default/trafficback?sourceId=1&tbType=trafficback&tbId=1&sig=6610362... HTTP 302
https://wait5sec.com/dvzMy91L?source=1 HTTP 302
http://onetouch7.info/pop-go/37291?sub1=27h20h27r4tbm&sub2=1 HTTP 302
https://wait5sec.com/dvzMy91L HTTP 302
https://www.adspredictiv.com/jump/next.php?r=2848467 Page URL
https://www.adspredictiv.com/jump/next.php?stamat=m%257C%252CU4iF6t3frB1dwP0dEdHP3xP.3dd%252C2t5FkDDYpjxJ... HTTP 302
https://www.adspredictiv.com/script/i.php?stamat=m%257C%252C%252CgjNmtjd_oGU3BU9GH0dEdHP3xP.9ec%252CfWcts... HTTP 302
https://bional-dested.icu/edbcadda-3993-40c8-bf4c-0e4f4433202c?campaign=274673220&ban=23353818&ssp=Adc... HTTP 302
https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

77 %
HTTPS

80 %
IPv6

11
Domains

11
Subdomains

7
IPs

3
Countries

1012 kB
Transfer

1682 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://youwantmylife.info/ HTTP 302
http://youwantmylife.info/landing/default/redirect Page URL
http://youwantmylife.info/landing/default/trafficback?sourceId=1&tbType=trafficback&tbId=1&sig=6610362ffbda94936802a79d10b70d&url=https%3A%2F%2Fwait5sec.com%2FdvzMy91L%3Fsource%3D1 HTTP 302
https://wait5sec.com/dvzMy91L?source=1 HTTP 302
http://onetouch7.info/pop-go/37291?sub1=27h20h27r4tbm&sub2=1 HTTP 302
https://wait5sec.com/dvzMy91L HTTP 302
https://www.adspredictiv.com/jump/next.php?r=2848467 Page URL
https://www.adspredictiv.com/jump/next.php?stamat=m%257C%252CU4iF6t3frB1dwP0dEdHP3xP.3dd%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAV1rtcjJRh7XKgcungnm-a2&cbur=0.9918298488617916&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
https://www.adspredictiv.com/script/i.php?stamat=m%257C%252C%252CgjNmtjd_oGU3BU9GH0dEdHP3xP.9ec%252CfWctsiKtPTXM1X3or3kf6zP8pPaHDdBt8MnY1-cZuFE428Myj_NgiTDbp5D3neYfHszUy5FhHhlu0v518nE-ZeKy-ypt7e_MUJ8e35SMsO3bmiw_-faSXdPeYB5vJFF110VsQRcOhTya0_mIe8KsJ9QfF9iAMBE6TBBZhMNhWgyoZetm2NqWx6iR8m4TkRbK3HXrzdauHA3FNEaZZw1asmIEb4qEHPYQNggez86ZarkOJlCilOf_gLtLCuALeFk-AV3itiG6eE3q1XztCUdtkJCZt-FNdEDdOhGayY5d6vYI81LtxfOl1OpcfNYXUvfZC-E4P0aUYgMQCZwgARIQs5wnLMcuSG8_cWPRinF8DWLRi9vY5ZKXQTOhreNW5nYuOzNat3BBVOWPxoG7qBogk2RCe76Tmz1Av8f55FIWGvVryC0_wz4KIb4o_jXJge_jBoLV2tJ5HLiKIMjP7iInQxH8QjeJ3SN9MTEiDvg-Gh0%252C HTTP 302
https://bional-dested.icu/edbcadda-3993-40c8-bf4c-0e4f4433202c?campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247%20Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061 HTTP 302
https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://youwantmylife.info/ HTTP 302
http://youwantmylife.info/landing/default/redirect

Request Chain 10

http://youwantmylife.info/landing/default/trafficback?sourceId=1&tbType=trafficback&tbId=1&sig=6610362ffbda94936802a79d10b70d&url=https%3A%2F%2Fwait5sec.com%2FdvzMy91L%3Fsource%3D1 HTTP 302
https://wait5sec.com/dvzMy91L?source=1 HTTP 302
http://onetouch7.info/pop-go/37291?sub1=27h20h27r4tbm&sub2=1 HTTP 302
https://wait5sec.com/dvzMy91L HTTP 302
https://www.adspredictiv.com/jump/next.php?r=2848467

Request Chain 49

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9506.FpZOutV1ToLDrRep8rMWCcmw0MrMOOrZB0o5EaNTKDH5cASYbxEgsmKuu_efU7FS.hC26kKW2Nt-2m8nucACnKIWEBbI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9506.uAjMhPJ7Yz9rT7gO_z44R6B49aR4JB8JKp7aoXvXycOb8ojOyjHfeA8BFbNhnP5MTDijOSm23yO9Nt71gbSbog%2C%2C.d0tkhJukuql6fJxU3FQn8CmA7L0%2C

Request Chain 51

https://mc.yandex.com/watch/66586093?wmode=7&page-url=https%3A%2F%2Fpuretheweb.com%2F%3Fscenario%3Dpromo12v2%26trackingdomain%3Dbional-dested.icu%26source_id%3Db53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b%26cep%3Dx6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8%26lptoken%3D165b41fa1466171463d6%26campaign%3D274673220%26ban%3D23353818%26ssp%3DAdcash%26zone%3D2848467%26advertiser%3D153126%26country%3DDE%26org%3DM247%2BLtd%26platform%3DWindows%26ip%3D185.232.23.180%26device_make%3DUnknown%26redirection_cost%3D0.002%26clickid%3D16411399633118995380232529390228061&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A941%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A117313770400%3Ahid%3A699156493%3Az%3A0%3Ai%3A20220102161244%3Aet%3A1641139964%3Ac%3A1%3Arn%3A314295167%3Arqn%3A1%3Au%3A1641139964140217319%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641139963082%3Ads%3A12%2C57%2C209%2C1%2C383%2C0%2C%2C288%2C0%2C1013%2C1013%2C0%2C952%3Adsn%3A11%2C57%2C209%2C1%2C383%2C0%2C%2C290%2C0%2C1013%2C1013%2C0%2C952%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641139964%3At%3APureweb&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/66586093/1?wmode=7&page-url=https%3A%2F%2Fpuretheweb.com%2F%3Fscenario%3Dpromo12v2%26trackingdomain%3Dbional-dested.icu%26source_id%3Db53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b%26cep%3Dx6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8%26lptoken%3D165b41fa1466171463d6%26campaign%3D274673220%26ban%3D23353818%26ssp%3DAdcash%26zone%3D2848467%26advertiser%3D153126%26country%3DDE%26org%3DM247%2BLtd%26platform%3DWindows%26ip%3D185.232.23.180%26device_make%3DUnknown%26redirection_cost%3D0.002%26clickid%3D16411399633118995380232529390228061&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A941%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A117313770400%3Ahid%3A699156493%3Az%3A0%3Ai%3A20220102161244%3Aet%3A1641139964%3Ac%3A1%3Arn%3A314295167%3Arqn%3A1%3Au%3A1641139964140217319%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641139963082%3Ads%3A12%2C57%2C209%2C1%2C383%2C0%2C%2C288%2C0%2C1013%2C1013%2C0%2C952%3Adsn%3A11%2C57%2C209%2C1%2C383%2C0%2C%2C290%2C0%2C1013%2C1013%2C0%2C952%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641139964%3At%3APureweb&t=gdpr%2814%29aw%281%29ti%282%29

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

redirect Show response
youwantmylife.info/landing/default/
Redirect Chain

http://youwantmylife.info/
http://youwantmylife.info/landing/default/redirect

4 KB
3 KB

73ms
73ms

Document
text/html

2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://youwantmylife.info/landing/default/redirect
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b27acfb62810f889d9d62dc348f8841baa717597197a708813fbf25daf6f501a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FC6O17Mkz06egjb94mfNYB%2FTDImJQiN6qzO9OrLb5N6Y%2FFZV7xrmvmOrnWFuzYkLIdYAyb61eJ2wakySPm8j2USBoqoMFz0f1bnLXf0qu4U1WawwzAm%2FxuOUubxSfPyOMo9YMxKBUyj6UmEB4s77hvM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6c75453baaaf3748-MXP
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: http://youwantmylife.info/landing/default/redirect
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXxqbBSrADr3o9Hi1y1pLesKaQcejltKWeeE%2BH8yPOFLGHPQuRLiXh6YD4CXVvsKNFgx%2B4XyXp3x2fzlK%2BbPwvPl7TYnjS6fcn0cvSL8QX%2FPCaES1EDiYkKZ2Tcnp8mUCArwtnh%2Ff1yOyeFo7r1z6mY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6c75453b190f3748-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK style.css
youwantmylife.info/media/landings/captcha/css/ 5 KB
2 KB 71ms
70ms Stylesheet
text/css 2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://youwantmylife.info/media/landings/captcha/css/style.css?b=23
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/landing/default/redirect
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b373236db2da5719888bf03747b56eb9830d0e560849edd15a1f6d4d3a9eb620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/landing/default/redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Mon, 10 Jun 2019 13:31:59 GMT
Server: cloudflare
etag: W/"5cfe5bcf-12a6"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2FsD0J38BhpT094Ky5%2B%2Fe5FsRk5UiQvfr9Xo7uK76VjIF9qFuuWEy3ZseIVyVAiuUpPozmcxqs9%2Fxx1eyrXyU2Wz8XL7uyL1QGC7fGop6AlYpykxmypsK3mKXu3xV7HK%2BXdy8g0wDY2fNBxIEOEr0NI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c75453c4c653748-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK push-wrap.js Show response
youwantmylife.info/ 67 KB
13 KB 136ms
130ms Script
application/javascript 2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://youwantmylife.info/push-wrap.js?b=36
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/landing/default/redirect
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9ad5d71df530ae290d393d8b1a0fc31c7f8a30045aa91a7283b6e58e4ac9da5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/landing/default/redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Thu, 16 Sep 2021 09:14:56 GMT
Server: cloudflare
etag: W/"61430b10-10ad5"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tV3XZSKrnE7pNdESuVwye9l25GeSLQDg0eD995HUgOtjkJ8%2BBl5fs3vbbdtRf4G4Bn1IKvaY66rqKCDO3xBO4iAtv1%2Bi%2B%2FAi31FkCaAxLKPtR1iiOKYz3M68BmpI03ij69jA0lb1OCOw7CPXbmZ59j8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c75453c6d5c0f76-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK block.js Show response
youwantmylife.info/ 142 B
954 B 121ms
115ms Script
application/javascript 2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://youwantmylife.info/block.js?b=23
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/landing/default/redirect
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b8e33e29528d52649a476908377defe05da7bdfb68a708eea2e18aac42ab1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/landing/default/redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
last-modified: Mon, 10 Jun 2019 13:31:59 GMT
Server: cloudflare
etag: W/"5cfe5bcf-8e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oLss%2FW6madIX9d%2BJy1zdhy8yBJPF9OQVHizD1Ppjk3fcYbtx8kPOvNY7ZQ8q3HMIQYzE96jBGRw%2B6SY%2FG4Ke7CEBRhCRFaZXhij5zORMMeQC1Zmf5bQcKb96dxgxtpgQEFw4mYvvycqyF0y67NIwXg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c75453c691683ba-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK jquery.js Show response
youwantmylife.info/assets/62c1f7d9/ 262 KB
78 KB 133ms
127ms Script
application/javascript 2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://youwantmylife.info/assets/62c1f7d9/jquery.js?v=1563869784
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/landing/default/redirect
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/landing/default/redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Tue, 23 Jul 2019 08:16:24 GMT
Server: cloudflare
etag: W/"5d36c258-41707"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uTrCd4jPqBJCfkLkejXtHUNUZqn6ep1u%2FEXHVQRq4fZ6RkdrVYzU6119n2b%2FqqnOwWAP93n5xlI7Tt%2BQIR4Y10Lf%2FucPmEyk4o%2BMIQ0i1vyDHhNXBIta0C48UB3dBGO%2Bpd3uToJBW1IvBIvC0jXB0U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c75453c6aa03749-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK main.js Show response
youwantmylife.info/media/landings/captcha/js/ 637 B
1 KB 53ms
47ms Script
application/javascript 2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://youwantmylife.info/media/landings/captcha/js/main.js?b=23
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/landing/default/redirect
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc264d9c67154d6af02f2162bde9a8d15e8ed19b0d36173fdf4428bf37d35d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/landing/default/redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Tue, 09 Jul 2019 11:44:30 GMT
Server: cloudflare
etag: W/"5d247e1e-27d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1r%2BXSUxPdQfj7HF62Vn0xRGn%2Fkw53utxNZ%2BvsJhrWcqrcAEIERgcf3an%2FWKwq%2F1gG7lp%2FIMmVCVWiN13CL4Q0qVsBq%2BcC1sVHb4Ic26ShEPLzNFvQE%2BDlPaQeorhOjdw52Slx7sfX1OKgNMoEEmbVJ4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c75453c4d536963-FRA
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK bg.jpg
youwantmylife.info/media/landings/captcha/images/ 24 KB
25 KB 85ms
85ms Image
image/jpeg 2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://youwantmylife.info/media/landings/captcha/images/bg.jpg
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/media/landings/captcha/css/style.css?b=23
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/media/landings/captcha/css/style.css?b=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
CF-Cache-Status: MISS
last-modified: Mon, 10 Jun 2019 13:31:59 GMT
Server: cloudflare
etag: "5cfe5bcf-5f34"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i812OJyXVttyuM45hBXOoWQYAcZdO%2BoCj9G%2FpdlEXMcPdsCNzLcYcDIgBEb63v7q0gRgPgvXeebhL57Cfc7UKoF1Jx4ZKuRG87U59epALo%2FJcDqGucg%2BHZXqnkCponaJvEPiT98cdXF104afQJVaEfc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c75453d6c893749-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 24372

GET
H/1.1 200
OK window.svg
youwantmylife.info/media/landings/captcha/images/ 1 KB
1 KB 74ms
74ms Image
image/svg+xml 2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://youwantmylife.info/media/landings/captcha/images/window.svg
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/media/landings/captcha/css/style.css?b=23
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 117cfa8d8a4815256530eadeb88e5bd48ff7793c969c3431e40756eaa59eb3d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/media/landings/captcha/css/style.css?b=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Mon, 10 Jun 2019 13:31:59 GMT
Server: cloudflare
etag: W/"5cfe5bcf-5bb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wjsuEtIiEAg6xAV0P4unQvDIhU6U%2FnFf5ZUnYno9nHK2L8RtHZBeh8wVJNxnXjMmfSqg8SjlzyB4wu2QnVUXSAJGFjb%2F5LTZxvWGLHNzdCfr9KRSkzfYfDUbZUdW87noyZh0gdTSKKei1ptHZciS2Y%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/svg+xml
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c75453d6f3f0f76-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H/1.1 200
OK catcha.png
youwantmylife.info/media/landings/captcha/images/ 3 KB
4 KB 68ms
67ms Image
image/png 2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://youwantmylife.info/media/landings/captcha/images/catcha.png
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/media/landings/captcha/css/style.css?b=23
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/media/landings/captcha/css/style.css?b=23
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
CF-Cache-Status: MISS
last-modified: Mon, 10 Jun 2019 13:31:59 GMT
Server: cloudflare
etag: "5cfe5bcf-dfe"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4K7CGPAdtUUnG8F0tG1r1okCtw1FnsrrwwxPQ1vJjP8oN7cc10wXmSZX5q229By4I8wXUA1yjcDJ51uDpUxHeTMszLCDhjCwRbMwW9dK5qc3wbrywTNbt51KLHEEtP9JXKUSEKsIwVxI7E9Gd7qMxNw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 6c75453d6cd783ba-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 3582

GET
H/1.1 200
OK push.js Show response
youwantmylife.info/ 22 KB
5 KB 99ms
98ms Script
application/javascript 2606:4700:3037::6815:3bf6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://youwantmylife.info/push.js?b=36
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/push-wrap.js?b=36
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:3bf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a050b38cc981d5b27c163ab711c46ea167ce3af8a534199556019385165f288

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/landing/default/redirect
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 16:12:42 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
last-modified: Thu, 16 Sep 2021 09:01:17 GMT
Server: cloudflare
etag: W/"614307dd-57fb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTi9%2FCDrvNF3WZOxJ64kKuN3teMNbnQEu2Niku3l5oFSIZt2%2B7AXNQl7NkIl%2B1In%2FZIBPgDHJEaa8LE0Sj22TIm4TA7xgcQ6a7Pw5byob0l2zf9K5St0i1FBVb%2Fu1S1C83MJoxGipMTYaXzwAmNDdKA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control: max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 6c75453d7fd53748-MXP
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}

GET
H2

200

next.php Show response
www.adspredictiv.com/jump/
Redirect Chain

http://youwantmylife.info/landing/default/trafficback?sourceId=1&tbType=trafficback&tbId=1&sig=6610362ffbda94936802a79d10b70d&url=https%3A%2F%2Fwait5sec.com%2FdvzMy91L%3Fsource%3D1
https://wait5sec.com/dvzMy91L?source=1
http://onetouch7.info/pop-go/37291?sub1=27h20h27r4tbm&sub2=1
https://wait5sec.com/dvzMy91L
https://www.adspredictiv.com/jump/next.php?r=2848467

7 KB
3 KB

158ms
123ms

Document
text/html

35.190.38.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.adspredictiv.com/jump/next.php?r=2848467
Requested by: Host: youwantmylife.info
URL: http://youwantmylife.info/push-wrap.js?b=36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.38.40 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 40.38.190.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 989f9018f08e6b812cfce8110b6b803c493d89474a7f9ed90c249c0cc11e4fbc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://youwantmylife.info/landing/default/redirect

Response headers

server: openresty
date: Sun, 02 Jan 2022 16:12:43 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

date: Sun, 02 Jan 2022 16:12:42 GMT
content-type: text/html; charset=UTF-8
location: https://www.adspredictiv.com/jump/next.php?r=2848467
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Sun, 02 Jan 2022 16:12:42 GMT
pragma: no-cache
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAPKvloWzldFGWkqbrw7iVktX2xLwAtb81AcmEQeid2bX0ReIUGZee5pSAN4FUu17o19FUrzPV8UJtkOZeRL8wcKFx0x92RgNFzYIkdGC2E5%2FB6eOOdBRKY5yIgkk64E1lHrzmeLGvk0y%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c75453fc8ee8beb-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

Primary Request / Show response
puretheweb.com/
Redirect Chain

https://www.adspredictiv.com/jump/next.php?stamat=m%257C%252CU4iF6t3frB1dwP0dEdHP3xP.3dd%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAV1rtcjJRh7XKgcungnm-a2&cbur=0.9918298488617916&cbtitle=&cbifra...
https://www.adspredictiv.com/script/i.php?stamat=m%257C%252C%252CgjNmtjd_oGU3BU9GH0dEdHP3xP.9ec%252CfWctsiKtPTXM1X3or3kf6zP8pPaHDdBt8MnY1-cZuFE428Myj_NgiTDbp5D3neYfHszUy5FhHhlu0v518nE-ZeKy-ypt7e_MU...
https://bional-dested.icu/edbcadda-3993-40c8-bf4c-0e4f4433202c?campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247%20Ltd&platform=Windows&ip=185.232.23.180...
https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3x...

26 KB
6 KB

278ms
209ms

Document
text/html

2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061

Requested by

Host: www.adspredictiv.com
URL: https://www.adspredictiv.com/jump/next.php?r=2848467

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3341403ece2c48c8b6a74f9fb4be6927e0aa849ee14fd247be9246b163055529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.adspredictiv.com/jump/next.php?r=2848467

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnTKJq7NCje7jq3rao83KOrkFDEla%2FrtRCo14OHIOg4tcPq0wDA7%2FRDJjiGmhZpoiwyhOz84iA54ZNmueZgBTTRn5%2Fc3SMj8iH6tA%2BkLXMMi45N42qptnlWedMYCh4bv42bVSTlxlpIDH0eoPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c754544281ff933-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server: nginx
date: Sun, 02 Jan 2022 16:12:43 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
pragma: no-cache

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 45ms
20ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@100;300;400;500;600;700;900&display=swap

Requested by

Host: puretheweb.com
URL: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f638846fc66949d0d06b3dbe7b3feebd1796032b4668bfece32e1259e6016035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Jan 2022 15:07:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 02 Jan 2022 16:12:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jan 2022 16:12:43 GMT

GET
H3 200 promo12v2.087e51dece74e8060659.css
puretheweb.com/assets/css/ 82 KB
12 KB 197ms
151ms Stylesheet
text/css 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://puretheweb.com/assets/css/promo12v2.087e51dece74e8060659.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

518e53356a08ff0eb8d841c44809993904da611879b3fed1a4a5bf2216e2f033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27311
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gw%2FrJaNm3jlOhlvPiW%2FwMdfrewK6gLWSUZ8OblhqpN%2F1E8f6Yxla3mK%2BHJiiM7bBcY7%2F%2BBi6rsZ1SHOel3DaER3ZTO069Ru7r%2B%2Bs5O%2Fa70zSA86mZO2VnI4UUpfZguLlS2pH8NT6w0FnZyWxQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf8
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545c9ae5995-MXP

GET
H3 200 f1ce86a627b87a1bfc2e4630a7017fd8.svg
puretheweb.com/assets/media/ 259 B
755 B 169ms
167ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/f1ce86a627b87a1bfc2e4630a7017fd8.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9266619ef667b8d46198b631446517186c303625d43c4b6f68f6587948d7274f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82244
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlOmRyNM7pn%2BkiRPNm79Bx0LDNoQBc6wuf5U3gA0gKjWqkx56qwN%2B6X%2FfXV0yyA6zdUIoAlr3NfUd9r8E0FMyyJBlbgJkIXUUrR5%2BMNmZ5F9GCxsnKIKfOMrOnDlsFnhryCc3w5q5O4yRfoidg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545d9dc5995-MXP

GET
H3 200 504ffb97eb61c00af3f850292e37f02f.svg
puretheweb.com/assets/media/ 396 B
853 B 155ms
153ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/504ffb97eb61c00af3f850292e37f02f.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

300ca825f7067862d9a823dc224b58e31fbd6c077cd992ee7b8e2f34c41ea967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89950
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dc3sZXH%2FsbHbIGFyflAjIRNSQRmWC%2FcT8lWoSG8h2HC6gEUKzAV%2FdZuuu%2FRM9w09hrmck3wj3aVEHYEabpEnRlZtNlNi0lnGjjSzUnCApzl%2BIVGyGN6pEoje1WKaf9V05dOVyarlJK2wCWhsmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545d9e15995-MXP

GET
H3 200 ae05a1f7b884c2e602e9884015f2725a.svg
puretheweb.com/assets/media/ 511 B
899 B 173ms
171ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/ae05a1f7b884c2e602e9884015f2725a.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69e4c4db2b188f2e7c656e06b09cb8d5b142222b380a6fe97eb4d076e72a2a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89950
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3NAEPOo%2BmQYpbHh2C3Tch3Dy6ZoaPHPuuec3TfWqR5LaflKOnaXPMWeFoRVASCnFJzhuC6VgkWoqHEZIGWnfcGw9FcCSjcl2lAigOw9v0LIcdLYtK%2FfYagEHO0LO0ywA5kLDSwj5z7xgxRY2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545d9e45995-MXP

GET
H3 200 d9617294399ea299ad20b90fc2d60bf4.webp
puretheweb.com/assets/media/ 71 KB
72 KB 155ms
153ms Image
image/webp 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/d9617294399ea299ad20b90fc2d60bf4.webp

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b0c3fae3646d140d4bde5454b4ec5097289fb9a81617c5fd93389cde24a595b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89923
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72872
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/d9617294399ea299ad20b90fc2d60bf4.9e2cd2e7e9.webp
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD9UF7mTC%2Bk2Jr%2F499lc44%2BlzhaOnToCI0oTl4I66VoDOONGQPKWrhyjkvrP1KKYVptmmtte%2Bo8Q5mk2dNoo5J9kXrwVvXpGXlhb1V8fR%2Bm4xW54V%2Ff7DuV02Z12igZOU97I9K5gUIVjMC6xPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545d9e65995-MXP

GET
H3 200 25607b6792f425fdcac3592ea8a47e43.png
puretheweb.com/assets/media/ 55 KB
56 KB 168ms
165ms Image
image/png 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/25607b6792f425fdcac3592ea8a47e43.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57356b4bf5617d546ffd061aab43d9d55cded343f6072c7154516a5e94d0f404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89923
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56375
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/25607b6792f425fdcac3592ea8a47e43.55c80f1a6c.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wzl7ftoQxzhdUeHYvWRZGbpK8OT8Mz7iGq8buBaV82ZPhVpedKxwayJgea6EzM2iK%2BV3e8ahWt95CaTzxp3Q64udAqYHgqmPCQjwXcWtL58QTI8%2FnP4QhNlZLsL8DpOTTyr%2BOZBoxzCa9iEnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545d9e85995-MXP

GET
H3 200 25e0a7aae6db100357b857d5d7e57e1a.png
puretheweb.com/assets/media/ 397 KB
397 KB 210ms
207ms Image
image/png 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/25e0a7aae6db100357b857d5d7e57e1a.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

354cd101a542090727a76a17416d821787893014d2a6661884a04f4ec3c15396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89923
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 406046
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/25e0a7aae6db100357b857d5d7e57e1a.865bd86ef9.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9m40rwQaTTN%2FT1o05ARCpPeEwvRebL%2B8OtGc9nntWTaDbcMFLS8Dg4gs3Dn4gvgwH8jd8RH6oKBOr8ZOWTQKuzD2hthi0V0HgGDiX0MOCsaqCm1xYySu7Rh088ipuiwpaEUGbMG3lIMMaCeeKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545d9ec5995-MXP

GET
H3 200 fdc839d5441d1eb544ad9a061b05e076.svg
puretheweb.com/assets/media/ 518 B
845 B 261ms
257ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/fdc839d5441d1eb544ad9a061b05e076.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f9107a66ccd06bd73a385b1f195d6548c2ad522bb0163e937726a2d5f59f7d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89950
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xHCyDYdDdXtMetsTfTVTbL38hSjPFCjdcEJ8hHsTVzKkSHmsFeVFPrUOI52ccaUgU9lxwJNFBkmNEvan2FBwjdF7ATA9pHIxtIQqJT7I35gKC96V9tVk0IAT7e39XrWyaFXECbOEixtncGrlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545d9f05995-MXP

GET
H3 200 82e846348e620a2231b5acee75978ab5.png
puretheweb.com/assets/media/ 7 KB
8 KB 261ms
258ms Image
image/png 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/82e846348e620a2231b5acee75978ab5.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d5330f022ff488704f472054c5a1fac9d1a4f8c5fda4a3cfb99d6696255ec91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7433
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/82e846348e620a2231b5acee75978ab5.62ac408c70.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InwZ%2B%2BJX58eX4rpz414lRPs3OSkGEXFre%2BqpisxCeknTHzjPKQIHn39icasrEzt1X0YjWrJxfn6F02zZuLYyjMAlp5nFjlv8C3dvXg29ijETdbKbyioal1tNI7PM62UR3OUjhm4RadAGau0yCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545d9f75995-MXP

GET
H3 200 500e245ef0e79604327b53c9bfc2502e.svg
puretheweb.com/assets/media/ 1 KB
1 KB 155ms
152ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/500e245ef0e79604327b53c9bfc2502e.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a02f3f08cd719f52b0aa38d2578a1a295c8924a3625f27cfd7c80a0f25b7171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bru5xCkb2%2B%2Fu3Ln%2FnvT1sIgD1ZfXtp7QCN3u51vmLUFd0K9xdBqqZR1Y0Rs2%2F3RPLmKyna9fD5%2FPlqOeyZhVVx81VwI4Qtt3UiADS3yFdERrjv62oGNrgxt%2FItlWG8bCWygG08t0RzyNo3GDsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545d9fa5995-MXP

GET
H3 200 e99d65e005b8b71d58b41cd336f50e86.png
puretheweb.com/assets/media/ 17 KB
17 KB 89ms
86ms Image
image/png 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/e99d65e005b8b71d58b41cd336f50e86.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e45d767a14ea12377110680721c586aaaf5129670c373db00d7915be8d1c7218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17182
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/e99d65e005b8b71d58b41cd336f50e86.1d5dfa31d2.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QwIitG7wUpk6nzkPLs%2B4Eo09hp6i5GR4pt7T0m%2BqVU8lOaQp8TYBX7GWn40ukk5wfvlt2ObwxQ6NwNVMPNijkwoWG%2FGnIX5FKuoSt83aK%2F3eWhkXlCw%2Bu8ptCtitgFG6kUtSm96jn%2BJ%2BtKtmdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545d9fc5995-MXP

GET
H3 200 6125d63d7feabe14a5f4947829226a77.svg
puretheweb.com/assets/media/ 3 KB
1 KB 261ms
258ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/6125d63d7feabe14a5f4947829226a77.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c71a3581de8d39d9cc6eebc8e2968b32aa037eb7ff24adb014154592c0f36da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlZmmzoDbJMY8lEXVFItKLMHMhdyshHM9c3F%2BaHsuNxuTCuOTApvKJ8CTWl2N8oHombMGKklfMtqBqbhcXxvSP3ade%2FrbCgJNowgVXRz0wiBgpuVX1YP91aE%2FXo6ZMwp8gnxvaA%2BpbxwfGNMVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545da115995-MXP

GET
H3 200 10a013708f5887bf05a3544c4a764fba.svg
puretheweb.com/assets/media/ 1 KB
1 KB 262ms
259ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/10a013708f5887bf05a3544c4a764fba.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0eae20736e95ef17f996d498fdba84d5b2ab844dd220555efa9d03aa0317518d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQVGatwGSA4WDvCmUVnkfK6bhOIcmmYuy5sDJxhrg9xUta66WmnEkbBye95wf0OvGLIp%2FR57tGCjRfNJMqKyW9mI%2Favxrb3jvhZWp9Tu20P8MFmwC4ffLb0%2BU2KeVWaGE6xopXcrzCt5AGpIbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545da135995-MXP

GET
H3 200 d91421ebc48fea26a2c35626488f5bcc.svg
puretheweb.com/assets/media/ 668 B
944 B 262ms
259ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/d91421ebc48fea26a2c35626488f5bcc.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5a587f50df0753ca8a4c0b8876c6eb063e2e123443b347bbce0d51a5c097f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYDKM9uPE5D%2BTbpC2mBvYsYsw%2FCgLx44m4KOaOqsv6EPYZWqjAvphDmIiVI7C6eXGSm7IB9%2BslvgrPMfhsCKBOHtgrBwKWrtzfrIgrWALahXlWGwMw36SmBn9sEsWl9eiISgypzKzL7YIbsznw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545da155995-MXP

GET
H3 200 6353d7877f87453f8da24cc7bc2941c2.png
puretheweb.com/assets/media/ 7 KB
8 KB 263ms
260ms Image
image/png 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/6353d7877f87453f8da24cc7bc2941c2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f18215f7a041000704dfb10d467f28354d70601550f396f7763df1e67ca4363b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15286
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7166
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/6353d7877f87453f8da24cc7bc2941c2.6f57fd4ebf.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZkfhrnf1LQ8xYLvTenBqv1JCyBlN9i4%2B6dnq2Ly36UE3WVzwx9LMWkLOrLZrxiFK0axxGqpqrn5qyrTdg50ztXRJRk4Cyro5ioD%2F5o%2BLApjOvRS1tp6P0UCFMdyV5pT0L6z9jha8nMzVOLA5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545da165995-MXP

GET
H3 200 c0da2092386ddd96c966a988ce55fbf2.jpeg
puretheweb.com/assets/media/ 7 KB
7 KB 263ms
260ms Image
image/jpeg 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/c0da2092386ddd96c966a988ce55fbf2.jpeg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05fd9d538a6a0e44591414e5f4f5701a23bf34381c4839fb2713be206cb14002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15285
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6663
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/c0da2092386ddd96c966a988ce55fbf2.f472cd507e.jpeg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrjoylUvvIjoau%2BT1iREQ9bF6Wgz7mG0FEko5vZxllzgnygCu2PJpX9BTlzIcG5TozLTsf9KDreX2%2B9NqCTnN%2BBuSZU5oA8JwN6gxG%2F4iMIL6XH0tgQuQocl0xeH8slUS%2BTaV2KP9oHpyC%2BwVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545da1b5995-MXP

GET
H3 200 83089896a814861c43223129569df03b.png
puretheweb.com/assets/media/ 5 KB
5 KB 263ms
260ms Image
image/png 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/83089896a814861c43223129569df03b.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

431cd53b9756615cd1f0a8d793b4e94b4add85e513b8de480174144949ddab7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15285
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4996
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/83089896a814861c43223129569df03b.f5e8376908.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9nLuB5ajDTgYPXkKEgCuWF8PL85mbnobnMRyoeTAKMXgzNdi1S5x5%2FNuecJsXxbR5eAN5yYeJXC6%2BTLcthYJ7wbIRpPqTxDtTr01xSxPgXwQQ%2BU4CYR%2F%2Fd17cxh8Srbj2oC%2FO71mlnzfQj%2BuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545da1f5995-MXP

GET
H3 200 fa8d3f2762a60930c14d5da065efe085.png
puretheweb.com/assets/media/ 6 KB
7 KB 263ms
261ms Image
image/png 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/fa8d3f2762a60930c14d5da065efe085.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

744857fd0394382f04e971db21dc15c55eff04e46a7c559bf1b769ac9828802a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15288
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6608
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/fa8d3f2762a60930c14d5da065efe085.57c9700485.png
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FozvFVR3uZHYwOX4KPXw7LHhcY%2FtTiqJWqV9I%2BVZXSzYU80ldWuxjeJ42cjeUv4kVFhYDC1tctZLo1cr5YGQ40H3dQme4Slvz4%2BXwAUO%2FxMoVQDYlKQLRVxcHF1sX8pzQJO3QriMFnlAOjY5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545da235995-MXP

GET
H3 200 c99cb0c554b288c83e57c872668feec3.jpg
puretheweb.com/assets/media/ 16 KB
17 KB 264ms
261ms Image
image/jpeg 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/c99cb0c554b288c83e57c872668feec3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

368634baac7ea8b5b7efe112474d1fa8a670b008cdd438ea3f575a32a4d03be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15288
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16490
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/c99cb0c554b288c83e57c872668feec3.d896f642d2.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yO83k529TGhMI%2Fx2ydsG2p7ISsU%2BOX18pfrt1YCeb087VV9505UPr3kW17ROIbF14HCwFEOv0uX2NkYjgRBBE5zvVua4ZNra5od84qdNSV9Q0PLCDqoRqWyf4wcqMBMqZT1kFeuKzmiI5fy0GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545da275995-MXP

GET
H3 200 0b6b138b709ab294136d0c590c91f80c.jpg
puretheweb.com/assets/media/ 13 KB
13 KB 264ms
262ms Image
image/jpeg 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/0b6b138b709ab294136d0c590c91f80c.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a17c55a9064777fe8a55e0a517d92fd7c710ace39bf11f24e4a68475949414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15288
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13011
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/0b6b138b709ab294136d0c590c91f80c.8b1473f669.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGIfv7xtodpyoeZJOEbowD5hnsB3zr6v7bSTGGy0GIK9PIBAv31Ayp7cRr1KilZXFJB%2Fapjrl2BqocbTs4D1Q8Cothy6RoE2e8P4bP%2FhD2u8223AYWW4So3LQHP0VYlG3XDm3nFiel%2Fhdpt61w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545da2b5995-MXP

GET
H3 200 54c161f779f40a6f46674e73f230d550.jpg
puretheweb.com/assets/media/ 14 KB
15 KB 265ms
263ms Image
image/jpeg 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/54c161f779f40a6f46674e73f230d550.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff237ef3d6f3235925a857cd8d4d67c01e97840f289079196ed1197851e06619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82397
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14824
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/54c161f779f40a6f46674e73f230d550.c23c88b1ec.jpg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtry87KK%2BpFiqXmNCPcmUsKxAAla7rYS%2FJL9OI5w1ASabj%2Bgx7tBUFj9VpSMfYlNd2MnuhCyoNRFwXvanZMr73I17vn91gePfMz4FIqbboVSZSPq4bSHsM91IMNdbepD1pId1NFnILCqNSYBgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c754545da335995-MXP

GET
H3 200 ebaa03540dacb64d446b43ba2584f208.svg
puretheweb.com/assets/media/ 1 KB
1 KB 265ms
263ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/ebaa03540dacb64d446b43ba2584f208.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5658e44d15fc3e775e5d3246b85b8dce61204176168fe6bbd88bea6b51adfcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjnuC2qe6KUS%2BO4kAt%2F83%2BbT95ANjXPXvPf40swK9cAnvvseYz3wBTX4QYzS2JMIixW1nRMTG%2B32rf2BhG6iZDLvfz%2FRqsRyLj%2BEmv9wtHg5LaSrrXi8yJnOwUMnUS%2FCj6sR%2FEqFvOpLM2uEnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545da395995-MXP

GET
H3 200 43ef47bf833aeb264ec0f19ee2758068.svg
puretheweb.com/assets/media/ 614 B
784 B 266ms
263ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/43ef47bf833aeb264ec0f19ee2758068.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95a68f16ac9f0f4007274fc9f4f628cda39cadd04d2413f456e76feaf5785d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15285
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiD4AolJC5NYLD5DdcKLmS4bKw%2FSaq19Demz41FAs6hGhQqHlWmuJTS81gGdbH%2FDbPc1O1Lu9uMxiF9lRCT2qmwx6ksNxejGyiCCkOY4aReIJ7MbW1F8aJbqXRg2uonor5399jbUf4lK5tvc3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545da3b5995-MXP

GET
H3 200 0099edf3e1770c5f999e245bac6ed23c.svg
puretheweb.com/assets/media/ 2 KB
1 KB 266ms
264ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/0099edf3e1770c5f999e245bac6ed23c.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29e0892e90fdf83723f34f1585d34913d4ff2875b2de0e25eddc24663c2dd154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15294
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suT3FeFo1ZRTRYgUXLCKTCPIU9H%2BHKpDXkwXyaTkKIEGLUGES5CMCjwbQiKvhtZwNgjdxbrjV2gS8b%2Bi0A9najaSt2JFh7%2FR1UZ3DddFLUmIyeoV5ThM5Mmgu2%2B2M%2Bt0DW14JM4BM5t3X3KkOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545da405995-MXP

GET
H3 200 db473225bc9cc86248b2bc88661b1923.svg
puretheweb.com/assets/media/ 179 B
725 B 266ms
264ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/db473225bc9cc86248b2bc88661b1923.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d2c86a8f93305d0865bfa31676a8446ae3571f0eec8dcc6cfdad1e947da5d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15294
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOltRa6EbPKo4%2B8J6B0DytZ0NFGND6AMD8gIrfDTiMYVZcDQNGX9RjCvrpSCijanljht1N5AzIwWaQejuwl5mjsA4iUugZKAWogeCcnjbeEzqqLr8gtPFKQFef8KVNvZY09EhEC0PkGXIQ%2F%2FLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545da435995-MXP

GET
H3 200 15a6487915cd59165bd6ba4c9fd6085d.svg
puretheweb.com/assets/media/ 399 B
846 B 266ms
264ms Image
image/svg+xml 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://puretheweb.com/assets/media/15a6487915cd59165bd6ba4c9fd6085d.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3790d6e556194fd7d17b273234befd2de44daa4c57d5055bdd0de714c57152a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80851
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1RrmoK3KEyTiKY9KgMxpN0Kh7eH%2Bg3tjpZoGXgb1AGabjw6D8ZATrh56v2%2BmQTyFsxy45qph6BvqU7riGUhQ5jd4ckACpIEyUnKNQ2qwgosgjdObyfKZwhAT6GVv0g%2FQEkgTw8epbnfR0xaKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545da4e5995-MXP

GET
H3 200 runtime.44bb792e948f9b533820.js Show response
puretheweb.com/assets/js/ 15 KB
7 KB 189ms
189ms Script
application/javascript 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://puretheweb.com/assets/js/runtime.44bb792e948f9b533820.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49584d911ba20e96a7b18d2a54d2e5e6ecb09572d0556da3aa9e342d3b51a60c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 108538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CwMRxCykZrnQNBN5ek8KMMnfhIqye8rFmx4KmsyO8HIy8bA7TAhPIIeFYXkBvb3KRwaz9s7XQkKvq7CUi5M8BokSPBNpXzGx3Yns7aOz0ZCeWQaX93sVsdiSbxDL%2FAM%2BLJAWT6fIx4GjqyIdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545c9b55995-MXP

GET
H3 200 vendors.23d2c8ad3e1d75b80a8d.js Show response
puretheweb.com/assets/js/ 94 KB
34 KB 189ms
189ms Script
application/javascript 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://puretheweb.com/assets/js/vendors.23d2c8ad3e1d75b80a8d.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd9f400be10e9bceb408efbb25aaa158d42b8f9f908780973a9f15a42bc706ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15287
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4hIV2G%2B5rFf4chICeSICYbR9uyb%2FnKoMxTjNTnS0Qzg1xDPnk5VfEJjSBAZFd4AtfFwjyE0eF1gmqnQunCsqSILdPHsl630MujxuJJWKNoTTKt2w3GcptShgsLlcmQT6atwPQ0ghXAt1olCYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545d9d65995-MXP

GET
H3 200 promo12.6805ec6032d44a8b1ea0.js Show response
puretheweb.com/assets/js/ 26 KB
9 KB 208ms
207ms Script
application/javascript 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://puretheweb.com/assets/js/promo12.6805ec6032d44a8b1ea0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8082131055b52e9d08983ab35443252b4b83240a8a80d9ec2cfd4190539aedc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 108494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PE381IweNgyPGcYeHU%2BwadXOQuxRumky0oCsw8HTlVIG8nhLdq0lKzUYjPqeo%2BdRIlbZuSl6KsaFa4GqDqkbYQdl4jq9bUmPx3gq%2FTkmXtYI1TN2XWK2qy0YZt%2B6O9rpJDPz2m3JkgsdMXLREQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c754545d9da5995-MXP

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
549 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: puretheweb.com
URL: https://puretheweb.com/assets/css/promo12v2.087e51dece74e8060659.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Jan 2022 14:44:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 02 Jan 2022 16:12:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jan 2022 16:12:43 GMT

GET
H3 200 css2
fonts.googleapis.com/ 8 KB
708 B 31ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,200;0,300;0,500;0,700;1,500&display=swap

Requested by

Host: puretheweb.com
URL: https://puretheweb.com/assets/css/promo12v2.087e51dece74e8060659.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f9f8f7db5599ab072b9a7b3c58a4122fb0c2caf1daafc2c7fa27708795d3963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Jan 2022 15:23:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 02 Jan 2022 16:12:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jan 2022 16:12:43 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
660 B 39ms
25ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600&display=swap

Requested by

Host: puretheweb.com
URL: https://puretheweb.com/assets/css/promo12v2.087e51dece74e8060659.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e901c63ec65ee4c909cea5db9a9bdbb17f8126c5c4d15b59f5c10792523ff4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Jan 2022 14:36:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 02 Jan 2022 16:12:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jan 2022 16:12:43 GMT

GET
H3 200 affe82bb5c11a120b8a04a2553a05771.mp3
puretheweb.com/assets/media/ 43 KB
44 KB 72ms
71ms Media
audio/mpeg 2606:4700:3032::ac43:ae41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://puretheweb.com/assets/media/affe82bb5c11a120b8a04a2553a05771.mp3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:ae41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

240a7f0177db167745ad6693a4d677dfcf4d7d02e75b2ee98dba48c02e6c24da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://puretheweb.com/?scenario=promo12v2&trackingdomain=bional-dested.icu&source_id=b53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b&cep=x6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8&lptoken=165b41fa1466171463d6&campaign=274673220&ban=23353818&ssp=Adcash&zone=2848467&advertiser=153126&country=DE&org=M247+Ltd&platform=Windows&ip=185.232.23.180&device_make=Unknown&redirection_cost=0.002&clickid=16411399633118995380232529390228061
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 02 Jan 2022 16:12:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89950
content-range: bytes 0-44022/44023
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44023
x-xss-protection: 1; mode=block
server: cloudflare
etag: assets/media/affe82bb5c11a120b8a04a2553a05771.b1a452fd6f.mp3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJvCFyuGCYnCwUAr4bxD3werVHr4bnzH6iBDXuQiWvMQ9lMdT5LiAWJmsCmBlXLDq4bLwxBGrv%2Brn2pI0ehVHpugfhCsYM4TXXtA2cMx%2Fcj7ZZav26CZzkaLBQjzfU1%2Bw1X%2FovJMgIYFnc7cHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
vary: Accept-Encoding
cache-control: max-age=2592000
cf-ray: 6c7545471e0b5995-MXP

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
39 KB 38ms
15ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NRZN2LN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

986d22f09d55af58a66f29e5c173c9dcf91ba088952bf96ad3cb9d6ba4fee70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39907
x-xss-protection: 0
last-modified: Sun, 02 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Jan 2022 16:12:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRZN2LN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2270
date: Sun, 02 Jan 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 02 Jan 2022 17:34:54 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 194 KB
66 KB 168ms
77ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: youwantmylife.info
URL: http://youwantmylife.info/landing/default/redirect

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:44 GMT
content-encoding: br
last-modified: Tue, 28 Dec 2021 12:05:22 GMT
etag: "61cad352-10765"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67429
expires: Sun, 02 Jan 2022 17:12:44 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
15ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1417741470&t=pageview&_s=1&dl=https%3A%2F%2Fpuretheweb.com%2F%3Fscenario%3Dpromo12v2%26trackingdomain%3Dbional-dested.icu%26source_id%3Db53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b%26cep%3Dx6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8%26lptoken%3D165b41fa1466171463d6%26campaign%3D274673220%26ban%3D23353818%26ssp%3DAdcash%26zone%3D2848467%26advertiser%3D153126%26country%3DDE%26org%3DM247%2BLtd%26platform%3DWindows%26ip%3D185.232.23.180%26device_make%3DUnknown%26redirection_cost%3D0.002%26clickid%3D16411399633118995380232529390228061&ul=en-us&de=UTF-8&dt=Pureweb&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1775551824&gjid=968625929&cid=250030362.1641139964&tid=UA-171739637-1&_gid=354137733.1641139964&_r=1&gtm=2wgc10NRZN2LN&z=152835613

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://puretheweb.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 16:12:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://puretheweb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9506.FpZOutV1ToLDrRep8rMWCcmw0MrMOOrZB0o5EaNTKDH5cASYbxEgsmKuu_efU7FS.hC26kKW2Nt-2m8nucACnKIWEBbI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9506.uAjMhPJ7Yz9rT7gO_z44R6B49aR4JB8JKp7aoXvXycOb8ojOyjHfeA8BFbNhnP5MTDijOSm23yO9Nt71gbSbog%2C%2C.d0tkhJukuql6fJxU3FQn8CmA7L0%2C

75 B
75 B

43ms
43ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9506.uAjMhPJ7Yz9rT7gO_z44R6B49aR4JB8JKp7aoXvXycOb8ojOyjHfeA8BFbNhnP5MTDijOSm23yO9Nt71gbSbog%2C%2C.d0tkhJukuql6fJxU3FQn8CmA7L0%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:44 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9506.uAjMhPJ7Yz9rT7gO_z44R6B49aR4JB8JKp7aoXvXycOb8ojOyjHfeA8BFbNhnP5MTDijOSm23yO9Nt71gbSbog%2C%2C.d0tkhJukuql6fJxU3FQn8CmA7L0%2C
date: Sun, 02 Jan 2022 16:12:44 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 45ms
42ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 16:12:44 GMT
last-modified: Thu, 23 Dec 2021 16:10:01 GMT
etag: "61c47529-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 02 Jan 2022 17:12:44 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/66586093/
Redirect Chain

https://mc.yandex.com/watch/66586093?wmode=7&page-url=https%3A%2F%2Fpuretheweb.com%2F%3Fscenario%3Dpromo12v2%26trackingdomain%3Dbional-dested.icu%26source_id%3Db53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b%...
https://mc.yandex.com/watch/66586093/1?wmode=7&page-url=https%3A%2F%2Fpuretheweb.com%2F%3Fscenario%3Dpromo12v2%26trackingdomain%3Dbional-dested.icu%26source_id%3Db53ad876-7f14-4c9d-8fa1-56bfa2e0aa3...

331 B
464 B

43ms
43ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/66586093/1?wmode=7&page-url=https%3A%2F%2Fpuretheweb.com%2F%3Fscenario%3Dpromo12v2%26trackingdomain%3Dbional-dested.icu%26source_id%3Db53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b%26cep%3Dx6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8%26lptoken%3D165b41fa1466171463d6%26campaign%3D274673220%26ban%3D23353818%26ssp%3DAdcash%26zone%3D2848467%26advertiser%3D153126%26country%3DDE%26org%3DM247%2BLtd%26platform%3DWindows%26ip%3D185.232.23.180%26device_make%3DUnknown%26redirection_cost%3D0.002%26clickid%3D16411399633118995380232529390228061&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A941%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A117313770400%3Ahid%3A699156493%3Az%3A0%3Ai%3A20220102161244%3Aet%3A1641139964%3Ac%3A1%3Arn%3A314295167%3Arqn%3A1%3Au%3A1641139964140217319%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641139963082%3Ads%3A12%2C57%2C209%2C1%2C383%2C0%2C%2C288%2C0%2C1013%2C1013%2C0%2C952%3Adsn%3A11%2C57%2C209%2C1%2C383%2C0%2C%2C290%2C0%2C1013%2C1013%2C0%2C952%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641139964%3At%3APureweb&t=gdpr%2814%29aw%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

083ea228be50ae7b486dd6ef0299eabe5b62f9a4fef8f8fbf14d43737f704420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://puretheweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 16:12:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 02-Jan-2022 16:12:44 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://puretheweb.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Sun, 02-Jan-2022 16:12:44 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Jan 2022 16:12:44 GMT
last-modified: Sun, 02-Jan-2022 16:12:44 GMT
location: /watch/66586093/1?wmode=7&page-url=https%3A%2F%2Fpuretheweb.com%2F%3Fscenario%3Dpromo12v2%26trackingdomain%3Dbional-dested.icu%26source_id%3Db53ad876-7f14-4c9d-8fa1-56bfa2e0aa3b%26cep%3Dx6paOBTL_5RgRa_OJCzKcY2pWXqxsa4gWDrct317kwo8CyJcGeV5yXsXBg7GI4T0URjj3xyTonvZEYAyXo78kO1CEvrwtZ2HKvlFC0S6t_iFPRhJE7M2APWIpmITumMQpRooT0w_cdIYHAYaUWVifHTDYg1G2ItlYVjzAZhGMby-D81unoOwdk0FqWVHLlTTBP6U3wsUfUWDgExTfYTXacjy5OS08WT_HP2VRr9HAWKLaXiatXWZqyqcF71CN-en4zwP5clL2U0zH3kx2uK_1EXqloEjOxWua9U-84F34yoSuX1LFkpzlMkXIJO9ZEtDiGIAQ4BSX5L7fxY08Fj4Mw-9kHRO-gB48tT_48jaW3QzfqPuSomZI-VFAzqR8_BGuxxD-NrC0cKqHdfEkYElYi2ldwgO8saHvThhzRGSpdnxjiLlE29B8S30p493sM8-2mcfBaqFru_q8w45OXq9nxvDjIQHFSFPoNvWM5k02HMwVC5F1fqnRDN9NY3p0-Vn9VviG1zRRzDqqpVmo_eDHPOZwXB64KiU4Odzg6wE8U1IWNQjJe_2z50woLMW6bcIa_s183XHNvZCJ3Hlj4qritjQ0Tr90Mk_6SXE7PTG2R8%26lptoken%3D165b41fa1466171463d6%26campaign%3D274673220%26ban%3D23353818%26ssp%3DAdcash%26zone%3D2848467%26advertiser%3D153126%26country%3DDE%26org%3DM247%2BLtd%26platform%3DWindows%26ip%3D185.232.23.180%26device_make%3DUnknown%26redirection_cost%3D0.002%26clickid%3D16411399633118995380232529390228061&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjkqfph1z85b6in%3Afp%3A941%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A722%3Acn%3A1%3Adp%3A0%3Als%3A117313770400%3Ahid%3A699156493%3Az%3A0%3Ai%3A20220102161244%3Aet%3A1641139964%3Ac%3A1%3Arn%3A314295167%3Arqn%3A1%3Au%3A1641139964140217319%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641139963082%3Ads%3A12%2C57%2C209%2C1%2C383%2C0%2C%2C288%2C0%2C1013%2C1013%2C0%2C952%3Adsn%3A11%2C57%2C209%2C1%2C383%2C0%2C%2C290%2C0%2C1013%2C1013%2C0%2C952%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1641139964%3At%3APureweb&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://puretheweb.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 02-Jan-2022 16:12:44 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
youwantmylife.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: ho98mkm2tmas7n6u2v7hlpg3e4
youwantmylife.info/	1969-12-31 23:59:59	Name: _csrf Value: f640d4d91faefdcb2b7f3844877122dea%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22px_kv1-ENiN49hMMysACQw8WFaWWy9GU%22%3B%7D
youwantmylife.info/	1970-01-19 23:53:46	Name: tb_uniq_trafficback Value: f124b338f4059374633d5f072714389fa%3A2%3A%7Bi%3A0%3Bs%3A19%3A%22tb_uniq_trafficback%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D
onetouch7.info/	1970-01-19 23:53:46	Name: pop-u-uni-df56bb Value: 0ad5e7cad272b561cfc5b3add58f0be8a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22pop-u-uni-df56bb%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D
wait5sec.com/	1970-01-20 00:36:58	Name: _subid Value: 27h20h27r4tbn
wait5sec.com/	1970-01-20 00:36:58	Name: _token Value: uuid_27h20h27r4tbn_27h20h27r4tbn61d1cefad95bd9.60262666
wait5sec.com/	1970-02-07 23:46:06	Name: bc730 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3NDJcIjoxNjQxMTM5OTYyLFwiMTg1MFwiOjE2NDExMzk5NjJ9LFwiY2FtcGFpZ25zXCI6e1wiNTExXCI6MTY0MTEzOTk2Mn0sXCJ0aW1lXCI6MTY0MTEzOTk2Mn0ifQ.HGIM1WucTVq5l86QFvfOcGd9emlizVSqWwfUgDfFGSw
.bional-dested.icu/	1970-01-19 23:53:46	Name: edbcadda-3993-40c8-bf4c-0e4f4433202c-v4 Value: SG-t4K_wpq2e3A_UQTvQ81wnXgFGTIjxbDZQMWfBrp8
.bional-dested.icu/	1970-01-19 23:53:46	Name: cep-v4 Value: ctDRVb2qvmcXjWp58zDdCSw7KioL76oW0Lzex3Py9fF3TJ2idYeidqHAjU0Hax6FCLnJzD_u2fad2RPiIz_4ZhrRUm1e_mx7QSqD99MNdelWlYPUl6CwFGHPWkF0OiTrjr--ifTM1nhScxD5Xf4BX5xBcNFscmZEn4G9vYSByeu-2g6Gubnn4KwxVqNJ-GkVNnO4SpZQYwOw6btojDG-Rq2UuYFn_1ybYITkWgq9UkUdX9buyOfCZRjX-YPIP4oa7e7DySLCtx0OP7apLdf5juTc28XicZvAbhGn_E_IPgqREGxU27BTaADME2uKtUTNZ_NOb1ln7I54KPdhKoJ02aR8uSnoy2jCz339czaNC2NUA-fhL3Xy2CL6n4-iSZ0AjhhSLEL0q0B7jf_jPWiLIAW0tN5nBkjGPqVtPo9HKHH2t5ohA8ELhoyWgbBQbLAwFS2WH1XNysVp60O72jEfLwCRMNhzXAlPqFNdo8BTJb08QsfhdXTdK7ud3PIPih3v3MDFBm0rQyhX63UbKlv3Pq_aTOHsbJ0avvjKiOKqQ5gmDEd05YP04omi91u_dJwVZWGDmbWBWd7zedYSbc2feMLt094QsW4nn_G1X83ZBGQ
.puretheweb.com/	1970-02-25 20:37:55	Name: subId Value: 015
.puretheweb.com/	1970-01-19 23:52:55	Name: scenario Value: promo12v2
.puretheweb.com/	1970-01-19 23:52:55	Name: secondStepVersion Value: v1
.puretheweb.com/	1970-01-19 23:52:55	Name: trackingdomain Value: bional-dested.icu
.puretheweb.com/	1970-02-25 20:37:55	Name: vtsm Value: 1641139964
.puretheweb.com/	1970-01-20 17:23:31	Name: _ga Value: GA1.2.250030362.1641139964
.puretheweb.com/	1970-01-19 23:53:46	Name: _gid Value: GA1.2.354137733.1641139964
.puretheweb.com/	1970-01-19 23:52:20	Name: _gat_UA-171739637-1 Value: 1
.puretheweb.com/	1970-01-20 08:37:55	Name: _ym_uid Value: 1641139964140217319
.puretheweb.com/	1970-01-20 08:37:55	Name: _ym_d Value: 1641139964
.mc.yandex.com/	1970-01-19 23:52:20	Name: sync_cookie_csrf Value: 676065025fake
.puretheweb.com/	1970-01-19 23:53:31	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 23:52:20	Name: sync_cookie_csrf Value: 2351001700fake
.yandex.com/	1970-01-20 08:37:55	Name: yandexuid Value: 7380909241641139964
.yandex.com/	1970-01-20 08:37:55	Name: yuidss Value: 7380909241641139964
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 266917691641139964
.yandex.com/	1970-01-23 15:28:19	Name: i Value: uRMTK7PXdCg0fU5zBdG75S1JZYgDhl+1L874YfPjTdr+yDGe9izVhOFLTLSpELACJTpLIBqSq5frUbdPfPO2b42tHjo=
.yandex.com/	1970-01-20 08:37:55	Name: ymex Value: 1672675964.yrts.1641139964#1672675964.yrtsi.1641139964
.puretheweb.com/	1970-01-19 23:52:21	Name: _ym_visorc Value: w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9506.uAjMhPJ7Yz9rT7gO_z44R6B49aR4JB8JKp7aoXvXycOb8ojOyjHfeA8BFbNhnP5MTDijOSm23yO9Nt71gbSbog%2C%2C.d0tkhJukuql6fJxU3FQn8CmA7L0%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bional-dested.icu
fonts.googleapis.com
mc.yandex.com
mc.yandex.ru
onetouch7.info
puretheweb.com
wait5sec.com
www.adspredictiv.com
www.google-analytics.com
www.googletagmanager.com
youwantmylife.info
18.184.38.55
2606:4700:3032::ac43:ae41
2606:4700:3032::ac43:dac0
2606:4700:3034::ac43:a9b0
2606:4700:3037::6815:3bf6
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:827::200a
2a02:6b8::1:119
35.190.38.40
05fd9d538a6a0e44591414e5f4f5701a23bf34381c4839fb2713be206cb14002
083ea228be50ae7b486dd6ef0299eabe5b62f9a4fef8f8fbf14d43737f704420
0b0c3fae3646d140d4bde5454b4ec5097289fb9a81617c5fd93389cde24a595b
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
0eae20736e95ef17f996d498fdba84d5b2ab844dd220555efa9d03aa0317518d
0f9107a66ccd06bd73a385b1f195d6548c2ad522bb0163e937726a2d5f59f7d7
117cfa8d8a4815256530eadeb88e5bd48ff7793c969c3431e40756eaa59eb3d7
1a050b38cc981d5b27c163ab711c46ea167ce3af8a534199556019385165f288
1fc264d9c67154d6af02f2162bde9a8d15e8ed19b0d36173fdf4428bf37d35d4
240a7f0177db167745ad6693a4d677dfcf4d7d02e75b2ee98dba48c02e6c24da
29e0892e90fdf83723f34f1585d34913d4ff2875b2de0e25eddc24663c2dd154
300ca825f7067862d9a823dc224b58e31fbd6c077cd992ee7b8e2f34c41ea967
3341403ece2c48c8b6a74f9fb4be6927e0aa849ee14fd247be9246b163055529
354cd101a542090727a76a17416d821787893014d2a6661884a04f4ec3c15396
368634baac7ea8b5b7efe112474d1fa8a670b008cdd438ea3f575a32a4d03be2
3790d6e556194fd7d17b273234befd2de44daa4c57d5055bdd0de714c57152a1
3e901c63ec65ee4c909cea5db9a9bdbb17f8126c5c4d15b59f5c10792523ff4b
3f9f8f7db5599ab072b9a7b3c58a4122fb0c2caf1daafc2c7fa27708795d3963
431cd53b9756615cd1f0a8d793b4e94b4add85e513b8de480174144949ddab7b
47b8e33e29528d52649a476908377defe05da7bdfb68a708eea2e18aac42ab1e
49584d911ba20e96a7b18d2a54d2e5e6ecb09572d0556da3aa9e342d3b51a60c
4d5330f022ff488704f472054c5a1fac9d1a4f8c5fda4a3cfb99d6696255ec91
518e53356a08ff0eb8d841c44809993904da611879b3fed1a4a5bf2216e2f033
53a17c55a9064777fe8a55e0a517d92fd7c710ace39bf11f24e4a68475949414
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57356b4bf5617d546ffd061aab43d9d55cded343f6072c7154516a5e94d0f404
5d2c86a8f93305d0865bfa31676a8446ae3571f0eec8dcc6cfdad1e947da5d0b
6a02f3f08cd719f52b0aa38d2578a1a295c8924a3625f27cfd7c80a0f25b7171
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
744857fd0394382f04e971db21dc15c55eff04e46a7c559bf1b769ac9828802a
7dd8628b76c6beda76cf46db9ac1e54437ac90edc487c7f8e08b0c1f716656ac
8082131055b52e9d08983ab35443252b4b83240a8a80d9ec2cfd4190539aedc1
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
9266619ef667b8d46198b631446517186c303625d43c4b6f68f6587948d7274f
95a68f16ac9f0f4007274fc9f4f628cda39cadd04d2413f456e76feaf5785d0c
986d22f09d55af58a66f29e5c173c9dcf91ba088952bf96ad3cb9d6ba4fee70a
989f9018f08e6b812cfce8110b6b803c493d89474a7f9ed90c249c0cc11e4fbc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b27acfb62810f889d9d62dc348f8841baa717597197a708813fbf25daf6f501a
b373236db2da5719888bf03747b56eb9830d0e560849edd15a1f6d4d3a9eb620
c69e4c4db2b188f2e7c656e06b09cb8d5b142222b380a6fe97eb4d076e72a2a7
c71a3581de8d39d9cc6eebc8e2968b32aa037eb7ff24adb014154592c0f36da9
c9ad5d71df530ae290d393d8b1a0fc31c7f8a30045aa91a7283b6e58e4ac9da5
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
cd9f400be10e9bceb408efbb25aaa158d42b8f9f908780973a9f15a42bc706ae
e45d767a14ea12377110680721c586aaaf5129670c373db00d7915be8d1c7218
e5a587f50df0753ca8a4c0b8876c6eb063e2e123443b347bbce0d51a5c097f15
f18215f7a041000704dfb10d467f28354d70601550f396f7763df1e67ca4363b
f5658e44d15fc3e775e5d3246b85b8dce61204176168fe6bbd88bea6b51adfcc
f638846fc66949d0d06b3dbe7b3feebd1796032b4668bfece32e1259e6016035
ff237ef3d6f3235925a857cd8d4d67c01e97840f289079196ed1197851e06619

puretheweb.com Open in urlscan Pro 2606:4700:3032::ac43:ae41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

77 %HTTPS

80 %IPv6

11 Domains

11 Subdomains

7 IPs

3 Countries

1012 kBTransfer

1682 kBSize

28 Cookies

0 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

puretheweb.com Open in urlscan Pro
2606:4700:3032::ac43:ae41 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

77 %
HTTPS

80 %
IPv6

11
Domains

11
Subdomains

7
IPs

3
Countries

1012 kB
Transfer

1682 kB
Size

28
Cookies

53 HTTP transactions
0 data transactions