x-id.net Open in urlscan Pro
2606:4700:3033::6815:3936 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxl...
Submission: On June 28 via manual (June 28th 2022, 4:28:45 am UTC) from US — Scanned from DE

Summary HTTP 55 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 7 countries across 16 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3033::6815:3936, located in United States and belongs to CLOUDFLARENET, US. The main domain is x-id.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 3rd 2021. Valid for: a year.

This is the only time x-id.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3033::6815:3936	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	62.122.171.6 62.122.171.6	50245 (SERVEREL-AS) (SERVEREL-AS)
4	45.133.44.25 45.133.44.25	7018 (ATT-INTER...) (ATT-INTERNET4)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
2	78.46.33.196 78.46.33.196	24940 (HETZNER-AS) (HETZNER-AS)
1	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
3	45.133.44.24 45.133.44.24	7018 (ATT-INTER...) (ATT-INTERNET4)
5	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
2	23.88.85.6 23.88.85.6	24940 (HETZNER-AS) (HETZNER-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	168.119.25.22 168.119.25.22	24940 (HETZNER-AS) (HETZNER-AS)
2 3	2a01:4f8:e0:1... 2a01:4f8:e0:19cb::1	24940 (HETZNER-AS) (HETZNER-AS)
1	216.59.63.128 216.59.63.128	53334 (TUT-AS) (TUT-AS)
2	88.198.209.36 88.198.209.36	24940 (HETZNER-AS) (HETZNER-AS)
2	149.11.201.98 149.11.201.98	174 (COGENT-174) (COGENT-174)
1 1	2001:978:2:2c... 2001:978:2:2c::1ee:198	174 (COGENT-174) (COGENT-174)
55	20

15 2606:4700:3033::6815:3936 (United States)

ASN13335 (CLOUDFLARENET, US)

x-id.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 62.122.171.6 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 62.122.171.6.serverel.net

cuddlethehyena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
baradoot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7117a67989.114f3eaf8b.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.cdn4ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.33.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.33.46.78.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.0.58 (Terrebonne, Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.24 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.85.6 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.85.88.23.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

ifsoxzhdem6n.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

ifsoxzhdem6n.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

ifsoxzhdem6n.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:4f8:e0:19cb::1 (Gunzenhausen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)

a3f4ac548d.114f3eaf8b.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.59.63.128 (United States)

ASN53334 (TUT-AS, US)
PTR: 216-59-63-128.customer.totaluptime.net

cdn4ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.209.36 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-209-36.clients.your-server.de

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 149.11.201.98 (Paris, France)

ASN174 (COGENT-174, US)

cdn.adx1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:978:2:2c::1ee:198 (United States) 1 redirects

ASN174 (COGENT-174, US)

eu.freshpops.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	x-id.net x-id.net	590 KB
12	adsco.re c.adsco.re — Cisco Umbrella Rank: 18603 6.adsco.re — Cisco Umbrella Rank: 19168 4.adsco.re — Cisco Umbrella Rank: 20454 ifsoxzhdem6n.l4.adsco.re ifsoxzhdem6n.n4.adsco.re ifsoxzhdem6n.s4.adsco.re adsco.re — Cisco Umbrella Rank: 16065	49 KB
4	114f3eaf8b.com 2 redirects 7117a67989.114f3eaf8b.com a3f4ac548d.114f3eaf8b.com	7 KB
3	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 23742	31 KB
3	cuddlethehyena.com cuddlethehyena.com — Cisco Umbrella Rank: 32265	29 KB
2	adx1.com cdn.adx1.com — Cisco Umbrella Rank: 11615	7 KB
2	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 43455	2 KB
2	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 41609	63 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 26711	362 B
2	baradoot.com baradoot.com — Cisco Umbrella Rank: 27565	1 KB
2	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 30908 static.a-ads.com — Cisco Umbrella Rank: 47763	274 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 16196 s4.histats.com — Cisco Umbrella Rank: 13665	5 KB
2	cdn4ads.com www.cdn4ads.com — Cisco Umbrella Rank: 131684 cdn4ads.com — Cisco Umbrella Rank: 110881	10 KB
1	freshpops.net 1 redirects eu.freshpops.net — Cisco Umbrella Rank: 13390	108 B
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 34422	201 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 44389	755 B
55	16

	Domain	Requested by
15	x-id.net	x-id.net
3	a3f4ac548d.114f3eaf8b.com	2 redirects js.wpushsdk.com
3	4.adsco.re	x-id.net c.adsco.re
3	c.adsco.re	www.cdn4ads.com c.adsco.re
3	js.wpadmngr.com	x-id.net js.wpadmngr.com
3	cuddlethehyena.com	x-id.net cuddlethehyena.com
2	cdn.adx1.com
2	static.bookmsg.com
2	js.wpushsdk.com	js.wpadmngr.com
2	fp.metricswpsh.com	js.wpadmngr.com
2	6.adsco.re	x-id.net c.adsco.re
2	baradoot.com	cuddlethehyena.com
1	eu.freshpops.net	1 redirects
1	cdn4ads.com	www.cdn4ads.com
1	adsco.re	c.adsco.re
1	nereserv.com	js.wpushsdk.com
1	ifsoxzhdem6n.s4.adsco.re	c.adsco.re
1	ifsoxzhdem6n.n4.adsco.re	c.adsco.re
1	ifsoxzhdem6n.l4.adsco.re	c.adsco.re
1	7117a67989.114f3eaf8b.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	s4.histats.com	s10.histats.com
1	static.a-ads.com	ad.a-ads.com
1	ad.a-ads.com	x-id.net
1	s10.histats.com	x-id.net
1	www.cdn4ads.com	x-id.net
55	26

This site contains links to these domains. Also see Links.

Domain
adsco.re
leakhive.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-03` - `2022-09-02`	a year	crt.sh
cuddlethehyena.com ZeroSSL RSA Domain Secure Site CA	`2022-06-01` - `2022-08-30`	3 months	crt.sh
js.wpadmngr.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
1037973644.rsc.cdn77.org R3	`2022-05-29` - `2022-08-27`	3 months	crt.sh
histats.com R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
baradoot.com ZeroSSL RSA Domain Secure Site CA	`2022-06-01` - `2022-08-30`	3 months	crt.sh
na.nawpush.com R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-28`	a year	crt.sh
notification.tubecup.net R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
7117a67989.114f3eaf8b.com R3	`2022-06-25` - `2022-09-23`	3 months	crt.sh
js.wpushsdk.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.l4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.n4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
*.s4.adsco.re R3	`2022-06-19` - `2022-09-17`	3 months	crt.sh
114f3eaf8b.com R3	`2022-06-25` - `2022-09-23`	3 months	crt.sh
cdn4ads.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh
bookmsg.com R3	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.adx1.com R3	`2022-06-25` - `2022-09-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Frame ID: 4A65BE579D070425E24275A1338E707B
Requests: 45 HTTP requests in this frame

Frame: https://ad.a-ads.com/1815239?size=320x50
Frame ID: 6BB5E0F58F64751F29244D95D9B6AF56
Requests: 3 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 769DECE135E775010CACB36F684C5D25
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8E71CBB23695AB4B19B1F188AA27087D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redirecting... | Leak Forums

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

93 %
HTTPS

25 %
IPv6

16
Domains

26
Subdomains

20
IPs

7
Countries

1068 kB
Transfer

2059 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v

Search URL Search Domain Scan URL

URL: https://leakhive.com/smittengfg-nude-big-tits-onlyfans-video-leaked/
Title: Continune

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://a3f4ac548d.114f3eaf8b.com/in/show/?mid=619801823&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1434816340&sid=1083326935&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=41e2b054b7d7fdd561f6651d06d511e5&tcid=0&out_id=1&ver=6.15.0&ver_c=&refdom=x-id.net&hostname=auc-inpage-hz-5&site_id=3116089&spot_id=16089&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-06-28&is_native=4&auction_queue=0&burl=5br3k3qlISsyVDgWcGJPkcaafErHY4TyKmobNQ_95OfT3uWbsCS0cA&pop_winurl=&ip=185.213.155.169&testab=0&px_id=0&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=pop-default&uniq=&exp=&resp_type=&iabcat=IAB25&min_cpm=0&placement_type_id=&skin_test=0&verify_hash=1ea74e52bb388adce5070f9740518b30&score=0&durl=https://kts.vasstycom.com/in/1546/?ad_sub=1434816340&spot_id=16089&is_adult=1&p=https%3A%2F%2Fx-id.net%2F&idzone=0&sid=1886&ml=&url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FIN%2FIN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp&skin_id=2&vertical_id=0&real_bid=0&pr=&user_keywords=&auc_type=1&aid=0&ext_cid=0&device_theme=light&mlc=1&format=default-slide-b_r-body&mlf=1&cpa=636562b7-beab-412b-b29f-72fa1926c7d8 HTTP 302
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp

Request Chain 71

https://a3f4ac548d.114f3eaf8b.com/in/show/?mid=619801823&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1434816340&sid=1083326935&cid=11740&price=0.0528&is_cpm=0&cpm=0&ecpm=0.353019960183863&crid=&crtid=8231e53589d9a3396c01619abdc590b2&tcid=0&out_id=0&ver=6.15.0&ver_c=&refdom=x-id.net&hostname=auc-inpage-hz-5&site_id=3116089&spot_id=16089&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=1656462521&created_at=2022-06-28&is_native=1&auction_queue=0&burl=Fsv2iOwW9un4ibC_GBGVDxXSLMy5MnBlU1BJv3O1jz6seuzMDMQ0zQ&pop_winurl=&ip=185.213.155.169&testab=0&px_id=7316089&adblock=0&auction_host=&mm=0&yc=0&render_type=hq&campaign_type=hq&uniq=&exp=&resp_type=&iabcat=IAB25&min_cpm=0.0015&placement_type_id=&skin_test=0&verify_hash=9f960cfbf16cbd49ab84acabb5af4bd8&score=0&durl=https://kts.vasstycom.com/in/1546/?ad_sub=1434816340&spot_id=16089&is_adult=1&p=https%3A%2F%2Fx-id.net%2F&idzone=0&sid=1886&ml=&url=https%3A%2F%2Feu.freshpops.net%2Fmetrics%2Fsave.img%3Fevent%3Dimpressions%26bid-id%3Dv2-1656390520715-7-4406-1074449-6b573d14-166a-6bfd-94a7-1786a92b52cf%26img%3Dhttps%253A%252F%252Fcdn.adx1.com%252Fa9d97fb1b99247f14c6444b6d5441440.png&image_url=https%3A%2F%2Fcdn.adx1.com%2Fa9d97fb1b99247f14c6444b6d5441440.png&skin_id=2&vertical_id=11&real_bid=0.044351999999999996&pr=&user_keywords=&auc_type=1&aid=3251&ext_cid=0&device_theme=light&format=default-slide-b_r-body&cpa=e9b66352-ca7b-473c-987e-13fa6a8680e0 HTTP 302
https://eu.freshpops.net/metrics/save.img?event=impressions&bid-id=v2-1656390520715-7-4406-1074449-6b573d14-166a-6bfd-94a7-1786a92b52cf&img=https%3A%2F%2Fcdn.adx1.com%2Fa9d97fb1b99247f14c6444b6d5441440.png HTTP 302
https://cdn.adx1.com/a9d97fb1b99247f14c6444b6d5441440.png

55 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request redirect Show response
x-id.net/ 23 KB
9 KB 190ms
148ms Document
text/html 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

033be028885f50cef8b5c1fb5c03e71b409b294aa331c08e469dc100ac6b6b58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7223ad495c76bbcd-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 28 Jun 2022 04:28:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Tue, 28 Jun 2022 04:28:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8t68f2Wq9JnU%2FnZJKiETveWzgbGErN%2FDc%2FGKP3NT%2BnhSX1bI%2F3dH0X8FAh6x6aPjvtSja7aoqlAKGM9x6CyECGJqVfP3FGbNxmRlaSLCczHotOJ5w5zvCrCwyZje1c2HsVjQ8BRxrw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 fa-regular-400.woff2
x-id.net/styles/fonts/fa/ 165 KB
165 KB 44ms
39ms Font
font/woff2 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Origin: https://x-id.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 168768
last-modified: Thu, 14 Apr 2022 00:00:00 GMT
server: cloudflare
etag: "62576400-29340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6POaOkL71ezuvLON3MmHLiFr%2FvYys9UYt4SYISDKg0MAd9x6ljfIPljMljFtjgX4UsntqQg89bmBCE5q5ZSqe%2Fwb9kwcWX%2Fmxk7%2FvsmOFx6U25lWc6PPhN%2FUBxJVp9uoAX4EpxcBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7223ad4a6d52bbcd-FRA

GET
H2 200 fa-solid-900.woff2
x-id.net/styles/fonts/fa/ 134 KB
134 KB 28ms
24ms Font
font/woff2 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Origin: https://x-id.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136824
last-modified: Thu, 14 Apr 2022 00:00:00 GMT
server: cloudflare
etag: "62576400-21678"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yA%2BHVd1V6HHfgdm5OhmAZTkviF2FLa5E9znpvCknbWViYH3nZ7QyAB4vKLscLw1H2c39CRBCSgdnR5Bu7ZOOHQWX53sOXrk38kFqdS1Nir8l9rCjoQ%2By6oJ3zomNpKJR2sJs2kxmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7223ad4a6d55bbcd-FRA

GET
H2 200 fa-brands-400.woff2
x-id.net/styles/fonts/fa/ 75 KB
75 KB 42ms
38ms Font
font/woff2 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Origin: https://x-id.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76740
last-modified: Thu, 14 Apr 2022 00:00:00 GMT
server: cloudflare
etag: "62576400-12bc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3tsNb9QkeG17IBy8DYMPYTgA1hQov1%2FCVMQy8jOlvPiqX0wh%2FvEdw%2Bi5daQyzoSoKiYvFEgvJM03QjpFskXD1TDtNjMZTW6rbBlCE1UoSEZFCWV3wI2pjs0jlOLrvw8gHcYSh9Z3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7223ad4a6d56bbcd-FRA

GET
H2 200 css.php
x-id.net/ 393 KB
64 KB 129ms
126ms Stylesheet
text/css 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=1&d=1653629303&k=a082e7e7a4cdd636d922f7188bc91765201e601b

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1e573137608a43868ca574bd6eea8dd2b82fb34efaae0c5c5bc70cf7012d0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 May 2022 05:28:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFpSBD8hrCSxh4Dscj6OJX2uwslXjVh5tKG%2BGqoTnxdD7HcH5UK32aAzgBiEHNeOmm5ioKYfHZMteYlEAegsgdoQAj%2FUy6Ttp6wbBHf4dj9EJ8UdWC4WhaUX7ApznkOFu3wx5FQgEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7223ad4a6d53bbcd-FRA
expires: Wed, 28 Jun 2023 04:28:39 GMT

GET
H2 200 css.php
x-id.net/ 8 KB
3 KB 81ms
78ms Stylesheet
text/css 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/css.php?css=public%3ADC_LinkProxy.less%2Cpublic%3Asiropu_ads_manager_ad.less%2Cpublic%3Aextra.less&s=1&l=1&d=1653629303&k=0bc16015f95dacef6633cefcbf2f0a9ed3e04468

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b91002bbe3f4dbb0f23136b44b8986373a33429df75759a95f7ea1fe089134e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 May 2022 05:28:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bm8q78%2F88rp7NZXQ8wez%2BnPBWlJ%2FzMkzvTSlENwDXPURVU48xs3ouSZ8K2xIQRfh9qnqa6sKVLxP6AWizqNfFwLtvJ6QErQhgtHsHRnl%2ByjZe7hZ%2Bm38oMnT23Mma5UkWr%2BaC%2BbpEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7223ad4a6d54bbcd-FRA
expires: Wed, 28 Jun 2023 04:28:39 GMT

GET
H2 200 preamble.min.js Show response
x-id.net/js/xf/ 3 KB
2 KB 41ms
38ms Script
application/javascript 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/js/xf/preamble.min.js?_v=bc1a96f2

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f0d5e29e4408e8ecdccee5e73a185566774f71c7f440cc50ad5c647b127ce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27638
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 14 Apr 2022 00:00:00 GMT
server: cloudflare
etag: W/"62576400-cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yrORgT%2BqrnEuXJEKBNT8iXLE%2B5%2FAZ30lN9%2FfNy8HrK96JoVKwbtPjkV%2BtbejP5PQWZ4MV1voZVNioCqKmwlCjvHJJZ%2BgcQKFpSmC0NIBkA7wcx0grHE7d4ElAz1ubhjYKhYC0vFjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7223ad4a6d57bbcd-FRA
expires: Tue, 28 Jun 2022 08:48:01 GMT

GET
H2 200 9587cacc.js Show response
cuddlethehyena.com/t/9/fret/meow4/1892917/ 66 KB
26 KB 55ms
13ms Script
application/javascript 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cuddlethehyena.com/t/9/fret/meow4/1892917/9587cacc.js
Requested by: Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: f09293bf2d8dd52e961ca60c29ef9c5d2754f065457d5c92e2cf89d71ccd9aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 08:57:11 GMT
server: nginx
x-js-ab1: current
etag: W/"62a06467-1093d"
vary: Accept-Encoding
content-type: application/javascript
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *

GET
H3 200 invisible.js Show response
x-id.net/cdn-cgi/challenge-platform/h/g/scripts/ 47 KB
17 KB 22ms
22ms Script
application/javascript 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x-id.net/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1656388800
Requested by: Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43ddbb1093cda799faddf6986132851eccb89f9dd370643326d95fe5f7a1ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUlUJdwpr%2ByTXrvZkikM4DTF7g%2Blrj5OvnrF5qq%2Bo13WYfXwEJ%2F5Ve02LvcwDHADxRZNGTJKHeIsEu9il2aPiDFYaIi5jfQJXcrarzFCUx3DnWxtC%2FJXpnZVd94ec%2BPgGL9CfY3xfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7223ad4bc9099bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 451 B
597 B 34ms
7ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 28 Jun 2022 04:33:39 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 xenforo-logo.png
x-id.net/styles/default/xenforo/ 2 KB
3 KB 21ms
21ms Image
image/png 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x-id.net/styles/default/xenforo/xenforo-logo.png

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57dbee7ea15d5d09282409c670a2ec13c181735f5f7b80bd57877ae319ba513b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1016226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2062
last-modified: Thu, 14 Apr 2022 00:00:00 GMT
server: cloudflare
etag: "62576400-80e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eFj0ZauEan%2FEBc3qVcc0DlWHisKhhJXovfuLaFxRSKIqKtcqwjaK5YRHH6S36n%2FF1qmrl25QfDX1GEKZ9d%2BCnD7tzcKuXso95%2FZoNEaSmdiBoAr3JrLS738OEYnx%2FD8%2FwpNB%2FR02Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7223ad4d8abd9bd4-FRA
expires: Sat, 16 Jul 2022 10:11:33 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
x-id.net/js/vendor/jquery/ 87 KB
32 KB 29ms
29ms Script
application/javascript 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/js/vendor/jquery/jquery-3.5.1.min.js?_v=bc1a96f2

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17035
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 14 Apr 2022 00:00:00 GMT
server: cloudflare
etag: W/"62576400-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmsibZG0pjIzaOR9E110rDn2YdtcJtTC3%2BsL%2BT%2FkbpopWVUluAZ%2F91Ia%2BZrxVZIoNVAmTHRddlv9AMZbFOdpekj0vsLp%2B2%2BqZReK5a6MllQLCtYucTKoQqNsMRahHyEbgZoztR%2BCKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7223ad4ae8059bd4-FRA
expires: Tue, 28 Jun 2022 11:44:44 GMT

GET
H3 200 vendor-compiled.js Show response
x-id.net/js/vendor/ 42 KB
13 KB 23ms
22ms Script
application/javascript 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/js/vendor/vendor-compiled.js?_v=bc1a96f2

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17035
cf-polished: origSize=43704
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 14 Apr 2022 00:00:00 GMT
server: cloudflare
etag: W/"62576400-aab8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=092bGK3A0OP2f8akSj9NGP1RICNjgYMin2qXNPkvt9oA%2FrR9CyEfnfNwgTjc4NuiHk1Qpeo9uSHJuVfQwrNPIp5hcBcRuVQ6JOoNpJ%2FmMelmTvSjCQFUWsF3MNfBASOIaWlpQX%2FpdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7223ad4b48709bd4-FRA
expires: Tue, 28 Jun 2022 11:44:44 GMT

GET
H3 200 core-compiled.js Show response
x-id.net/js/xf/ 207 KB
60 KB 25ms
24ms Script
application/javascript 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/js/xf/core-compiled.js?_v=bc1a96f2

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cc8b1278efb3809d6c9e848f90d6164934504fe64a41ef828ad8bdcb44d4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17035
cf-polished: origSize=212052
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 14 Apr 2022 00:00:00 GMT
server: cloudflare
etag: W/"62576400-33c54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvnn2%2BCdeaUATURv5QUXI94U22DIixLO4s%2FeoGbBfXhm%2F7m4KHTZGDnRDaesFHxaoI2QvxYoDwnE82YCzTgBOT0iPua9sBvUeIFUnhAJ597TOsHtgyxrqC%2FOJ0qlAx%2FSwu97T6M8sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7223ad4b78b69bd4-FRA
expires: Tue, 28 Jun 2022 11:44:44 GMT

GET
H3 200 core.min.js Show response
x-id.net/js/siropu/am/ 9 KB
3 KB 23ms
23ms Script
application/javascript 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://x-id.net/js/siropu/am/core.min.js?_v=bc1a96f2

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bbe03a093054f2fc6bd273499b8a7c8558b389bc173d17f7f13c181ace7b665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17035
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 17 Apr 2022 09:21:45 GMT
server: cloudflare
etag: W/"625bdc29-22d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNZ%2FCgSVqSzr5zQGwo7hiJmZAfjxTQ3j%2BCPINzfeQDxujjhR9nI%2FYsaPdIvnXPXbNjmn6KgvWMnqzY43Fr%2BCC4P%2BU4mXJp7S3yIuGSRZbS1DorY4Yli4h%2FxkRWxNJkaSbD%2FJRd6c0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7223ad4ba8ed9bd4-FRA
expires: Tue, 28 Jun 2022 11:44:44 GMT

GET
H2 200 trip.min.js Show response
www.cdn4ads.com/ 30 KB
9 KB 43ms
8ms Script
application/x-javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cdn4ads.com/trip.min.js
Requested by: Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 23f4c449a60d5f5c1b4134e652d5558b497980b19bdd7f2b3a87e4d0d44f2717

Request headers

Referer: https://x-id.net/
Origin: https://x-id.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: br
x-77-cache: HIT
x-cache: HIT
x-age: 219898
alt-svc: quic="185.59.220.16:443"; ma=2592000; v="44,43,39"
x-77-nzt: Abk73BB5a0T/+loDAA
x-accel-expires: @1656775421
server: CDN77-Turbo
x-77-nzt-ray: bvM7aGoV6G0
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Sat, 02 Jul 2022 15:23:41 GMT

POST
H2 200 solid.gif
cuddlethehyena.com/ 43 B
617 B 15ms
14ms Ping
image/gif 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cuddlethehyena.com/solid.gif?z=1892917&abvar=0
Requested by: Host: cuddlethehyena.com
URL: https://cuddlethehyena.com/t/9/fret/meow4/1892917/9587cacc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
x-route-id: stats.tag.loaded
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
server: nginx
content-type: image/gif

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 47ms
9ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:25:04 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 888734581

GET
H2 200 1815239 Show response
ad.a-ads.com/ Frame 6BB5 6 KB
2 KB 53ms
21ms Document
text/html 78.46.33.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1815239?size=320x50

Requested by

Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

78.46.33.196 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.33.46.78.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

441f741e18df08e0a6721cbe7b315f2fe00064c6b032ef8a8d8b54166df6e501

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://x-id.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 28 Jun 2022 04:28:39 GMT
server: nginx
status: 200 OK
vary: Accept-Encoding Accept-Encoding
x-content-type-options: nosniff
x-original-referer: https://x-id.net/
x-powered-by: Phusion Passenger(R)
x-robots-tag: noindex, nofollow, nosnippet, noarchive
x-xss-protection: 1; mode=block

GET
H2 200 1892917 Show response
cuddlethehyena.com/get/ 3 KB
2 KB 16ms
16ms Script
text/javascript 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cuddlethehyena.com/get/1892917?zoneid=1892917&jp=_cln8rwx7d5rhnwspkcvk1z&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&isRef=1&sp=0&cid=6863952650132199
Requested by: Host: cuddlethehyena.com
URL: https://cuddlethehyena.com/t/9/fret/meow4/1892917/9587cacc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: e87021acca29a8df9d32bb7feb29b8b529f614cccfa3ed7b6925622c28a4307f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:39 GMT
content-encoding: gzip
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-route-id: config
timing-allow-origin: *
server: nginx

GET
H3 200 pica.js
x-id.net/cdn-cgi/challenge-platform/h/g/scripts/ 22 KB
8 KB 22ms
21ms Other
application/javascript 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x-id.net/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89033c9b3f1dd22181d7ba464d54e881c13af5a957eef66d9fff9d396f396989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jlrh5cILpO5uZ2VRqRpSsq9ZEX05Ry9xeae3IS%2FsnCEtneCUfkFe5%2Fn%2BQXQFTXxuNGtAGaDsoqgSB0RTQuUiemWQ4s1h1ImzhLpzWJ%2FytxFKMbgLdMSnoVYK7hPdPnTxeBO0Lk8s0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 7223ad4e3b509bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 83 KB
31 KB 26ms
12ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 38f76f5d48786afccf7675d3e514e705c29d53ef537850ec8c2e4e547cf24cca

Request headers

Referer: https://x-id.net/
Origin: https://x-id.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 16:15:18 GMT
server: nginx/1.18.0
etag: W/"62b5e316-14d31"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 28 Jun 2022 04:33:40 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 / Show response
baradoot.com/ssp/req/1892917/ 7 B
678 B 65ms
15ms Script
text/javascript 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://baradoot.com/ssp/req/1892917/?pb=df0f17acd47c9981a19c459f39ec2ad61656397719&psp=2BsjEv7BEsLE7egdem7_iJejqREoRV9QxtdgMXKTpYDpo5DMznLt1DxeQAHWhwiOQlI59cX5KRfCVVI8DxEICiF5m5GuP4MGhMGRtC9cHs1EeQ0S2baR19mzEWxFZ-k4nhueaQPVTu986hfHYzLPlD_5eksz9wD68ISR5FoaMPaSGdIdRQSej5Pox9o8RQ7g4zU9mD_xAbQllyzr6LYopSGaivYZyKU0aBTTAx8Q3hCf_fuita_-WRCEbyI6vWOoHF2bAfuyh-OWEjKsL7K9Lpx00jrPvT_tnuAgE7NK9DuGSYW_QdpzB8GGEs39hM-oE4531txHtd9_zSJHMDpy45H3ZK74YOYbG5GCUTPoitrBRLsxdl-C4ZAiVBwTSApArtOlVm0e2qeOy9wFnidQYr_xcMx8dzmHn3QTtX5YaVHJ6mPaRl2YtGDtwwRddTdN-y8pSm2BuIbBCYN8SMFlPmZ5A7AUbz4ChRQ=&cb=_clfl4j31wi2ivcac55tn3x&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24
Requested by: Host: cuddlethehyena.com
URL: https://cuddlethehyena.com/t/9/fret/meow4/1892917/9587cacc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
x-route-id: ssp.bet
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 7
server: nginx
content-type: text/javascript

GET
H2 200 320x50
static.a-ads.com/a-ads-banners/393744/ Frame 6BB5 271 KB
272 KB 35ms
22ms Image
image/gif 78.46.33.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/393744/320x50?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1815239?size=320x50
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.33.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.33.46.78.clients.your-server.de
Software: nginx /
Resource Hash: 125b664623799a25a5852da0b93eee33c975119ca1809247a6b531c95c296a19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
last-modified: Tue, 31 May 2022 13:28:25 GMT
server: nginx
x-amz-request-id: DG8GFND6NX9M8CMT
etag: "bb9e160e750bb2f45bcd96ca0ffe8d43"
content-type: image/gif
cache-control: max-age=315360000
x-amz-replication-status: COMPLETED
content-length: 277667
accept-ranges: bytes
x-amz-version-id: lPpB.LU00rRaiys8y.oaHHWnbxaXr588
x-amz-id-2: 2GM30ZjdU/8Hu3zAdklSR1/myDAkcoSKpL1Sms0P7tDgqPqhDpVdIzSitDybPNF1SeAIM4d7GH4=
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 288ms
98ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4662766&@f16&@g1&@h1&@i1&@j1656390520067&@k0&@l1&@mRedirecting...%20%7C%20Leak%20Forums&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-93642969&@b3:1656390520&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fx-id.net%2Fredirect%3Fto%3DaHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8%3D&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 Terrebonne, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: 444159ca96aff61f046a9f3dc813ac11f0b652c8d4db2f8c51b166b712b9bfde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 04:28:40 GMT
Connection: close
Content-Length: 51
Content-Type: text/html;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 6BB5 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 19034 Show response
na.nawpush.com/tags/ 1 KB
755 B 34ms
6ms XHR
application/json 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/19034
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3d5ab5210b8ea40a753d8a2d3b81a1f4b1a24431c2818835d1a588543abbd0cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Jun 2022 04:28:40 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
237 B 9ms
9ms Script
application/javascript 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 28 Jun 2022 04:33:40 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 / Show response
c.adsco.re/ 61 KB
22 KB 62ms
22ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.cdn4ads.com
URL: https://www.cdn4ads.com/trip.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 138074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 7223ad4fab70901f-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 29 Jul 2022 04:28:40 GMT

POST
H3 200 7223ad495c76bbcd Show response
x-id.net/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
720 B 37ms
36ms XHR
text/plain 2606:4700:3033::6815:3936
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x-id.net/cdn-cgi/challenge-platform/h/g/cv/result/7223ad495c76bbcd
Requested by: Host: x-id.net
URL: https://x-id.net/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1656388800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3936 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J4XL3x%2FZG6uZs1OdoInhZFbnK3QCITRd7n6YvJZQRLfoOY%2BNpW%2FTmisw0LSxvSwGrHhiKpY7GN3lxYZopetaKPXQKLVU%2B2XXjqTVlqJ1mkbSk8y4QGd5sXlnDv%2Bu6KIjqVhEmjSgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7223ad509d709bd4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
6.adsco.re/ 0
410 B 51ms
23ms Other
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://x-id.net/
Origin: https://x-id.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://x-id.net
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 7223ad50b904694c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
456 B 97ms
23ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://x-id.net/
Origin: https://x-id.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 04:28:40 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://x-id.net
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
baradoot.com/ssp/req/1892917/ 7 B
578 B 15ms
15ms Script
text/javascript 62.122.171.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://baradoot.com/ssp/req/1892917/?pb=df0f17acd47c9981a19c459f39ec2ad61656397719&psp=2BsjEv7BEsLE7egdem7_iJejqREoRV9QxtdgMXKTpYDpo5DMznLt1DxeQAHWhwiOQlI59cX5KRfCVVI8DxEICiF5m5GuP4MGhMGRtC9cHs1EeQ0S2baR19mzEWxFZ-k4nhueaQPVTu986hfHYzLPlD_5eksz9wD68ISR5FoaMPaSGdIdRQSej5Pox9o8RQ7g4zU9mD_xAbQllyzr6LYopSGaivYZyKU0aBTTAx8Q3hCf_fuita_-WRCEbyI6vWOoHF2bAfuyh-OWEjKsL7K9Lpx00jrPvT_tnuAgE7NK9DuGSYW_QdpzB8GGEs39hM-oE4531txHtd9_zSJHMDpy45H3ZK74YOYbG5GCUTPoitrBRLsxdl-C4ZAiVBwTSApArtOlVm0e2qeOy9wFnidQYr_xcMx8dzmHn3QTtX5YaVHJ6mPaRl2YtGDtwwRddTdN-y8pSm2BuIbBCYN8SMFlPmZ5A7AUbz4ChRQ=&cb=_clfl4j31wi2ivcac55tn3x&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24
Requested by: Host: cuddlethehyena.com
URL: https://cuddlethehyena.com/t/9/fret/meow4/1892917/9587cacc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.122.171.6 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: 62.122.171.6.serverel.net
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
x-route-id: ssp.bet
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 7
server: nginx
content-type: text/javascript

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 52ms
16ms Preflight 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=19034
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://x-id.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://x-id.net
Connection: keep-alive
Date: Tue, 28 Jun 2022 04:28:40 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 0
362 B 41ms
21ms XHR
text/plain 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=19034
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://x-id.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 28 Jun 2022 04:28:40 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://x-id.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 track Show response
7117a67989.114f3eaf8b.com/in/ 0
199 B 70ms
35ms XHR
text/plain 45.133.44.25
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://7117a67989.114f3eaf8b.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI4NDA3NzE0MDczNzYyMjU5MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMzQuMSIsInRhZ19pZCI6MTkwMzQsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjMzLCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjAsInVzZXJfa2V5d29yZHMiOiJSZWRpcmVjdGluZy4uJTJDJTJDTGVhayUyQ0ZvcnVtcyUyMCJ9
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 04:28:40 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 0

GET
H2 200 npush.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 182 KB
52 KB 56ms
11ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: abee013c505b7d9f9ab4af6973e5015783c83bd4f126afbea816d9a0375ba1e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
content-encoding: gzip
last-modified: Mon, 27 Jun 2022 09:19:13 GMT
server: nginx/1.18.0
etag: W/"62b97611-2d802"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 28 Jun 2022 04:33:40 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 csub.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 42 KB
11 KB 63ms
18ms Script
application/javascript 45.133.44.24
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7d822ff5200fc7a5d1c8366495bf9191e931a883c47554cfbe925b960ec27dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
content-encoding: gzip
last-modified: Fri, 24 Jun 2022 16:35:42 GMT
server: nginx/1.18.0
etag: W/"62b5e7de-a7ca"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 28 Jun 2022 04:33:40 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
4.adsco.re/ 48 B
456 B 44ms
22ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 4679798d630a5417d61199d003cbab85942559a815eec128289f99b69d79a112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 04:28:40 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://x-id.net
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 53 B
104 B 19ms
18ms XHR
text/plain 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99b1561230dc0820a789c0d04a80ea46f7f212e3e5d5f904ad7ee6ad6d0b5d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://x-id.net
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 7223ad50d917694c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK /
ifsoxzhdem6n.l4.adsco.re/ 0
464 B 91ms
23ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://ifsoxzhdem6n.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://x-id.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Jun 2022 04:28:40 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
ifsoxzhdem6n.n4.adsco.re/ 0
464 B 356ms
89ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://ifsoxzhdem6n.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://x-id.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Jun 2022 04:28:40 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
ifsoxzhdem6n.s4.adsco.re/ 0
464 B 1511ms
166ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://ifsoxzhdem6n.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://x-id.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 28 Jun 2022 04:28:41 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H3 200 / Show response
c.adsco.re/ Frame 769D 61 KB
22 KB 56ms
22ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1

Request headers

Referer: https://x-id.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
age: 138074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 7223ad512bdc6901-FRA
content-encoding: br
content-type: text/html
date: Tue, 28 Jun 2022 04:28:40 GMT
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 29 Jul 2022 04:28:40 GMT
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
server: cloudflare
vary: Accept-Encoding

GET /
6.adsco.re/ Frame 769D 0
0

GET
H/1.1 200
OK /
4.adsco.re/ Frame 769D 0
458 B 23ms
23ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: x-id.net
URL: https://x-id.net/redirect?to=aHR0cHM6Ly9sZWFraGl2ZS5jb20vc21pdHRlbmdmZy1udWRlLWJpZy10aXRzLW9ubHlmYW5zLXZpZGVvLWxlYWtlZC8=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 04:28:40 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 /
c.adsco.re/ Frame 769D 8 KB
0 21ms
20ms XHR
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:40 GMT
content-encoding: br
cf-cache-status: HIT
age: 138074
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"wV2/56Yx8F/L8kKxfXL2jw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
cache-control: public, max-age=2678400
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
cf-ray: 7223ad51ec9b6901-FRA
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 29 Jul 2022 04:28:40 GMT

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 63ms
32ms XHR
text/plain 168.119.25.22
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=d62992ff-82bf-4a0d-8e5e-ecf153bb9f28&subid=1434816340&sid=1083326935&spot_id=16089&created_at=2022-06-28&timezone=0&ver=6.15.0&is_native=1&user_keywords=Redirecting..%252C%252CLeak%252CForums%2520
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.22.25.119.168.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 04:28:40 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 multy Show response
a3f4ac548d.114f3eaf8b.com/in/ 6 KB
7 KB 1076ms
1034ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a3f4ac548d.114f3eaf8b.com/in/multy?wl=1&event_id=d62992ff-82bf-4a0d-8e5e-ecf153bb9f28&subid=1434816340&sid=1083326935&spot_id=16089&created_at=2022-06-28&timezone=0&ver=6.15.0&is_native=1&user_keywords=Redirecting..%252C%252CLeak%252CForums%2520&tcid=0&site=native-push&screen_resolution=1600x1200&format=default-slide-b_r-body&adblock=0&testab=0&timezone_olson=Etc%2FUnknown&after_video=0&tu=1&mm=0&iabcat=IAB25&device_theme=light&st=0.01&default=1
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/npush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3bb125d7f0bd82db1dd5f6fe076dd31e3cafdcf9f5c3e4db1de59fe6d6ba9c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 04:28:41 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 6457

GET /
4.adsco.re/ Frame 769D 0
0

POST
H/1.1 200
OK p Show response
adsco.re/ 362 B
859 B 97ms
42ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 8556a45a83549506c61241606c855f2b1316fd05047a0b78935b794409485533

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

AS-P-G: OK
Date: Tue, 28 Jun 2022 04:28:41 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK lon223
Access-Control-Allow-Origin: https://x-id.net
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 jMZ.html Show response
cdn4ads.com/ 44 B
140 B 170ms
123ms Script
text/javascript 216.59.63.128
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4ads.com/jMZ.html?_=BAoAYrqDeQFiuoN5gAGBAsAAIAfBTLv9nzqoYQoAx6ht9FJVvr75EmGioJur7rbu3pAIwQBHMEUCIE3QuqvPPuOsKlZywAX0xWC0xhv2RULTK82reBojajFfAiEAoCWliEg8h2v7_xVOE9f0nqWAGa9xbzUMP1zUYvJKwyDCACDwQ_-8xePV0d5LeKkGGfv2x5JFATyeY5Eym-RE8Addq8QAECoDGyAABvARAAAAAAAAAJ7FABCiKuINqS52cf5KINoF-O0LwwBGMEQCIE8-fAMPI0v86lzKG8WCD8FONyZQjpVGuo10z7idd4NZAiApKnPr5j3hydeas2WNq8RdjWY36h4P5N6zzax3TQsP0Q&v=4&GxogOTAU=4733444&minBid=&AlnbySrZ=0,0&cCiOeSWY=&HCXgmbSf=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.cdn4ads.com
URL: https://www.cdn4ads.com/trip.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.63.128 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: 216-59-63-128.customer.totaluptime.net
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Jun 2022 04:28:41 GMT
popads-ec: ASB
asf: 9
content-length: 44
content-type: text/javascript;charset=UTF-8

GET
H2

200

IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/
Redirect Chain

https://a3f4ac548d.114f3eaf8b.com/in/show/?mid=619801823&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1434816340&sid=1083326935&cid=2957&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=41e2b05...
https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp

790 B
947 B

9ms
9ms

Image
image/webp

88.198.209.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Protocol: H2
Server: 88.198.209.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-209-36.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:41 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 04:28:41 GMT
server: nginx/1.18.0
access-control-allow-origin: *
vary: Origin
access-control-allow-methods: *
location: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
static.bookmsg.com/creatives/IN/ 790 B
948 B 37ms
9ms Image
image/webp 88.198.209.36
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/IN/IN_da5b583487923e03a815871465a0b6f24c2cb005_icon.webp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.209.36 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-209-36.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://x-id.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:41 GMT
last-modified: Tue, 24 Nov 2020 14:20:43 GMT
server: nginx/1.18.0
etag: "5fbd16bb-316"
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
content-length: 790

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8E71 110 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 a9d97fb1b99247f14c6444b6d5441440.png
cdn.adx1.com/ Frame 8E71 3 KB
3 KB 56ms
14ms Image
image/png 149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/a9d97fb1b99247f14c6444b6d5441440.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 149.11.201.98 Paris, France, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3791e4487334c91060b149d09baefedc60230967ff1d8c0bafc2eb4187d404a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:41 GMT
last-modified: Wed, 22 Sep 2021 07:08:50 GMT
server: openresty/1.15.8.3
etag: "614ad682-c9f"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3231
expires: Tue, 05 Jul 2022 11:56:43 GMT

GET
DATA 200
OK truncated
/ Frame 8E71 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

a9d97fb1b99247f14c6444b6d5441440.png
cdn.adx1.com/ Frame 8E71
Redirect Chain

https://a3f4ac548d.114f3eaf8b.com/in/show/?mid=619801823&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=1434816340&sid=1083326935&cid=11740&price=0.0528&is_cpm=0&cpm=0&ecpm=0.3530199601838...
https://eu.freshpops.net/metrics/save.img?event=impressions&bid-id=v2-1656390520715-7-4406-1074449-6b573d14-166a-6bfd-94a7-1786a92b52cf&img=https%3A%2F%2Fcdn.adx1.com%2Fa9d97fb1b99247f14c6444b6d544...
https://cdn.adx1.com/a9d97fb1b99247f14c6444b6d5441440.png

3 KB
3 KB

14ms
14ms

Image
image/png

149.11.201.98
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adx1.com/a9d97fb1b99247f14c6444b6d5441440.png
Protocol: H2
Server: 149.11.201.98 Paris, France, ASN174 (COGENT-174, US),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3791e4487334c91060b149d09baefedc60230967ff1d8c0bafc2eb4187d404a8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 04:28:41 GMT
last-modified: Wed, 22 Sep 2021 07:08:50 GMT
server: openresty/1.15.8.3
etag: "614ad682-c9f"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3231
expires: Tue, 05 Jul 2022 11:56:43 GMT

Redirect headers

location: https://cdn.adx1.com/a9d97fb1b99247f14c6444b6d5441440.png
date: Tue, 28 Jun 2022 04:28:41 GMT
server: openresty/1.15.8.3
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 6.adsco.re
URL: https://6.adsco.re/

Domain: 4.adsco.re
URL: https://4.adsco.re/

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
x-id.net/	1969-12-31 23:59:59	Name: xf_csrf Value: uctpDnfKEP_PbjSf
cuddlethehyena.com/	1970-01-20 12:52:06	Name: UID Value: 22062723281f8d6665aae04660a5ac87a9f5
x-id.net/	1969-12-31 23:59:59	Name: __PPU___PPU_SESSION_URL Value: %2Fredirect
x-id.net/	1970-01-20 12:52:06	Name: HstCfa4662766 Value: 1656390520067
x-id.net/	1970-01-20 12:52:06	Name: HstCla4662766 Value: 1656390520067
x-id.net/	1970-01-20 12:52:06	Name: HstCmu4662766 Value: 1656390520067
x-id.net/	1970-01-20 12:52:06	Name: HstPn4662766 Value: 1
x-id.net/	1970-01-20 12:52:06	Name: HstPt4662766 Value: 1
x-id.net/	1970-01-20 12:52:06	Name: HstCnv4662766 Value: 1
x-id.net/	1970-01-20 12:52:06	Name: HstCns4662766 Value: 1
baradoot.com/	1970-01-20 12:52:06	Name: UID Value: 220627232871c8cc52d4874192b94e6e5187
.x-id.net/	1970-01-20 04:06:32	Name: __cf_bm Value: hvPoMSo5jqheyKKBSSI4rYD3d7fK4b_kxklVLi0oR_o-1656390520-0-AaY/0YCa1o+yYSqtykYLqWEgflkELUrJs/BvX/8L+DaT9dKj+7lF4ZY7D2gQk8VCBPGsCRkFWbn9Yh3WVBjqmf8GvRlm1r8M2sfz2snfoLuuyE94PX8qHO9nWEbypbROZw==
fp.metricswpsh.com/	1970-01-20 12:52:06	Name: id Value: 14832445099947972402
x-id.net/	1970-01-20 04:06:55	Name: a Value: g6kbdBhKw0FISykZrhICA02XC5LIiorN
x-id.net/	1970-01-20 04:06:52	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYrqDeQFiuoN5gAGBAsAAIAfBTLv9nzqoYQoAx6ht9FJVvr75EmGioJur7rbu3pAIwQBHMEUCIE3QuqvPPuOsKlZywAX0xWC0xhv2RULTK82reBojajFfAiEAoCWliEg8h2v7_xVOE9f0nqWAGa9xbzUMP1zUYvJKwyDCACDwQ_-8xePV0d5LeKkGGfv2x5JFATyeY5Eym-RE8Addq8QAECoDGyAABvARAAAAAAAAAJ7FABCiKuINqS52cf5KINoF-O0LwwBGMEQCIE8-fAMPI0v86lzKG8WCD8FONyZQjpVGuo10z7idd4NZAiApKnPr5j3hydeas2WNq8RdjWY36h4P5N6zzax3TQsP0Q
x-id.net/	1970-01-20 04:06:52	Name: _popprepop Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
7117a67989.114f3eaf8b.com
a3f4ac548d.114f3eaf8b.com
ad.a-ads.com
adsco.re
baradoot.com
c.adsco.re
cdn.adx1.com
cdn4ads.com
cuddlethehyena.com
eu.freshpops.net
fp.metricswpsh.com
ifsoxzhdem6n.l4.adsco.re
ifsoxzhdem6n.n4.adsco.re
ifsoxzhdem6n.s4.adsco.re
js.wpadmngr.com
js.wpushsdk.com
na.nawpush.com
nereserv.com
s10.histats.com
s4.histats.com
static.a-ads.com
static.bookmsg.com
www.cdn4ads.com
x-id.net
4.adsco.re
6.adsco.re
149.11.201.98
162.252.214.5
168.119.25.22
185.200.116.90
185.200.118.90
192.99.0.58
2001:978:2:2c::1ee:198
216.59.63.128
23.88.85.6
2606:4700:3033::6815:3936
2606:4700::6811:a7ba
2a01:4f8:e0:19cb::1
2a02:6ea0:c700::10
38.132.109.186
45.133.44.24
45.133.44.25
46.105.201.240
62.122.171.6
78.46.33.196
88.198.209.36
033be028885f50cef8b5c1fb5c03e71b409b294aa331c08e469dc100ac6b6b58
125b664623799a25a5852da0b93eee33c975119ca1809247a6b531c95c296a19
14cc8b1278efb3809d6c9e848f90d6164934504fe64a41ef828ad8bdcb44d4f9
23f4c449a60d5f5c1b4134e652d5558b497980b19bdd7f2b3a87e4d0d44f2717
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bbe03a093054f2fc6bd273499b8a7c8558b389bc173d17f7f13c181ace7b665
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
3791e4487334c91060b149d09baefedc60230967ff1d8c0bafc2eb4187d404a8
38f76f5d48786afccf7675d3e514e705c29d53ef537850ec8c2e4e547cf24cca
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e
3bb125d7f0bd82db1dd5f6fe076dd31e3cafdcf9f5c3e4db1de59fe6d6ba9c75
3d5ab5210b8ea40a753d8a2d3b81a1f4b1a24431c2818835d1a588543abbd0cc
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536
441f741e18df08e0a6721cbe7b315f2fe00064c6b032ef8a8d8b54166df6e501
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
444159ca96aff61f046a9f3dc813ac11f0b652c8d4db2f8c51b166b712b9bfde
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd
4679798d630a5417d61199d003cbab85942559a815eec128289f99b69d79a112
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604
57dbee7ea15d5d09282409c670a2ec13c181735f5f7b80bd57877ae319ba513b
629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca
65e85fa02d9fa3e02f188a7b6e4fa6a50d2421d677884b34bc83b8cf6b37a58a
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7
6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6
6dacaa045e8c49aa1c688ba2cb6e436a0b180a96971d8ca842f7948cc7d2ca08
7d822ff5200fc7a5d1c8366495bf9191e931a883c47554cfbe925b960ec27dee
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69
8556a45a83549506c61241606c855f2b1316fd05047a0b78935b794409485533
89033c9b3f1dd22181d7ba464d54e881c13af5a957eef66d9fff9d396f396989
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
99b1561230dc0820a789c0d04a80ea46f7f212e3e5d5f904ad7ee6ad6d0b5d96
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a222ed6fc63d91d555c29e1880905ca4340fa8c23a1f6d2d58c6048b14ee3d96
a43ddbb1093cda799faddf6986132851eccb89f9dd370643326d95fe5f7a1ce4
abee013c505b7d9f9ab4af6973e5015783c83bd4f126afbea816d9a0375ba1e9
b91002bbe3f4dbb0f23136b44b8986373a33429df75759a95f7ea1fe089134e4
b9ebc91dc274d39de27801661167bf6a88024d544d3960f3766ce59b33ff8e9c
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2784385cd128d5a6dfdec7f4be2147d6b57fa66c1a36c61c085aaf27f9e18
e87021acca29a8df9d32bb7feb29b8b529f614cccfa3ed7b6925622c28a4307f
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1
f09293bf2d8dd52e961ca60c29ef9c5d2754f065457d5c92e2cf89d71ccd9aa6
f1bd746f679d9df2c7f9f8ceafecda994d85c84d7c829e5960c8730c7ee511a1
f1e573137608a43868ca574bd6eea8dd2b82fb34efaae0c5c5bc70cf7012d0bc
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8f0d5e29e4408e8ecdccee5e73a185566774f71c7f440cc50ad5c647b127ce3
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

x-id.net Open in urlscan Pro 2606:4700:3033::6815:3936 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

93 %HTTPS

25 %IPv6

16 Domains

26 Subdomains

20 IPs

7 Countries

1068 kBTransfer

2059 kBSize

16 Cookies

2 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

x-id.net Open in urlscan Pro
2606:4700:3033::6815:3936 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

93 %
HTTPS

25 %
IPv6

16
Domains

26
Subdomains

20
IPs

7
Countries

1068 kB
Transfer

2059 kB
Size

16
Cookies

55 HTTP transactions
18 data transactions