germancovers.top Open in urlscan Pro
185.104.248.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://germancovers.top/
Effective URL:
https://germancovers.top/
Submission: On April 15 via manual (April 15th 2021, 5:19:40 pm UTC) from US

Summary HTTP 53 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 53 HTTP transactions. The main IP is 185.104.248.69, located in Russian Federation and belongs to SUPERSERVERSDATACENTER, CZ. The main domain is germancovers.top.
TLS certificate: Issued by R3 on April 14th 2021. Valid for: 3 months.

This is the only time germancovers.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	185.104.248.69 185.104.248.69	50113 (SUPERSERV...) (SUPERSERVERSDATACENTER)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
53	12

25 185.104.248.69 (Russian Federation) 1 redirects

ASN50113 (SUPERSERVERSDATACENTER, CZ)
PTR: 6dle.ru

germancovers.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	germancovers.top 1 redirects germancovers.top	3 MB
15	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	273 KB
6	doubleclick.net googleads.g.doubleclick.net	26 KB
2	googletagservices.com www.googletagservices.com	64 KB
2	google.com 1 redirects adservice.google.com www.google.com	677 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	644 B
1	gstatic.com fonts.gstatic.com	24 KB
1	googleapis.com fonts.googleapis.com	668 B
53	10

	Domain	Requested by
25	germancovers.top	1 redirects germancovers.top
8	pagead2.googlesyndication.com	germancovers.top pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects germancovers.top
1	www.google.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	germancovers.top
53	12

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
germancovers.top R3	`2021-04-14` - `2021-07-13`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
counter.yadro.ru R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://germancovers.top/
Frame ID: 88466BEA56D7C040830278AB78A1941C
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210413/r20190131/zrt_lookup.html
Frame ID: 3F564B7353617E12939E8852DA714575
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9935616418726228&output=html&h=600&slotname=3117146335&adk=3837810055&adf=2874751415&pi=t.ma~as.3117146335&w=300&fwrn=4&fwrnh=100&lmt=1618507161&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgermancovers.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161389&bpp=24&bdt=645&idt=213&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=983777513517&frm=20&pv=2&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oqhJCSaLaU&p=https%3A//germancovers.top&dtd=255
Frame ID: 69191B5A610C5C24D426FDC21A2829A5
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9935616418726228&output=html&adk=3046330955&adf=2044148826&lmt=1618507161&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgermancovers.top%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161414&bpp=5&bdt=670&idt=312&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=983777513517&frm=20&pv=1&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=330
Frame ID: AF93E1BBC049B18A3510B2B4CEFFBC37
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B077DF677310D2B68FDF446C1B61A863
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js
Frame ID: FEF123FA63669FA4671FF8C72A44CD4D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2AB51901910232F46A98097A94FAC406
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://germancovers.top/ HTTP 301
https://germancovers.top/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

53
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

3224 kB
Transfer

3965 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://germancovers.top/ HTTP 301
https://germancovers.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://counter.yadro.ru/hit?t44.13;r;s1600*1200*24;uhttps%3A//germancovers.top/;0.1524467106492975 HTTP 302
https://counter.yadro.ru/hit?q;t44.13;r;s1600*1200*24;uhttps%3A//germancovers.top/;0.1524467106492975

Request Chain 46

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

53 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
germancovers.top/
Redirect Chain

http://germancovers.top/
https://germancovers.top/

23 KB
6 KB

801ms
543ms

Document
text/html

185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx / PHP/5.4.16
Resource Hash: d208459a97364a7203696b983a1d47330df966bb4d7ff226ccae3b8e291bfa63

Request headers

Host: germancovers.top
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Thu, 15 Apr 2021 17:19:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Link: <https://germancovers.top/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 15 Apr 2021 17:19:21 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://germancovers.top/

GET
H/1.1 200
OK style.min.css
germancovers.top/wp-includes/css/dist/block-library/ 25 KB
5 KB 89ms
87ms Stylesheet
text/css 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-includes/css/dist/block-library/style.min.css?ver=5.1.4
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Feb 2020 14:04:48 GMT
Server: nginx
ETag: W/"5e440600-629a"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H/1.1 200
OK client.css
germancovers.top/wp-content/plugins/jquery-pin-it-button-for-images/css/ 2 KB
957 B 175ms
85ms Stylesheet
text/css 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Dec 2020 20:55:24 GMT
Server: nginx
ETag: W/"5fe3aebc-7a7"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H/1.1 200
OK style.css
germancovers.top/wp-content/themes/jarida/ 141 KB
28 KB 321ms
151ms Stylesheet
text/css 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-content/themes/jarida/style.css?ver=5.1.4
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 1930381e0b0e062557899fef4f50a0ef03b0ab5a314fd27cb5018eefb6c9d4e3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Dec 2015 17:24:15 GMT
Server: nginx
ETag: W/"56801ebf-2347b"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H2 200 css
fonts.googleapis.com/ 3 KB
668 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3Aregular%2C700&ver=5.1.4

Requested by

Host: germancovers.top
URL: https://germancovers.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5015066c4239b0883843cf8eeee85efb0956b6a631f01f6e8879c8f103e5fc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 16:54:11 GMT
server: ESF
date: Thu, 15 Apr 2021 17:19:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Apr 2021 17:19:20 GMT

GET
H/1.1 200
OK jquery.js Show response
germancovers.top/wp-includes/js/jquery/ 95 KB
34 KB 325ms
155ms Script
application/javascript 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Feb 2020 14:04:50 GMT
Server: nginx
ETag: W/"5e440602-17a69"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate.min.js Show response
germancovers.top/wp-includes/js/jquery/ 10 KB
4 KB 254ms
83ms Script
application/javascript 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Feb 2020 14:04:50 GMT
Server: nginx
ETag: W/"5e440602-2748"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H/1.1 200
OK 1615152661_thumb_Zombieland-2-Doppelt-haelt-besser-Cover-Blu-ray-Deutsch-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/03/ 282 KB
282 KB 147ms
145ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/03/1615152661_thumb_Zombieland-2-Doppelt-haelt-besser-Cover-Blu-ray-Deutsch-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: fbdcadf9ea219dc24f14a905e6932978119f37ae64db2ee62e31c2acccb7712d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Sun, 07 Mar 2021 21:32:01 GMT
Server: nginx
ETag: "60454651-4683c"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 288828

GET
H/1.1 200
OK 1615152542_thumb_Terminator-Blu-ray-Cover-German-Deutsch-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/03/ 265 KB
265 KB 156ms
82ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/03/1615152542_thumb_Terminator-Blu-ray-Cover-German-Deutsch-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 3921d29b4d36a2d133588846322feac42f7dbd64b72a6592ac5504e63743fbed

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Sun, 07 Mar 2021 21:30:01 GMT
Server: nginx
ETag: "604545d9-423eb"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 271339

GET
H/1.1 200
OK 1614167642_thumb_Death-Wish-Cover-Deutsch-German-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/02/ 266 KB
267 KB 144ms
138ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/02/1614167642_thumb_Death-Wish-Cover-Deutsch-German-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 8a7c2ebbcab2d27a56145aa9e82b618d6d0beceaeb77aae35c6a97fac34a0526

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Wed, 24 Feb 2021 11:55:01 GMT
Server: nginx
ETag: "60363e95-42989"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272777

GET
H/1.1 200
OK 1614166982_thumb_Fast-Color-Cover-Bluray-German-Deutsch-Blu-ray-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/02/ 254 KB
254 KB 151ms
147ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/02/1614166982_thumb_Fast-Color-Cover-Bluray-German-Deutsch-Blu-ray-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 0eafba3f43797b1ba8821fbe3088b3f50bd238a5944cce36409dd7b266f6bdf5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Wed, 24 Feb 2021 11:44:01 GMT
Server: nginx
ETag: "60363c01-3f757"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 259927

GET
H/1.1 200
OK 1614166742_thumb_Bad-Spies-Cover-Blu-ray-Deutsch-German-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/02/ 234 KB
234 KB 436ms
88ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/02/1614166742_thumb_Bad-Spies-Cover-Blu-ray-Deutsch-German-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 1a19cf57dbd6c7d30c92c39c833fe0923b77858e6e3a105406290ee40445dc78

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Wed, 24 Feb 2021 11:40:02 GMT
Server: nginx
ETag: "60363b12-3a670"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 239216

GET
H/1.1 200
OK 1614166682_thumb_Black-47-Cover-Blu-ray-German-Deutsch-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/02/ 276 KB
277 KB 404ms
88ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/02/1614166682_thumb_Black-47-Cover-Blu-ray-German-Deutsch-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 9d4eacc53a3c4a5cb00ac98146082db68a93923092c6b361a47422578ee34c17

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Wed, 24 Feb 2021 11:39:01 GMT
Server: nginx
ETag: "60363ad5-45195"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 283029

GET
H/1.1 200
OK 1614166382_thumb_Tomb-Raider-3D-Bluray-Cover-German-Deutsch-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/02/ 261 KB
261 KB 191ms
137ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/02/1614166382_thumb_Tomb-Raider-3D-Bluray-Cover-German-Deutsch-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 304b40e3742c7c30d27da6d027c33badbd9def46a17491bbafdb03a124712b69

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Wed, 24 Feb 2021 11:34:01 GMT
Server: nginx
ETag: "603639a9-4130d"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 267021

GET
H/1.1 200
OK 1614166322_thumb_The-Secret-Das-Geheimnis-Blu-ray-Cover-German-Deutsch-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/02/ 276 KB
276 KB 418ms
88ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/02/1614166322_thumb_The-Secret-Das-Geheimnis-Blu-ray-Cover-German-Deutsch-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: fa4a962c0a3458748e1e753cb801dd86817ffaa56cf9cde70481b025d32320c3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Wed, 24 Feb 2021 11:33:01 GMT
Server: nginx
ETag: "6036396d-450e7"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 282855

GET
H/1.1 200
OK 1614166261_thumb_Spider-Man-Far-From-Home-Blu-ray-3D-Cover-German-Deutsch-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/02/ 291 KB
291 KB 203ms
82ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/02/1614166261_thumb_Spider-Man-Far-From-Home-Blu-ray-3D-Cover-German-Deutsch-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 46be8c1d21700c152d5e5c8f7b58332840547f338371d80e5d62e7ca80a00d44

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Wed, 24 Feb 2021 11:32:01 GMT
Server: nginx
ETag: "60363931-48b1e"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 297758

GET
H/1.1 200
OK 1614166201_thumb_Spider-Man-A-New-Universe-Blu-ray-Cover-German-Deutsch-german-blu-ray-cover.jpg
germancovers.top/wp-content/uploads/2021/02/ 294 KB
294 KB 266ms
87ms Image
image/jpeg 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/uploads/2021/02/1614166201_thumb_Spider-Man-A-New-Universe-Blu-ray-Cover-German-Deutsch-german-blu-ray-cover.jpg
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 4d4df8df82096235333b32c267bcd120e5df163ba224df9814f48b76884de109

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Wed, 24 Feb 2021 11:31:01 GMT
Server: nginx
ETag: "603638f5-4962a"
Content-Type: image/jpeg
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 300586

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
48 KB 109ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: germancovers.top
URL: https://germancovers.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca5c5368c6273b25608c7ba90b914072355b10df231585a4b2cd1e6408760f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48579
x-xss-protection: 0
server: cafe
etag: 39710060509122384
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 17:19:21 GMT

GET
H/1.1 200
OK jpibfi.client.js Show response
germancovers.top/wp-content/plugins/jquery-pin-it-button-for-images/js/ 14 KB
5 KB 84ms
78ms Script
application/javascript 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Dec 2020 20:55:24 GMT
Server: nginx
ETag: W/"5fe3aebc-38ac"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H/1.1 200
OK tie-scripts.js Show response
germancovers.top/wp-content/themes/jarida/js/ 61 KB
17 KB 86ms
86ms Script
application/javascript 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-content/themes/jarida/js/tie-scripts.js?ver=5.1.4
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 10b3db06a383d852d090291872f2fb759979816bf661bb1ccde0aabf01c80547

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Aug 2014 12:00:00 GMT
Server: nginx
ETag: W/"53e4bbc0-f4f0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H/1.1 200
OK q2w3-fixed-widget.min.js Show response
germancovers.top/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 80ms
78ms Script
application/javascript 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Feb 2020 15:14:19 GMT
Server: nginx
ETag: W/"5e44164b-1108"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H/1.1 200
OK wp-embed.min.js Show response
germancovers.top/wp-includes/js/ 1 KB
1 KB 82ms
81ms Script
application/javascript 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-includes/js/wp-embed.min.js?ver=5.1.4
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Feb 2020 14:04:51 GMT
Server: nginx
ETag: W/"5e440603-57b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
germancovers.top/wp-includes/js/ 12 KB
5 KB 84ms
83ms Script
application/javascript 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-includes/js/wp-emoji-release.min.js?ver=5.1.4
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Feb 2020 14:04:51 GMT
Server: nginx
ETag: W/"5e440603-2f02"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=88000, public
Connection: keep-alive

GET
H/1.1 200
OK body-bg1.png
germancovers.top/wp-content/themes/jarida/images/patterns/ 2 KB
3 KB 119ms
80ms Image
image/png 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/themes/jarida/images/patterns/body-bg1.png
Requested by: Host: germancovers.top
URL: https://germancovers.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: cd452f2689a4ffa784c8370e9cda8321dfe95f4d9324679f134ae50bffbdadd2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/
Connection: keep-alive
Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Tue, 29 Dec 2015 17:48:00 GMT
Server: nginx
ETag: "5682c750-900"
Content-Type: image/png
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2304

GET
H/1.1 200
OK top-shadow.png
germancovers.top/wp-content/themes/jarida/images/ 6 KB
6 KB 409ms
83ms Image
image/png 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://germancovers.top/wp-content/themes/jarida/images/top-shadow.png
Requested by: Host: germancovers.top
URL: https://germancovers.top/wp-content/themes/jarida/style.css?ver=5.1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://germancovers.top/wp-content/themes/jarida/style.css?ver=5.1.4
Connection: keep-alive
Referer: https://germancovers.top/wp-content/themes/jarida/style.css?ver=5.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Fri, 08 Aug 2014 12:00:00 GMT
Server: nginx
ETag: "53e4bbc0-162f"
Content-Type: image/png
Cache-Control: max-age=88000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5679

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 24 KB
24 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3Aregular%2C700&ver=5.1.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://germancovers.top
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:19 GMT
server: sffe
age: 371743
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24064
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H/1.1 200
OK tiefontello.woff
germancovers.top/wp-content/themes/jarida/fonts/ 17 KB
18 KB 91ms
82ms Font
application/font-woff 185.104.248.69
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: https://germancovers.top/wp-content/themes/jarida/fonts/tiefontello.woff?48072461
Requested by: Host: germancovers.top
URL: https://germancovers.top/wp-content/themes/jarida/style.css?ver=5.1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.104.248.69 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, CZ),
Reverse DNS: 6dle.ru
Software: nginx /
Resource Hash: 2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://germancovers.top
Accept-Encoding: gzip, deflate, br
Host: germancovers.top
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://germancovers.top/wp-content/themes/jarida/style.css?ver=5.1.4
Connection: keep-alive
Origin: https://germancovers.top
Referer: https://germancovers.top/wp-content/themes/jarida/style.css?ver=5.1.4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 17:19:22 GMT
Last-Modified: Fri, 08 Aug 2014 12:00:00 GMT
Server: nginx
ETag: "53e4bbc0-45d4"
Content-Type: application/font-woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17876

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.13;r;s1600*1200*24;uhttps%3A//germancovers.top/;0.1524467106492975
https://counter.yadro.ru/hit?q;t44.13;r;s1600*1200*24;uhttps%3A//germancovers.top/;0.1524467106492975

132 B
586 B

94ms
90ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.13;r;s1600*1200*24;uhttps%3A//germancovers.top/;0.1524467106492975

Requested by

Host: germancovers.top
URL: https://germancovers.top/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

e499b7fd04b308ea08a30d8d6e38e96eba219868748ad4d2e0e446ccede9ac9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 17:19:21 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 132
Expires: Tue, 14 Apr 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 17:19:21 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t44.13;r;s1600*1200*24;uhttps%3A//germancovers.top/;0.1524467106492975
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 14 Apr 2020 21:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210413/r20190131/ 222 KB
83 KB 88ms
73ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210413/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9935616418726228&plah=germancovers.top&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99fcd335db15dc4bc00ae60c1c2e70a332743edf8b7e36d39efb1f9a22fb65ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84687
x-xss-protection: 0
server: cafe
etag: 14512549901555226033
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 17:19:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210413/r20190131/ Frame 3F56 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210413/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://germancovers.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://germancovers.top/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 15 Apr 2021 14:43:24 GMT
expires: Thu, 29 Apr 2021 14:43:24 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 9357
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
644 B 129ms
35ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=germancovers.top&callback=_gfp_s_&client=ca-pub-9935616418726228

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210413/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9935616418726228&plah=germancovers.top&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

572232b61341444d74a9128048d6cea2e4cf60cd49607ef1a0dea04e4e005680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 96ms
13ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=germancovers.top

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Apr 2021 17:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 77ms
30ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=germancovers.top

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Apr 2021 17:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6919 56 KB
21 KB 353ms
350ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9935616418726228&output=html&h=600&slotname=3117146335&adk=3837810055&adf=2874751415&pi=t.ma~as.3117146335&w=300&fwrn=4&fwrnh=100&lmt=1618507161&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgermancovers.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161389&bpp=24&bdt=645&idt=213&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=983777513517&frm=20&pv=2&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oqhJCSaLaU&p=https%3A//germancovers.top&dtd=255

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

034ff386803e70ad8dc0225b57354a671080d4c67f2481b5491cf126ca0fd092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9935616418726228&output=html&h=600&slotname=3117146335&adk=3837810055&adf=2874751415&pi=t.ma~as.3117146335&w=300&fwrn=4&fwrnh=100&lmt=1618507161&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgermancovers.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161389&bpp=24&bdt=645&idt=213&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=983777513517&frm=20&pv=2&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oqhJCSaLaU&p=https%3A//germancovers.top&dtd=255
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://germancovers.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://germancovers.top/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 15 Apr 2021 17:19:22 GMT
server: cafe
content-length: 21801
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Apr-2021 17:34:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Apr 2021 17:19:22 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423639646658"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Thu, 15 Apr 2021 17:19:21 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgermancovers.top%2F&tn=DIV&cls=background-cover&ign=false

Requested by

Host: germancovers.top
URL: https://germancovers.top/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 17:19:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF93 54 B
56 B 83ms
82ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9935616418726228&output=html&adk=3046330955&adf=2044148826&lmt=1618507161&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgermancovers.top%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161414&bpp=5&bdt=670&idt=312&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=983777513517&frm=20&pv=1&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=330

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9935616418726228&output=html&adk=3046330955&adf=2044148826&lmt=1618507161&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgermancovers.top%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161414&bpp=5&bdt=670&idt=312&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&nras=1&correlator=983777513517&frm=20&pv=1&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=330
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://germancovers.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://germancovers.top/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 15 Apr 2021 17:19:21 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Apr-2021 17:34:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Apr 2021 17:19:21 GMT
cache-control: private

GET
H2 200 15929014336209211043
tpc.googlesyndication.com/simgad/ Frame 6919 88 KB
88 KB 48ms
15ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15929014336209211043?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkTft9i9_hmpvjtk0J4gjlg7Dxsgw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9935616418726228&output=html&h=600&slotname=3117146335&adk=3837810055&adf=2874751415&pi=t.ma~as.3117146335&w=300&fwrn=4&fwrnh=100&lmt=1618507161&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgermancovers.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161389&bpp=24&bdt=645&idt=213&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=983777513517&frm=20&pv=2&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oqhJCSaLaU&p=https%3A//germancovers.top&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25d9355a0fa275e00ce5042f72aac33a9dd6c1c5d1adb722e2434084e072c23f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 03:57:03 GMT
x-content-type-options: nosniff
last-modified: Sat, 10 Apr 2021 05:48:38 GMT
server: sffe
age: 48139
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90212
x-xss-protection: 0
expires: Fri, 15 Apr 2022 03:57:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/ Frame 6919 17 KB
7 KB 39ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a3f7218703989b2b5daf92319273724ea24f6948631c1376a936ba12bda72e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17366458733339412862
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 17:18:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame 6919 2 KB
1 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 17:18:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6919 118 KB
36 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618423651533291"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36717
x-xss-protection: 0
expires: Thu, 15 Apr 2021 17:19:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame 6919 13 KB
6 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5602
x-xss-protection: 0
server: cafe
etag: 7525161794280374107
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 17:18:36 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame 6919 25 KB
10 KB 36ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 11:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0
server: cafe
etag: 4192951226220979311
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Apr 2021 11:20:13 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6919 0
0 21ms
19ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwDOmmXV4YJeTLI3e7gPj5amYCraovahi-Oie07kN0oaH16cCEAEgtpqfDGCVAqABsoau9ALIAQKoAwHIA8kEqgS5AU_QD1IcBQSC1qK9OCAs8ciQc0yavlvH3hLJY952t9Gxu6qEgYGG0g0BxqRrFVhEJss-fq4ppJjOL4WCTIDV9UjwKAsXueb1JuwpvhcQyVvWUJywkVxbIbPOMRV09kwbdNT5qCaoviuPi2qZeOgVH6JFRWJNbzRsEizQSI6akTbMGI-XQMj71DD685DG8RAG36pIfb9ej0S-TI_98p4q6dfH-Hg0irl6O8F36N5oLjOYpPD2VpmLA1M7wAS2jdnjugOSBQQIBBgBkgUECAUYBKAGAoAH38nrjwGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ59cN0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTk5MzU2MTY0MTg3MjYyMjg&sigh=harqt0OSt1E

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9935616418726228&output=html&h=600&slotname=3117146335&adk=3837810055&adf=2874751415&pi=t.ma~as.3117146335&w=300&fwrn=4&fwrnh=100&lmt=1618507161&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgermancovers.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161389&bpp=24&bdt=645&idt=213&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=983777513517&frm=20&pv=2&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oqhJCSaLaU&p=https%3A//germancovers.top&dtd=255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 15 Apr 2021 17:19:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Apr 2021 17:19:22 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B077 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9935616418726228&output=html&h=600&slotname=3117146335&adk=3837810055&adf=2874751415&pi=t.ma~as.3117146335&w=300&fwrn=4&fwrnh=100&lmt=1618507161&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgermancovers.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161389&bpp=24&bdt=645&idt=213&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=983777513517&frm=20&pv=2&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oqhJCSaLaU&p=https%3A//germancovers.top&dtd=255
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmTCnbNpqJGwsbOWu5IceMADNdeEjaAY63UV_qMlPwKA4NCrvqrAONwb9Oh7D4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9935616418726228&output=html&h=600&slotname=3117146335&adk=3837810055&adf=2874751415&pi=t.ma~as.3117146335&w=300&fwrn=4&fwrnh=100&lmt=1618507161&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgermancovers.top%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618507161389&bpp=24&bdt=645&idt=213&shv=r20210413&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=983777513517&frm=20&pv=2&ga_vid=1996261349.1618507162&ga_sid=1618507162&ga_hid=1473192423&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=978&ady=272&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=1355260846464984&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oqhJCSaLaU&p=https%3A//germancovers.top&dtd=255

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 15 Apr 2021 16:41:26 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2276
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6919 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc201666ac3bc6f357ddcef2619eb25bad5025a45bc49cd36460caeccf03b244

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210413&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6378ccc091f9768670e4f1a68aa13625bf3898e338276efd04bb65a1f063a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Apr 2021 17:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6538
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B077
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmTCnbNpqJGwsbOWu5IceMADNdeEjaAY63UV_qMlPwKA4NCrvqrAONwb9Oh7D4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 15 Apr 2021 17:19:22 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 15-Apr-2021 18:19:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Apr 2021 17:19:22 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 15 Apr 2021 17:19:22 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame FEF1 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 14:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 11468
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Fri, 15 Apr 2022 14:08:14 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 15 Apr 2021 17:19:22 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2AB5 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://germancovers.top/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://germancovers.top/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 15 Apr 2021 16:00:21 GMT
expires: Fri, 15 Apr 2022 16:00:21 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4741
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AB5 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Qx3Q47ufVIXthwLbxHTZsoggz9VdVncx7lDJETLQzH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 14:08:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 11468
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Fri, 15 Apr 2022 14:08:14 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210413&jk=1355260846464984&bg=!Li2lLWnNAAb2K53n9is7ACkAdvg8WvkrYJCPIYUlt6KO0ik8iu55LTXC1nlpDOAtyQpiHwoZeLgCWAIAAACwUgAAAA9oAQcKAUNe4qI0wS1gZdwQMZKcoCHnlu-uUvy2cKF81E9pKdIJJgAHfnwKeiFpdxo0Tp6brsrIGAS7pv7NJxo0KNWAC9fdkt010-rxUz5a8XrlKqVggDzXTGwSkmZj4gBwR5cRP2S6ICzXzko-xEvDWyKRscFASBsj4FT6MJ5UFpTRvAqkW7fnLbs_2p0QRAQmCo-0HiXRBSmbUGIaMOpBHrg7txpC5SW4BjxAl4oKuhnS-eQWlGmJsZtaPqFPosLnqV36IpSBM9iQkmLimfDSOl8cBvP0nRU5K1vDdQSO_EOVxbJF8LZVMIbGH073pZ5fUCqUPZGIXaepXr5iaSvhqhjun-0E7lVFavOxz31Kriq7kklC8jjMJVKIh26AxGwZGvOljUWQmtlk069Krt4P0epaKaunxyaV-dmxGX_l2qsNxPnJqF8ULpkB0g9x4vZ-c9WN4mn7A1SuZfL1JslcKGJfk3WAFlc-fdHJXZ8D8YjsGVHf4aAG8UeKWU3oPtstkmae-GEUWFEZ0jsZp4lUsJAK8f6SeEfzQO876BRH67fP6KZdg7gwwFXeSG2aSC1aJ-N-i8YkMrISN2SuiOeFwzOG8tGK0oGuKGbvEk38q-ia8YnXSLFGr0tyOk3RFdgLLxYSqoq78_Rdu-uMbwicGx1Dqf9VHVcNvz5W34ki8U354zwxr1tPYi_F_5k7vUCMQ-E062qOGWIbVIA9_7w7GmeEPuZrd8z-xf0n_D7RalHB0L_mG3qMYH-HVHIarU1zm7vLWHdBCZcBQmqjyqw2LDuna4iwh49RkA-ADbB5X-iplW6cFYl2qcANNJ-i0RY4njES3W3A40QMnWjdcIJJste6wD0m7RXv68k1ydhQPyyy4j9tFA7R-Ft_VBrD41nVYRCi4-a2_H59lRFVermS23C_YDdJhZwwBXjILrT6qqnvA-N1kDDoplwcrDSj42krvKWB6YZAnyYYvSiNyItO2A9an9nxBpQ7e_xxSleO3wYkTlJ6QfTHMtJLzcDv0fbiwsgBse0lvAt8P7Ypo9z0udLE9tgktFXwgaNW2M4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://germancovers.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 17:19:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6919 42 B
64 B 57ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNBYsHdpTlHyX-K3MMM-_fLVtYVSYVZ6pkLxjKUgF3fB8SgpegO4Wxdc6o8TINBqXT_OC4urG8XVAz6yYQS1N1rqBHmfSukQpcUD329qGsjcH-gZiNJ9aTbumXOQ&sai=AMfl-YQKewKzpm4nqkOQFDpleAsS8gYqeI9cW2mXSr1jwC8lmJ-WCfl0yKSEjwXSUxm09JeNqbe-_hqyhXKU&sig=Cg0ArKJSzEqncap3WeW5EAE&id=lidar2&mcvt=1000&p=272,978,872,1278&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3837810055&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618507161681&dlt=411&rpt=192&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 17:19:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 17:35:10	Name: DSID Value: NO_DATA
			.doubleclick.net/	1970-01-20 02:56:43	Name: IDE Value: AHWqTUmTCnbNpqJGwsbOWu5IceMADNdeEjaAY63UV_qMlPwKA4NCrvqrAONwb9Oh7D4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://germancovers.top/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
germancovers.top
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
185.104.248.69
216.58.212.162
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
88.212.201.216
034ff386803e70ad8dc0225b57354a671080d4c67f2481b5491cf126ca0fd092
0eafba3f43797b1ba8821fbe3088b3f50bd238a5944cce36409dd7b266f6bdf5
10b3db06a383d852d090291872f2fb759979816bf661bb1ccde0aabf01c80547
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1930381e0b0e062557899fef4f50a0ef03b0ab5a314fd27cb5018eefb6c9d4e3
1a19cf57dbd6c7d30c92c39c833fe0923b77858e6e3a105406290ee40445dc78
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
25d9355a0fa275e00ce5042f72aac33a9dd6c1c5d1adb722e2434084e072c23f
2f7278cc9f52fbafcb479c7c60c14d119a396c6b2b2c0a968f637a1562f69efa
304b40e3742c7c30d27da6d027c33badbd9def46a17491bbafdb03a124712b69
3921d29b4d36a2d133588846322feac42f7dbd64b72a6592ac5504e63743fbed
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400
431dd0e3bb9f5485ed8702dbc474d9b28820cfd55d567731ee50c91132d0cc7e
46be8c1d21700c152d5e5c8f7b58332840547f338371d80e5d62e7ca80a00d44
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d4df8df82096235333b32c267bcd120e5df163ba224df9814f48b76884de109
5015066c4239b0883843cf8eeee85efb0956b6a631f01f6e8879c8f103e5fc85
572232b61341444d74a9128048d6cea2e4cf60cd49607ef1a0dea04e4e005680
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
7a3f7218703989b2b5daf92319273724ea24f6948631c1376a936ba12bda72e2
8a7c2ebbcab2d27a56145aa9e82b618d6d0beceaeb77aae35c6a97fac34a0526
95f66b0fd918f7a6d36f22a9ac49210439d74085bf0fedd1dec6061918f20c1c
99fcd335db15dc4bc00ae60c1c2e70a332743edf8b7e36d39efb1f9a22fb65ae
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9d4eacc53a3c4a5cb00ac98146082db68a93923092c6b361a47422578ee34c17
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
bc201666ac3bc6f357ddcef2619eb25bad5025a45bc49cd36460caeccf03b244
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca5c5368c6273b25608c7ba90b914072355b10df231585a4b2cd1e6408760f92
cd452f2689a4ffa784c8370e9cda8321dfe95f4d9324679f134ae50bffbdadd2
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
d208459a97364a7203696b983a1d47330df966bb4d7ff226ccae3b8e291bfa63
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e499b7fd04b308ea08a30d8d6e38e96eba219868748ad4d2e0e446ccede9ac9e
e68b5dff23d173599878ccfd05892f57a52ea1330cf5f32e4645df7b718bba10
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f6378ccc091f9768670e4f1a68aa13625bf3898e338276efd04bb65a1f063a5a
fa4a962c0a3458748e1e753cb801dd86817ffaa56cf9cde70481b025d32320c3
fbdcadf9ea219dc24f14a905e6932978119f37ae64db2ee62e31c2acccb7712d

germancovers.top Open in urlscan Pro 185.104.248.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

75 %IPv6

10 Domains

12 Subdomains

12 IPs

3 Countries

3224 kBTransfer

3965 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

germancovers.top Open in urlscan Pro
185.104.248.69 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

3224 kB
Transfer

3965 kB
Size

2
Cookies

53 HTTP transactions
1 data transactions